Submitted URL: http://d1baseball.com/
Effective URL: https://d1baseball.com/
Submission: On March 12 via manual from US — Scanned from DE

Summary

This website contacted 78 IPs in 11 countries across 66 domains to perform 553 HTTP transactions. The main IP is 172.67.69.254, located in United States and belongs to CLOUDFLARENET, US. The main domain is d1baseball.com. The Cisco Umbrella rank of the primary domain is 203475.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2022. Valid for: a year.
This is the only time d1baseball.com was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
1 57 172.67.69.254 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13.32.121.7 16509 (AMAZON-02)
4 2606:4700:e2:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
61 2600:9000:225... 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2600:1901:0:d... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
3 2a03:2880:f08... 32934 (FACEBOOK)
1 2.17.177.117 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2400:52e0:1e0... 200325 (BUNNYCDN)
1 51.77.64.70 16276 (OVH)
15 2a00:1450:400... 15169 (GOOGLE)
3 108.138.4.10 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
3 2600:9000:223... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
17 18.66.147.69 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.9 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 54.224.95.202 14618 (AMAZON-AES)
1 143.204.94.230 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2600:9000:225... 16509 (AMAZON-02)
5 34.98.72.95 396982 (GOOGLE-CL...)
8 2a00:1450:400... 15169 (GOOGLE)
1 52.49.217.141 16509 (AMAZON-02)
1 141.95.98.64 16276 (OVH)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 34.120.253.250 396982 (GOOGLE-CL...)
1 162.19.138.82 16276 (OVH)
87 2a00:1450:400... 15169 (GOOGLE)
34 2a00:1450:400... 15169 (GOOGLE)
3 34.98.64.218 396982 (GOOGLE-CL...)
14 2a00:1450:400... 15169 (GOOGLE)
19 69 142.250.181.226 15169 (GOOGLE)
7 13 185.80.39.216 27381 (CASALE-MEDIA)
4 7 37.252.171.52 29990 (ASN-APPNEX)
57 2a00:1450:400... 15169 (GOOGLE)
14 142.250.186.66 15169 (GOOGLE)
1 108.138.7.62 16509 (AMAZON-02)
1 2 52.48.111.128 16509 (AMAZON-02)
1 34.111.8.32 396982 (GOOGLE-CL...)
4 4 34.91.62.186 396982 (GOOGLE-CL...)
2 3 2a05:d018:d29... 16509 (AMAZON-02)
2 35.186.253.211 15169 (GOOGLE)
2 2 2600:9000:211... 16509 (AMAZON-02)
3 5 51.89.9.252 16276 (OVH)
4 4 13.248.245.213 16509 (AMAZON-02)
5 185.86.139.94 201081 (SMARTADSE...)
4 2600:1f18:1ac... 14618 (AMAZON-AES)
2 104.111.217.42 16625 (AKAMAI-AS)
1 2 3.120.29.218 16509 (AMAZON-02)
1 104.109.73.198 16625 (AKAMAI-AS)
1 37.157.4.23 198622 (ADFORM)
1 2 46.228.164.11 56396 (AMOBEE)
3 3 35.190.0.66 15169 (GOOGLE)
3 3 37.157.2.239 198622 (ADFORM)
3 3 3.71.149.231 16509 (AMAZON-02)
2 3 185.94.180.125 35220 (SPOTX-AMS)
1 2 2620:116:800d... 16509 (AMAZON-02)
1 1 185.29.132.241 30419 (MEDIAMATH...)
2 2 3.74.185.105 16509 (AMAZON-02)
2 104.109.78.125 16625 (AKAMAI-AS)
1 1 151.101.2.49 54113 (FASTLY)
2 4 52.223.40.198 16509 (AMAZON-02)
1 2 34.96.105.8 396982 (GOOGLE-CL...)
2 2 54.194.48.138 16509 (AMAZON-02)
2 2 52.58.237.138 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 216.52.2.86 30282 (AS-INAPCD...)
1 1 37.252.173.215 29990 (ASN-APPNEX)
7 10 69.173.144.138 26667 (RUBICONPR...)
1 37.157.2.247 198622 (ADFORM)
3 3 185.64.189.115 62713 (AS-PUBMATIC)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 67.220.228.203 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2 52.46.143.56 16509 (AMAZON-02)
553 78
Apex Domain
Subdomains
Transfer
129 googlesyndication.com
ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 134
735 KB
118 d1baseball.com
d1baseball.com — Cisco Umbrella Rank: 203475
cdn.d1baseball.com — Cisco Umbrella Rank: 287809
2 MB
113 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
googleads.g.doubleclick.net — Cisco Umbrella Rank: 32
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 310
493 KB
57 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 272
1 MB
17 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 1693
491 KB
13 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 425
10 KB
12 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 526
token.rubiconproject.com — Cisco Umbrella Rank: 531
pixel.rubiconproject.com — Cisco Umbrella Rank: 317
21 KB
10 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 68
1 KB
9 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 541
fw.adsafeprotected.com — Cisco Umbrella Rank: 711
dt.adsafeprotected.com — Cisco Umbrella Rank: 513
99 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 214
secure.adnxs.com — Cisco Umbrella Rank: 381
9 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
389 KB
8 typekit.net
use.typekit.net — Cisco Umbrella Rank: 413
p.typekit.net — Cisco Umbrella Rank: 542
96 KB
7 openx.net
oajs.openx.net — Cisco Umbrella Rank: 2470
google-bidout-d.openx.net — Cisco Umbrella Rank: 2424
rtb.openx.net — Cisco Umbrella Rank: 1462
us-u.openx.net — Cisco Umbrella Rank: 420
1 KB
7 bounceexchange.com
assets.bounceexchange.com — Cisco Umbrella Rank: 1867
tag.bounceexchange.com — Cisco Umbrella Rank: 2576
api.bounceexchange.com — Cisco Umbrella Rank: 2233
190 KB
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 283
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 471
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 959
s.amazon-adsystem.com — Cisco Umbrella Rank: 269
62 KB
6 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439
ups.analytics.yahoo.com — Cisco Umbrella Rank: 271
3 KB
5 adform.net
cm.adform.net — Cisco Umbrella Rank: 1337
c1.adform.net — Cisco Umbrella Rank: 590
s1.adform.net — Cisco Umbrella Rank: 8822
16 KB
5 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 743
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 582
359 B
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 706
1 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
2 KB
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 354
2 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 736
2 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25
region1.google-analytics.com — Cisco Umbrella Rank: 2388
20 KB
4 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 820
83 KB
3 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 717
2 KB
3 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 741
2 KB
3 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 6097
894 B
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 147
157 KB
3 cautiouscredit.com
cautiouscredit.com — Cisco Umbrella Rank: 321948
22 KB
3 adligature.com
cdn.adligature.com — Cisco Umbrella Rank: 73847
141 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 337
35 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 575
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 729
2 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2213
790 B
2 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1500
570 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 285
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 649
792 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 770
r.turn.com — Cisco Umbrella Rank: 3354
869 B
2 myvisualiq.net
t.myvisualiq.net — Cisco Umbrella Rank: 2005
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1230
344 B
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 708
881 B
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 660
456 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 896
id5-sync.com — Cisco Umbrella Rank: 408
17 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1250
bcp.crwdcntrl.net — Cisco Umbrella Rank: 910
12 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6069
adservice.google.de — Cisco Umbrella Rank: 8720
939 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
256 B
2 omappapi.com
a.omappapi.com — Cisco Umbrella Rank: 4674
22 KB
2 gstatic.com
fonts.gstatic.com
31 KB
2 highcharts.com
code.highcharts.com — Cisco Umbrella Rank: 12161
133 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
119 KB
2 datatables.net
cdn.datatables.net — Cisco Umbrella Rank: 4858
30 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
storage.googleapis.com — Cisco Umbrella Rank: 396
2 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 333
648 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2706
104 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1444
586 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 595
542 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 460
862 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4551
525 B
1 userreport.com
visitanalytics.userreport.com — Cisco Umbrella Rank: 15266
516 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 983
401 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2765
2 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2604
8 KB
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5485
272 B
1 chimpstatic.com
chimpstatic.com — Cisco Umbrella Rank: 4612
2 KB
1 tapfiliate.com
script.tapfiliate.com — Cisco Umbrella Rank: 25128
4 KB
0 atdmt.com Failed
ad.atdmt.com Failed
553 66
Domain Requested by
87 pagead2.googlesyndication.com ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tagan.adlightning.com
tpc.googlesyndication.com
s0.2mdn.net
d1baseball.com
securepubads.g.doubleclick.net
69 cm.g.doubleclick.net 19 redirects googleads.g.doubleclick.net
ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
d1baseball.com
61 cdn.d1baseball.com d1baseball.com
57 s0.2mdn.net tagan.adlightning.com
s0.2mdn.net
ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
d1baseball.com
57 d1baseball.com 1 redirects d1baseball.com
34 tpc.googlesyndication.com ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
tagan.adlightning.com
s0.2mdn.net
17 tagan.adlightning.com cdn.adligature.com
tagan.adlightning.com
ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
15 securepubads.g.doubleclick.net cdn.adligature.com
securepubads.g.doubleclick.net
d1baseball.com
www.googletagservices.com
tagan.adlightning.com
14 googleads4.g.doubleclick.net tagan.adlightning.com
14 googleads.g.doubleclick.net ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
tagan.adlightning.com
10 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
9 www.google.com d1baseball.com
ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
tagan.adlightning.com
8 www.googletagservices.com securepubads.g.doubleclick.net
ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
8 ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
7 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
7 use.typekit.net d1baseball.com
5 pixel.rubiconproject.com 3 redirects d1baseball.com
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
5 onetag-sys.com 3 redirects ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
5 assets.bounceexchange.com securepubads.g.doubleclick.net
tagan.adlightning.com
4 match.adsrvr.org 2 redirects ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
4 dt.adsafeprotected.com ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
4 eb2.3lift.com 4 redirects
4 um.simpli.fi 4 redirects
4 use.fontawesome.com d1baseball.com
use.fontawesome.com
3 image6.pubmatic.com 3 redirects
3 ssum-sec.casalemedia.com 3 redirects
3 sync.search.spotxchange.com 2 redirects googleads.g.doubleclick.net
3 ups.analytics.yahoo.com 3 redirects
3 c1.adform.net 3 redirects
3 ads.travelaudience.com 3 redirects
3 ssbsync.smartadserver.com ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
3 pr-bh.ybp.yahoo.com 2 redirects d1baseball.com
3 static.adsafeprotected.com d1baseball.com
ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
tagan.adlightning.com
3 c.amazon-adsystem.com cdn.adligature.com
c.amazon-adsystem.com
3 connect.facebook.net d1baseball.com
connect.facebook.net
3 cautiouscredit.com d1baseball.com
cautiouscredit.com
3 cdn.adligature.com d1baseball.com
cdn.adligature.com
3 cdn.jsdelivr.net d1baseball.com
2 s.amazon-adsystem.com 1 redirects d1baseball.com
2 ap.lijit.com 2 redirects
2 pm.w55c.net 2 redirects
2 match.360yield.com 2 redirects
2 tr.blismedia.com 1 redirects ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
2 eus.rubiconproject.com ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
eus.rubiconproject.com
2 x.bidswitch.net 2 redirects
2 cms.quantserve.com 1 redirects ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
2 rtb-csync.smartadserver.com googleads.g.doubleclick.net
2 t.myvisualiq.net 1 redirects ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 s.ad.smaato.net 2 redirects
2 rtb.openx.net ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
2 fw.adsafeprotected.com 1 redirects tagan.adlightning.com
2 oajs.openx.net 1 redirects d1baseball.com
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 www.facebook.com d1baseball.com
2 region1.google-analytics.com www.googletagmanager.com
2 a.omappapi.com d1baseball.com
a.omappapi.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com d1baseball.com
www.google-analytics.com
2 code.highcharts.com d1baseball.com
2 www.googletagmanager.com d1baseball.com
2 cdn.datatables.net d1baseball.com
1 px.ads.linkedin.com d1baseball.com
1 aax-eu.amazon-adsystem.com d1baseball.com
1 dclk-match.dotomi.com ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
1 s1.adform.net s0.2mdn.net
1 secure.adnxs.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 sync.mathtag.com 1 redirects
1 r.turn.com ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 cm.adform.net googleads.g.doubleclick.net
1 ad.yieldlab.net googleads.g.doubleclick.net
1 api.bounceexchange.com tagan.adlightning.com
1 visitanalytics.userreport.com ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
1 google-bidout-d.openx.net tagan.adlightning.com
1 id5-sync.com cdn.id5-sync.com
1 tag.bounceexchange.com tagan.adlightning.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 cdn.id5-sync.com d1baseball.com
1 tags.crwdcntrl.net d1baseball.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 p.typekit.net d1baseball.com
1 www.google.de d1baseball.com
1 stats.g.doubleclick.net www.google-analytics.com
1 pro.ip-api.com cdn.adligature.com
1 chimpstatic.com d1baseball.com
1 storage.googleapis.com d1baseball.com
1 script.tapfiliate.com d1baseball.com
1 fonts.googleapis.com d1baseball.com
0 ad.atdmt.com Failed ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
553 99
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-06 -
2023-06-05
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-09-14 -
2023-10-15
a year crt.sh
backend.tapfiliate.com
Amazon RSA 2048 M01
2022-11-03 -
2023-12-02
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
*.d1baseball.com
Amazon RSA 2048 M01
2023-02-22 -
2024-01-20
a year crt.sh
highcharts.com
Cloudflare Inc ECC CA-3
2022-05-01 -
2023-05-01
a year crt.sh
storage.googleapis.com
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
cautiouscredit.com
R3
2023-01-30 -
2023-04-30
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-01-10 -
2023-03-19
2 months crt.sh
wildcardsan.us15.list-manage.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-15 -
2023-11-15
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
a.omappapi.com
R3
2023-02-27 -
2023-05-28
3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA
2022-11-25 -
2023-12-26
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
c.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-18
a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M01
2023-02-24 -
2023-09-04
6 months crt.sh
www.google.com
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
www.google.de
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
*.adlightning.com
Amazon RSA 2048 M01
2023-02-22 -
2023-07-07
4 months crt.sh
*.google.de
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
*.google.com
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02
2022-12-27 -
2024-01-25
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon
2022-06-15 -
2023-06-15
a year crt.sh
oa.openxcdn.net
GTS CA 1D4
2023-01-29 -
2023-04-29
3 months crt.sh
cdn.prod.uidapi.com
R3
2023-02-25 -
2023-05-26
3 months crt.sh
assets.bounceexchange.com
GTS CA 1D4
2023-01-25 -
2023-04-25
3 months crt.sh
*.eu-1-id5-sync.com
R3
2023-01-25 -
2023-04-25
3 months crt.sh
tag.bounceexchange.com
R3
2023-01-24 -
2023-04-24
3 months crt.sh
*.id5-sync.com
R3
2023-01-25 -
2023-04-25
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
*.userreport.com
Amazon RSA 2048 M02
2023-02-22 -
2024-01-18
a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02
2023-02-10 -
2023-05-27
4 months crt.sh
*.wunderkind.co
R3
2023-02-09 -
2023-05-10
3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01
2023-03-01 -
2023-05-08
2 months crt.sh
teads.tv
R3
2023-02-21 -
2023-05-22
3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-03-07 -
2024-04-03
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
tr.blismedia.com
GTS CA 1D4
2023-02-12 -
2023-05-13
3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-09-20 -
2023-09-20
a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2022-08-09 -
2023-09-10
a year crt.sh

This page contains 46 frames:

Primary Page: https://d1baseball.com/
Frame ID: 68F87DE3670DEE48451EB2762349870E
Requests: 204 HTTP requests in this frame

Frame: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 555C38CB3712DB4F42BBCA548EC51FB3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 88382757005D68452A6F188A71A42BB4
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7vI0WpiwsemP1agBYhm_GciabuQL9rxuHjzTfauhUpWo8Z5KEHr6fzERLmvoUzY4mEj5nNFI-OvpW7sUH9SzQ2qD7_WaTXLWz5sNBXza2IJgm1Vlpq0mF5tITdTz9l_JgLgMxDBkxWZ4kWBpkfcKkI5bVS3bozGUEXSeDoQ7dwrDlcK4PahsuUV3E5GI-CtnKObxfXeY7AImiAfjSRXOHs00ISRbCJ256AItU5sCKo8EbVnrKFD8szSA5AKng-wAxolRSEdRjjg4qzlelW_jo_xNzNckwaHCB9MosVrc-8BnJ5VaTcJAVE2gBg6SqcBwWsVwdiyV51Ierkpj5f-Vzuiw2pA&sai=AMfl-YSXhk0DFJrpIcJDoKCmN7eg7VDR0mj4kgzAKMA09j6tT5fShu_m7QRxStci_aRrfDCCDe_9Z-sLs45LQs2o46vCluXXXJ0e_yD40vfBVi_nIG-eHLcFNqjMrkhrBsAB-ZO8FVL90e9xfqzBbdc&sig=Cg0ArKJSzIeR-DkRl0iHEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B3510CD79F7F0B450320CAE803B4DFC4
Requests: 5 HTTP requests in this frame

Frame: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DA66FC369D00B21E0A96CE2100F98F29
Requests: 23 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 751EBD6450DC35CDAC243378E5B8CF32
Requests: 1 HTTP requests in this frame

Frame: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EF85C35B46B310A0C3CF4A361446291B
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYiNqa4QEwAQ&v=APEucNWx88tu71KxNay2Cyt4s-v55yGYPepzG3E-WmrGZ-brMyXQr1wq6joa0LRZBWH467cYBeZdBVLlOkTSesYWBGqVL4zqLfVJQ0fFGOcRdtLCOKCaweUOn7Ag_WXnUz562ZKp0dA_8uv3Ux_ypaykV7nsZFZgKhsUQGe2KR8vf6HWGvvLnSw
Frame ID: F781641523973E63DB8AD6F970D58FEE
Requests: 5 HTTP requests in this frame

Frame: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E655CCD03F595AA6A06E974BFCBFD35D
Requests: 23 HTTP requests in this frame

Frame: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F02DE76B410D76A461FC92F19096126E
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNXrv-AqsX0kzIOWItzlXWBYNiCL1wNQ6Bu_joDgRsgBki-HQ_XTKs8ZfvnypzCgpUvRwcT0z5OXmZP4D_z11n8iRGptGdpDGVQmQZCZHauRXC5f5NDUoles9DVV6ZDHBhlx051XkjWLfy7_KfpgQXw7ssdzOHhCbFSzBLe2PIZEWe0gK-U
Frame ID: FFDD9FC31C649F18A9E963A94C5F269B
Requests: 5 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: BE5A508C5952CC15C8BC197EA6EC5424
Requests: 1 HTTP requests in this frame

Frame: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A4B9B87959079C47B34413236075B758
Requests: 23 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/325090680463534349/index.html
Frame ID: A217D6E2BA907CBC8C46DDF5E94BD1D6
Requests: 8 HTTP requests in this frame

Frame: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 69F7B69B1B04B5F216D71549A5ACC22C
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERCuvK_DAhimve7LATAB&v=APEucNX9yzWMlEADWpg06eaqYFZn798Z7G28R5Jg_Ht-xzPnwURPNOMwLYFsfdcllwIU52VMVGwXMkwW1Gyk4I5mjK7PJmUQJKdBs78QVyNznpMUzkM0xBLIRjipiWV9siZoA_GtEkVzM0IKl-1jANUom1pmSxSlJYDSkbp6yqbSFoEixaWK81w
Frame ID: EA90178167E1BFF96D78A84FDA91E8E7
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 884077658807D850DC0C2FC18DC803E5
Requests: 9 HTTP requests in this frame

Frame: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7FCECA3675AA0FDCBA7965CF629E09E9
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B229E91EBEEAF4974D96B25CBDC436AF
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 3D1604AFEEC648D49EE9F6CADFCE65E7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY25DA3gEwAQ&v=APEucNXl8J2BSaMCLsx80QSDdepk68brf-b1t-v_cZFkOwX8sLRAOZh_N9rbTkEjG3ux46pPPFhAn7Upw-5yG71AtNdTHpRQHgy2Bko2xHqExyIuZV3k5Vub82JuMrRLUjgo9sbOiyZQAIJa02OonqmnIjtPtT9-rZsMcxezdAsv5SKp5k3psmw
Frame ID: 9F0E53FAD44A8ABB53EBE450230E54B9
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1AB820EBF6C99A3F44A2B093D776E745
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html
Frame ID: 8DF10C710B2C7FAF3F99EACE9E755CDC
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/index.html?e=69&leftOffset=0&topOffset=0&c=8Z7cxM0A4E&t=1&renderingType=2&ev=01_247
Frame ID: 16286ADCFCD5AEDC1B1F129A93239AE2
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_Fw5IDEJ7Cz58DGMWToOMBMAE&v=APEucNVFNiUB7DHoxPM9UFCw_Re0uhze6l9OAUPvTf5YwQdyUyi2SF7x_W4toCSG3VcdYI6oRsCnmBJB_lnQf5Dx3NfXBcQcFBIDvtGGvThuCwOENnWtSJEXhjsgTXr-faZ8LkWeF7I6yoavLjLGu0AX1ZiyAyI6ziw6LLs7zAsemMvtokP3kqk
Frame ID: FCF2447A91CCFC678343E8FEC5D0A846
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjb2O2zATAB&v=APEucNUyQzvk9wmCupdBtqRb0O9rA0b8v69KZg-fAcjvYFfXZ_kOkBDoXjgMmxvfoVCVYt689swMQLT856iFOIQtRX0OmxFXMBCgflS0QORADcRnTWlj1YFFA9gxQ6CQ2pgxZXA4P9LKo-cdUWp536tY_C0q6d_9fPtVHfRo6ueFZBgxJ_YWGYE
Frame ID: 164C5FFEE6365FB88E8B41094883F05D
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 016163AB4A121A318B55D59AB8313A6B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 545B12B5D99CD1947F036BAE1F4B4218
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDy79cCGKL2kuIBMAE&v=APEucNXqUCjnBevCxvBch_eQnxiDG8Ww_uHD7a4rPcCDHM5kxe3wSNwGKQiRj6R7y-H_jbgtEULsvinK1IiDtV9qtbmCBqWlh43dBU9pZe5sRvMmbQGSeGZRUAbb7TwINKtDwNU0OcwpD8gXU9Cxo5tZQnwvzjHzseUolE86OQwFSpdMVJuwtFM
Frame ID: BED74045D1F025F1E09ED0BBE53E3C61
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3263477118759043584/index.html
Frame ID: A705B82255A8F54EAAD7E47271ED1F9D
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 56622F758D7DA6AA5041824D743FBA81
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Frame ID: EDB9599C5E352729721283562F711C1E
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1764870C294BFED408CCB988B3B9828B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1A1ABDBE56A8C5CD37258E6B94833C48
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=WfCpitZIAn&t=1&renderingType=2&ev=01_247
Frame ID: C342EB81B107A375072FDA2569ABC78B
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9798500243DCD470E0DAC2688D795F51
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4043993433838689384/index.html
Frame ID: 21D45EFBB83E68AB212D216305BA377E
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 09CB5F6B01F3DC133F27E512F5460DDE
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 64A24C0D744F59A4AD7332F76CCB2E20
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 24F83F4660C18F19A6396AA0DACDA631
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js
Frame ID: B4FC95155A3D9923F9D2119E96867229
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8B16109C07F4940F174FC72155409BE4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C0758EEB8149CA6169A905B83222683F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js
Frame ID: D64EE8625694FA0C1E7147261DB282F8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FC08CC27898E89B5EB16843E4EF5CAE6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AD4BF371D44C7BEEB17C6C3F9CBE7181
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

D1Baseball.com | College Baseball Rankings, Scores, News

Page URL History Show full URLs

  1. http://d1baseball.com/ HTTP 301
    https://d1baseball.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • highcharts.*\.js

Overall confidence: 100%
Detected patterns
  • sv-wc-payment-gateway-payment-form\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • dataTables.*\.js

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • mailchimp-woocommerce-public\.min\.js(?:\?ver=([\d.]+))?
  • chimpstatic\.com/mcjs-connected

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

553
Requests

87 %
HTTPS

41 %
IPv6

66
Domains

99
Subdomains

78
IPs

11
Countries

6971 kB
Transfer

17536 kB
Size

54
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://d1baseball.com/ HTTP 301
    https://d1baseball.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 197
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fd1baseball.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fd1baseball.com%2F&rid=esp&cc=1
Request Chain 232
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOQI1kqREjWgSzOKa5FpD2Q&google_cver=1
Request Chain 233
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZA1dNJ9yL3bb7lkTptrZZwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENP4CgNH6JtIPW-qtAlSF5M&google_cver=1
Request Chain 234
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJDo_uP6WZtq3Ba5oU-XjG4&google_cver=1
Request Chain 235
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ0MzU2Mjc3NjU0ODQ0MzU5Mw%3D%3D
Request Chain 255
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKxGBIWOWAiwYZj-DdZEgFQ&google_cver=1
Request Chain 256
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZA1dNJ9yL3bb7lkTptrZZwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELMT4o9o0CH0W2tHJW2j2l8&google_cver=1
Request Chain 257
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECGQ88gNDOI1qohiNmphm9U&google_cver=1
Request Chain 258
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ0MzU2Mjc3NjU0ODQ0MzU5Mw%3D%3D
Request Chain 297
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0c1gLHMJSAa7S9dSYyGYs&google_cver=1
Request Chain 298
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZA1dNJ9yL3bb7lkTptrZZwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0c1gLHMJSAa7S9dSYyGYs&google_cver=1
Request Chain 299
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELDVijHeuDkuOcv6dOYPtKk&google_cver=1
Request Chain 300
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ0MzU2Mjc3NjU0ODQ0MzU5Mw%3D%3D
Request Chain 324
  • https://fw.adsafeprotected.com/rfw/st/990511/61634096/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-9665351610288016&ias_chanId=1&ias_placementId=19422215943&bidurl=https://d1baseball.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hp77HwDq0PSPASVQLo54jw&adContainerId=brand_safety_NF0NZLv1HKG39u8PjOyUgAg&cbFunctionName=goog_wrapCb_NF0NZLv1HKG39u8PjOyUgAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fd1baseball.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fd1baseball.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:92ef7120-c898-93bf-66e6-d8dafa294eda,c:6Cxhq3,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-98d54c456-fj2p8,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:2,mot:0,app:0,maw:0,fm:tygnKp9+11%7C12%7C13%7C141%7C142%7C143%7C144%7C15%7C16*.990511-61634096%7C161%7C171%7C18%7C19%7C1a%7C1b%7C1c,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:21,oid:4646963d-c093-11ed-920a-623c8807c44f,v:19.8.397,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js
Request Chain 326
  • https://um.simpli.fi/gp_match?google_gid=CAESEHAow-wxhbBM6D4nGo-43KY&google_cver=1&google_push=Aa02lx9RLxyPyF1xYq3Fw4TNsRBNnyGvWJ7pdq46Mo8eVJjofRqOu8Cfl5kX_Jfd1jWez4O51CJLfyJo4OwLLbyMZj9bUNlEVikv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B1C244863C294D64A78168B499299A4E&google_push=Aa02lx9RLxyPyF1xYq3Fw4TNsRBNnyGvWJ7pdq46Mo8eVJjofRqOu8Cfl5kX_Jfd1jWez4O51CJLfyJo4OwLLbyMZj9bUNlEVikv
Request Chain 327
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEM2v1DLYLdUy6Wev7iqyltw&google_cver=1&google_push=Aa02lx9JE8ZcIm6T2uyhuTJsF4jR_6vm-vBxV_qwO-9l6a2dwMRX32QMFehN87bDudFQc0SdI1psvjvHP__ZUs9CqhYbx31X3xIB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9JE8ZcIm6T2uyhuTJsF4jR_6vm-vBxV_qwO-9l6a2dwMRX32QMFehN87bDudFQc0SdI1psvjvHP__ZUs9CqhYbx31X3xIB&google_hm=eS1iMENuY1g1RTJwR3JnV1ltWjlLUGM2R2ZpNTZ2WGhwLn5B
Request Chain 329
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENlzQvdLi4W2nxorRA5g5CA&google_cver=1&google_push=Aa02lx9taL9X9Cp36zFPY6r2dQ3gf0HlSdie9cGYGA2gG3ZKqYxNTAxgFPIZKuTC3VYm-DRce5qEYzX9ZT-4TG5ABpN9msPlF0Re2A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9taL9X9Cp36zFPY6r2dQ3gf0HlSdie9cGYGA2gG3ZKqYxNTAxgFPIZKuTC3VYm-DRce5qEYzX9ZT-4TG5ABpN9msPlF0Re2A
Request Chain 330
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENDQcqALsKeVNYltqkdEAJ0&google_cver=1&google_push=Aa02lx-fCK3lO-R2mT9XcX1R_7SZY5hbHCq2teOtBVw-h2QdKCQEa4h9-QQe0v3_hgT1CHcEq_SxtcQuMQx7KSL_g-z2kN5EQPYAJA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-fCK3lO-R2mT9XcX1R_7SZY5hbHCq2teOtBVw-h2QdKCQEa4h9-QQe0v3_hgT1CHcEq_SxtcQuMQx7KSL_g-z2kN5EQPYAJA
Request Chain 331
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEY3hUFvwUrjs-qNL0fl1rY&google_cver=1&google_push=Aa02lx8pVPBW71TDJkuUJJu7i2vhD8Ue4JI8ZqjTLxtK6fKwF3E-kYOmF6NUayVB2O_UmOzeg6GxZDUaLa-VqGJmmqz6pEcYsbljoA HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx8pVPBW71TDJkuUJJu7i2vhD8Ue4JI8ZqjTLxtK6fKwF3E-kYOmF6NUayVB2O_UmOzeg6GxZDUaLa-VqGJmmqz6pEcYsbljoA&google_gid=CAESEEY3hUFvwUrjs-qNL0fl1rY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjYxNjM2MTE1MTY4ODY5ODc5NzA3NA%3D%3D&google_push=Aa02lx8pVPBW71TDJkuUJJu7i2vhD8Ue4JI8ZqjTLxtK6fKwF3E-kYOmF6NUayVB2O_UmOzeg6GxZDUaLa-VqGJmmqz6pEcYsbljoA
Request Chain 347
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECfsark3J9Hi-QMQyGGHNlU&google_cver=1
Request Chain 349
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEAnWLbYiL1uzN1H7T_31Tdg&google_cver=1
Request Chain 355
  • https://t.myvisualiq.net/impression_pixel?r=3302143526&et=i&ago=212&ao=1045&aca=27953220&si=6799994&ci=150962617&pi=338002783&ad=530141758&advt=10685373&chnl=-7&vndr=115&sz=10436&u=&gdpr=&gdpr_consent=&pt=i HTTP 302
  • https://t.myvisualiq.net/ul_cb/impression_pixel?r=3302143526&et=i&ago=212&ao=1045&aca=27953220&si=6799994&ci=150962617&pi=338002783&ad=530141758&advt=10685373&chnl=-7&vndr=115&sz=10436&u=&gdpr=&gdpr_consent=&pt=i
Request Chain 375
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEHgsKobFhaTukiVQgmizEMQ&google_cver=1
Request Chain 376
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEIxh6feOALbEqpZ28N32xH4&google_cver=1&adform_v=1
Request Chain 383
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKdFmo7GZkgBSFEjtIYSHag&google_cver=1&google_push=Aa02lx80PSdnTWURToTJW4AF2LKjHEcCXGeZzHYXnR5H1G1_OYn8aSPWy5St2xVdmaLhERQrsZnL81QNSnorzjCFDEf0j109-nTP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDA0ODgxMTk0MzM4MDA4MzQ0NQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPkAictJ1fF-vECNpYqH9cY&google_cver=1
Request Chain 384
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMxor3adPaePVUPyT5nOOgg&google_cver=1&google_push=Aa02lx8T4HzrFNvvArwfBFsMQyEEevwXEHbtcysT4vznTM5rD2gqY7tvVUcO0UpHol7sI6wFBXT4V0azYqpPqyASMmCmjgLE_lpx HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8Gq1M5iWQzWMPp7nurcxMg2&google_push=Aa02lx8T4HzrFNvvArwfBFsMQyEEevwXEHbtcysT4vznTM5rD2gqY7tvVUcO0UpHol7sI6wFBXT4V0azYqpPqyASMmCmjgLE_lpx
Request Chain 385
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOh2-7xR-IrFIPQxrJjLRug&google_cver=1&google_push=Aa02lx87QC--GUSVzFMuixYGVZb1qe8UzTUGsdFr4T2MsSyuLP15wF9uy1acB5G_-iBxQqj_xxc6lVZ8z8qluUpAQl7Qu84bLh6M HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOh2-7xR-IrFIPQxrJjLRug&google_cver=1&google_push=Aa02lx87QC--GUSVzFMuixYGVZb1qe8UzTUGsdFr4T2MsSyuLP15wF9uy1acB5G_-iBxQqj_xxc6lVZ8z8qluUpAQl7Qu84bLh6M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc1NDAyMzY1Nzc5MDUzMDQ&google_push=Aa02lx87QC--GUSVzFMuixYGVZb1qe8UzTUGsdFr4T2MsSyuLP15wF9uy1acB5G_-iBxQqj_xxc6lVZ8z8qluUpAQl7Qu84bLh6M
Request Chain 386
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHw3t6IuYRuPzNjkjm4voow&google_cver=1&google_push=Aa02lx_H9K9WdCvV_2zR6kYGG2Nh61fjIDgjMwj9wtmcTVI5Ay5InH3cGPBt1G3eyhh4O6siTKKiSVLeh7hjvfYSwIxBQEkJkso HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_H9K9WdCvV_2zR6kYGG2Nh61fjIDgjMwj9wtmcTVI5Ay5InH3cGPBt1G3eyhh4O6siTKKiSVLeh7hjvfYSwIxBQEkJkso
Request Chain 388
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEA2ED34ssL1uSdMYEp9VAUs&google_cver=1&google_push=Aa02lx8m_c1rpVE4-WX0_Rsu9y8A5vQm6m16PDHERWSfMThhyuaVruYqqeD1MgsJXMS_midrcNnizHQVu9xsSlJT12C4o0GoMZLaEw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mSEFUUkZkRTJ1R0lwMnVWVUhka3hfUktkSTFiUGR0S35B&google_push=Aa02lx8m_c1rpVE4-WX0_Rsu9y8A5vQm6m16PDHERWSfMThhyuaVruYqqeD1MgsJXMS_midrcNnizHQVu9xsSlJT12C4o0GoMZLaEw
Request Chain 389
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBRsTdOFaHGsU4nRwTr-r9o&google_cver=1&google_push=Aa02lx97_qjR3FcQaZP2JhBT4CLlRxZJaPgZQDbWC8z3TMLCQxeNzx-oJfKosQ7yo51cC49rd1XDP-hjUC2HojBHQd3dCbVr1pscaw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx97_qjR3FcQaZP2JhBT4CLlRxZJaPgZQDbWC8z3TMLCQxeNzx-oJfKosQ7yo51cC49rd1XDP-hjUC2HojBHQd3dCbVr1pscaw HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 399
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEC6Lnqe1gTsvFwaLaynr5yI&google_cver=1
Request Chain 400
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=477f7f03-c093-11ed-bd44-14e583300406 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NDc3ZjdlYzktYzA5My0xMWVkLWJkNDQtMTRlNTgzMzAwNDA2
Request Chain 401
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1raFhQQ0cxRTJ1Rkx3MzhwM25hMDNubjBiYVpvNWpNVn5B
Request Chain 412
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEIFMavVvMKNBXV4-EXA1e0o&google_cver=1
Request Chain 430
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECM_0FehjePldl_XiJocSkA&google_cver=1&google_push=Aa02lx8kIQrcj0V4wEVycoV4EbeBvMHxc9Pzcx9GDr0vA7vMcUmclH-d1W_iWsoeqzaGcouryG4zOLcM0XDNMoj6zpzs-GSBohOnlQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8kIQrcj0V4wEVycoV4EbeBvMHxc9Pzcx9GDr0vA7vMcUmclH-d1W_iWsoeqzaGcouryG4zOLcM0XDNMoj6zpzs-GSBohOnlQ
Request Chain 431
  • https://um.simpli.fi/gp_match?google_gid=CAESEN2uHBWmBsjQ6Fe_--mZm_w&google_cver=1&google_push=Aa02lx9CViiusVODUYZ8ePeNJ7OA5684Rpc297JtTA6U8qo95O6Im64bfheCjdupwrAySU555tU5rx_ahMiW0nfNjA-stL_BI98Vog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B1C244863C294D64A78168B499299A4E&google_push=Aa02lx9CViiusVODUYZ8ePeNJ7OA5684Rpc297JtTA6U8qo95O6Im64bfheCjdupwrAySU555tU5rx_ahMiW0nfNjA-stL_BI98Vog
Request Chain 432
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBA4J1qI6Po-du4Yn7x_G_0&google_cver=1&google_push=Aa02lx9kCphvjc0EbRTIn4TXHYt-tmKQ37nPkhxIDGpIkdNpvXduYtC_AZQWqHL-WCRMj7qiAXxVWyTL79akSzhzyNsl3kVxK1QrQw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8Gq1M5iWQzWMPp7nurcxMg2&google_push=Aa02lx9kCphvjc0EbRTIn4TXHYt-tmKQ37nPkhxIDGpIkdNpvXduYtC_AZQWqHL-WCRMj7qiAXxVWyTL79akSzhzyNsl3kVxK1QrQw
Request Chain 433
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBq4ih0Tc1HNGwHEmoCZ1DU&google_cver=1&google_push=Aa02lx9yQIszG7DV5-CEtWprYzlk_aZJOIlXDeBgvHfPby5Ow3F6atqIGU3spVxbp5PHZteV-E2WFz__cXHV7Jiw08AYpftJW1PgFQ HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBq4ih0Tc1HNGwHEmoCZ1DU&google_cver=1&google_push=Aa02lx9yQIszG7DV5-CEtWprYzlk_aZJOIlXDeBgvHfPby5Ow3F6atqIGU3spVxbp5PHZteV-E2WFz__cXHV7Jiw08AYpftJW1PgFQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9yQIszG7DV5-CEtWprYzlk_aZJOIlXDeBgvHfPby5Ow3F6atqIGU3spVxbp5PHZteV-E2WFz__cXHV7Jiw08AYpftJW1PgFQ&google_hm=RV9PQSoTQJmT6NyIazyvhw==
Request Chain 434
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECEVAPkxiCCIvrihZKtMEj4&google_cver=1&google_push=Aa02lx_WTn7AtFi65P3nw_5_8UP62UKKh7Hs2HD8eMPLTdXNLwD253iLfDFRweClUGvnmjaDI1MpqtYv7M4fFeRGR1rJpKSrSweh HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECEVAPkxiCCIvrihZKtMEj4&google_hm=ZA1dNJ9yL3bb7lkTptrZZwAADGcAAAAB&google_nid=index&google_push=Aa02lx_WTn7AtFi65P3nw_5_8UP62UKKh7Hs2HD8eMPLTdXNLwD253iLfDFRweClUGvnmjaDI1MpqtYv7M4fFeRGR1rJpKSrSweh
Request Chain 466
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELAmbbcEctSUex1JqN9rabU&google_cver=1&google_push=Aa02lx_Sghl_8suidIF14xVDv0ugKnHMY76tfS25hYTxB1c-SMPscHx2dCB9T8ajpzwKj99GVewJWJc-8iskyFBkWJIz4EhRea_p HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx_Sghl_8suidIF14xVDv0ugKnHMY76tfS25hYTxB1c-SMPscHx2dCB9T8ajpzwKj99GVewJWJc-8iskyFBkWJIz4EhRea_p&google_hm=7KmgqN9doHX4h2oE4sdp3Q
Request Chain 467
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENJfCH5-0ZnWRBxJxKIejOk&google_cver=1&google_push=Aa02lx8S8Uvvd73GyaRuqI2r9FF0E0tTf1XUQkAlaYM0rN75dC-gzc_gVDbBRviTVXmb_Pkyrxk7C1BnjGvMfWdtwQfcFSeDqrUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENJfCH5-0ZnWRBxJxKIejOk&google_push=Aa02lx8S8Uvvd73GyaRuqI2r9FF0E0tTf1XUQkAlaYM0rN75dC-gzc_gVDbBRviTVXmb_Pkyrxk7C1BnjGvMfWdtwQfcFSeDqrUQ
Request Chain 468
  • https://um.simpli.fi/gp_match?google_gid=CAESEId0yM0-KMo4fhTpcAaL54A&google_cver=1&google_push=Aa02lx-XoQL3T2qbk0v1f_oiP0u6dyGZZOg36y_jvYfQG7TvntQ3kHPQb1fAX51QeuwbBKx21jROtlodwAqL2TVOcfbNgEEK2jg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B1C244863C294D64A78168B499299A4E&google_push=Aa02lx-XoQL3T2qbk0v1f_oiP0u6dyGZZOg36y_jvYfQG7TvntQ3kHPQb1fAX51QeuwbBKx21jROtlodwAqL2TVOcfbNgEEK2jg
Request Chain 471
  • https://match.360yield.com/match/ebda?google_gid=CAESEL7YOXD4CME0ASd7r-DFvVk&google_cver=1&google_push=Aa02lx9LSMQeIwDBvfWQJt847M-dLGFhrJ8PcxpycU7iwAePUrwKlGUEW_u2bjOqvAkQTb9zOCS1Nh70wkPfHo5234l6XtBSBokk HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEL7YOXD4CME0ASd7r-DFvVk&google_cver=1&google_push=Aa02lx9LSMQeIwDBvfWQJt847M-dLGFhrJ8PcxpycU7iwAePUrwKlGUEW_u2bjOqvAkQTb9zOCS1Nh70wkPfHo5234l6XtBSBokk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=xokTO9VSRz6T3szRKEKJ0Q&google_push=Aa02lx9LSMQeIwDBvfWQJt847M-dLGFhrJ8PcxpycU7iwAePUrwKlGUEW_u2bjOqvAkQTb9zOCS1Nh70wkPfHo5234l6XtBSBokk
Request Chain 472
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECRY2YGFeVF6lM9JdUwn6YA&google_cver=1&google_push=Aa02lx_0tBmTTu5o8oDHPmoVX06iVPFqADiAz162HKtkLTf-h1O0kCi6byvILo1GDqougSLUz-QmBXxRPzB7Y_Un2DOu3PNjISrEnQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mSEFUUkZkRTJ1R0lwMnVWVUhka3hfUktkSTFiUGR0S35B&google_push=Aa02lx_0tBmTTu5o8oDHPmoVX06iVPFqADiAz162HKtkLTf-h1O0kCi6byvILo1GDqougSLUz-QmBXxRPzB7Y_Un2DOu3PNjISrEnQ
Request Chain 475
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGCUygPGXncJ2bZ3IXBaGMw&google_cver=1&google_push=Aa02lx-I40rEfRN5shTzFaaY4qZhdMN8t29rh0FC1gm3a67rJz6qBFo609iIe4OSjQy51xg2Z8dibqMZ8rRn-FtBHzggr95ouLrHvA HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGCUygPGXncJ2bZ3IXBaGMw&google_cver=1&google_push=Aa02lx-I40rEfRN5shTzFaaY4qZhdMN8t29rh0FC1gm3a67rJz6qBFo609iIe4OSjQy51xg2Z8dibqMZ8rRn-FtBHzggr95ouLrHvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b0d6anpvazAxUEJkUzc1&google_gid=CAESEGCUygPGXncJ2bZ3IXBaGMw&google_cver=1&google_push=Aa02lx-I40rEfRN5shTzFaaY4qZhdMN8t29rh0FC1gm3a67rJz6qBFo609iIe4OSjQy51xg2Z8dibqMZ8rRn-FtBHzggr95ouLrHvA
Request Chain 476
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDuwhtq-U7UU7QeeUmeH8ck&google_cver=1&google_push=Aa02lx_NdKbH4LGNF5bvkylgieOPB0UHvjjzEBoMHZWKzymHtM0Ao6wa_5Ggxl7AE_pPGDMjoFsD4baez419vMs0OC1RQPOgWvETWA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwOTUyMTA2OTMwNTIzMTUwOQ%3D%3D&google_push=Aa02lx_NdKbH4LGNF5bvkylgieOPB0UHvjjzEBoMHZWKzymHtM0Ao6wa_5Ggxl7AE_pPGDMjoFsD4baez419vMs0OC1RQPOgWvETWA
Request Chain 477
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEO94Pkqc4tZDa1Kv1s0QcjE&google_cver=1&google_push=Aa02lx8TUgmFnLtVBK5pXMe0s80ZGERrclIBX7nhG_DSsFke3FeSMhu9FZ56X_I2YZHcPMD8YCONN1K7qJjUkTm0sU5GDTV8BKpwsg HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8Gq1M5iWQzWMPp7nurcxMg2&google_push=Aa02lx8TUgmFnLtVBK5pXMe0s80ZGERrclIBX7nhG_DSsFke3FeSMhu9FZ56X_I2YZHcPMD8YCONN1K7qJjUkTm0sU5GDTV8BKpwsg
Request Chain 478
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKRagLkEu5E9Lv8eJSE5BGI&google_cver=1&google_push=Aa02lx_-hk_9B2krrU7zmXH6rI8JuSmumnHhhkQ1Te7nMHnm7rsrjzcuR3piap7f-AMf3zzJq3j41kmjfA3bxpFxB4SNvdSxS8Tv7Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKRagLkEu5E9Lv8eJSE5BGI&google_hm=ZA1dNJ9yL3bb7lkTptrZZwAADGcAAAAB&google_nid=index&google_push=Aa02lx_-hk_9B2krrU7zmXH6rI8JuSmumnHhhkQ1Te7nMHnm7rsrjzcuR3piap7f-AMf3zzJq3j41kmjfA3bxpFxB4SNvdSxS8Tv7Q
Request Chain 479
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHii2LNh8hzp1wXNEs9RN74&google_cver=1&google_push=Aa02lx8qx8IppNGSglWoUoPcCBGmrKCRwLkNYhXO9irzLhF3ZjRPX5qVs3JHaMwZLdeHCuY0nGX-5581oYFjtPQznixVwGJj-t9F8A HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHii2LNh8hzp1wXNEs9RN74&google_cver=1&google_push=Aa02lx8qx8IppNGSglWoUoPcCBGmrKCRwLkNYhXO9irzLhF3ZjRPX5qVs3JHaMwZLdeHCuY0nGX-5581oYFjtPQznixVwGJj-t9F8A&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8qx8IppNGSglWoUoPcCBGmrKCRwLkNYhXO9irzLhF3ZjRPX5qVs3JHaMwZLdeHCuY0nGX-5581oYFjtPQznixVwGJj-t9F8A&google_hm=GS9vsGZHm8_w_HXOSXOVGDAP
Request Chain 480
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEC8q5sJ7Yh3ND2aLguZDkLA&google_cver=1&google_push=Aa02lx9V9mD5lX3f8oYo6RBgGvydzW8GH4vnQX4s-imIbK-54QOPExRunqXnoM2YoC_sIvCjscT3OI_XJauDD2ox43m_t7W8S6N_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjYxNjM2MTE1MTY4ODY5ODc5NzA3NA%3D%3D&google_push=Aa02lx9V9mD5lX3f8oYo6RBgGvydzW8GH4vnQX4s-imIbK-54QOPExRunqXnoM2YoC_sIvCjscT3OI_XJauDD2ox43m_t7W8S6N_
Request Chain 481
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEAnHBtsbUH-rG1b07uouz5Q&google_cver=1&google_push=Aa02lx99a2G3pAvclMMhXsWjVvXDxWwTrkzoBhvqwV0XOt7QTH0PtfBVK2RnQ6dU4pnml5e7mAYIZva9lZGejY4lmqqMkZe_REzybv0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzQ0MzU2Mjc3NjU0ODQ0MzU5Mw%3D%3D&google_gid=CAESEAnHBtsbUH-rG1b07uouz5Q&google_cver=1&google_push=Aa02lx99a2G3pAvclMMhXsWjVvXDxWwTrkzoBhvqwV0XOt7QTH0PtfBVK2RnQ6dU4pnml5e7mAYIZva9lZGejY4lmqqMkZe_REzybv0
Request Chain 501
  • https://um.simpli.fi/gp_match?google_gid=CAESEBomw-4AnuV8vLc_Q0yryQc&google_cver=1&google_push=Aa02lx9BnztGi3dXOiCxcAdn0csbIjPdMhXgpTHzG65OAe0iEu7DSYoCjEr0XIyYqQPwgybl8oVeFvShyYqYUGiHGTicxW_3Gfk8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B1C244863C294D64A78168B499299A4E&google_push=Aa02lx9BnztGi3dXOiCxcAdn0csbIjPdMhXgpTHzG65OAe0iEu7DSYoCjEr0XIyYqQPwgybl8oVeFvShyYqYUGiHGTicxW_3Gfk8
Request Chain 503
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEP_9ofzYMwJ7LG3F2R8yS6s&google_cver=1&google_push=Aa02lx-COwXRgJ5SXMji3zIiMQU5wMlFUVsbrSabM5uMn1y0vy8WVXcjYjjAm4nrnSpYmav-FA_-4xj87AIX394fhGFkJ3oTidOd HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx-COwXRgJ5SXMji3zIiMQU5wMlFUVsbrSabM5uMn1y0vy8WVXcjYjjAm4nrnSpYmav-FA_-4xj87AIX394fhGFkJ3oTidOd&google_hm=hmQNXTeh1oV4QBSZaQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D640D5D37A1D6857840149969BLIS
Request Chain 504
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECjEdTarv9f8GuqhhtkraZs&google_cver=1&google_push=Aa02lx-rSIQsfltAaiXYWb8TKRzwe_VurqorZDZancKurx5IEiw-hnDDo7i2PIukzcYqW6QwCUCkNm6PoqnhUdsi4mELInXA68Td HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc1NDAyMzY1Nzc5MDUzMDQ&google_push=Aa02lx-rSIQsfltAaiXYWb8TKRzwe_VurqorZDZancKurx5IEiw-hnDDo7i2PIukzcYqW6QwCUCkNm6PoqnhUdsi4mELInXA68Td
Request Chain 505
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFrbo3KbZN1itvQUARhkD08&google_cver=1&google_push=Aa02lx9SinVeylXnIzITWMjQKgTY5psJ1mIuMK6gDEOFOoYLvLBIsnztyoA3xe5dMOXUgavD2JWfiQyq702aOD58iY6NkXMweQVp HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFrbo3KbZN1itvQUARhkD08&google_cver=1&google_push=Aa02lx9SinVeylXnIzITWMjQKgTY5psJ1mIuMK6gDEOFOoYLvLBIsnztyoA3xe5dMOXUgavD2JWfiQyq702aOD58iY6NkXMweQVp&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=79KJ13GMTZaSmKI8F_nccw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx9SinVeylXnIzITWMjQKgTY5psJ1mIuMK6gDEOFOoYLvLBIsnztyoA3xe5dMOXUgavD2JWfiQyq702aOD58iY6NkXMweQVp
Request Chain 506
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAYMwvdef5x9a9_VSuim4pg&google_cver=1&google_push=Aa02lx9FhA7h-7Wy0ajpLrnrLP5xAGaqOgreSlirgnK6zglyX_AbTdl0QNpVmQ33nTMMA-e273BBbhbs-pysDP0s-h-49272pjQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEY0WEtKU1YtMUgtSFM0Mw==&google_push=Aa02lx9FhA7h-7Wy0ajpLrnrLP5xAGaqOgreSlirgnK6zglyX_AbTdl0QNpVmQ33nTMMA-e273BBbhbs-pysDP0s-h-49272pjQ
Request Chain 507
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEIdLcQGQZj9JXY7sEhKT77c&google_cver=1&google_push=Aa02lx8N34VoHEr4D0Pv64gViLYxP_x-yWwG8k_I4repWR0dhFjJH8tQ3Qhdn-KlHFNhIi9_dKdcOMmyLbmSoKX-deexlIYoLGW4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8N34VoHEr4D0Pv64gViLYxP_x-yWwG8k_I4repWR0dhFjJH8tQ3Qhdn-KlHFNhIi9_dKdcOMmyLbmSoKX-deexlIYoLGW4 HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 515
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOqrJWJ4ONdNYvIsplwhxn8&google_cver=1&google_push=Aa02lx_sto_cxCc-7ogNZgqge0EOlhf6239pIOtAU8s2jfclHH14_Pl2dKUBWKvJa54xgjWMGvhIO1Au2DWbAGpVn_RX6Rkgvsw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_sto_cxCc-7ogNZgqge0EOlhf6239pIOtAU8s2jfclHH14_Pl2dKUBWKvJa54xgjWMGvhIO1Au2DWbAGpVn_RX6Rkgvsw&google_hm=eS1iMENuY1g1RTJwR3JnV1ltWjlLUGM2R2ZpNTZ2WGhwLn5B
Request Chain 517
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKy9PdbmwCL0wqt5_yeSiiE&google_cver=1&google_push=Aa02lx9rK6hVDLIUrOCGT3HCvb3cCvFZ48PSP3zRBxAPgJYwIPkyOiktM401E9jA985VlR5eJMPm3A91jB4dPBSgJ2NE3-uoHH77 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=n8NbyoHLTG-zq2KJui5CBQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx9rK6hVDLIUrOCGT3HCvb3cCvFZ48PSP3zRBxAPgJYwIPkyOiktM401E9jA985VlR5eJMPm3A91jB4dPBSgJ2NE3-uoHH77
Request Chain 518
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF5MQBJ8rEVABbYp9-GjmRw&google_cver=1&google_push=Aa02lx9PRCesfY9Np-OTGIPEtwY8cu9XK-CwdCvilA9qpdEFfQQWGSnC-LT8NgPQG1WtG_hAUAljryup4KmI0g576mW5Dcy7W0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEY0WEtKU1YtMUgtSFM0Mw==&google_push=Aa02lx9PRCesfY9Np-OTGIPEtwY8cu9XK-CwdCvilA9qpdEFfQQWGSnC-LT8NgPQG1WtG_hAUAljryup4KmI0g576mW5Dcy7W0g
Request Chain 519
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAROYW_OE5bhEAx9io50PwQ&google_cver=1&google_push=Aa02lx9lWXJ85hYpvQMOrJ-pAtbFk3hx5hWiTGMC-E1jqdWY_VdIdKsMpVrm8l36tqw8r83HwI3e9b_f8EPpd1zFxC-nGsMsV-Ew HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAROYW_OE5bhEAx9io50PwQ&google_hm=ZA1dNJ9yL3bb7lkTptrZZwAADGcAAAAB&google_nid=index&google_push=Aa02lx9lWXJ85hYpvQMOrJ-pAtbFk3hx5hWiTGMC-E1jqdWY_VdIdKsMpVrm8l36tqw8r83HwI3e9b_f8EPpd1zFxC-nGsMsV-Ew
Request Chain 520
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESED2C29F7KjKD8L5Zv4G9oxE&google_cver=1&google_push=Aa02lx-8vvP_bMUvszSun7C9DcQBbb6Ao-IM578Ak1hJwRlo5-wt-CkOJHyZb6vpdeBYPbiJZsrUrHSMRn6DobYir2uod_AJsSs0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjYxNjM2MTE1MTY4ODY5ODc5NzA3NA%3D%3D&google_push=Aa02lx-8vvP_bMUvszSun7C9DcQBbb6Ao-IM578Ak1hJwRlo5-wt-CkOJHyZb6vpdeBYPbiJZsrUrHSMRn6DobYir2uod_AJsSs0
Request Chain 523
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9eu&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=LF4XKJSV-1H-HS43&ex=d-rubiconproject.com&status=ok&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Request Chain 524
  • https://token.rubiconproject.com/token?pid=36584&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LF4XKJSV-1H-HS43&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Request Chain 525
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/cvxO5r4DufdhkbtrZDV0n8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Request Chain 526
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&put=CAESEPC_5eyUh-mFz6qpo7EuM9M&google_cver=1
Request Chain 527
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/rubicon?gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=68509d32-dd47-4b7f-9381-47fd81e53056&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&expires=30
Request Chain 528
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWIyMWEwMWRhMWQ5NDA3MWFhZjg4MjNhNGNkNjA4MDczODY1NTVkNQ&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Request Chain 529
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&dcc=t
Request Chain 530
  • https://token.rubiconproject.com/token?pid=25470&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEY0WEtKU1YtMUgtSFM0Mw==&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

553 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
d1baseball.com/
Redirect Chain
  • http://d1baseball.com/
  • https://d1baseball.com/
112 KB
21 KB
Document
General
Full URL
https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6e6037584a8dc9c3d2d0fce72201393a4d658767ec62fc539add88a9ebbe8a
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a697e14f9af9243-FRA
content-encoding
br
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Sun, 12 Mar 2023 05:03:45 GMT
last-modified
Sun, 12 Mar 2023 05:02:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
fullscreen=()
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RH9ghIPzNKI2dUqyUkGQLN1e3nfzry85mEWgQ1lGShgBKYjCirPK0yuAF7Ud74I6eFtD1PqNY%2B46VgmpsiCTl6x%2BuensHUpBc1zv3ZDvc6XPG9kQIum8P5NEE62nqbTN"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block;

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
7a697e11ac2e9217-FRA
Cache-Control
max-age=3600 no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Security-Policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Content-Type
text/html; charset=UTF-8
Date
Sun, 12 Mar 2023 05:03:45 GMT
Expires
Sun, 12 Mar 2023 06:03:45 GMT
Location
https://d1baseball.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Permissions-Policy
fullscreen=()
Referrer-Policy
no-referrer-when-downgrade
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ciXOm%2F%2F0Rv3DcDRPFD7cJW8yx8iPO9ZTBqSqGCP%2B94WZHRo2UTsP4WmqatUNyt5dj%2FF3HENfheZ%2Bo2POB%2B2yjQeVb1m7yLpDMs2w6%2Byjg79SxxAZDFAMLV5IxJGa4PD"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Redirect-By
WordPress
X-XSS-Protection
1; mode=block;
css2
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto%3Awght%40300%3B400%3B500%3B700%3B900&ver=45768820231f19a31403d97a004c4fb2&display=swap
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aa43888d20f6d8bbe6d11ae8db26eca226c8e3578ad960f97b92f3bb86ad59d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 12 Mar 2023 05:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 12 Mar 2023 04:00:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 12 Mar 2023 05:03:45 GMT
kot7gpi.js
use.typekit.net/
18 KB
7 KB
Script
General
Full URL
https://use.typekit.net/kot7gpi.js
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
93b93e917c6de0af8c92681e21b4ef82b8804798c58900e5c4b87775f79a3c3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Sun, 12 Mar 2023 05:03:45 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6808
style.min.css
d1baseball.com/wp-includes/css/dist/block-library/
93 KB
13 KB
Stylesheet
General
Full URL
https://d1baseball.com/wp-includes/css/dist/block-library/style.min.css?ver=45768820231f19a31403d97a004c4fb2
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3363
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 16 Nov 2022 00:57:13 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POeN%2BWAv7WTDI%2FzIUtzZ7BMHVfsA6UHjg2SyPW6Zthh8I6ZGCKZmcurYrWf7Y0vpcjdy2AfARixwQrgxoVu2k2%2FH0tsGYDMXRmFsncSHp8Dows5dfS5syVziLtEA3MnE"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
permissions-policy
fullscreen=()
cf-ray
7a697e16fb479243-FRA
wc-blocks-vendors-style.css
d1baseball.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/
10 KB
2 KB
Stylesheet
General
Full URL
https://d1baseball.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=9.4.4
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2f6f7d8fb01136f78edd2bd0f5b3484ed2c5bd663ec7210450f3ed030615719
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43080
cf-polished
origSize=10435
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 16:59:33 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7nNRjP5EOGPfKXH54MHKZTRDRc%2BVUQCY5m2UFv5WLCFGCAI84dfYhCEtI2bDATV3WDhKc3p3deyuMmvaqRS5HuzbpUO29QK9%2Fws1emxrVo%2B%2B47vOJxtVr8h6M3UC8hhj"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e16fb489243-FRA
wc-blocks-style.css
d1baseball.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/
249 KB
26 KB
Stylesheet
General
Full URL
https://d1baseball.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=9.4.4
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e3d55c26926133b75a4188bb5accc4e6d3e44d0d852ccc2e448f8161d9b162a
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43080
cf-polished
origSize=255142
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 16:59:33 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HcAjET9iq7gmboEDj05YDJdkeOY6di47CtC8PqpLkfWricl1qLXYjNEQWQ7H9F%2B%2FY7ZMB5R7WWFNoHvYqeyWISIa%2FcU1sivutmeUoJOmwsMOB3bS3AvcSV8Upcp9eU8D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e16fb499243-FRA
classic-themes.min.css
d1baseball.com/wp-includes/css/
217 B
510 B
Stylesheet
General
Full URL
https://d1baseball.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3363
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 02 Nov 2022 02:34:59 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9AoKVQV1BuLFxUdcs1Vg%2FzZ3c%2F2XBY5H37vzuPEvT89VXmUE9xsp%2B0Qaq%2FNNWtQiJQQeRPzePJmIRH0O8nkDAACwGeZ3kolZHCyiQTnAk5K8Z1htj9%2B7ZciwwTwQIlOu"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
permissions-policy
fullscreen=()
cf-ray
7a697e16fb4a9243-FRA
integritive-public.css
d1baseball.com/wp-content/plugins/integritive/public/css/
0
371 B
Stylesheet
General
Full URL
https://d1baseball.com/wp-content/plugins/integritive/public/css/integritive-public.css?ver=1.0.0
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44826
cf-polished
origSize=98
content-length
0
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Wed, 11 Jan 2023 22:26:53 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UmowaC%2B0ptczn%2Fw8LbyjiujG0vhu9%2FeQBMV0YhPIEx8K1bLqtErH7UFFsEi94nTuKX%2BqZsE7eCvVts6OhRGl6U0C0qIe22xbK5HYc074OOKJANOppN0wuVcvOieyXggV"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
accept-ranges
bytes
cf-ray
7a697e16fb4b9243-FRA
woocommerce-layout.css
d1baseball.com/wp-content/plugins/woocommerce/assets/css/
17 KB
3 KB
Stylesheet
General
Full URL
https://d1baseball.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=7.4.1
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29934ab52db572c893d40563016fedd46dc3da5bb231af5d5b187e7fe66be9d0
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43080
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 16:59:31 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=If1hoUAoAuP3PVMjGqbpivgGQsVxKYGKHFSNsQk0ntDLrR8Crg5BL%2BIRVSYSMT9%2BpekZEr3zqWLBz95rVtUTF76lMgQ3yuMojmawV0Nc3LqZZEYj8LMgHLvNTX9UAnzW"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e16fb4c9243-FRA
woocommerce.css
d1baseball.com/wp-content/plugins/woocommerce/assets/css/
73 KB
10 KB
Stylesheet
General
Full URL
https://d1baseball.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.4.1
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6178e786ceee737a7336cf1d452046b9082314b638b9cdbd2fc9ece2a6bd9651
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43080
cf-polished
origSize=74669
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 16:59:31 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2B15roOcV3RaPPBq%2F8sSpRb3zGMOBj7sUF4QVXEIE1Z6pJ6icGClSnzAKSZctegskl5CDSsIcWcMx2818Qz5CGIZAon7D14K4FM%2Bx0emduYluFBblaba%2B%2FZj7mjHrolk"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e16fb4d9243-FRA
polls-css.css
d1baseball.com/wp-content/plugins/wp-polls/
2 KB
722 B
Stylesheet
General
Full URL
https://d1baseball.com/wp-content/plugins/wp-polls/polls-css.css?ver=2.77.0
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31b11a2e634abd7166080ec689881f1152413a31284ab5fdff37ffd2cfac3212
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43080
cf-polished
origSize=2708
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Wed, 11 Jan 2023 22:26:52 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AD9cQ10S4I9YgKj0FOU%2BRNlJuD9YNlhZNMp2ss0t%2Fz7N1ejw43qQO9PeB0AZSxNuQuCw2f0C%2BtL93iANB00ygMg03XjYQGa9OG5GYN2SsEeM6j6xZlc1Fz0PGe%2Ft7K%2F"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e16fb4e9243-FRA
wc-memberships-frontend.min.css
d1baseball.com/wp-content/plugins/woocommerce-memberships/assets/css/frontend/
4 KB
1010 B
Stylesheet
General
Full URL
https://d1baseball.com/wp-content/plugins/woocommerce-memberships/assets/css/frontend/wc-memberships-frontend.min.css?ver=1.22.7
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cef56cfb50af106eee13a8077d15efd46d114217ffa7446463414fb8b25e028e
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43080
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 Jan 2023 22:26:52 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2Bwvu7tY89nB%2FqlQdbiE8thaRqr2POpvq%2BeY3lnAoFWMiq81zHjtpuXWRjBOSTuE3LVD6OOwvpI1xID9slMRV7sGGwQI%2Bal1jktl8sjksBCs7nHOTZskm2G9lh%2BNvQGP"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e16fb4f9243-FRA
normalize.css
d1baseball.com/wp-content/themes/d1-wp/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://d1baseball.com/wp-content/themes/d1-wp/css/normalize.css?ver=45768820231f19a31403d97a004c4fb2
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4552e8f83ebc6080577342a2b4614fb5f05e7e0d0b20df5cdbe017d848796f7f
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3363
cf-polished
origSize=7707
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Mon, 09 Jan 2023 19:03:15 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2B9ei1iAv8vB7Vcnu3TuoumlL9nn%2BfAAbRhMLfmSqYFnjtyO8GNZO%2F7jvw7m%2BO2ItnQDLz4sI0b%2BcQHkJo%2F8ySKzsGuJIHwqcr1scnyr6YshNM%2F%2FKqhI%2BapPnij7Kp5Y"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
permissions-policy
fullscreen=()
cf-ray
7a697e16fb509243-FRA
style.css
d1baseball.com/wp-content/themes/d1-wp/
101 KB
23 KB
Stylesheet
General
Full URL
https://d1baseball.com/wp-content/themes/d1-wp/style.css?ver=1677683191
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c32be21920869f3eddf641a1592d4a8662ac13be217d529f913f5b785d6cd0a
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3363
cf-polished
origSize=123837
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 15:06:31 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vf6qMEDWyAJkKLqSydJSKpWEQ97YrUWreNd9NbADLkVHBVFv2QMHLejeyeott0Uuk0KZb2kZJWaTaT%2BVAi1GtnIvUYHq6%2BW81RPTSCW3wSGzO15CZoBI3jk8ftVuQOwe"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
permissions-policy
fullscreen=()
cf-ray
7a697e170b579243-FRA
stories-grid.css
d1baseball.com/wp-content/themes/d1-wp/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://d1baseball.com/wp-content/themes/d1-wp/css/stories-grid.css?ver=1675806514
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d72a9625d0f7ef5234a30455d49f3fd3359ab88b8ff199d3983d4a2f7b6de14c
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3363
cf-polished
origSize=4855
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Tue, 07 Feb 2023 21:48:34 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yuy6d9x%2FbsSQy0DeL9CNvXdbN85bYbQS7UBsacRJR4SHu816wvu025JBR2atb8Z1RYHR5G8u8M78pjAKUegiWmFjpPVztQrV6J3fyAkMTpryXGAaoT2JrIO8jeGre%2FzD"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
permissions-policy
fullscreen=()
cf-ray
7a697e170b599243-FRA
mobile.css
d1baseball.com/wp-content/themes/d1-wp/css/
9 KB
3 KB
Stylesheet
General
Full URL
https://d1baseball.com/wp-content/themes/d1-wp/css/mobile.css?ver=1677617412
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a35eaa1e1f6361c4d7f6182e8a7f4df57f79cf9078768aa0cd23000dcb76303
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3363
cf-polished
origSize=12465
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Tue, 28 Feb 2023 20:50:12 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=acYBTqkToJ%2Bpx8Z0vPbd6MeReLq8vC5Htserm0fwR6tQv6IhsntYl9kAswQK03Ra9ypEuCb9AdgbfSCWa2P0jD5HdusFYJD5iY4ZlHhgmNkVXu7xWmwHouUBJxfJmqN2"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
permissions-policy
fullscreen=()
cf-ray
7a697e170b5a9243-FRA
print.css
d1baseball.com/wp-content/themes/d1-wp/css/
1 KB
942 B
Stylesheet
General
Full URL
https://d1baseball.com/wp-content/themes/d1-wp/css/print.css?ver=1673290995
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fa1a314a315d2baa199b3669600e6a2234514d4d5b8b34549f76b2813b208f0
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3363
cf-polished
origSize=1614
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Mon, 09 Jan 2023 19:03:15 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krFsPNuf6gl8%2B5V3ZOB5K3GxLsc6H9ohrHtr8nhai1IItBOm%2Bd5bCZxsNfmKhZWgM3FzFsNELxJ0ks55CIk6c6AwAyRm4WquKQpvrClFxXW0ZbCi3U%2Bf5QHZVH%2F66tZ5"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
permissions-policy
fullscreen=()
cf-ray
7a697e170b5b9243-FRA
slick.css
cdn.jsdelivr.net/jquery.slick/1.6.0/
2 KB
921 B
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/jquery.slick/1.6.0/slick.css?ver=45768820231f19a31403d97a004c4fb2
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1542558
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230083-FRA, cache-jnb7027-JNB
server
cloudflare
etag
W/"6c1-bp0TNCoRqM/Z5C7iQ+rq4BzaTiU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vK3V8DGGeZscZau%2FdQUlMMEqcpuJsy7yCnZ23Co50l2PmgwH9roDjoTqGsLQ10VGWat1XTpdljLPjq75tZNUyZDZHdLeZCo6de%2FSFL2yXr90mpv%2BnB0jFhG5zgjfAk9iUWCupBsfqqRMwKeF%2BOU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7a697e17283d2bc9-FRA
fancybox.css
cdn.jsdelivr.net/npm/@fancyapps/ui@4.0/dist/
15 KB
4 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/@fancyapps/ui@4.0/dist/fancybox.css?ver=45768820231f19a31403d97a004c4fb2
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee03159a1ee2d979a8f7d9afbdf9d29fd7597ee9d38a2ee3e323dd99300c511d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
30241
x-jsd-version
4.0.31
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230037-FRA, cache-yyz4573-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"3cee-0nBcDQHfsMIPKlPzBhAaX/pebOA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJNz6FYusApBEPsq1qJtHZCCmcwSK6IcVOX0s5x3WT0Y0E1fg1hu4YQ8htnBaPzpalm3ovelpLsoNEh%2BgQufRnCRMRGfAH0d07T4KbboMOWxl6U32%2BM8NQRLHBXaPeq%2BI%2FFxxvJUT2DiVvLNcVM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7a697e17283e2bc9-FRA
jquery.dataTables.min.css
cdn.datatables.net/1.10.13/css/
13 KB
2 KB
Stylesheet
General
Full URL
https://cdn.datatables.net/1.10.13/css/jquery.dataTables.min.css?ver=45768820231f19a31403d97a004c4fb2
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f99d6b61adf2b3939d64d51c9391bb941bdbf00d773ab630bdff9df0f7c46874
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1527724
content-length
2088
last-modified
Fri, 10 Feb 2023 12:04:40 GMT
server
cloudflare
etag
"11202fb-3513-5f4574d5f2b20-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7a697e175c552c65-FRA
access-control-allow-headers
origin, x-requested-with, content-type
expires
Thu, 22 Feb 2024 12:41:41 GMT
tablepress-combined.min.css
d1baseball.com/wp-content/
6 KB
3 KB
Stylesheet
General
Full URL
https://d1baseball.com/wp-content/tablepress-combined.min.css?ver=56
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e91f7b4165319a8664b4da9c7436ac831654d04605193b6df4685da43d7a32fa
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3363
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Jan 2023 19:19:36 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0epUPc0YfQiKN0adaI%2BEHAhAYSqXtmFxBIvWWcFsXWpmpnczdmDrlFO7x%2BMNFuc9PTPcPMufRepZbB2wVgYxycreJzFXF2RnwKWit1ARGgWzE7MNu99Mgv2jNSgroLe"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
permissions-policy
fullscreen=()
cf-ray
7a697e170b5c9243-FRA
datatables.buttons.css
d1baseball.com/wp-content/plugins/tablepress-premium/modules/css/build/
11 KB
3 KB
Stylesheet
General
Full URL
https://d1baseball.com/wp-content/plugins/tablepress-premium/modules/css/build/datatables.buttons.css?ver=2.0.4
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4c8f226eab01325b4ffba9ab7f6a2062e2d41a336a4598f78e7096402ce2be
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43080
cf-polished
origSize=10894
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Mon, 30 Jan 2023 19:42:15 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0%2BgLTyFZEGphxDi0R2h208XOooC0u2fTiIN9LjZU8HIjy%2BVFDxzsGgsg%2FjjZu6DPIAkTS2iH%2BlR0vpCSyf%2FDC4Ah3qPIh%2FN%2F6mPz%2BO6rD%2FZhN%2B6EC999D5JhTRUDBkJ"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e170b5e9243-FRA
datatables.columnfilterwidgets.css
d1baseball.com/wp-content/plugins/tablepress-premium/modules/css/build/
320 B
463 B
Stylesheet
General
Full URL
https://d1baseball.com/wp-content/plugins/tablepress-premium/modules/css/build/datatables.columnfilterwidgets.css?ver=2.0.4
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7e3908f244f0bba03237b2b9d7e5807c6fa76874b41f9e7e15d1f7be8ad62c2
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43080
cf-polished
origSize=321
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Mon, 30 Jan 2023 19:42:15 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPGmHYWd2j69t3kaMQBAFKg9zZOoniGz850zQUKyHGsGyVp486nVpNiAMYDnYzP5G0V5VoDAxrKX1OAt2Ofpi9vS7vg6FwKAQzaeblS1gdd7%2FcUVyhMaVH3oBEtu7EyE"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e170b5f9243-FRA
responsive-tables.css
d1baseball.com/wp-content/plugins/tablepress-premium/modules/css/build/
9 KB
2 KB
Stylesheet
General
Full URL
https://d1baseball.com/wp-content/plugins/tablepress-premium/modules/css/build/responsive-tables.css?ver=2.0.4
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a75b698f766b9b6566bc68a1bcbdc9bf755f0a3296d58059285ac7bd5df8e2
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43080
cf-polished
origSize=9546
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Mon, 30 Jan 2023 19:42:15 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=frVaQ8IQeiiWqVuwUn8C9vz8MJinWLbJHIlvLM5tx9QzZ10s7teXjpgE1iH5%2FtSfgQPneiFHZdi%2F0zBeStBiJaDBax30Dy7Ejpc%2F881aHt3A%2BLBhnSmZU%2FycmUJLJtta"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e170b609243-FRA
sv-wc-payment-gateway-payment-form.min.css
d1baseball.com/wp-content/plugins/woocommerce-gateway-authorize-net-cim/vendor/skyverge/wc-plugin-framework/woocommerce/payment-gateway/assets/css/frontend/
7 KB
1 KB
Stylesheet
General
Full URL
https://d1baseball.com/wp-content/plugins/woocommerce-gateway-authorize-net-cim/vendor/skyverge/wc-plugin-framework/woocommerce/payment-gateway/assets/css/frontend/sv-wc-payment-gateway-payment-form.min.css?ver=5.10.8
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6063e81c5a07865e6091bde60f6773998397a95ae98b438d96f2eb3a9c946fe7
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43080
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 Jan 2023 22:26:53 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HlYljrDDuCiQwvvrERsidDTpGPXhecFCPAB02M%2FYYg5ci7aJBYb7er49CDqujYW%2B%2BTJpWBcxvBDx3AwXVoZVrEWLEtuRmVJ%2FXt9JMKvHntq3KNO%2Bj1zDtWz7RaWz1F6z"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e170b619243-FRA
frontend.css
d1baseball.com/wp-content/plugins/enhancer-for-woocommerce-subscriptions/assets/css/
116 B
395 B
Stylesheet
General
Full URL
https://d1baseball.com/wp-content/plugins/enhancer-for-woocommerce-subscriptions/assets/css/frontend.css?ver=2.9
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78716e23d970dcb7acc853b923d0249cbd976e9a945ca84028581b1bd17da9b6
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43080
cf-polished
origSize=120
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Wed, 11 Jan 2023 22:26:52 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=brt7%2FOg4STkNdb5VC5VkLVR%2Bc5OLxuWCf1zETnVGADrwg1TjAIbN2XLT1G%2BNZoiojk%2FadnCsSIT2D3%2Bcf8QfNlf6OD4TIwwJG46JSJnT9rt18%2FQr1iHx7quJRJxycVZ5"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e170b629243-FRA
jquery-ui.min.css
d1baseball.com/wp-content/plugins/woocommerce/assets/css/jquery-ui/
29 KB
7 KB
Stylesheet
General
Full URL
https://d1baseball.com/wp-content/plugins/woocommerce/assets/css/jquery-ui/jquery-ui.min.css?ver=1.5
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
885a3c3ed9990cf54ce828353610025f4a88a43581dab47d3d50daf3eb988fc7
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43080
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Mar 2023 16:59:31 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRvajub656Zb8KytkwRxXpdKvTudPJQWFQijwCTwqOA08FdiwDhpIjA67Wxg2NgETqnchQ6oHs0EKFN7kXjw4ZSAmZXzYfqyMp7TZJ%2FgTKN9maHk0rZrinBY3B0hsflV"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e170b639243-FRA
frontend.css
d1baseball.com/wp-content/plugins/gift-cards-pro-for-woocommerce/assets/css/
11 KB
2 KB
Stylesheet
General
Full URL
https://d1baseball.com/wp-content/plugins/gift-cards-pro-for-woocommerce/assets/css/frontend.css?ver=1.5
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5723df998f0016451437a52f14914efa760c9e97c43b048b3283e0e05140dcc0
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43080
cf-polished
origSize=13674
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Wed, 11 Jan 2023 22:26:55 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBUBqJn9onMTQUFw14gW52yEGlmHLrjyEUUaFEz1HSDaA1rBZXy08Wp8Y%2BSoWMnXJDf4vF5Y0U34BCPjKasmfIj9xVl1H4C43XD0nKqLt%2B%2FQYb3l7Wa0zqKnAp9TqBoY"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e170b659243-FRA
lightcase.min.css
d1baseball.com/wp-content/plugins/gift-cards-pro-for-woocommerce/assets/lib/lightcase/
10 KB
2 KB
Stylesheet
General
Full URL
https://d1baseball.com/wp-content/plugins/gift-cards-pro-for-woocommerce/assets/lib/lightcase/lightcase.min.css?ver=1.5
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
284e7e109678de1ade545b1140f50a4e9c6d7f3783b3b43adda409c42a70829a
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43080
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 Jan 2023 22:26:55 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mG3Do9RoM7tNuIqTs4MFxrRpYK242HVi%2B6FQuCPSxcaMPAg%2Bcy1zVFhf0XMmOlY1ljm%2BjWretO%2FnsIpNLgONKSCZmAjm89M%2FCV9Tdo65MjC8WBBSWGupAQScjbGHHLkd"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e170b679243-FRA
jquery.min.js
d1baseball.com/wp-includes/js/jquery/
88 KB
32 KB
Script
General
Full URL
https://d1baseball.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3363
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 04 Nov 2022 18:41:21 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1kqED87oDUSrzCXEFUQO4UqAGQHQc6SA%2FvEhbes1wOGLZbD8eoJzyHkDBT6CHTI899L3l63iAL%2B%2FJkfWcb5Eol%2BTvINZcpK3FH%2BexkT6JCCzAtgLECF8UN2DwcwjJ4M"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
permissions-policy
fullscreen=()
cf-ray
7a697e170b689243-FRA
jquery-migrate.min.js
d1baseball.com/wp-includes/js/jquery/
11 KB
5 KB
Script
General
Full URL
https://d1baseball.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3363
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Dec 2020 01:50:27 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wRgtH%2Bzl1a3S3K5oYW%2FrHIElM9zVSAMuQSWnGpdEFBcM72XwZEBdOzGCPzUOXmjPGxOROhgyjkmHg9joznftCSHji%2F71if%2Fj2HhfBoyj%2BBv3ATisasCGYKSMI0D%2BX68g"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
permissions-policy
fullscreen=()
cf-ray
7a697e170b699243-FRA
tapfiliate.js
script.tapfiliate.com/
11 KB
4 KB
Script
General
Full URL
https://script.tapfiliate.com/tapfiliate.js?ver=45768820231f19a31403d97a004c4fb2
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-7.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44798a517a7c8d28c1e371a1b8b869bae1608bd48df7ed50800cbed8703612c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 09:31:44 GMT
content-encoding
gzip
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
last-modified
Wed, 12 Oct 2022 12:34:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
70322
etag
W/"ddbb39a9e8e67d5067145f8aa76b938d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
gsgk9KxiG-SX0UqrX_IG3gPo1wJLQM_C4e-Yv2FVVU8iLOGu83AC4A==
jquery.blockUI.min.js
d1baseball.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/
9 KB
4 KB
Script
General
Full URL
https://d1baseball.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.4.1
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18336635cd5e9edf2aff3ae18b67250684311c2a459457091b063dafba57d526
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43080
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Mar 2023 16:59:31 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZywKSFWVoKYftl5X0BHa5hGSjpMhWejVhF7eQfRN5YX4JOkOLgOQyR1l01ENvhgLSqljGVaQhb9mz28fAwiEcIenLFLBPcPyVXSN0LXO5uBDVekycSB%2B0yM311iftsq"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e170b6a9243-FRA
main.js
d1baseball.com/wp-content/themes/d1-wp/js/
5 KB
2 KB
Script
General
Full URL
https://d1baseball.com/wp-content/themes/d1-wp/js/main.js?ver=1676325393
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
672a82dee3009bae098d1d4c546c1dbb629b0bf840cbad3a5f1146730bc4f104
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3363
cf-polished
origSize=8801
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Mon, 13 Feb 2023 21:56:33 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p86AMGU4t1srb86jF%2FlMPDfQv%2F7UM8TQQhy9MQBccMi3NdE0PWkPe%2B6fOjX2ywqOSxNswh%2B2ABzfF1e3Oo6Pnxqszpjyxbve9zz8UyeyedYfzhaH3QWwvDHyyOR5%2BD%2Bm"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
permissions-policy
fullscreen=()
cf-ray
7a697e170b6b9243-FRA
5f8859bdfc.js
use.fontawesome.com/
9 KB
4 KB
Script
General
Full URL
https://use.fontawesome.com/5f8859bdfc.js?ver=45768820231f19a31403d97a004c4fb2
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80865f40e0227605b339f3bfd7f9fab0244cb8f3cbd452a0ce5d8898675f8511

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QJ9Q76E3J7HR7KMP
age
1387
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
N5i7I3fGgj5nPaaaJYjZjXIShEqHC8vJiAvKMOrMEOB8GaP+IGH9DrSW8fi08dd6HlJBk8qdKQQ=
last-modified
Wed, 30 Jun 2021 19:52:09 GMT
server
cloudflare
etag
W/"528f30741c7c16fedb490aa6315e1c92"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mY8TwsA4UQFbj2DOdHGJBVi9eLavMer3wcEdxfZ%2BxG1Wm59t%2BuLNg4qFKnWQS1ArIKSniN5Ytrw%2FHWq6aHMXnUc3q92KNInhH%2FRG3Ey5JxdHLQ3hq22DBUSVQudegKvc4hpZeIlELOlnkJQl2HQpvHL1"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
7a697e1728693653-FRA
typeahead.js
d1baseball.com/wp-content/themes/d1-wp/js/
39 KB
12 KB
Script
General
Full URL
https://d1baseball.com/wp-content/themes/d1-wp/js/typeahead.js?ver=45768820231f19a31403d97a004c4fb2
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
313b389b850f19083db18c039cbd804bf39ef85a2418fd567b2058a94c39255e
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3363
cf-polished
origSize=39749
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Mon, 09 Jan 2023 19:03:44 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMpY1a9THCTUz%2BlZz0DRJJ48VUIPEyP8qScIj7KQteLfhgT5b2JNkfg09u5V1CR%2FcAHPvrsB5%2FoS0g4HE3tAj9S4A8FrKwEevMSaAnFloYEK96gtAVDl1uyVeFBbpUKQ"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
permissions-policy
fullscreen=()
cf-ray
7a697e170b6c9243-FRA
jquery.sticky.js
d1baseball.com/wp-content/themes/d1-wp/js/
6 KB
2 KB
Script
General
Full URL
https://d1baseball.com/wp-content/themes/d1-wp/js/jquery.sticky.js?ver=45768820231f19a31403d97a004c4fb2
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
319bb5a941405ea67cbe14748fa6d42bd9cab0868c5027c4f16eae14da4c251e
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3363
cf-polished
origSize=9987
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Mon, 09 Jan 2023 19:03:43 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MV0BAxg49hmoc1uGGPd%2BUhJCZ8VJPgAedz5RoJXMzanAx7Vtoc6XwFmIU3D%2Fbi9joHgy1APE4uHn%2FfCr0mr%2BGT8i%2Fa0sY9hDbhb5VFHvTFuLaohNawflGvYy5zvjTmjf"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
permissions-policy
fullscreen=()
cf-ray
7a697e170b6d9243-FRA
plugins.js
d1baseball.com/wp-content/themes/d1-wp/js/
453 B
890 B
Script
General
Full URL
https://d1baseball.com/wp-content/themes/d1-wp/js/plugins.js?ver=45768820231f19a31403d97a004c4fb2
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c0092148c9c28f095b5d557dce3f3852345c61695c4c000dd2bd26a26bd48c5
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3363
cf-polished
origSize=760
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Mon, 09 Jan 2023 19:03:44 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=04McShoVYtPfRkH813ddRBUyZB4vyabRwy9n%2FM5XSk3cngVipeN1r0OIrxzd37TrpFXcHm2%2BYW4VgyHN2Gr9v%2BrjnsSKLktLp%2BfotaeGw8tW8PBsNU3B2NIVojpxUpA6"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
permissions-policy
fullscreen=()
cf-ray
7a697e170b6e9243-FRA
core.min.js
d1baseball.com/wp-includes/js/jquery/ui/
21 KB
8 KB
Script
General
Full URL
https://d1baseball.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3363
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 04 Nov 2022 18:41:21 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bk44KrWAYzjXFAmEq5gTeA1dDng8PbO6MTPGh8NziCf81C2h%2FKCg3S4ccsQ5eAhdmXd1a5OPsRo9%2BvoVP7eF02JYTKiznaVqOKC39EI%2BLAlP7HPMAJ5B9ASMMIcqbWm%2F"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
permissions-policy
fullscreen=()
cf-ray
7a697e170b6f9243-FRA
jquery.dataTables.min.js
cdn.datatables.net/1.10.13/js/
81 KB
28 KB
Script
General
Full URL
https://cdn.datatables.net/1.10.13/js/jquery.dataTables.min.js?ver=45768820231f19a31403d97a004c4fb2
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c96037e7a94386bbb2d49f231a771a3162803d80db2b8ece29bd2e4ff6842cb7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2710934
content-length
28202
last-modified
Fri, 03 Feb 2023 15:17:39 GMT
server
cloudflare
etag
"11202bc-14473-5f3cd2e9d4b8f-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7a697e175c562c65-FRA
access-control-allow-headers
origin, x-requested-with, content-type
expires
Thu, 08 Feb 2024 20:01:31 GMT
frontend.js
d1baseball.com/wp-content/plugins/enhancer-for-woocommerce-subscriptions/assets/js/
5 KB
2 KB
Script
General
Full URL
https://d1baseball.com/wp-content/plugins/enhancer-for-woocommerce-subscriptions/assets/js/frontend.js?ver=2.9
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a33d093820151918c2f34a1b163118b751f8d7ad0013f57cf8cec708dabd9f8
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43080
cf-polished
origSize=7657
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Wed, 11 Jan 2023 22:26:52 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2MB23nFRHx5SvCMJydoSN%2B9l0tBpRvgQ%2B06rVIFO8kZsQiDyoQ4tAzhx1mab5w4Dcj%2FNYjltj9Yn8pgzi9Nr4PsC83YW%2FHbjGv58ZbUEbx5QmS4l8cxuo6A6yYmy7Yla"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e170b709243-FRA
lightcase.min.js
d1baseball.com/wp-content/plugins/gift-cards-pro-for-woocommerce/assets/lib/lightcase/
26 KB
7 KB
Script
General
Full URL
https://d1baseball.com/wp-content/plugins/gift-cards-pro-for-woocommerce/assets/lib/lightcase/lightcase.min.js?ver=1.5
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f757a755b18e98d4dfb3de042e6fc5f735c9ffc28130a3588cd8528cce4384
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43080
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 Jan 2023 22:26:55 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SIErd%2FMt%2BACvjZms8WTrHXmnKhJ67IUTof2HBaFjzEBKHQGIBhlbGi%2Bx7YXvvo371Wt8pOBpBRj6QwhPKTi1sgNK%2BWCXKYRxz6iq1gDphGqYwbeQih4oqZQw3kXlVM7m"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e170b719243-FRA
gtc-lightcase-enhanced.js
d1baseball.com/wp-content/plugins/gift-cards-pro-for-woocommerce/assets/js/
388 B
531 B
Script
General
Full URL
https://d1baseball.com/wp-content/plugins/gift-cards-pro-for-woocommerce/assets/js/gtc-lightcase-enhanced.js?ver=1.5
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5ca5ffb30696def925aaf216875407dd65609a1d88052e7670185f3898d16ec
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44826
cf-polished
origSize=560
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Wed, 11 Jan 2023 22:26:55 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVdTYJkfREp6xJ0rUmOsvEUN6Eq80jqrUPoqb6o%2B4UZh1PKLwcNuFUALtc6btPGLZypaxFs%2FfLcgUgICwyRIY7Zl40q1TxP34tbyo5DubXFQgSkojSY5C%2FssDpRitY%2B%2F"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e170b729243-FRA
datepicker.min.js
d1baseball.com/wp-includes/js/jquery/ui/
36 KB
11 KB
Script
General
Full URL
https://d1baseball.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8821cd10861112ac07254592b0b332abd02cfb6ac32c0ac71378be0fb58c309f
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3363
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 04 Nov 2022 18:41:21 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUTg9PxxM3ngD2bA1KTsQ6teGYVul82H4nQBcTvzhCZXTFNcjd%2FXVS7QJaTXQEiJgQBQtRc%2BGyhOZ1SzTwPK%2B3l0UeaWf1N%2BVAY8rN%2FOMz3LEaamvlyi%2B2EealuccJkj"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
permissions-policy
fullscreen=()
cf-ray
7a697e170b739243-FRA
frontend.js
d1baseball.com/wp-content/plugins/gift-cards-pro-for-woocommerce/assets/js/frontend/
14 KB
3 KB
Script
General
Full URL
https://d1baseball.com/wp-content/plugins/gift-cards-pro-for-woocommerce/assets/js/frontend/frontend.js?ver=1.5
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3663058ada0ff50176d23fd110cff17ec6d438b1342cfcac8ca86c7a71cefd9e
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43080
cf-polished
origSize=19349
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Wed, 11 Jan 2023 22:26:55 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TUTBh%2Fiiq3oCf%2Bp6ynQNj1GFUpSXgEPO%2FpJfJ9Ab3xly6WWuHraKuW4YLcnxB3lRMk3ngunE4HgbOLCgloaxL1cyUd8pqiCVRkosEPP0jGmh8LYeul4joB3MmXs1g%2FHU"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e170b759243-FRA
js
www.googletagmanager.com/gtag/
217 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-F18EQH3BTV
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e9b730ddf3283e484653cf949d4aa05c0e76e3133e75f0ea534e30a2f02ffec3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78199
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 12 Mar 2023 05:03:45 GMT
lazyload.js
d1baseball.com/wp-content/themes/d1-wp/js/
4 KB
2 KB
Script
General
Full URL
https://d1baseball.com/wp-content/themes/d1-wp/js/lazyload.js
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d790aa9ffe3bfff038ed28fb2e130f83835fab53bde5e1dd0fda13c3ba7a1e8
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3363
cf-polished
origSize=4296
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Mon, 09 Jan 2023 19:03:44 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HLwHIGuZLxzKmnf50Pkq6qhc8D8ROMFE5U6IC5QYemVANYLFaEPrK2SZdXOyi6FL5DhggXkNRD%2BC1%2FWSUKf05wykIMLHjzcrqq%2Bp1PVv9lH5KY30i2L%2FtQY6iKzyzgd"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
permissions-policy
fullscreen=()
cf-ray
7a697e170b769243-FRA
woocommerce-smallscreen.css
d1baseball.com/wp-content/plugins/woocommerce/assets/css/
7 KB
1 KB
Stylesheet
General
Full URL
https://d1baseball.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.4.1
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43079
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 16:59:31 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6aNtsSggSsAdNv%2FrtOSNylvVZpSvqkcRJuV2mLJzGfTfBUAw%2FMKJ%2FdlWNyasTSJiDvaeclommEnTB%2FKx%2FhANmq5MmIdMCipLq5l7%2FaTbRIQfNgVwznvtqVzdsShzQp4A"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e17dc0a9243-FRA
rules.js
cdn.adligature.com/d1b/prod/
46 KB
6 KB
Script
General
Full URL
https://cdn.adligature.com/d1b/prod/rules.js
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
286200c5e002448c35e12911a5c2f71afdd954c4b5fa5f2526e3857a4afcd45c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=78296
x-guploader-uploadid
ADPycdufNj7hkEd_muw0qr9Qaf-nLQNpu7uw0gHpHPV5se8aDQL70CL9xz3VhpDNOAfkwwEj79NMssuzrdgjC5T0FJFE9w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 09 Mar 2023 21:00:38 GMT
server
cloudflare
etag
W/"681d48199424b89a0d9e1a715a320165"
vary
Accept-Encoding
x-goog-generation
1678395638701053
content-type
application/javascript
x-goog-hash
crc32c=nnHHYQ==, md5=aB1IGZQkuJoNnhpxWjIBZQ==
cache-control
public, max-age=1800, s-maxage=600, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzIZiNF8YYzSSDe0txKOYnYoEh2RFMxL2mhUNIiIv%2BQVbjrPjm86neNaC9EZecngB%2FS1ZKgPXZPyigL65g1pXyLt160y93wq1JsYxiAeNECGPLcsRiEBCdlp7RhJWwn3NKtFjcFF7rdRzbqE4h2zFCo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
78296
cf-ray
7a697e17daab39c2-FRA
expires
Sun, 12 Mar 2023 05:09:55 GMT
D1-Logo-White-v2.svg
d1baseball.com/wp-content/uploads/2023/01/
4 KB
2 KB
Image
General
Full URL
https://d1baseball.com/wp-content/uploads/2023/01/D1-Logo-White-v2.svg
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9effa8a61af1770fbcc6e7d233fa86a35fcf84714579dc64b0e2ce7e1117824f
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:46 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 10 Jan 2023 20:38:21 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AXalkYbv0I5BlXy7oUA9pcu9z94Nc0H4vO8bbWHulcKBys44yg0Nj30oYi5miRhnfjVboMjggGtZDVkO4v8HZKh7wioMtU%2BTmmKipI1QMApcZ5g%2B0%2FoipAbnE8ecbOOV"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
permissions-policy
fullscreen=()
cf-ray
7a697e17dc089243-FRA
Netting-Pros-Logo.png
cdn.d1baseball.com/uploads/2022/03/16160340/
38 KB
39 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2022/03/16160340/Netting-Pros-Logo.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58fb75e3eebef6f543c49f2d8b79bf460e10ea0ddd64f977b73dd0cd7ec3d46e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 04:08:17 GMT
x-amz-version-id
fEIYHcRuKGW87w4Q9G75fNV6Iwq5kY8w
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Wed, 27 Apr 2022 00:44:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
17456129
etag
"25416d119143ca6bd9a81371b2579c90"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
39017
x-amz-cf-id
LJpm5hIRYMVFiQvLAgFkkwwHF-qRMDmrgThGw6r3AHP3IkLKzrYxbg==
lsu.png
cdn.d1baseball.com/logos/teams/128/
6 KB
6 KB
Image
General
Full URL
https://cdn.d1baseball.com/logos/teams/128/lsu.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9abec92b072fae4a837346c9e645cf30ea279fb5c33d62d2281966b252ba962e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 12 Mar 2023 05:03:47 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Mon, 30 Sep 2019 13:41:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"c7c6dde09d70b194ff08589dbad4b3d6"
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
5643
x-amz-cf-id
nlxk02E-_J7I4ps9KzfIGlzy0zuaESPAENKBL4pBvDAyiCjroAGSag==
stanford.png
cdn.d1baseball.com/logos/teams/128/
7 KB
7 KB
Image
General
Full URL
https://cdn.d1baseball.com/logos/teams/128/stanford.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da38fa49b7324fe60efeaf0aa68d6fd7e5d81ade79b17a7960ffef1ce20688bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 12 Mar 2023 05:03:47 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sat, 11 Feb 2017 06:29:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"893e0ab743415417246c4aaaa2abe4b9"
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6726
x-amz-cf-id
pUaGqpC9BI-gcpWCjtbsTA2OgOh-Gpt--F74lI9Q6c2RILW94TLtgA==
tennessee.png
cdn.d1baseball.com/logos/teams/128/
2 KB
2 KB
Image
General
Full URL
https://cdn.d1baseball.com/logos/teams/128/tennessee.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5df9f530a6d9d503d73a5b89738c888eabae2bd098482df8b52f4f494c74f515

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 12 Mar 2023 05:03:45 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sat, 11 Feb 2017 06:30:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
850
etag
"3e6517b1c58e9d41f8c4cd3f64d474f1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1915
x-amz-cf-id
PYiC2g4UJ24er7JHT8OrQKGlcffF5bybWW9078veXon1xYgxiEezTQ==
olemiss.png
cdn.d1baseball.com/logos/teams/128/
10 KB
10 KB
Image
General
Full URL
https://cdn.d1baseball.com/logos/teams/128/olemiss.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7dbcf8e468897d1283f3e0fec3fce2fc171b44211766893d2d6474a268f08669

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 12 Mar 2023 03:27:16 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sat, 11 Feb 2017 06:29:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
32324
etag
"f877ad418e9cfecd891e36adf401b8cd"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
9906
x-amz-cf-id
eqOPKcXWlasYbiPGbF6APX3YuM6t5srAtka46I64cDON0OT_5H1VIA==
wake.png
cdn.d1baseball.com/logos/teams/128/
7 KB
7 KB
Image
General
Full URL
https://cdn.d1baseball.com/logos/teams/128/wake.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c9aca03be41dffa1eccaa55f3779224ca09d690930e5228226d62675fb924940

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 12 Mar 2023 05:03:47 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Mon, 13 Jan 2020 23:02:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"52924f31c6d4760dd65321722df61f7e"
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6947
x-amz-cf-id
RXC56L7jh4iojeBEAjAbRxVs63BKRr0St2eVCj7Zh0lsXEhE7PoTuA==
florida.png
cdn.d1baseball.com/logos/teams/128/
10 KB
11 KB
Image
General
Full URL
https://cdn.d1baseball.com/logos/teams/128/florida.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d60235a4b1177847cd63d13c25ce541629711871f19b1dfece7d6bc06f95b005

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 12 Mar 2023 05:03:47 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sat, 11 Feb 2017 06:28:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"38546226d4726546d1e2549d8097f473"
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
10492
x-amz-cf-id
0GWLx-rukFUhdizAN5eGgaomf6lCYr5B9gokQqUMewZ0OwHfez8xqg==
vandy.png
cdn.d1baseball.com/logos/teams/128/
10 KB
10 KB
Image
General
Full URL
https://cdn.d1baseball.com/logos/teams/128/vandy.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
198d5c4c0d908452f6632da880972c8e65d657b7c7cb138a1d856c17389a349c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
9Hmqrkk.mkH_bixzDrix0UlHU_d_56PM
date
Sun, 12 Mar 2023 05:03:47 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Tue, 22 Mar 2022 21:43:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"1be35f54648df54ae3cc3a5dc66837d0"
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
9824
x-amz-cf-id
RHRYfv4PVRVhMRXRoiNygksepgrKU2OBQopqZrCTWHnDmTP800fggA==
arkansas.png
cdn.d1baseball.com/logos/teams/128/
8 KB
8 KB
Image
General
Full URL
https://cdn.d1baseball.com/logos/teams/128/arkansas.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1fbc42d0181201b26dc04a802ba3be5fafb38e3e24060f77a4e0965be6507315

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 12 Mar 2023 04:33:39 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sat, 11 Feb 2017 06:28:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
11558
etag
"386e6069e03d56c428e0d3fbb854bd68"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
7703
x-amz-cf-id
nQLHvAE254vGwk7C_Al6HwaSKvXhpUWzmgUS-4xMIZZZGQF_OHoQPg==
louisville.png
cdn.d1baseball.com/logos/teams/128/
7 KB
7 KB
Image
General
Full URL
https://cdn.d1baseball.com/logos/teams/128/louisville.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b8b5d726b51416b29efc4a4799396c73d7a2327f80ebd6ccc682254794dfd33d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 12 Mar 2023 05:03:47 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sat, 11 Feb 2017 06:29:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"5662a772fbbe71e4fa4b629905fadb39"
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
7008
x-amz-cf-id
9DxQk72Ho0hFRxtpz8PYZY-94P8KmjUq8nsOWAugFhnKeZISwFG34Q==
tcu.png
cdn.d1baseball.com/logos/teams/128/
9 KB
9 KB
Image
General
Full URL
https://cdn.d1baseball.com/logos/teams/128/tcu.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
589405077e8808e851b67cfa520aeaeba7fc63d5ec23f2fe78ec7ad7a746ae26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 12 Mar 2023 05:03:47 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Fri, 01 Nov 2019 03:20:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"91cbc89c2740fc6787781d48f108d194"
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
9356
x-amz-cf-id
LxfwRV1ZcHrydXajh1QX95MD2XSy-55CWVfcLcBpN8J-32-B665Cag==
vatech.png
cdn.d1baseball.com/logos/teams/128/
5 KB
5 KB
Image
General
Full URL
https://cdn.d1baseball.com/logos/teams/128/vatech.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
37dcd72ceb3924a0706774df447ccd8b95e2053b4a4215596da32fdd6466cb1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 12 Mar 2023 05:03:47 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sat, 11 Feb 2017 06:30:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"3c68d85671b2a81b49e386e4f0686e71"
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
5136
x-amz-cf-id
56sIleSeRvbU7VM7-b48sr2fykqv1apAGgyD2CS_4eOsObz-oCuyHA==
ecarolina.png
cdn.d1baseball.com/logos/teams/128/
11 KB
11 KB
Image
General
Full URL
https://cdn.d1baseball.com/logos/teams/128/ecarolina.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c39b42998ad64a936fc68b30314f320a4c4dd1513ec18b42f4b23cf9687a8aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 12 Mar 2023 04:33:40 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sat, 11 Feb 2017 06:28:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
4263
etag
"d09cdeab3f6a0e39b864750ddc6340ce"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
10769
x-amz-cf-id
MA2qCXruCieBVyjj_Oh0IZ66PT15e4Dvzw8lQIJDzGY2-UPJEsRNSw==
okstate.png
cdn.d1baseball.com/logos/teams/128/
4 KB
4 KB
Image
General
Full URL
https://cdn.d1baseball.com/logos/teams/128/okstate.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1198df402a6a159ae3f3974f0e8a1825ca8f227f14a0cc8235f1e173edc05443

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 12 Mar 2023 03:27:17 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Mon, 09 Dec 2019 18:47:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
8285
etag
"692e7e2559ee59ec53b409640cc9ff91"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4065
x-amz-cf-id
0M04NtcOHL1wAi7fbu1HIOle2so0xVRVZ7yi9Jlg6T4J6fzhMxn6_g==
unc.png
cdn.d1baseball.com/logos/teams/128/
8 KB
8 KB
Image
General
Full URL
https://cdn.d1baseball.com/logos/teams/128/unc.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b4d08e9df3626ea8ac2ca6bbe904be004f0f4cbcf3179d115b51e7128f1b610e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 12 Mar 2023 05:03:47 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sat, 11 Feb 2017 06:30:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"a80d5d8a4595cfc380d82e3696c89094"
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
7903
x-amz-cf-id
W6xNWYSROpfJIuC8WEGYiggW9DHlFxljAonnznkyKTMTyx_9rPajIQ==
texasam.png
cdn.d1baseball.com/logos/teams/128/
6 KB
7 KB
Image
General
Full URL
https://cdn.d1baseball.com/logos/teams/128/texasam.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6998c1dd622d8d73a5c9f2ece40f7d194b9fb7bde26836a506b92365d84b577

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 12 Mar 2023 04:33:40 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Thu, 16 Feb 2017 13:50:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
12383
etag
"1708f449f910f064d5b00b4e53e2fda9"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6589
x-amz-cf-id
7p29z_McnyhSi0FiMFk3KvH_B33-juRgdHKFDAIWajSqecADIZbjgA==
ucla.png
cdn.d1baseball.com/logos/teams/128/
9 KB
9 KB
Image
General
Full URL
https://cdn.d1baseball.com/logos/teams/128/ucla.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c97c6e7742fde0fc4f268897e971691e1bc2962d37f3863ce996c72a1bcd16e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
RtgagSa8DKOkDzspe1Fmf.X3hQgKQ2Z6
date
Sun, 12 Mar 2023 05:03:47 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Tue, 12 Apr 2022 18:06:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"b4a8b5ebaf9642a140d0c64e0ce9df77"
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
8799
x-amz-cf-id
80O2T3Qc1yGhtcJlwuXxN8eqkeypaMIGQTfFngthdjgy1Z2Jwn-nnw==
virginia.png
cdn.d1baseball.com/logos/teams/128/
12 KB
13 KB
Image
General
Full URL
https://cdn.d1baseball.com/logos/teams/128/virginia.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c5e4ed3a4d1206f0f598dd5ea0166c616ce16ecbf257362af0257af5f51c6c18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Sat, 11 Mar 2023 10:39:24 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Thu, 27 Aug 2020 16:36:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
66262
etag
"0ffff7da314688b2875dd093e1ee33ed"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
12602
x-amz-cf-id
1l8Wq-zFnuFkuKgUQQWVUgdmSzng4Ap5HfL0in85Sj9uwBrdt5Lyzw==
alabama.png
cdn.d1baseball.com/logos/teams/128/
15 KB
16 KB
Image
General
Full URL
https://cdn.d1baseball.com/logos/teams/128/alabama.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d524f0551554a4cad23f55c2428a4b42924766843dcf9ae1643faae1e67f611c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 12 Mar 2023 05:03:46 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sat, 11 Feb 2017 06:28:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
379
etag
"cb8b9ee21b33ee617825cb532fdacb73"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15576
x-amz-cf-id
964Jq7-3fPoHicmQBKa_ez5yX6avPQL4rUiMK8RYd1GCt54bqgZ0GQ==
ncstate.png
cdn.d1baseball.com/logos/teams/128/
13 KB
13 KB
Image
General
Full URL
https://cdn.d1baseball.com/logos/teams/128/ncstate.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ded4e1a92a6ae365f5dc0a4e06ce91a78795b7df47acc1126ce0d24f03c0277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
664L_qYSEq5vBB2R5XMnwb6oAZYfK.Pg
date
Sun, 12 Mar 2023 05:03:47 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Tue, 22 Feb 2022 20:11:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"4f0c74827344e38de8b92184fe6b2759"
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
12813
x-amz-cf-id
xkpqXDX7FEq_U46SE8Haq6K4aLxfnrqg1Ptvq0AKo-v9CJ-CLVQvmg==
scarolina.png
cdn.d1baseball.com/logos/teams/128/
10 KB
10 KB
Image
General
Full URL
https://cdn.d1baseball.com/logos/teams/128/scarolina.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d8d1572235ebd38b0fcdf3c837919a63066fe5220e066eacb1e8dac66c8d6a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 12 Mar 2023 05:03:45 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sat, 11 Feb 2017 06:29:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
4263
etag
"7081121fe949ff747b44285f445dbdc8"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
9760
x-amz-cf-id
5M56zz8ZHlZf6tdZs6S70zez9QTxMSE2zaZU2A-or3MV0x8O0wQ8jQ==
floridast.png
cdn.d1baseball.com/logos/teams/128/
9 KB
9 KB
Image
General
Full URL
https://cdn.d1baseball.com/logos/teams/128/floridast.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ced12bb5e40b66b89afdd543442e40cdd41e5ac240d18d5b3e8b594a4b25434b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 12 Mar 2023 05:03:45 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Fri, 27 Sep 2019 19:51:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
378
etag
"5ee6b9e0cffda7e35ad9299d0923bc38"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
9316
x-amz-cf-id
Lhz5NpAJESu7IMX1Kwq3hsBT7FfeADzjCx1h0_D6bvMrTgbPhq4USw==
smiss.png
cdn.d1baseball.com/logos/teams/128/
6 KB
7 KB
Image
General
Full URL
https://cdn.d1baseball.com/logos/teams/128/smiss.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7758e1a2d3060e4c5804f888ebc944bd436b667712a72fc6f51f4cf31431ae1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 12 Mar 2023 05:03:45 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sat, 11 Feb 2017 06:29:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
1805
etag
"d90f22fe988ebbb5aec616cf4f7c08d7"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6506
x-amz-cf-id
WF0V9TSQf9QynxSjBaPX1Vel5ReWvZoEEcvieCBiHkahIL60-4F9gQ==
iowa.png
cdn.d1baseball.com/logos/teams/128/
6 KB
6 KB
Image
General
Full URL
https://cdn.d1baseball.com/logos/teams/128/iowa.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ef89ad613854bf1798852bcfb4e7404ee37dea7bea3cab7bc1dd67c655809b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Sat, 11 Mar 2023 09:03:29 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sat, 11 Feb 2017 06:28:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
72424
etag
"45e58a2f69cbbc28a3d931541a692096"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
5701
x-amz-cf-id
YFOuTULFgUPpXSAhp8Usjv3bbwvYbrWO8fadHe7VjbETuRef-A98Eg==
campbell.png
cdn.d1baseball.com/logos/teams/128/
10 KB
10 KB
Image
General
Full URL
https://cdn.d1baseball.com/logos/teams/128/campbell.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee5e5a53c03ba71393dc66f1e6b09498e7b58fea19fd83c2d12162108eeefc08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Sat, 11 Mar 2023 09:03:29 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sat, 11 Feb 2017 06:28:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
72425
etag
"b84833702064390d96d3347cf52431bb"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
9730
x-amz-cf-id
bK4Vsf30m6GDlR56Z6bGHMH8AvxI3U_vnpLZZ5Esv560siW24Qm4Cg==
oregonst.png
cdn.d1baseball.com/logos/teams/128/
7 KB
7 KB
Image
General
Full URL
https://cdn.d1baseball.com/logos/teams/128/oregonst.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
61420df1d3b7db0b8f112f35adb4cb45c3e7e2e952db8854060ff9229a03721d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 12 Mar 2023 05:03:45 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sat, 11 Feb 2017 06:29:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
592
etag
"322728e72973602572000e4ef6d8dd73"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6939
x-amz-cf-id
Nr37YDkKynicHxyh97g4432FC5fNjIODedhyami2MQYJDNz93hnwtg==
D1-Secondary-Logo-White.png
d1baseball.com/wp-content/themes/d1-wp/img/
26 KB
26 KB
Image
General
Full URL
https://d1baseball.com/wp-content/themes/d1-wp/img/D1-Secondary-Logo-White.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61e4e3deaf9bd80b768a237961887c0fd46da4e7858da8bf090a17290d16b41e
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1798
content-length
26341
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Jan 2023 19:03:27 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BIpgT6%2FtoLn8KEcNjmz09l88Z2ZfLwy1NFR2aVrjfmkr4t6MuEQMN0QbdupsFAdz6CGfKMjo9xfSqyDnokYhXu2RdPlrg8zox3BCMrGokYYJve7nVr0r0yh2JOkZqhAD"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
permissions-policy
fullscreen=()
accept-ranges
bytes
cf-ray
7a697e17dc099243-FRA
rapsodo.png
cdn.d1baseball.com/uploads/2022/02/10172758/
2 KB
3 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2022/02/10172758/rapsodo.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d9b410c68b3b5f06ca3aa100d694d9cd1250fc6f12b21ccd7355779c17ce1936

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 01 May 2022 05:40:18 GMT
x-amz-version-id
aOIJbkJDxod_2SIcCHb08FOwDkpNbvJX
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sat, 30 Apr 2022 18:30:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
27213808
etag
"e8c1aef6c2ecf1bdcfe25c045015621b"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2232
x-amz-cf-id
X4ykqNBZ4TFGje2qTHUFJRLBIAgnX_I0x4ol8T1aROqSwzAME5EHXw==
nettingpros.png
cdn.d1baseball.com/uploads/2022/02/10173453/
4 KB
5 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2022/02/10173453/nettingpros.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
77afdb91b243187311da6bf6529cba227f8a165ad2a86e9569cc3663a4d2db47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 01 May 2022 05:40:18 GMT
x-amz-version-id
8W1RToMBk2h_m499unm4nhE7Ag9sebWx
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sat, 30 Apr 2022 18:30:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
27213808
etag
"16cfe851c64f02bfde53590edac2fc77"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4340
x-amz-cf-id
BBTWcr3lTvoRXjKP09ekKarMGelbTCJ34vqoHA9w2biAdHqKjvOqXw==
643.jpg
cdn.d1baseball.com/uploads/2022/02/11115716/
3 KB
3 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2022/02/11115716/643.jpg
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3d8a9299e4999d41a6bfda057db961c5e205a87a0b26e3b94f2d13ba4d5890ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 18:34:03 GMT
x-amz-version-id
VapEYGnljU8ktlqdTtiZMSdQZ7FwJl4_
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sat, 30 Apr 2022 18:31:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
27253783
etag
"a97e7bbb663df7df09682b5d864bda27"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2901
x-amz-cf-id
y_dPOP52TK_SNorjTFMIlnxDPPsPdt2ERy5sVCAbjE-cLclvsAF8Pg==
Untitled-design-1.png
cdn.d1baseball.com/uploads/2022/05/09193900/
6 KB
6 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2022/05/09193900/Untitled-design-1.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
79a6be7c19a9e1326cb2050ea5a67f47c9932a9c25e2da24ed371d2428f4f948

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 01:49:16 GMT
x-amz-version-id
j_ZpgGaRfklfL2p.4OIHjMextOFqF_WE
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Tue, 10 Jan 2023 00:39:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
5282070
etag
"0d5b9f12172382fd5534c8fc40fe224b"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5930
x-amz-cf-id
tAIa5nEleYoKnzdvniT-1ElhI6N-2EgGnK2nj2X-Z_MeQGBxjK7_aQ==
peakevents-1.png
cdn.d1baseball.com/uploads/2022/02/10174100/
1 KB
2 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2022/02/10174100/peakevents-1.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ed5b8cbe9c0e8731180d791d77992e2ee88e9711d7d6b61dcb20268e03639a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 01 May 2022 03:39:19 GMT
x-amz-version-id
DtKNjSRXD_MeQLL.M74QARl8N7LVLWXw
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sat, 30 Apr 2022 18:30:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
27221067
etag
"a6835cc0ecf25e0cb98979daed7de467"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1192
x-amz-cf-id
tJt9DnEPU8pKy2ez_TgXHSy79MjvK8H4Y-m8WBUIQ2ikTWRBQ6h60w==
NewS2.png
cdn.d1baseball.com/uploads/2022/04/01045452/
1 KB
2 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2022/04/01045452/NewS2.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d116717e65e4beed505bb32773e7abcb9e759e3141a09a31a93a22315f79ff1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:03:28 GMT
x-amz-version-id
355JI90sQobhwbUTVAOor2xxCwfR55c7
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sun, 01 May 2022 08:54:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
14137218
etag
"9c57e2f59bc73857bcfa91bd488ac78f"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1307
x-amz-cf-id
QC2onns9hMxDAunrcRNGckXgqvMtQEWw3h1v8_fQCUlH760s2QXLNw==
js.cookie.min.js
d1baseball.com/wp-content/plugins/integritive/public/js/
2 KB
1 KB
Script
General
Full URL
https://d1baseball.com/wp-content/plugins/integritive/public/js/js.cookie.min.js?ver=3.0.1
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d07dcdbb3ddaba0dda7d56d496cbb5d8fbb1bdadc23f812126d3c4c6ab39e158
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43080
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 Jan 2023 22:26:53 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DB%2F%2B8mHtIejTg3khX10MGZ%2BLtg6yhWE%2BdLaedP5Vi6Ga3UD5U5DnIREaz5ijS4nZZ5nUsGM05ul3lJiOsysvOiuoPQ%2BA8Kr3D9qIwQD78%2BH14wz4UrB936a2TCP0%2FQGY"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e17abdd9243-FRA
integritive-public.js
d1baseball.com/wp-content/plugins/integritive/public/js/
3 KB
1 KB
Script
General
Full URL
https://d1baseball.com/wp-content/plugins/integritive/public/js/integritive-public.js?ver=1677685407
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f963a6b0afb3692ec8e0bed3cba24b1aa5e2f91981a0ec15b4db302ebf7c6a6c
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43080
cf-polished
origSize=4131
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 15:43:27 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c32s2iVRl26Nf4e2Qa0dQ%2F6lIsUOA9%2BYhiNK0JtejJfWLb5Yo4urMlCFvw6rpSscrLgbqyuSzfSgsggyJzyCkcfZJK%2Bwl%2BH60Hk7v7KgVS59joiuE7UGj9MG8MEijs7I"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e17dbfa9243-FRA
js.cookie.min.js
d1baseball.com/wp-content/plugins/woocommerce/assets/js/js-cookie/
2 KB
1 KB
Script
General
Full URL
https://d1baseball.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.4.1
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43080
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Mar 2023 16:59:31 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKs%2Fdu3qKAm5J5uDj6xvojEgOYN%2FeiX5rD9DZQlfGozrApmNoGpL6Pa2xcZGE0WzijKID35i%2Fxja9VkSLwxJD9tmo1DRuXvyhPmB5fpH0qes1h9W6ynSReFf664YNvPu"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e17dbfb9243-FRA
woocommerce.min.js
d1baseball.com/wp-content/plugins/woocommerce/assets/js/frontend/
2 KB
1011 B
Script
General
Full URL
https://d1baseball.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.4.1
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43080
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Mar 2023 16:59:31 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yncghol7Ny1UBHCtwkf5zy%2B%2FxJmNfpdHM47FYYG0hGyzsrMxvom5dldwalofh0RqNbH%2BddQc6wLylE7Wib6vAUi2DE0r5kw8L8cIzXju3Oit9ShT5t9FrzFn55ifPIWF"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e17dbfc9243-FRA
polls-js.js
d1baseball.com/wp-content/plugins/wp-polls/
3 KB
996 B
Script
General
Full URL
https://d1baseball.com/wp-content/plugins/wp-polls/polls-js.js?ver=2.77.0
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03d87f337bb68d971d9fdb8ed746c0ab6f4008e6060e63ed67057f444a05a6a6
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43080
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Wed, 11 Jan 2023 22:26:52 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j9eWASH6JCOHx%2F5yEntwbLOmb9qz0UJ5p09jb587sbMl6dzOJkK4mS8jJJzhZPXw7F6kf8hCYPE5Y4GQk8%2BT8614zcCRHTyphprzwdvrApMBOU1VDLW5lIM1aGPrsadc"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e17dbfe9243-FRA
mailchimp-woocommerce-public.min.js
d1baseball.com/wp-content/plugins/mailchimp-for-woocommerce/public/js/
7 KB
2 KB
Script
General
Full URL
https://d1baseball.com/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.8.01
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e23064f0de65944686ada90242a58d8c0de5ed90225c573b883640d315104c04
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43080
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 16 Feb 2023 23:29:53 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2FStwfH084kIFnbfq%2BYR6o%2F1ZvxShym2XkmkVHJu0YZ9eoZIMiNVK%2F3p9PrlON0X1aMMW4DjYCm4D7AJKxHhe4Z2igWfklv6AvMHhkHYtH4VHGqDOC40urmeh93UQ98N"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e17dbff9243-FRA
modernizr-2.8.3.min.js
d1baseball.com/wp-content/themes/d1-wp/js/vendor/
15 KB
7 KB
Script
General
Full URL
https://d1baseball.com/wp-content/themes/d1-wp/js/vendor/modernizr-2.8.3.min.js?ver=2.8.3
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0f8526e7a1b0f1fb42e8acec3c1e7737a1a3065b773ebd13a492952f557967
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3362
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Jan 2023 19:03:44 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRnh07oO1Iw0FOzPIE4BGip%2BE%2F%2BE6sLBCcUV6y5XUlXrz4cfihm8pQpt3Hra0V1qRUZiHoZ1k29ppvYq05M8pXyHE2Y4lXzSoKA368GAky9L%2FqT1V50xnoFnkJdMpETH"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
permissions-policy
fullscreen=()
cf-ray
7a697e17dc009243-FRA
tooltip.min.js
d1baseball.com/wp-includes/js/jquery/ui/
6 KB
2 KB
Script
General
Full URL
https://d1baseball.com/wp-includes/js/jquery/ui/tooltip.min.js?ver=1.13.2
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
033e0749f8158d222c10ec42a544afb64e164468b3343b87dbbd6717e380b7d7
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3362
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 04 Nov 2022 18:41:21 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tksE%2BstXNm9NtomFKm2TQzAtB%2FpoxQepSwumc88Kq6St8KOWaV8Egb1k%2F3YvsfIw9VFCZ8fMw9gz8s0BvG2HugTpIwOj9VhFAt8AUQZRHSkkqdinkHRGqy%2FJuVQt3Vay"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
permissions-policy
fullscreen=()
cf-ray
7a697e17dc019243-FRA
highcharts.js
code.highcharts.com/
297 KB
101 KB
Script
General
Full URL
https://code.highcharts.com/highcharts.js?ver=10.0.0
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4998 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23c718824a5c88b1469f12f9a4ee4c08481076fd26df5159a34835664cdfc3f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
KAJPQD5B64113BKK
age
499681
content-length
102736
x-amz-id-2
ZZNdwJfSGwXP2h9bAa5xVsX/y4YaTliMZLFDRLWqckhiadMvAsK3b4e53rvPHJprLjeuCQdmHgo=
last-modified
Fri, 20 Jan 2023 07:14:34 GMT
server
cloudflare
etag
"e3055f9e83422471e8a147350ce4ebde"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a697e182ad7bb49-FRA
expires
Sat, 21 Jan 2023 07:14:15 GMT
highcharts-more.js
code.highcharts.com/
104 KB
32 KB
Script
General
Full URL
https://code.highcharts.com/highcharts-more.js?ver=10.0.0
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4998 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffd634c1b5b7d55af8d3142d4728eb1a22bfdd1af1de9a67f555f3e166e705c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
WHMFMDJM05B0BPZW
age
499682
content-length
32364
x-amz-id-2
zzfp2+QhOnJJ0Nm59VDEwG63zTFTsh9lQ44hfSJOXPX4gCprxgjd7NwsWu+J69k9j4B89ILTewA=
last-modified
Fri, 20 Jan 2023 07:14:33 GMT
server
cloudflare
etag
"2502b618e81e9f7e63ad587d0d8b8bd1"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a697e182ad8bb49-FRA
expires
Sat, 21 Jan 2023 07:14:15 GMT
fancybox.umd.js
cdn.jsdelivr.net/npm/@fancyapps/ui@4.0/dist/
103 KB
30 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/@fancyapps/ui@4.0/dist/fancybox.umd.js?ver=45768820231f19a31403d97a004c4fb2
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1a7f655b0b8be63ec6bc38b04028198ba32b8aab86c194a2b628e80c59aca2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
30392
x-jsd-version
4.0.31
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230104-FRA, cache-yyz4521-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"19ca7-YDrz4C84GmWPE164D07veMx+dQ0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QwvEin8rGcLYYfE4zig1WqzOPjHOdJalrrudQcKxBQEa%2BT6%2Br%2BzbVq8iqF3n1Efp2kYJjkJaJweyJ14junJJGqzUHVyq6X0y0ckaNYu1SA9ZKSe9p9GEFbO%2Fx6Wa9ruZfDjoqjXixWT7QiTk%2FK8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7a697e17d8cd2bc9-FRA
win-probability-ajax.js
d1baseball.com/wp-content/themes/d1-wp/js/
628 B
936 B
Script
General
Full URL
https://d1baseball.com/wp-content/themes/d1-wp/js/win-probability-ajax.js?ver=1676296554
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f4f317c7334c8bf3f3286db1ccd8cfa54a44fbac5edf9a0d46c745e10d3d9fe
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3362
cf-polished
origSize=1412
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Mon, 13 Feb 2023 13:55:54 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iH54ayGEx4wCR%2F08MjjqPIZJ%2FREtVMdTE5MQ74Re3neEzbRd2zM2Tq5DVZtWBMzGmmAxLkyhckkT4ojWOrAM4bkoOFVVid9K%2Bm9g7cdWYboEU4WJhMKHPq5XyY%2F8YG9j"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
permissions-policy
fullscreen=()
cf-ray
7a697e17dc029243-FRA
d1-load-more.js
d1baseball.com/wp-content/themes/d1-wp/js/
519 B
598 B
Script
General
Full URL
https://d1baseball.com/wp-content/themes/d1-wp/js/d1-load-more.js?ver=1673291023
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfc34531bbd751b67520a56bc4ffbd8bc64620c509ad83c2367081533e5eb61e
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3362
cf-polished
origSize=645
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Mon, 09 Jan 2023 19:03:43 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbPFpcXZzqsMwP9YIfrlNkbVBrX4LK90%2BuxhZOoQue7ef2azZeun3rXFw%2BsYbutRwkyCD1aHdHoWFZv6RRHZt8a9nBqKb7MIslJR%2BpGDlF0yvXpSCV6E6BUX4hpjViYQ"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
permissions-policy
fullscreen=()
cf-ray
7a697e17dc039243-FRA
jquery.payment.min.js
d1baseball.com/wp-content/plugins/woocommerce/assets/js/jquery-payment/
8 KB
3 KB
Script
General
Full URL
https://d1baseball.com/wp-content/plugins/woocommerce/assets/js/jquery-payment/jquery.payment.min.js?ver=3.0.0-wc.7.4.1
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc3575c93a1b6b59914c16e49cd84c248eda35012f1357a4600f3354e48fd794
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43079
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Mar 2023 16:59:31 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xdVTzsd3TpVCU6%2B%2Bd%2FptMpr0PS5NhnVD%2BszYnWLRfEGp%2BWWM4jPaSOe%2BBs4Xh3h0g65MHCXPFoCs6rPzgZKygbMC8o2g1jz3l5mz5RY7Xnxp0B26y173YxLyoQ%2FDhak"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e17dc049243-FRA
sv-wc-payment-gateway-payment-form.js
d1baseball.com/wp-content/plugins/woocommerce-gateway-authorize-net-cim/vendor/skyverge/wc-plugin-framework/woocommerce/payment-gateway/assets/dist/frontend/
9 KB
3 KB
Script
General
Full URL
https://d1baseball.com/wp-content/plugins/woocommerce-gateway-authorize-net-cim/vendor/skyverge/wc-plugin-framework/woocommerce/payment-gateway/assets/dist/frontend/sv-wc-payment-gateway-payment-form.js?ver=5.10.8
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84274b8f972e0f2f1f10260f90ac67421c2d7ee1148e60531cdbdc5d4308ef88
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43079
cf-polished
origSize=9208
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Wed, 11 Jan 2023 22:26:53 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tw5PgMOAqr0qgyx0IQQcFfC7W1X2QuteRnNiYEM7Uug%2BKXUF7cGjzEjXYNiOcIJBc%2BbD8lrL843Qfo6bhrlBs%2BbBy29vfKhnFvhtuJdlY6c6HkJxeLJ1KnG4l1y6kBMe"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e17dc059243-FRA
wc-authorize-net-cim.min.js
d1baseball.com/wp-content/plugins/woocommerce-gateway-authorize-net-cim/assets/js/frontend/
9 KB
3 KB
Script
General
Full URL
https://d1baseball.com/wp-content/plugins/woocommerce-gateway-authorize-net-cim/assets/js/frontend/wc-authorize-net-cim.min.js?ver=3.6.2
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3c3ab8ebdca56c735a753ebadc4de78cbf6753e12d99d51e5ce9105d4fa8175
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43079
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 Jan 2023 22:26:53 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCiFZyo2iBSeDEmaON72bJzrNxgCmPlO7nrE84dxr5DfjrR1J4ozdgnzezrRBc8ZAbky989O1%2Fd1Fj2nBU9ebjsRtX1ZAuPvraR6hDzSvQqIYxdNkb4QE0jz6mFoMhkE"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
cf-ray
7a697e17dc069243-FRA
heartbeat.js
d1baseball.com/wp-content/plugins/wp-rocket/assets/js/
0
406 B
Script
General
Full URL
https://d1baseball.com/wp-content/plugins/wp-rocket/assets/js/heartbeat.js?ver=3.12.5.3
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43079
content-length
0
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Thu, 02 Feb 2023 20:30:20 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kxDh%2Bwa2irubPrOpBfGJndHOKRMbo7wJuNqN7t3dxTDXg%2Fkxt0eCHSscmjU6nj0NRaZfcINyjKZE5MOH4sZAVQHVkqmXf3BdrbIUIRFS6iCPJA0TmlG0Qn6gesbOIKXB"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
permissions-policy
fullscreen=()
accept-ranges
bytes
cf-ray
7a697e17dc079243-FRA
didna-pixel-d1baseball.js
storage.googleapis.com/didna-files/
0
567 B
Script
General
Full URL
https://storage.googleapis.com/didna-files/didna-pixel-d1baseball.js
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:46 GMT
age
0
x-guploader-uploadid
ADPycdvhUwgqNVSKvo6T7Gyc3kxZVEp9IvgWHzlxLEujkUOaqC9XHkdDD0Dd95ccNDNscnPeV6Nvj22NHlzuVD23azri4oDPtr10
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
last-modified
Tue, 08 Jan 2019 15:38:10 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1546961890849076
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
content-type
text/javascript
cache-control
no-cache
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Mon, 11 Mar 2024 05:03:46 GMT
ofn6lcsQQzXbD7aZHPwBvKWt9uBba7Dz3N8nc8EZqVcfoSbvUdtaGhogiH_TaYO6pOJzg
cautiouscredit.com/v2/0/
59 KB
22 KB
Script
General
Full URL
https://cautiouscredit.com/v2/0/ofn6lcsQQzXbD7aZHPwBvKWt9uBba7Dz3N8nc8EZqVcfoSbvUdtaGhogiH_TaYO6pOJzg
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
a210b1564ae040cf98a0639fbf673de64f0a0728ecbfd1b1d96401e1fa075d6c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Sun, 12 Mar 2023 05:03:46 GMT
x-datacenter
gce-europe-west1
etag
"d10614d313383ed0381ae53913f208f167ab2027f9c3f311951b76093f83e123"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-blst
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
787370472
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 12 Mar 2023 03:19:33 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6253
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Sun, 12 Mar 2023 05:19:33 GMT
gtm.js
www.googletagmanager.com/
110 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P3ZB6KN
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2dc8e1ebc3500014f0e4072d8d2db22cff83d8a301b8b62bb0bd5df909e4240e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43461
x-xss-protection
0
last-modified
Sun, 12 Mar 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 12 Mar 2023 05:03:45 GMT
fbevents.js
connect.facebook.net/en_US/
107 KB
28 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 12 Mar 2023 05:03:46 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27907
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
APWlJGa72SV9eYBbuBwJ+15Uj8Jil3WhVZGqNEqvffc/DV4HxvLZJ+f89ZaVpCKpH9K4u+2Jp6eK8hdbsOvaLA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
5f8859bdfc.css
use.fontawesome.com/
1 KB
763 B
Stylesheet
General
Full URL
https://use.fontawesome.com/5f8859bdfc.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/5f8859bdfc.js?ver=45768820231f19a31403d97a004c4fb2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccdef63a1236abf7b5af0ae6c89023fc19544dffc96f87a880d70c0941df213c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QJ9G1MADG6Q2F4C5
age
1385
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
OEXF1l4IgGHczsuztrwdnMRToNJvmkscDbz9wqXQmCeU7cgRLvt9EEnNH5wVpNyhAtiqgjAD6Rs=
last-modified
Wed, 30 Jun 2021 19:52:09 GMT
server
cloudflare
etag
W/"32ee3130f5f038edb615769b8d3d15a6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHYfwtQpPm6%2FTs22e4mcF5mc7FOmi5dvOd0SAHTQ2DHkOjYa2t6%2FcC2MtkYimFNthgXCvXazBQQ9%2FNFSA0eJXkAAIyclN3kjSde1yqWoUlCrbsoV2O9zi37gMSUYTWyXHquic%2BGZcvGPP0nh06kWxU2D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
7a697e17e9163653-FRA
font-awesome-css.min.css
use.fontawesome.com/releases/v4.6.3/css/
28 KB
7 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v4.6.3/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/5f8859bdfc.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61f7de13520a14ec37ba246b4846f5850ab87ffbc0d5b366709509c1d97d83b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.fontawesome.com/5f8859bdfc.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
796MJH02YZETZ8SF
age
690477
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
hHn8/6+/4BABVslKYYWWqHN9tstQwlRvW4HpdQrPboMyudmuqjn+ADt4W1JOlSlJIx4J1SHwxu0=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
W/"7937bc10f6c59ceed1ff6e6bbebfcd8d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZ2t%2FK7KndAk3QgJEvYAL8ynZgUKT%2FhPIXkvlndkJ%2B8CRKZ3kYcq%2BXdGUFw2OLOW8MAf9zmzyr%2B154SHn739lFEX6zfFY9BxCvoLwmFdCMlMmqF8a0tBh2%2FTUvq%2BT7xIJX%2BTr2a0x43AysstvpFXgGya"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7a697e180c59363d-FRA
advally-5.7.0.js
cdn.adligature.com/rules.js/
110 KB
29 KB
Script
General
Full URL
https://cdn.adligature.com/rules.js/advally-5.7.0.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/d1b/prod/rules.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bda3b7f2bd3ccf922d3bc779d317594dde6f9e26f779dab916162025918ffbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5002
cf-polished
origSize=179466
x-guploader-uploadid
ADPycdvQ3pv3ppA3Y0Wct6SX61f54-XIvQF7K7gNboaRUEW_PD7sPMQD_UsKzHYelABYJpsWM2S64uDgRjc7FGDfsXzz94SsaQn1
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 08 Mar 2023 19:32:39 GMT
server
cloudflare
etag
W/"8770dfe18bd34381d7ab282861569f51"
vary
Accept-Encoding
x-goog-generation
1678303959246837
content-type
application/javascript
x-goog-hash
crc32c=uSLchg==, md5=h3Df4YvTQ4HXqygoYVafUQ==
cache-control
public, max-age=7200, s-maxage=7200, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mtOdkl2SLrkKEi6egEa396nSKcTn9S0P7d7VDV4DgnFHYYr4rf3lgOhB9wFsIBXFdZtgj%2BLmnAO0jh8iMZ33cNxhQRygLvoKGGYpKFrKeC6qoy4V4l9kjkgZLY1%2FAnaflX7w%2FUoUYcpZEiKWKcX0MME%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
179466
cf-ray
7a697e180aca39c2-FRA
expires
Sun, 12 Mar 2023 05:40:23 GMT
9fe3e2f33e61f171c529cefbc.js
chimpstatic.com/mcjs-connected/js/users/d1c148dd8472baf6c1f509b52/
3 KB
2 KB
Script
General
Full URL
https://chimpstatic.com/mcjs-connected/js/users/d1c148dd8472baf6c1f509b52/9fe3e2f33e61f171c529cefbc.js
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.177.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-177-117.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0377e2532170d63ea7ef7def4590b8f1433da71f8400f3a1da9d51368ebc31b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
95
Date
Sun, 12 Mar 2023 05:03:46 GMT
Content-Encoding
gzip
x-amz-request-id
71FQM55B2MK0RW9V
X-EdgeConnect-MidMile-RTT
0
Connection
keep-alive
Content-Length
1217
x-amz-id-2
cZP2i/UgYUhh5HzSVHekF6p4zwTPtTGQ/sRPmOXovYeBJUXNsl0EhUJkILWB0gdaf045hmQ3UVk=
Last-Modified
Fri, 24 Jan 2020 18:42:10 GMT
Server
AmazonS3
ETag
"6ccb5bc75c2e5a80eea4162dadf427ae"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=898
Accept-Ranges
bytes
Expires
Sun, 12 Mar 2023 05:18:44 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto%3Awght%40300%3B400%3B500%3B700%3B900&ver=45768820231f19a31403d97a004c4fb2&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://d1baseball.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 14:05:36 GMT
x-content-type-options
nosniff
age
226690
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Mar 2024 14:05:36 GMT
arrow-drop-green.png
cdn.d1baseball.com/assets/images/
215 B
559 B
Image
General
Full URL
https://cdn.d1baseball.com/assets/images/arrow-drop-green.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/wp-content/themes/d1-wp/style.css?ver=1677683191
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0cf3cb493f89de244ccb1e0539f9799c52ad5ab3432a58980dbd49bab2f34d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/wp-content/themes/d1-wp/style.css?ver=1677683191
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 12 Mar 2023 05:03:45 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sun, 12 Feb 2017 19:16:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
378
etag
"0f829f73c2b53b0c69937428b05deb9c"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
215
x-amz-cf-id
0mdLtRwRvT9CxZpPdPwMMBe1bbniTy3BbcVggLBwXw6PA5DjZq-cvQ==
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto%3Awght%40300%3B400%3B500%3B700%3B900&ver=45768820231f19a31403d97a004c4fb2&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://d1baseball.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 08:06:08 GMT
x-content-type-options
nosniff
age
161858
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Mar 2024 08:06:08 GMT
Friday-Digest-3.png
cdn.d1baseball.com/uploads/2023/03/10231438/
694 KB
695 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2023/03/10231438/Friday-Digest-3.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fdec74b3370ff70cf95f3f26e2497879d7273412c0c8a7cc79141b3cdde4e347

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:38:05 GMT
x-amz-version-id
R0dii.IzPlkK2Zf8yuJh0A.Gg2xjxJP1
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sat, 11 Mar 2023 04:14:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
80742
etag
"08ecde3f9e560d53e3871e0ee2b19a77"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
710775
x-amz-cf-id
cCWymiIYCajxBAyvG8e9DJ62Y4CtHF92ss7Zig1voMgnFRRpGJTUNw==
Ian-Farrow-200x200.jpeg
cdn.d1baseball.com/uploads/2023/03/11102822/
11 KB
12 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2023/03/11102822/Ian-Farrow-200x200.jpeg
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f32a549132fffee763a12b06d1c0d94df2469f3fcc26344a347018c273cb7e9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:35:43 GMT
x-amz-version-id
.oVzSwutDRIVFlLIBfXukFaekkUUM.z4
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sat, 11 Mar 2023 15:28:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
48483
etag
"3694a4b6dbd8e75aa6e973eac95d06e5"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11710
x-amz-cf-id
ALy6SMmN_T2L2hPE1v01ZyGrunplo4fd-i1P2WEagcksj0N7KHHyTA==
Brock-Wilken-200x200.jpeg
cdn.d1baseball.com/uploads/2023/03/10215042/
43 KB
43 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2023/03/10215042/Brock-Wilken-200x200.jpeg
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
baadcb80f1167388c2e6768ce25b138667b32ee639059fb4b4608044536def56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 07:09:44 GMT
x-amz-version-id
TtEeKMyRbmByjgA1vtlb4RZi_slio4mw
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sat, 11 Mar 2023 02:50:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
78843
etag
"12f86783a53104eeeaa05852f0c9fd7e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
43614
x-amz-cf-id
MgybY1mfZC5Fq0fDIxkjO6XYzkBkWmrPaNfvijHu3ot8NtzcuHyyOQ==
Cal-Carver-200x200.jpeg
cdn.d1baseball.com/uploads/2023/03/11110117/
11 KB
12 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2023/03/11110117/Cal-Carver-200x200.jpeg
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2d0a729f5fbbee8e93ac81df2a50ff1d9523c8bfaf34e465de71147ac4299d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 16:15:07 GMT
x-amz-version-id
Umac_spcYwz94GX.S4oBzDuP6hWOYzc7
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sat, 11 Mar 2023 16:01:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
46120
etag
"2d75635949a8d5ec485ed38c3a6f9216"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11666
x-amz-cf-id
S-sVCd7a4-LJtvHGKIqvrlUDNKdi9EIXLc0Sc1bva5yS6g782QU8gQ==
NCAA-200x200.png
cdn.d1baseball.com/uploads/2022/07/21121233/
33 KB
33 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2022/07/21121233/NCAA-200x200.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef9265c5005547e7c56246760a0d8b02b1e659925c1be0782f409161e1dda7c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 03:29:15 GMT
x-amz-version-id
mL8vVmsUL4Uc9SzoklIl9jBMUjLU1B.y
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Thu, 12 Jan 2023 19:53:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
92072
etag
"1d7fcec5b565384b7d326332a78f846b"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
33545
x-amz-cf-id
-Fy8HmUMwEWcikr18uRYIr6Vfvqc0V5BGguModzCcj_-fXe98TX26A==
Connor-Burns-Long-Beach-State-4-200x200.jpg
cdn.d1baseball.com/uploads/2021/05/02021459/
9 KB
10 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2021/05/02021459/Connor-Burns-Long-Beach-State-4-200x200.jpg
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d09989b620f9d03fdd09ac7652033679a0ce8cea8ed0e3532a619028652664c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:35:44 GMT
x-amz-version-id
99LeMWQRbl1jiHm8J.Dk6SFUycZgKQjI
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Wed, 11 Jan 2023 16:21:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
48483
etag
"deb4476663f4c27b44da8937ec270897"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9399
x-amz-cf-id
kifz9mMIPdPAvImqqnu3_UY-uyyZ5Ib2147srRuT4wV9qMZpj5ExxA==
Week-Four-Staff-Picks-200x200.png
cdn.d1baseball.com/uploads/2023/03/10114750/
47 KB
47 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2023/03/10114750/Week-Four-Staff-Picks-200x200.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf844665e82fb605b98a4e3a437e02d1228c60d848bad70190bfa8dc25a99e6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 17:31:30 GMT
x-amz-version-id
YDDZbVAa1PpmTy1NnRqXFHZ4ZhTRBiFC
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Fri, 10 Mar 2023 16:47:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
127937
etag
"bf1db5cc5e5862d1cd1bc2540aff7c5e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
48159
x-amz-cf-id
y48B0m1GoczNcSobE-AqdTmyfOo85CrBEMj7KaijCToTUl_wPsY24A==
ARKWegs-200x200.jpg
cdn.d1baseball.com/uploads/2023/02/19020142/
16 KB
16 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2023/02/19020142/ARKWegs-200x200.jpg
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88675d02b468546bc0eea3901c3c79ee7496cdf6cc4bb62f3e1740dd2e15bfc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 22:20:11 GMT
x-amz-version-id
8b71x8d0X9253PEq_dnnqjRE_n6qcdnr
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sun, 19 Feb 2023 07:01:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
283416
etag
"8a9d914cbd7ab5678df790d15c4cd2b6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
16394
x-amz-cf-id
qZ8TWKxytZSm7yHgz0TlxExEAHgUir_-Taw-B-__DBhTtSw9kcEttg==
OTTOMH1000-200x200.jpg
cdn.d1baseball.com/uploads/2020/05/04145131/
5 KB
5 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2020/05/04145131/OTTOMH1000-200x200.jpg
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ee7f8f930e105469865810cdc78c03d83f56931ec4f2677d6de044af3e29c7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 20:44:53 GMT
x-amz-version-id
cF6M.zFeUoiBYjt1NkZR_9JBvvnCnyQe
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Wed, 11 Jan 2023 16:54:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
2017134
etag
"e84f0b31c793aed4b8b5876053c57ebc"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5150
x-amz-cf-id
CxTdECDrx2iiLrueO5ULHxg9UmU1v9ULSy0vcGfDwm7oFtCg__QFIQ==
Chris-Flynn-200x200.jpeg
cdn.d1baseball.com/uploads/2023/03/10084010/
12 KB
12 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2023/03/10084010/Chris-Flynn-200x200.jpeg
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c01bffb49baf84cc43d44a47bdbeab458c7e5f12dfd1de822f95db5e4a3f841e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 18:22:35 GMT
x-amz-version-id
8pQw16wz2n3h7Sq7WEhoTLz8ZSIIx8ly
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Fri, 10 Mar 2023 13:40:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
124872
etag
"e136f1eb062518271e8171d11d45d009"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
12017
x-amz-cf-id
34tXfT-0N9gA01wdmuFf36x_EDTNDsLIywqV54TW9L7smFQ9bIFEJw==
Payton-Tolle-200x200.jpeg
cdn.d1baseball.com/uploads/2022/03/05034552/
9 KB
9 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2022/03/05034552/Payton-Tolle-200x200.jpeg
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8cdfbea94abbdea441cc6cdfc3fa842871125fe0a73892e2e8dd307a42c54ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 17:12:44 GMT
x-amz-version-id
tuxFe.A0J7V186ZMvyXqob4a7cONzlTO
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Thu, 12 Jan 2023 21:49:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
215463
etag
"1b5c80074f5dbd1f2d3332fa91c26c52"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9296
x-amz-cf-id
qNjX0ie4nFNDMH7jjE6oTVpsg5R1ehqi628GSe4eQHet83NCfB6eQQ==
maxresdefault-200x200.jpg
cdn.d1baseball.com/uploads/2023/03/09101252/
9 KB
10 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2023/03/09101252/maxresdefault-200x200.jpg
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06527c45f5d2009a0b4cbc1fef692941ce321aee8c003d6accc66ed325acbded

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 15:27:56 GMT
x-amz-version-id
h9vCDBCAihbnvX1hyvPtbVCW3lV0VY7r
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 15:12:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
221751
etag
"7c8db4dfa87949e58083980aec4f6149"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9440
x-amz-cf-id
pIOqTuPe6P2YPvUeSbUJMGiEBSm4r8pCziBVUjm3RmOx8GC3_wadIQ==
Hawaii-HillMoundVisit-200x200.jpeg
cdn.d1baseball.com/uploads/2023/03/09100935/
26 KB
27 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2023/03/09100935/Hawaii-HillMoundVisit-200x200.jpeg
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7455356008a0713cf45bcd28bdf4ffcdedf1a0f181d240474a0d6dfac77e78d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 15:23:36 GMT
x-amz-version-id
n9K8QhwdI9f9wgpvLLLMj2WErJQPGaUA
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 15:09:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
222011
etag
"b74d1620f3042a2e5ca4f64da860fcd8"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
27127
x-amz-cf-id
B2K_SxYNUNnt3nhPVncl__Q4II3u9YafJdWN82K5r5yVnRALkcim1Q==
JurrangeloCijintje-200x200.jpeg
cdn.d1baseball.com/uploads/2023/03/02175925/
7 KB
7 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2023/03/02175925/JurrangeloCijintje-200x200.jpeg
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2b1a998da72c985f4de8df95636710089babc2a5b2674cad9c6efec32f32486

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 18:32:48 GMT
x-amz-version-id
JzRybbyl7avLLV00FhbP1UjxN7DSO06N
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 22:59:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
729059
etag
"f3885a4c6b2c7cd1dbf628a7558e25cf"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7064
x-amz-cf-id
r7lbdD9wWqQhdwxJJJidCCKk_wEIo4ushU59Ont-f-BOZ790VzlXKw==
OleMiss-KempAldermanHR2-200x200.jpg
cdn.d1baseball.com/uploads/2023/03/04014011/
32 KB
32 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2023/03/04014011/OleMiss-KempAldermanHR2-200x200.jpg
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d66628080bd861870456cc9a761f4fe0420a6789444fdc8ced3366fe80c11cab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 01:12:18 GMT
x-amz-version-id
iQIwLht0Fo.Aw9z8lp0D3.Bcw44kIDm3
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sat, 04 Mar 2023 06:40:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
13888
etag
"69c718730b239710245033ff68b0fb03"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
32538
x-amz-cf-id
gmarVDC4fEZhO9opq153hHRTq_Om_3bkOyPHeBPRkhgVQWYTU3zpag==
Pinckney3-1-200x200.jpeg
cdn.d1baseball.com/uploads/2023/03/10080509/
8 KB
8 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2023/03/10080509/Pinckney3-1-200x200.jpeg
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91e14949e443f1f5c63b2c75b4b9c8563b73d9a3c9abd732873e444f958277df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 13:57:06 GMT
x-amz-version-id
dIe9bPtk0I2rnu_tO0LbAOKMDWzwxuQz
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Fri, 10 Mar 2023 13:05:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
140801
etag
"d6991136621992056841b95db421067e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7752
x-amz-cf-id
LYooxQS_IDaVsctyGT0_cm3CWYoTkgXP8DKhcGy7todxDtCA7nrZ6g==
Highway-To-Hoover-Matt-Michaels-200x200.png
cdn.d1baseball.com/uploads/2023/03/08171911/
50 KB
51 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2023/03/08171911/Highway-To-Hoover-Matt-Michaels-200x200.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d00ec6271ae198f5081287fda85d154c7ee59b01a11b7c50535b0f6918ab25c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 18:12:43 GMT
x-amz-version-id
TwwpKt2cpE2OHnZ9BtMHSTTgugBa3zFV
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Wed, 08 Mar 2023 22:19:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
211864
etag
"2671b31f683c3f5be1f5c5e296afbf77"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
51396
x-amz-cf-id
Ws0n_1Dly5ifsKtZGE7hY4Ht_sD48I8W94hcqPf2xZGtJIAJfwb3IQ==
The-D1Baseball-Podcast-Week-3-Recap-200x200.png
cdn.d1baseball.com/uploads/2023/03/07110003/
32 KB
33 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2023/03/07110003/The-D1Baseball-Podcast-Week-3-Recap-200x200.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a0585c3598e0bb9fc00259dccd5f24fefc1621ecd5de485f2e2206c14997bb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 17:56:38 GMT
x-amz-version-id
7Y1b...Q9QEY1fRtv4c_W1.qgfpcVBoM
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Tue, 07 Mar 2023 16:00:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
385629
etag
"5b2ec39d711e2e057994e9005a3cde8e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
33149
x-amz-cf-id
4zwh8vqjWLZUj_N_BxnZvvQgJhl8U7yM9P6lhAlx5CTZUP8EOQX-pg==
Podcast-Graphics-twitter-with-S2-1000-%C3%97-500-px-1-200x200.png
cdn.d1baseball.com/uploads/2023/02/28084103/
32 KB
33 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2023/02/28084103/Podcast-Graphics-twitter-with-S2-1000-%C3%97-500-px-1-200x200.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
65a9e4b742dd64f35c7c5b2bd342c84f9baf41f9119a11f5ab0d84fb82cc4b6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 15:28:43 GMT
x-amz-version-id
qdurMTnP8zJtOHg9Dm.ZU_2vryPsCuJf
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Tue, 28 Feb 2023 13:41:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
999304
etag
"81b0f858820c58ad9eac2cc628335886"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
33130
x-amz-cf-id
qAo0pr2bNIJMPcn8YD4zMPMUFEqAkz9EDxlmVEI1NbwKdTSTwHNQGQ==
Podcast-Graphics-twitter-with-S2-1000-%C3%97-500-px-200x200.png
cdn.d1baseball.com/uploads/2023/02/21092631/
31 KB
32 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2023/02/21092631/Podcast-Graphics-twitter-with-S2-1000-%C3%97-500-px-200x200.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df2f946d3437d3495aeab386500f1de4a68ca15d5d89ca23f9a1c2d930b90701

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 14:30:52 GMT
x-amz-version-id
yU5ZDU6ownHPmlHZgoYmHGXL7arNChpq
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Tue, 21 Feb 2023 14:26:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
1607575
etag
"aeb0910e5a5f70673e85605f9a910afe"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
31821
x-amz-cf-id
bdZ3mE0ZkLq7XnD1iiV2AkBF9PKTUWRDQZB4nqqWeL4PfScgCTRrTw==
Dollander-200x200.jpeg
cdn.d1baseball.com/uploads/2022/04/03102406/
10 KB
10 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2022/04/03102406/Dollander-200x200.jpeg
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72da95dcd2360d00d8ef3852e23aa8053491a3a7c82b77b1c4d272f7bf7a7e87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 14:31:20 GMT
x-amz-version-id
x4lGML0XVKxYleyl1_CGMZ7ubwN2_Uli
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Thu, 12 Jan 2023 21:20:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
3421947
etag
"03ec26bd7647a59060bfb493426b99d1"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9780
x-amz-cf-id
hBDghJl7T6zYwIMU6RTfui24KN9DgaCcHVhd-UYwO4f-zv-izAJA_w==
Impact-Frosh-200x200.png
cdn.d1baseball.com/uploads/2023/02/17082648/
67 KB
67 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2023/02/17082648/Impact-Frosh-200x200.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a427e95e8011ef43fc9f65de1de4e82762bef6179218569020f66b59b2a9938

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 13:34:49 GMT
x-amz-version-id
gsGW.kRcS4giZoBmLRvZRTaPFXRuXpTH
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Fri, 17 Feb 2023 13:26:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
1956538
etag
"0719b480e0895acf59f4c289d7891a6d"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
68397
x-amz-cf-id
Z2SdjxEJDfzgWh-BVwa1qQvF70nFSf360bCdXEsaOAw5qohuygKG-g==
Big-East-Season-Preview-2023-200x200.png
cdn.d1baseball.com/uploads/2023/01/23195737/
67 KB
68 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2023/01/23195737/Big-East-Season-Preview-2023-200x200.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eab5b9c59d32922ef3f4e87c6d400d0030cbf349103117ff89aef4d4bf4bcb4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 04:15:48 GMT
x-amz-version-id
escb8zHlDJ6AsxZzn8wUYOrOpnEmsY67
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Tue, 24 Jan 2023 00:57:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
2076478
etag
"8b9741a5c4e4ab613c951ff9f73e4f73"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
69102
x-amz-cf-id
i7v2gz8mwaIXPTgiyGnnoHslJgNoUZ121WMMqGtrqvzx2AcEamfXrQ==
Southland-Season-Preview-2023-200x200.png
cdn.d1baseball.com/uploads/2023/01/25081752/
68 KB
68 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2023/01/25081752/Southland-Season-Preview-2023-200x200.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4994b1388a16904d79e209e535b0e541fae8adf7e525bdb1068bc735eb72df80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 15:32:30 GMT
x-amz-version-id
KlKANCB2p1N8tj0Q4loVJY461F0kzOE0
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Wed, 25 Jan 2023 13:17:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
2122277
etag
"fafbf2e17464d738474d35eff3102a43"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
69590
x-amz-cf-id
ybxdzIBSkgCg63cDOvwxif3kCZqpzRX6pVrY2-daP6YbRJgYiIiyFw==
2022-Maryland-Fall-Report-200x200.png
cdn.d1baseball.com/uploads/2022/11/28140917/
64 KB
64 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2022/11/28140917/2022-Maryland-Fall-Report-200x200.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b1be2ad4fd234932009623fe0e95905a53fb434b7cb36a6bc37d3cb3cacc7b05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 04:03:15 GMT
x-amz-version-id
U8QnRo5wsSJ0wF_BbuosmXVZ_J_1r2g.
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Mon, 28 Nov 2022 19:09:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
5965232
etag
"8c014bfe7af67857ea47a721b3ce34fc"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
65364
x-amz-cf-id
egqxM0kpy1v9bP7o22W8Ees84m7bOXsTUSGc6nndlLe8eekfLD2hvQ==
Penn-State-200x200.png
cdn.d1baseball.com/uploads/2022/12/01213718/
72 KB
72 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2022/12/01213718/Penn-State-200x200.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e81ace42ab8d0734bb48cf738e39b6aa77664ba4e6d6c07b6761f0fc921c1d39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 04:03:15 GMT
x-amz-version-id
hF1aJjAynflhQlm7OHba3PpT1rEmHrtO
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Mon, 02 Jan 2023 02:37:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
5965231
etag
"851dbb5811ca737d9770679133c3eb95"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
73709
x-amz-cf-id
RfrxQ5IMbnF8QsWYBMQSjCaIHE3LeK1RO3MUDrs8duTNlRK2Q1knPw==
Baylor-200x200.png
cdn.d1baseball.com/uploads/2022/12/30231106/
52 KB
53 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2022/12/30231106/Baylor-200x200.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39f5028a106bec687259482194c91a0e7274c0fd0bea779ca55ad67731be5998

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 04:57:27 GMT
x-amz-version-id
eIviaU7JyfRCtUzY2bg_dDNMXcUoKzdf
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sat, 31 Dec 2022 04:11:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
6048380
etag
"2082dc2dd5509281bad902c8bbc9aba3"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
53690
x-amz-cf-id
iYR8burXcQeN-5AlvfVg1ThFYJO42V2L-qnSaTJvnj6uRHwORdo_zw==
Pittsburgh-1-200x200.png
cdn.d1baseball.com/uploads/2022/12/31134611/
61 KB
62 KB
Image
General
Full URL
https://cdn.d1baseball.com/uploads/2022/12/31134611/Pittsburgh-1-200x200.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:4:cd41:fa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f3e1aae5b1b48ce7a9c619cd9fbaebde282436c3126edbf4dbe31ba7d8e714c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 21:33:16 GMT
x-amz-version-id
UK.jWlhepeD3LCc_JNKel0pigy5b3ujM
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Sat, 31 Dec 2022 18:46:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
6075031
etag
"c9157ed821fd50adedce4fdad3e4e473"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
62972
x-amz-cf-id
anDJ6KtZa9ABrSA1XpG7258lyUVgLTM-CnEEr_MuXxJHt7vVtoDjeA==
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.6.3/fonts/
70 KB
71 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v4.6.3/fonts/fontawesome-webfont.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/5f8859bdfc.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer
https://use.fontawesome.com/5f8859bdfc.css
Origin
https://d1baseball.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ABSTM7RD04NJWF0Q
age
1906431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
71896
x-amz-id-2
v/M/MobXCQc/7ZQlKXsxRldDOgR2pKKl4yEYyIfsVI1eAHU0/m1uekpuqUSLdp2B6Or3L6Lr6yrShwB6GYL3zA==
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
"e6cf7c6ec7c2d6f670ae9d762604cb0b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xsJG2DXxyZZHar5ljFTaoQuXl8puIhdsZm9GGCEkPI16JMdcszmu3nOn%2Fb6osZ0Rrjc4PNBNAGKpvWvpnoZguy2JFrJl4VK2J%2FxZHP4wXbu8uhiMPtNBR538SYYnTRT3VHSCZ17arGQM%2BcgXpkao07G"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7a697e18ccfdbb65-FRA
api.min.js
a.omappapi.com/app/js/
50 KB
19 KB
Script
General
Full URL
https://a.omappapi.com/app/js/api.min.js
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
50de719051ac450992625c5ff7b3dc8de4a1b2e83be9a088e9e36ab7452e25be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:46 GMT
content-encoding
br
cdn-edgestorageid
723
perma-cache
HIT
cdn-storageserver
DE-168
cdn-cachedat
03/10/2023 12:04:14
cdn-pullzone
293267
last-modified
Wed, 22 Feb 2023 04:22:31 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
542
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"63f59887-c840"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
6e3d122871e89d75d8001ed1016eec1d
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
/
pro.ip-api.com/json/
116 B
272 B
XHR
General
Full URL
https://pro.ip-api.com/json/?key=ZxSSLwZtxrKxQbv&fields=status,countryCode,region,timezone,mobile,continentCode
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
85239d4b77274f8aeb812b71bb4ae42d1f55953eeed17f6eea62110d9378c098

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 12 Mar 2023 05:03:46 GMT
Content-Length
116
Content-Type
application/json; charset=utf-8
gpt.js
securepubads.g.doubleclick.net/tag/js/
79 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.7.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc316eb29d59e9fd6921160cad376f07c89f4b38f1a6eee0d2b1991cf76cd25d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27413
x-xss-protection
0
server
sffe
etag
"1508 / 580 of 1000 / last-modified: 1678489642"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 12 Mar 2023 05:03:46 GMT
prebid-7.35.0.js
cdn.adligature.com/d1b/prod/
334 KB
105 KB
Script
General
Full URL
https://cdn.adligature.com/d1b/prod/prebid-7.35.0.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.7.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
704c6f91b45fb1832efa715c25fc7f70dd72309b3306b7ffc7ea9b60aa9c9a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231
cf-polished
origSize=342916
x-guploader-uploadid
ADPycduOnA1uq1OIfnyqI-5usItSsWXncw9_6nRD-v9acT8uTGmKUaqNtBTospmvD0if10xfa4xu5MjSBA6FH8ehMZ0bJwwicILF
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 09 Mar 2023 21:00:36 GMT
server
cloudflare
etag
W/"67cdd9929c4d70a4947aed828f0c43ab"
vary
Accept-Encoding
x-goog-generation
1678393122759085
content-type
application/javascript
x-goog-hash
crc32c=NsfNRg==, md5=Z83ZkpxNcKSUeu2CjwxDqw==
cache-control
public, max-age=900, s-maxage=300, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0fu67%2BUwLQZP5WUQzIJRbMHCda0T1GskEywhx8MT4CCfbf%2FGsH4bGcRaemqqkZPStZAJlqRhzwvyGcurdSqv7bN%2FHNJO5HhNsrWb%2FsewzbBdKIW1CDTXqAWztqyss9dUWb0Xd1qTIsLMx8mUkRlokX8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
342916
cf-ray
7a697e190b49697b-FRA
expires
Sun, 12 Mar 2023 05:04:55 GMT
apstag.js
c.amazon-adsystem.com/aax2/
222 KB
55 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.7.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e58798939afd607aa76e8be948216df69422fb6cb44d15aa7775e56c51ec4bad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 04:56:42 GMT
content-encoding
gzip
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
last-modified
Wed, 08 Mar 2023 21:18:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
425
x-amz-server-side-encryption
AES256
etag
W/"674325314aec17fac6c83c44b2e5566d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
qNrfKAgTtEWTWNrOiYz2Tdv0e0OHUHGbaFHTIcsi1ReLgHQTrYkCyA==
collect
www.google-analytics.com/j/
4 B
208 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1918949435&t=pageview&_s=1&dl=https%3A%2F%2Fd1baseball.com%2F&ul=en-us&de=UTF-8&dt=D1Baseball.com%20%7C%20College%20Baseball%20Rankings%2C%20Scores%2C%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=84043893&gjid=95381734&cid=729490629.1678597426&tid=UA-58479668-1&_gid=1192175985.1678597426&_r=1&_slc=1&z=1304258569
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://d1baseball.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d1baseball.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
identity.js
connect.facebook.net/signals/plugins/
64 KB
20 KB
Script
General
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.98
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 12 Mar 2023 05:03:46 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20722
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
9iVnBCDV5i7FRWAkm4MhzUNbSI5OaqaGRPfmfv7xd/tJYS2EZNmIBnjf+3Ep8gzFcLIbfjKJrGmLqxKWXXe1rQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
264613638391525
connect.facebook.net/signals/config/
378 KB
108 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/264613638391525?v=2.9.98&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7c0409c113ae3752471908ad06e1956a53ad5ea24efc0f14322a9d5435d29aa1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 12 Mar 2023 05:03:46 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110457
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
ebwrh3Cb14/xbZGjvFAe/0ODbVJxzmJNS977oKvdzeiBsFSNVmmsikppKinBl8WuniM/3+/wUwbBBmxHfxbFFA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
253 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-F18EQH3BTV&gtm=45je3360&_p=1918949435&cid=729490629.1678597426&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678597426&sct=1&seg=0&dl=https%3A%2F%2Fd1baseball.com%2F&dt=D1Baseball.com%20%7C%20College%20Baseball%20Rankings%2C%20Scores%2C%20News&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F18EQH3BTV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d1baseball.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.gif
static.adsafeprotected.com/
43 B
483 B
Image
General
Full URL
https://static.adsafeprotected.com/skeleton.gif?adunitid=xkuoe&adnum=165205
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:8a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 25 Jun 2022 14:52:58 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
22428648
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
WHN2u-eZ9mugNf4iZDz5163a1OPr1Z-oVsQe7CG-ojqOjC2fUZyjyA==
l
use.typekit.net/af/9cb78a/0000000000000000000118ad/27/
16 KB
16 KB
Font
General
Full URL
https://use.typekit.net/af/9cb78a/0000000000000000000118ad/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ade11a781ff76223c32cdda408ec3af85b07a09d566d797fd137bcd65421d928

Request headers

Referer
https://d1baseball.com/
Origin
https://d1baseball.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:46 GMT
server
nginx
etag
"cf85d3e73680abc7bbab8e9752ec31b971a3f801"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16176
l
use.typekit.net/af/b825af/0000000000000000000118b1/27/
15 KB
15 KB
Font
General
Full URL
https://use.typekit.net/af/b825af/0000000000000000000118b1/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a67e86b7f5b03d2017080fb3d210007b67a13df1e74251d3cba316c0e080ceca

Request headers

Referer
https://d1baseball.com/
Origin
https://d1baseball.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:46 GMT
server
nginx
etag
"c8dc9b7e7a1d0662534fe35674f59bb3142931dd"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
15568
l
use.typekit.net/af/c7b613/0000000000000000000118b3/27/
12 KB
12 KB
Font
General
Full URL
https://use.typekit.net/af/c7b613/0000000000000000000118b3/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
5cb70ed14e203084cc29116cd282fbbadf7e874ebd12aab5287c8ec1445152c9

Request headers

Referer
https://d1baseball.com/
Origin
https://d1baseball.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:46 GMT
server
nginx
etag
"e119d8b20050295175f4285945d584b44e89d0a9"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
12396
l
use.typekit.net/af/07d425/0000000000000000000118ae/27/
16 KB
16 KB
Font
General
Full URL
https://use.typekit.net/af/07d425/0000000000000000000118ae/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fdd41ffba3df4d21d5aaf73aa5817fb15bb239339a898a53414110b7b0ba288a

Request headers

Referer
https://d1baseball.com/
Origin
https://d1baseball.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:46 GMT
server
nginx
etag
"d038eff6f73f292c84ff43085f4ad08652af9ca0"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
15984
l
use.typekit.net/af/9a7284/0000000000000000000118b2/27/
16 KB
16 KB
Font
General
Full URL
https://use.typekit.net/af/9a7284/0000000000000000000118b2/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8e1c33c0f88a3dd3265fceb76050c2798b6696e66f8ff91806263d462e2d2bcb

Request headers

Referer
https://d1baseball.com/
Origin
https://d1baseball.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:46 GMT
server
nginx
etag
"85bbbfea98994dc4faf11bfe26b4b54e92ebf9e3"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
15992
l
use.typekit.net/af/5b1404/0000000000000000000118b4/27/
13 KB
14 KB
Font
General
Full URL
https://use.typekit.net/af/5b1404/0000000000000000000118b4/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i9&v=3
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
62b193a7068a1b0cb384e685c05033c344ef2f1e0c50e299fc6f974c7dc24dde

Request headers

Referer
https://d1baseball.com/
Origin
https://d1baseball.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:46 GMT
server
nginx
etag
"3b1b7123f2952bf28691a9bd41d1288af2d22805"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13820
collect
stats.g.doubleclick.net/j/
4 B
348 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-58479668-1&cid=729490629.1678597426&jid=84043893&gjid=95381734&_gid=1192175985.1678597426&_u=IEBAAEAAAAAAACAAI~&z=1899482338
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://d1baseball.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 12 Mar 2023 05:03:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d1baseball.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
api.min.css
a.omappapi.com/app/js/
18 KB
3 KB
Stylesheet
General
Full URL
https://a.omappapi.com/app/js/api.min.css
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:46 GMT
content-encoding
br
cdn-edgestorageid
755
perma-cache
HIT
cdn-storageserver
DE-197
cdn-cachedat
03/10/2023 12:04:14
cdn-pullzone
293267
last-modified
Wed, 22 Feb 2023 04:22:39 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
569
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"63f5988f-464c"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
8d1abf0a49cbce3efa2cef29ae1948c1
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
2023-players.json
d1baseball.com/wp-content/themes/d1-wp/data/
2 MB
345 KB
XHR
General
Full URL
https://d1baseball.com/wp-content/themes/d1-wp/data/2023-players.json?v=1678530726
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37df023c2038ebaf1a80b917b7a1b1a881bef6c076f971424f30356c89b4a5a9
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://d1baseball.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:46 GMT
content-security-policy
default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43090
content-encoding
br
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 11 Mar 2023 10:32:06 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQ19DRV4eyIN%2BCU02Kg456%2B5U2ttd4%2FLUVmXmHKlKuDMyQVtg7VRUyJRjYcZeO%2BiDOv9nHpsn1MLO7CyKTnliHIHuHr2hz%2FnzGnFcmEwCcV40Hlx%2B%2FT0bpRaohyiRQLW"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=43200
permissions-policy
fullscreen=()
cf-ray
7a697e1a0d589243-FRA
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
XEGmc9MeWOPeqjC.bMBvPzs7I4WH7xPz
content-encoding
gzip
via
1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
date
Sun, 12 Mar 2023 02:03:58 GMT
x-amz-cf-pop
FRA56-P6
age
10789
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 03 Mar 2023 23:20:46 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
W7ppU3H6uYp7vtJ3N9fwmPfYG1UN_YcTf2c_rB0-7Seci2JFkyEDgA==
pubads_impl_2023030701.js
securepubads.g.doubleclick.net/gpt/
394 KB
133 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072971
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fbb7dc619788ae13aec18ac90445854ead7eafa6262fe5bd343485f9be7e49a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 15:04:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136771
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136160
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 09:35:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 09 Mar 2024 15:04:15 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
2 KB
570 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=d1baseball.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
804f76250ea78fa365e95e46e454121f76e56e7734d6e81423e793a1c44a519e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
545
x-xss-protection
0
expires
Sun, 12 Mar 2023 05:03:46 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=264613638391525&ev=PageView&dl=https%3A%2F%2Fd1baseball.com%2F&rl=&if=false&ts=1678597426339&cd[source]=woocommerce&cd[version]=7.4.1&cd[pluginVersion]=3.0.14&sw=1600&sh=1200&v=2.9.98&r=stable&a=woocommerce-7.4.1-3.0.14&ec=0&o=30&cs_est=true&fbp=fb.1.1678597426338.1566568398&it=1678597426146&coo=false&rqm=GET
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 12 Mar 2023 05:03:46 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-58479668-1&cid=729490629.1678597426&jid=84043893&_u=IEBAAEAAAAAAACAAI~&z=1477713240
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-58479668-1&cid=729490629.1678597426&jid=84043893&_u=IEBAAEAAAAAAACAAI~&z=1477713240
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p.gif
p.typekit.net/
35 B
228 B
Image
General
Full URL
https://p.typekit.net/p.gif?s=1&k=kot7gpi&ht=tk&h=d1baseball.com&f=12784.12786.12787.12788.12790.12791&a=4509883&js=1.21.0&app=typekit&e=js&_=1678597426349
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

unused62
8096267
date
Sun, 12 Mar 2023 05:03:46 GMT
last-modified
Sat, 09 Oct 2021 02:10:03 GMT
server
nginx
etag
"6160f9fb-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
config
c.amazon-adsystem.com/cdn/prod/
1 KB
2 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fd1baseball.com&pubid=7e29cf92-dbd2-479a-865a-9cb3658a40f8
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
9df028f2af5affc6b975358132525b34018522d0e5ee9e61676fc6fd75e14a97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 02:24:03 GMT
via
1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
9583
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://d1baseball.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1223
x-amz-cf-id
a_zCWaW3ykGY9QsgL1Gk5qRxEaC5ohx0Hr1hQNMmCBq59dnw6Nz3pw==
op.js
tagan.adlightning.com/advally-d1baseball/
45 KB
18 KB
Script
General
Full URL
https://tagan.adlightning.com/advally-d1baseball/op.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.7.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce545c77552e78e7d59dd03b75c3ab950b77c4adf2ca984f78a3d8df8662e885

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
grYlCkXXMF_kjmJ9LTdZ0uBuXc57ldee
content-encoding
gzip
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
date
Sun, 12 Mar 2023 04:08:47 GMT
x-amz-cf-pop
FRA60-P4
age
3301
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
17965
x-amz-meta-git_commit
89d2da9
last-modified
Fri, 10 Mar 2023 20:53:00 GMT
server
AmazonS3
etag
"ca897d848f705e033e35dab69b49d7bf"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
7tS-ajnqj4uz1tIBInDX3c6F3HaRi6JVr7UcYT14hcaKrqmHDwLsAg==
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa68e17fb13028f96c0d5b38fcf7006182894eb694625f9dedf5824d5066a5f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.de/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=d1baseball.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=d1baseball.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
22 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4499537524418107&correlator=339006376070513&eid=31072854%2C31072971%2C31072990%2C31071975&output=ldjh&gdfp_req=1&vrg=2023030701&ptt=17&impl=fif&iu_parts=22812648954%2Cd1baseball.com%2CWunderkind-1x1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=673248171&sfv=1-0-40&prev_scp=rand_key%3D2&eri=1&cust_params=subcategory%3Dhomepage-D1BB%26refid%3D2%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1678597427028&lmt=1678597327&dlt=1678597425747&idt=1195&adxs=180&adys=4191&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fd1baseball.com%2F&frm=20&vis=1&psz=1240x0&msz=1240x0&fws=0&ohw=0&ga_vid=729490629.1678597426&ga_sid=1678597427&ga_hid=1918949435&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJGE3NDdmOTQ3LWM3NmMtNDk5Zi04ZjU3LWQzMTdmYjk3OTM2MlgB
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ef9ea0486ab4a340089b70c5102bdf6fa53360ba62553958f671570ecaa7122
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10010
x-xss-protection
0
google-lineitem-id
6225270472
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138422927319
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://d1baseball.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 555C
6 KB
3 KB
Document
General
Full URL
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d1baseball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Mar 2023 05:03:47 GMT
expires
Mon, 11 Mar 2024 05:03:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ Frame 8838
0
71 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://d1baseball.com
Referer
https://d1baseball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://d1baseball.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Sun, 12 Mar 2023 05:03:47 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
sync.min.js
tags.crwdcntrl.net/lt/c/16576/
37 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-9.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42f769644193a8af8891745259d73a8d2fef4b06b4f168ff4a71b62bd1252218

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 18:30:08 GMT
content-encoding
gzip
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified
Wed, 08 Mar 2023 18:15:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
38020
x-amz-server-side-encryption
AES256
etag
W/"389a66ce564537af5358b53090165d80"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
AyqKNJ5_RV-sgJCdSaylv58dGxs98jyHY0Z5PYw7wXIkNc8akUhvlw==
id5-api.js
cdn.id5-sync.com/api/1.0/
58 KB
17 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 13 Feb 2023 11:21:55 GMT
server
cloudflare
x-amz-request-id
SQQ01Z9JQ2X0Q04P
age
3576
etag
W/"7586740695219e27c1483ac351f18884"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7a697e1f581e929b-FRA
x-amz-id-2
9mfacHXsfrNb0nh/bKgfNDWgpWM/DnG78sRy8g8SKTGCVhYL3R5leZAmVI4LnoP0JCkeJ7H+1RQ=
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/
0
456 B
XHR
General
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.95.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-95-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d1baseball.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 12 Mar 2023 05:03:47 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame
0
0
Preflight
General
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.95.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-95-202.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://d1baseball.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 12 Mar 2023 05:03:47 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
23 B
462 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fd1baseball.com%2F&pid=Bc3hmSI90Zekl&cb=0&ws=1600x1200&v=23.303.721&t=900&slots=%5B%7B%22sd%22%3A%22advally-adhesion-slot%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22812648954%2Fd1baseball.com%2FBottom_Adhesion_banner%22%7D%2C%7B%22sd%22%3A%22TOP-Leaderboard%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F22812648954%2Fd1baseball.com%2Fheader_LB1%22%7D%2C%7B%22sd%22%3A%22AdvallyTag-d1b-728x90-1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22812648954%2Fd1baseball.com%2FInline_banner-1%22%7D%2C%7B%22sd%22%3A%22AdvallyTag-d1b-728x90-2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22812648954%2Fd1baseball.com%2FInline_banner-2%22%7D%2C%7B%22sd%22%3A%22AdvallyTag-d1b-728x90-3%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22812648954%2Fd1baseball.com%2FInline_banner-3%22%7D%2C%7B%22sd%22%3A%22AdvallyTag-d1b-728x90-4%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22812648954%2Fd1baseball.com%2FInline_banner-4%22%7D%2C%7B%22sd%22%3A%22Sidebar-MPU-1%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F22812648954%2Fd1baseball.com%2FSidebar_MPU1%22%7D%2C%7B%22sd%22%3A%22Sidebar-MPU-2%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F22812648954%2Fd1baseball.com%2FSidebar_MPU2%22%7D%5D&schain=1.0%2C1!advally.com%2CP26S33%2C1%2C%2C%2C&pubid=7e29cf92-dbd2-479a-865a-9cb3658a40f8&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A2000%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.94.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-94-230.fra50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:47 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
AFZJJG5QJNJ0P9W7JSH5
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://d1baseball.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
qZHvNIbe7mFXe0_ha6YJNLr5uSIiZVxLlYzQFr9zTomRXftfih3OxA==
ads
securepubads.g.doubleclick.net/gampad/
18 KB
8 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4499537524418107&correlator=2604799384223082&eid=31072854%2C31072971%2C31072990%2C31071975&output=ldjh&gdfp_req=1&vrg=2023030701&ptt=17&impl=fif&iu_parts=22812648954%2Cd1baseball.com%2CBottom_Adhesion_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&adks=808825833&sfv=1-0-40&prev_scp=rand_key%3D2&eri=1&cust_params=subcategory%3Dhomepage-D1BB%26refid%3D2%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1678597427107&lmt=1678597327&dlt=1678597425747&idt=1195&adxs=436&adys=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fd1baseball.com%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=729490629.1678597426&ga_sid=1678597427&ga_hid=1918949435&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJGE3NDdmOTQ3LWM3NmMtNDk5Zi04ZjU3LWQzMTdmYjk3OTM2MlgB
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
08d0b1b48ad1a845522a8a41c2cc865c91f03ecf3097ac80d911804a52bf357a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8420
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://d1baseball.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
18 KB
8 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4499537524418107&correlator=2604799384223082&eid=31072854%2C31072971%2C31072990%2C31071975&output=ldjh&gdfp_req=1&vrg=2023030701&ptt=17&impl=fif&iu_parts=22812648954%2Cd1baseball.com%2Cheader_LB1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90&fluid=height&ifi=3&adks=3176910375&sfv=1-0-40&prev_scp=rand_key%3D2&eri=1&cust_params=subcategory%3Dhomepage-D1BB%26refid%3D2%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1678597427113&lmt=1678597327&dlt=1678597425747&idt=1195&adxs=200&adys=822&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fd1baseball.com%2F&frm=20&vis=1&psz=1200x90&msz=1200x0&fws=4&ohw=1300&ga_vid=729490629.1678597426&ga_sid=1678597427&ga_hid=1918949435&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJGE3NDdmOTQ3LWM3NmMtNDk5Zi04ZjU3LWQzMTdmYjk3OTM2MlgB
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f07d06b027cc20cc28930a75f2848bfba8c904d0130164af1d1372a619237fb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8236
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://d1baseball.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
18 KB
8 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4499537524418107&correlator=2604799384223082&eid=31072854%2C31072971%2C31072990%2C31071975&output=ldjh&gdfp_req=1&vrg=2023030701&ptt=17&impl=fif&iu_parts=22812648954%2Cd1baseball.com%2CInline_banner-1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=4&adks=3113599983&sfv=1-0-40&prev_scp=rand_key%3D2&eri=1&cust_params=subcategory%3Dhomepage-D1BB%26refid%3D2%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1678597427118&lmt=1678597327&dlt=1678597425747&idt=1195&adxs=266&adys=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fd1baseball.com%2F&frm=20&vis=1&psz=860x15&msz=728x15&fws=4&ohw=860&ga_vid=729490629.1678597426&ga_sid=1678597427&ga_hid=1918949435&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJGE3NDdmOTQ3LWM3NmMtNDk5Zi04ZjU3LWQzMTdmYjk3OTM2MlgB
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7474e01002813cfba15a5d7b34256c03bda6945a8386ef38e6a7beb36fac9b6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8430
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://d1baseball.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
18 KB
8 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4499537524418107&correlator=2604799384223082&eid=31072854%2C31072971%2C31072990%2C31071975&output=ldjh&gdfp_req=1&vrg=2023030701&ptt=17&impl=fif&iu_parts=22812648954%2Cd1baseball.com%2CInline_banner-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=5&adks=1584772732&sfv=1-0-40&prev_scp=rand_key%3D2&eri=1&cust_params=subcategory%3Dhomepage-D1BB%26refid%3D2%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1678597427120&lmt=1678597327&dlt=1678597425747&idt=1195&adxs=266&adys=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fd1baseball.com%2F&frm=20&vis=1&psz=860x15&msz=728x15&fws=4&ohw=860&ga_vid=729490629.1678597426&ga_sid=1678597427&ga_hid=1918949435&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJGE3NDdmOTQ3LWM3NmMtNDk5Zi04ZjU3LWQzMTdmYjk3OTM2MlgB
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15ecfba35cf32e2444a97e58312d61104aaac6eb6c80028df974febe1776b776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8386
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://d1baseball.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
18 KB
8 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4499537524418107&correlator=2604799384223082&eid=31072854%2C31072971%2C31072990%2C31071975&output=ldjh&gdfp_req=1&vrg=2023030701&ptt=17&impl=fif&iu_parts=22812648954%2Cd1baseball.com%2CInline_banner-3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=6&adks=3636169652&sfv=1-0-40&prev_scp=rand_key%3D2&eri=1&cust_params=subcategory%3Dhomepage-D1BB%26refid%3D2%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1678597427123&lmt=1678597327&dlt=1678597425747&idt=1195&adxs=266&adys=2343&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fd1baseball.com%2F&frm=20&vis=1&psz=860x15&msz=728x15&fws=4&ohw=860&ga_vid=729490629.1678597426&ga_sid=1678597427&ga_hid=1918949435&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJGE3NDdmOTQ3LWM3NmMtNDk5Zi04ZjU3LWQzMTdmYjk3OTM2MlgB
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4dc202afbb150983375a541b3857d81be1f46c351ffacfc362e432a806e1e30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8247
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://d1baseball.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
36 KB
16 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4499537524418107&correlator=2604799384223082&eid=31072854%2C31072971%2C31072990%2C31071975&output=ldjh&gdfp_req=1&vrg=2023030701&ptt=17&impl=fif&iu_parts=22812648954%2Cd1baseball.com%2CInline_banner-4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=7&adks=3301462626&sfv=1-0-40&prev_scp=rand_key%3D2&eri=1&cust_params=subcategory%3Dhomepage-D1BB%26refid%3D2%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1678597427128&lmt=1678597327&dlt=1678597425747&idt=1195&adxs=266&adys=2866&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fd1baseball.com%2F&frm=20&vis=1&psz=860x15&msz=728x15&fws=4&ohw=860&ga_vid=729490629.1678597426&ga_sid=1678597427&ga_hid=1918949435&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJGE3NDdmOTQ3LWM3NmMtNDk5Zi04ZjU3LWQzMTdmYjk3OTM2MlgB
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8c803b4ebcbfdcdcb4eb9c9276ec2642bf38e527bf6cc6aa7a5640ae431541f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
496420
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16266
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
855418
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://d1baseball.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
18 KB
8 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4499537524418107&correlator=2604799384223082&eid=31072854%2C31072971%2C31072990%2C31071975&output=ldjh&gdfp_req=1&vrg=2023030701&ptt=17&impl=fif&iu_parts=22812648954%2Cd1baseball.com%2CSidebar_MPU1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&ifi=8&adks=1366359942&sfv=1-0-40&prev_scp=rand_key%3D2&eri=1&cust_params=subcategory%3Dhomepage-D1BB%26refid%3D2%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1678597427132&lmt=1678597327&dlt=1678597425747&idt=1195&adxs=1090&adys=1154&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fd1baseball.com%2F&frm=20&vis=1&psz=340x2938&msz=310x0&fws=4&ohw=1300&ga_vid=729490629.1678597426&ga_sid=1678597427&ga_hid=1918949435&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJGE3NDdmOTQ3LWM3NmMtNDk5Zi04ZjU3LWQzMTdmYjk3OTM2MlgB
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
97400ee56ee0bc49966b49ecbac4cc913b4e0112728271fcfb3aa5c18a5f7573
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8431
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://d1baseball.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
791 B
427 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4499537524418107&correlator=2604799384223082&eid=31072854%2C31072971%2C31072990%2C31071975&output=ldjh&gdfp_req=1&vrg=2023030701&ptt=17&impl=fif&iu_parts=22812648954%2Cd1baseball.com%2CSidebar_MPU2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&ifi=9&adks=2625186712&sfv=1-0-40&prev_scp=rand_key%3D2&eri=1&cust_params=subcategory%3Dhomepage-D1BB%26refid%3D2%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1678597427135&lmt=1678597327&dlt=1678597425747&idt=1195&adxs=1090&adys=3298&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fd1baseball.com%2F&frm=20&vis=1&psz=340x2938&msz=310x0&fws=4&ohw=1300&ga_vid=729490629.1678597426&ga_sid=1678597427&ga_hid=1918949435&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJGE3NDdmOTQ3LWM3NmMtNDk5Zi04ZjU3LWQzMTdmYjk3OTM2MlgB
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4f5a45f990b75fbd082c3cfcb8569dbe5e58b585345d8f02ad29c2df2a8a1ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
396
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://d1baseball.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 12:51:01 GMT
content-encoding
gzip
age
2304766
x-guploader-uploadid
ADPycdvujfU_oLUmNVqI4f5BZnpSVte8PDLotLNZgvFd0cC54eAGvZm9f8-b4dRZmf4BnqGEW6yytSvFJRHHxFr_uK-ecw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Tue, 13 Feb 2024 12:51:01 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/
2 KB
2 KB
Script
General
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072971
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 01:16:29 GMT
Via
1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Jan 2023 04:07:36 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
13639
ETag
"aded621b17723f487b3c9d0e43cf2f94"
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1859
X-Amz-Cf-Id
oQKGtE8ZErc5t0PxMPKYNUXijwOeiV8hoYIKSlgagBDR-0XT6ObJ4g==
view
securepubads.g.doubleclick.net/pcs/ Frame B351
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7vI0WpiwsemP1agBYhm_GciabuQL9rxuHjzTfauhUpWo8Z5KEHr6fzERLmvoUzY4mEj5nNFI-OvpW7sUH9SzQ2qD7_WaTXLWz5sNBXza2IJgm1Vlpq0mF5tITdTz9l_JgLgMxDBkxWZ4kWBpkfcKkI5bVS3bozGUEXSeDoQ7dwrDlcK4PahsuUV3E5GI-CtnKObxfXeY7AImiAfjSRXOHs00ISRbCJ256AItU5sCKo8EbVnrKFD8szSA5AKng-wAxolRSEdRjjg4qzlelW_jo_xNzNckwaHCB9MosVrc-8BnJ5VaTcJAVE2gBg6SqcBwWsVwdiyV51Ierkpj5f-Vzuiw2pA&sai=AMfl-YSXhk0DFJrpIcJDoKCmN7eg7VDR0mj4kgzAKMA09j6tT5fShu_m7QRxStci_aRrfDCCDe_9Z-sLs45LQs2o46vCluXXXJ0e_yD40vfBVi_nIG-eHLcFNqjMrkhrBsAB-ZO8FVL90e9xfqzBbdc&sig=Cg0ArKJSzIeR-DkRl0iHEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 12 Mar 2023 05:03:47 GMT
iframebuster.js
assets.bounceexchange.com/assets/bounce/ Frame B351
2 KB
1 KB
Script
General
Full URL
https://assets.bounceexchange.com/assets/bounce/iframebuster.js?bx_tracker=https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjss7vI0WpiwsemP1agBYhm_GciabuQL9rxuHjzTfauhUpWo8Z5KEHr6fzERLmvoUzY4mEj5nNFI-OvpW7sUH9SzQ2qD7_WaTXLWz5sNBXza2IJgm1Vlpq0mF5tITdTz9l_JgLgMxDBkxWZ4kWBpkfcKkI5bVS3bozGUEXSeDoQ7dwrDlcK4PahsuUV3E5GI-CtnKObxfXeY7AImiAfjSRXOHs00ISRbCJ256AItU5sCKo8EbVnrKFD8szSA5AKng-wAxolRSEdRjjg4qzlelW_jo_xNzNckwaHCB9MosVrc-8BnJ5VaTcJAVE2gBg6SqcBwWsVwdiyV51Ierkpj5f-Vzuiw2pA%26sai%3DAMfl-YSXhk0DFJrpIcJDoKCmN7eg7VDR0mj4kgzAKMA09j6tT5fShu_m7QRxStci_aRrfDCCDe_9Z-sLs45LQs2o46vCluXXXJ0e_yD40vfBVi_nIG-eHLcFNqjMrkhrBsAB-ZO8FVL90e9xfqzBbdc%26sig%3DCg0ArKJSzIeR-DkRl0iHEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3D
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
329c9c7026d1c9423b642686137df4cd4e720aecb0059ed286a5bb1b520b9fc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 18:22:44 GMT
content-encoding
gzip
age
38463
x-guploader-uploadid
ADPycdtA6rKyzIghgrtTEQDa--LhPjIgdJx-fSgHQYFr4FVBr6DLB0rwTxR9ruthlEAu2xqqrDtMDLXHzLuNpm6CgWa0Vr7bmZdG
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
970
last-modified
Wed, 08 Mar 2023 20:15:31 GMT
server
UploadServer
etag
"d0db4b1801062807952b4258fb92afdd"
vary
Accept-Encoding
x-goog-generation
1678306531425434
x-goog-hash
crc32c=rkV5WA==, md5=0NtLGAEGKAeVK0JY+5Kv3Q==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
970
accept-ranges
bytes
content-type
text/javascript; charset=UTF-8
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B351
158 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49657
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678278820084806"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Mar 2023 05:03:47 GMT
b-89d2da9-6aa60190.js
tagan.adlightning.com/advally-d1baseball/
97 KB
36 KB
Script
General
Full URL
https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c95cbf7c131612add055a1924a6084e70b87b1a2f5cda609124b19322b70d9f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:08:25 GMT
content-encoding
gzip
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-version-id
pmyR7n3eTnLGjxxgCm1YfQ53hgx.m0Gi
x-amz-cf-pop
FRA60-P4
age
1515323
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
36150
x-amz-meta-git_commit
89d2da9
last-modified
Wed, 22 Feb 2023 15:55:07 GMT
server
AmazonS3
etag
"6102e53490416441d5e28777be3cc3a8"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
IvjFv3FzYLQ4ohBmJ36LhnyQ-ioQTc_9F1Glox_aYsJsjkqAFx06Sg==
bl-e5e97ea-9cadcc5c.js
tagan.adlightning.com/advally-d1baseball/
53 KB
23 KB
Script
General
Full URL
https://tagan.adlightning.com/advally-d1baseball/bl-e5e97ea-9cadcc5c.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40e7881b36ca7ef7d318a44967dd2a8608f4f83b3f095d871de488b5970c9166

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 20:53:22 GMT
content-encoding
gzip
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-version-id
VqD_eZHhcEOlVARhw1xgrItzxxeIdRM9
x-amz-cf-pop
FRA60-P4
age
115826
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
23408
x-amz-meta-git_commit
e5e97ea
last-modified
Fri, 10 Mar 2023 20:52:37 GMT
server
AmazonS3
etag
"3c5dd782ad9ecfdba28ab297ae71ced6"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
72OBTsTB4KYMy5T0bHUrUxH7iLJQCcVrWrUE5eA1zvQ142RxtkNtnQ==
v2xpgNOcK1q5KrOGxwDywR1smfqjE5t7jzhh0zIUCcv3xvCTYjzTaUFC-pFbhBAJCNR-xF8m0yw
cautiouscredit.com/
206 B
233 B
Fetch
General
Full URL
https://cautiouscredit.com/v2xpgNOcK1q5KrOGxwDywR1smfqjE5t7jzhh0zIUCcv3xvCTYjzTaUFC-pFbhBAJCNR-xF8m0yw
Requested by
Host: cautiouscredit.com
URL: https://cautiouscredit.com/v2/0/ofn6lcsQQzXbD7aZHPwBvKWt9uBba7Dz3N8nc8EZqVcfoSbvUdtaGhogiH_TaYO6pOJzg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
5efe778f9887e53ee7ceb3425102bfb2f51c953b46093e509856ac8c170f976d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://d1baseball.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sun, 12 Mar 2023 05:03:47 GMT
via
1.1 google
x-buildnumber
787370472
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://d1baseball.com
x-hostname
fen-hoothoot-europe-west1-blst
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sun, 12 Mar 2023 05:03:46 GMT
map
bcp.crwdcntrl.net/6/
60 B
334 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.217.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-217-141.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c4136bff9d34e01a3fb1f1459d3b66b6e0d14c81a4d5c880c042c7cb8a9f91ac

Request headers

Referer
https://d1baseball.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:47 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://d1baseball.com
cache-control
no-cache
x-server
10.45.29.191
access-control-allow-credentials
true
content-length
60
expires
0
v1
lb.eu-1-id5-sync.com/lb/
33 B
401 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
1900b69cc8483b8bc2f0aad23051a47d3eabf3c8f98364dbc3de221f6853d7d8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://d1baseball.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://d1baseball.com
date
Sun, 12 Mar 2023 05:03:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fd1baseball.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fd1baseball.com%2F&rid=esp&cc=1
85 B
203 B
Fetch
General
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fd1baseball.com%2F&rid=esp&cc=1
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
99b84324eae8bc4063375495892edf2ce5616e4ac8d09531ea31088a860b6ded

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:47 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-0SDJ4OsRGgLRcSE+4MPf0BW7J6M"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://d1baseball.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Sun, 12 Mar 2023 05:03:47 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://d1baseball.com
location
/esp?url=https%3A%2F%2Fd1baseball.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
i.js
tag.bounceexchange.com/4798/
3 KB
2 KB
Script
General
Full URL
https://tag.bounceexchange.com/4798/i.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
507c7250034a616ad2441c580ac5735302241f0247c312b30c0eaf895d8ddae8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 04:56:26 GMT
content-encoding
gzip
via
1.1 google
age
441
x-envoy-upstream-service-time
0
x-region
us-central1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1630
server
istio-envoy
etag
aaccf0c2ef8ae9
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=60
timing-allow-origin
*
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect
truncated
/ Frame B351
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe748d17db7faaf0b817f622f02501378e0fc02cb2c925b85052e0f3ef91153a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame B351
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnl9dPc4fbynKvVHQPCzizDR7aIZpB4362EKQFrdYKYRkp_eNp_T8oMhdInII4L1Qhz0gLyPaUzanL_PZxPGH1FRtMvMzj_ESwEF3dbwAacrHz51MTkja7VJMxMjGL9NyPHLeeL7fDyo90nsmUnBuqn45OqyIUvJrFrIHKwqRFV5wGfONnPxAJI7JlB2hPhxbYRTrAbdK6ew3nfazy5YofFCycvtmCPhGH_g0gR9z_Or_Js_bOw9s3FIeDpNnZiK4e9Vt_imLC6edyZYWxjkv-KawNBW0lgrmDfZanBLI7ySZ7vKayqcG2j1zumZKD46a84lvQzKJCb0pqUuS3hnF-vi59Wi1G&sai=AMfl-YQdDjIqikkVD1EgUcFcEABhSW0sGifvxhahm5XpOLIKcNKDH9WMZz1nlipB68gZDemPVTC2L5GQpq9YWyQ7aTxYNJFiKbt6JjgEzhwaWeY-OrN0mjMu9wDcqyJuanBcSA9pXbx4fMJqNSXkpsM&sig=Cg0ArKJSzFGvyIxmwFLTEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 12 Mar 2023 05:03:47 GMT
1102.json
id5-sync.com/g/v2/
216 B
624 B
XHR
General
Full URL
https://id5-sync.com/g/v2/1102.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
fc299ccb7f231da26440dc6dd1fe5898bfaffc33197fe8cdd713eefafe4866fd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://d1baseball.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://d1baseball.com
date
Sun, 12 Mar 2023 05:03:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
container.html
ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DA66
6 KB
3 KB
Document
General
Full URL
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d1baseball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Mar 2023 05:03:47 GMT
expires
Mon, 11 Mar 2024 05:03:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
v2wevYolxZ_th8PEoj7hSGTNY9Tlfl4jiFDhX2j_xA1iuOB9Lwtp6PWMh-3M3q9-FiboiPzPlVg
cautiouscredit.com/
3 B
27 B
Fetch
General
Full URL
https://cautiouscredit.com/v2wevYolxZ_th8PEoj7hSGTNY9Tlfl4jiFDhX2j_xA1iuOB9Lwtp6PWMh-3M3q9-FiboiPzPlVg
Requested by
Host: cautiouscredit.com
URL: https://cautiouscredit.com/v2/0/ofn6lcsQQzXbD7aZHPwBvKWt9uBba7Dz3N8nc8EZqVcfoSbvUdtaGhogiH_TaYO6pOJzg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://d1baseball.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sun, 12 Mar 2023 05:03:47 GMT
via
1.1 google
x-buildnumber
787370472
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://d1baseball.com
x-hostname
fen-hoothoot-europe-west1-blst
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
bl-e5e97ea-9cadcc5c.js
tagan.adlightning.com/advally-d1baseball/ Frame DA66
53 KB
23 KB
Script
General
Full URL
https://tagan.adlightning.com/advally-d1baseball/bl-e5e97ea-9cadcc5c.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40e7881b36ca7ef7d318a44967dd2a8608f4f83b3f095d871de488b5970c9166

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 20:53:22 GMT
content-encoding
gzip
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-version-id
VqD_eZHhcEOlVARhw1xgrItzxxeIdRM9
x-amz-cf-pop
FRA60-P4
age
115826
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
23408
x-amz-meta-git_commit
e5e97ea
last-modified
Fri, 10 Mar 2023 20:52:37 GMT
server
AmazonS3
etag
"3c5dd782ad9ecfdba28ab297ae71ced6"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ZRIF6L7nHR6mIPLhNY5IMrNYLxs-IjGlYK6r6PRNYEWv7pfOc1YgXQ==
b-89d2da9-6aa60190.js
tagan.adlightning.com/advally-d1baseball/ Frame DA66
97 KB
36 KB
Script
General
Full URL
https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c95cbf7c131612add055a1924a6084e70b87b1a2f5cda609124b19322b70d9f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:08:25 GMT
content-encoding
gzip
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-version-id
pmyR7n3eTnLGjxxgCm1YfQ53hgx.m0Gi
x-amz-cf-pop
FRA60-P4
age
1515323
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
36150
x-amz-meta-git_commit
89d2da9
last-modified
Wed, 22 Feb 2023 15:55:07 GMT
server
AmazonS3
etag
"6102e53490416441d5e28777be3cc3a8"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
k7JmUxzRpTCZpdQWBeLeWFcgYZq5k2qaA5WqKqymlva39aXexXcEJg==
gen_204
pagead2.googlesyndication.com/pagead/ Frame DA66
42 B
173 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cp2FQtMWusZ98ooKuuWdcrtF5qaUIwpwObT0dSTTzKHnIRQ2HYF4FNQAanZdOmKwHFQREGAX7nLOzPkmmMfSZVDQnL6srxfojzyuwK-EgFQuqpaVs
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DA66
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5296266378636369075&x=1&ct=76
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame DA66
78 KB
28 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27790
x-xss-protection
0
server
cafe
etag
3677590245327912432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 12 Mar 2023 05:03:47 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame DA66
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 17:32:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
41464
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 17:32:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame DA66
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 17:32:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
41460
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 17:32:47 GMT
l
www.google.com/ads/measurement/ Frame DA66
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSbVVLaxPOTPoQhcIWf4aoCiRURaaeO6SdtrO4PiCWFD-Qn1uliQyaifppetyfJqybIaaOIThUAVkAde6ZdzfSxxXTFxA
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DA66
158 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49657
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678278820084806"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Mar 2023 05:03:47 GMT
main_f8216d0602277e8f456d8bf82fa4aa07.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/
377 KB
74 KB
Script
General
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/main_f8216d0602277e8f456d8bf82fa4aa07.br.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f9be09bc2d5b8d41fc355ec0499577745a8b6cf1a2ca2ce01805c8139ea37aaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 19:45:17 GMT
content-encoding
br
age
33510
x-guploader-uploadid
ADPycdtJ_R9RVnF6r0ckyrewLtROYNSBR45_U5V6J5WbXpIwED14q_MjWs92NXSxTZk2VIaSFaKFQFYIS_kzi0vCAuUUw2lIngSd
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75561
last-modified
Wed, 08 Mar 2023 20:15:44 GMT
server
UploadServer
etag
"2a815015d69c34e66db741c12c9a8a57"
x-goog-generation
1678306544954969
x-goog-hash
crc32c=TP3Lkw==, md5=KoFQFdacNOZtt0HBLJqKVw==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
75561
accept-ranges
bytes
content-type
text/javascript
pd
google-bidout-d.openx.net/w/1.0/ Frame 751E
0
176 B
Document
General
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d1baseball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 12 Mar 2023 05:03:47 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
container.html
ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EF85
6 KB
3 KB
Document
General
Full URL
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d1baseball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Mar 2023 05:03:47 GMT
expires
Mon, 11 Mar 2024 05:03:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
onsite_bda9c9f9310c72a80bd530888378f236.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/
164 KB
35 KB
Script
General
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite_bda9c9f9310c72a80bd530888378f236.br.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
98cb2f58c80faff9b6cd08f75a63eaf3571569e011d550c56274586fd65d0547

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:04:17 GMT
content-encoding
br
age
82770
x-guploader-uploadid
ADPycduil7rXxe-uHi8PrsPPvU2gH2uMD-_ZgfRf3NkQK2lq3gsEkoB8CxKu6cv_UPqb48BW5PKUVQJqkJa8G375ipo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35592
last-modified
Wed, 08 Mar 2023 20:15:49 GMT
server
UploadServer
etag
"42c29dc404d880318f79b649ce995916"
x-goog-generation
1677532366098274
x-goog-hash
crc32c=j7e0Nw==, md5=QsKdxATYgDGPebZJzplZFg==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
35592
accept-ranges
bytes
content-type
text/javascript
ads_819439fb0a227cfadd8d833ac0dc19d6.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/
414 KB
76 KB
Script
General
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/ads_819439fb0a227cfadd8d833ac0dc19d6.br.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
deee83939325d68ab9e026c98a6a4cd6e3692eedc8460459a494d090a88ecc90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 20:08:58 GMT
content-encoding
br
age
32089
x-guploader-uploadid
ADPycdtd2ERKuUtraMroT8Y1y9-HzNMV8Ircu6xjC0Z-uX7P9oZKijPQjATMXmEEYmHqS-QopEaMs0Gk_B--KWjI9fn-
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77817
last-modified
Wed, 08 Mar 2023 20:15:35 GMT
server
UploadServer
etag
"635426a1bba80c74f79f91cb81221599"
x-goog-generation
1678306535880339
x-goog-hash
crc32c=tUgFyA==, md5=Y1QmobuoDHT3n5HLgSIVmQ==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
77817
accept-ranges
bytes
content-type
text/javascript
pixel
googleads.g.doubleclick.net/xbbe/ Frame F781
624 B
577 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYiNqa4QEwAQ&v=APEucNWx88tu71KxNay2Cyt4s-v55yGYPepzG3E-WmrGZ-brMyXQr1wq6joa0LRZBWH467cYBeZdBVLlOkTSesYWBGqVL4zqLfVJQ0fFGOcRdtLCOKCaweUOn7Ag_WXnUz562ZKp0dA_8uv3Ux_ypaykV7nsZFZgKhsUQGe2KR8vf6HWGvvLnSw
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Mar 2023 05:03:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame DA66
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3652555847590&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DA66
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3652555847590&version=m202301230201&ct=76&x=1&cor=5296266378636369000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame DA66
82 KB
35 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BdbkFZB3iyQ6XOQ4Sb_q5z8lbzk07udiDWh_4239wJ05O4yzpWMLJxTfW0rcXDSQDXng6M0pkdGYvV1eKRXCZJ9vqRZg&cry=1&dbm_d=AKAmf-A22_r_NjtKk0Z-2HbJM9Vzpc-np9LdcEXek6c7FgDpDqGvHWvt70KS5If18YXfGy19QzgZJnbUQy3atAeR9gn-zSOeTJVrOyrfDae3IoA55DZm71Xr3PwESWU7sIupOfsBLJyB-gDq1dtD06p3Wph1pyUXHHIYK_LXB_khHDSWakda4eV1sNBGWtyGMxxwSbFoxBJoxrOrdjrU25Bzuq6o0SZOQkHRSp1i7iOCBPAJpJhi71DY7OEFzLYOeOrfUt7xvv95Ep5Qh_mKfgrg8r1jQGX6WDw5nqnBN01SPy_U5e8e2rbkh6tH4reMUqDdX2nFRY9Mwu96Qh0EH2Ayl3fD8CXuiWqrF6laDoq4RUf0E8tFv7OazpAoUotJehxSvRWTJo5rU3LCmt-HMNf9dIuP9JahnmQzFx5sXJDz92Q7BwaETJKvVwf2zW1ulVJ3iqc0LOlV3XfYUhwzZuGfzybhL_HVlPZ1td30_DFekRMMdSUyTUBFRN9NaOHdCgSMn8J6y_oCr34G1RchLxx9PoLa7tPr29XQvVMxD_kTHDWuBaJTvxq7CffwDioTM5VNxlql_Qj5Hcw3QOo2tX1tCYUAr0kU7VesZ_kpLGDl4jhUV11XlKb1zsV8ahREfylRkavP_k_yi5hK61LEvQEs8xxj7zRJK6LUVXVs3OC2cFKOj8XERhUbuGORboRXUsuTbOri9qBuUpvD9UEwLYmJP-hkE0gEaey6EH2cdR2Vvx7sDEji5Dj5LwzmO9GLrCYzq9KE1tMT7EMzJODDg2IOfUaEUeFrOhzqub01L67v6Mx61gGJUn1q0Pcjc3X0Z7CFACXV4CqZFo1GxuPrx_1IQAh66kHP4k5NjjmfAFwuNOAJ8M1wDsOhCmMNV7N2bbIodp3XXvBoxuYTIJK6o-fDAe4MAvNTx6ray94RupV_YECSX8shl2KAlN4_za0GLkwNZu3DV7nMuTkjKcC5CY8KzEx2_yOBrD8-x7siR8WUFoFHArESXR5OJIWSM32V-ouuVBGRHFt3w9bqO4PAr0YRJDGF7lpr_0fZ20bQZ_fRJIOqkHfZ3m3vb-ipNwyzsfT6BlJzel2ESQIQ3bBkfnA3GuhBIh-8HA11iChXbJ3CKC57AOZbCVAGxzpbHjSMGaCSobDkoyTZvRC-Xt41nngjMrGRQhFBqfJzpaH5XN8WPc99Gn73V8YCIPLRsi95yyahMqttCisgBeamDhyr2sNBbUiuPMws26Sgs_pJUv15kfHnaOEzvfPxKmO0kPK1UYMfC-uZiJ_B1IwZ3OLX38spQqRh0HVZj2_KlLd_LYnxf-6CynBHNcLcu9LZMc6bOumU4F81X8OxsTCsaMKFzqerKvENsGQpCeirjjl8CLx1n9Su1Y6qfM493iutWk7UqOJQPJeHBx9crb23GjK1fSPOhgEj0QqVBIfN200NPfYmmEphuZX6UByihOVdhjL4OTyyQTquVREKF634DVISWyQXu2AxjB1ALCqY8JSo9GG4hMQ2x_2HVENloSHpGn6jxWNp9R4SqhISrHltnF0WyIYDL9JismIjhhqCVhiw0X16zuC5KudYpLZueJWCy5XONmQ938ThsddKKrravG4j9wupLeyZdH_z4D7jcemF_QGSKVBENNC7U0sP1obYhpa4RC2kDOIA_z0R0B_9mMUKKirhFt71ypUyIIsIOmrqrJqQiz3exE1JUaTGQ70kUi0cp0rZzIfovOlDBNBSNX5WmmG6IGaCSFm8-hV_juGgdXxaPZAwsA_F73XCVzJp3TBVqN4Bs41eAJngxyI1mggFpEkhR749GamdEB1fG1_l9HYGPgopTdfPXEeVe-uC35Zq4CPF22LPdJspXAx94wOnzTBDDQzGqjzsmASSHy5SS2dHpkD25uZ--Rxlj2rk5W6p2Nq2RN1W1suDUYonX0ZF-vG2OWHJwwcB2gVk72s9gVq5Hhyx0A6OtwBXgkLjbzJs2L2MY74bp0RghZg1SkBYNXrOa_D0IHotp-fLVaXkliLbCgGns6Cvt3f6MSttV6Ot0abUL_l7j6BqBv8FgyeJnwANioBbsdrxmva6a5alCIYTsH7fCG3JDNyG3avK0y78-Sy0nOV8OJVfDXU7eF5GPcBcB-_Xt-5mkLk1zEDAULlXQE1TdW562q0XiXp4jUbLyg2sN_sAXuNR69ez9lNPLjXMoPyK1738m2jJZT0VFyQuw2vRBXKeDFSQ89lXaSzzXZC4PnTWpNQHZisrSTaNP_odiwF5eZPUY72Sho4r3dZ1x2-28KGAq5TyBfsMzFQTNjIqwahTMmXrKJdP26d1z7F5glrxgjF2AWrdH6ejawTwguZ0eqE6tfpe9b4ZWQnIZJvomziE-qvlacGgmBGeDCgVAx6xMeSq2qx_LVmT0NySgvPyIsDr0IJEBbBOs6U6W2JosBcE6hBqQ7_39Snzz2IhpY-A7LjxQAKaYOegviiO-nBrxWGSL7ucYNPMW_-vzyZcn0QqSN0DbpGzHBPwB-5jDNzTWxLR211wLDswozfboibsDHMiIWaE90wY5yMACI_VSWt2aaiBasr0Ct5BYV762S_tr7VKuJYYqBSQS1JKsAY3tCeCRGe5FYecf085fh5rHvzuXHjZ7feGwhtDLN4xAu1Td__Utq0rABrZsSRt7yzmNu3gni4cafXVZNTJ2w62xd3YtFP0VeS-FIrcOcZ_BPbgV-foLJUmlW3b4NukZB60As69a2DibM_qwlYFC3e26em_6mgqQtDKJU7WNvHE0yU_oL8JpwswmDPEaC4rHAsRMGJnIxg-fpu39L9h5y48QQq2VjHuDh2oO0eYOPPzYBoQHwY-oCfoBEuaxLDxzn096z1FdWqXphoGMSJybpplx01Y3oEKwst1CIHWeZrLbfd0ZI2plAqUFBku2wAPiZYpbIpiaoawuiYmYD1Okzi7HFBhrykA4JpTy_FmqMDLNlnT_xvC0FdHZvP2x_45Pq7Xz-_gs8IhIrvqLvsvOLL_TCQPhpQ6bo_LhzSCkhWXiixcQqFPzA1P_49HdQ1AZ_WC4d4LQcN9uB1VPqIwIhcGuQ3zUt32MGhdfj6HtiJKOJGxn1PemTsZ_1sViEghBcX7zdpZsS86_Y3GpFUSZG4Pl0JsFPs7W2SGCXXT4wZ7QT-HfMjI1Wi_olVyOWQw5vD9xOaCiDFgDWiUf4v7AujG_Jj73Zloul-oJuEN3g-2RgA1ZJuhm0hTTaTP9xV8HA6RvY8XTleBnpmRpzs0KTKLLmJJOwZqvE9iqa-VZ5rw6KTXo034pWkKhxj_j5YsS-ixIP7L2zopVMz1xybq_8ITCZiHkaziLfu__DN596Iu3koBHYGqsMuCE2hRO371Tk3r4W9LLJ7J3brQVhMwAf19TR8kb29_Ja6v53OyYscyUmMvZ1_bcA&cid=CAQSOwDUE5ymFzztxQ6jlJMNFvqOSUEaHzazEQpQDF9WNZ1TWv7vdzuauBgZfBb1UEdTXbaA_R0aojVKybi5GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fd1baseball.com%2F&ds=l&xdt=1&iif=1&cor=5296266378636369000&adk=250412560&idt=61&cac=0&dtd=39
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac118ac2854ec98e07e5b88a54f75e1bf9378a4f0601ae5a4e18065b5c9efa99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35640
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E655
6 KB
3 KB
Document
General
Full URL
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d1baseball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Mar 2023 05:03:47 GMT
expires
Mon, 11 Mar 2024 05:03:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bl-e5e97ea-9cadcc5c.js
tagan.adlightning.com/advally-d1baseball/ Frame EF85
53 KB
23 KB
Script
General
Full URL
https://tagan.adlightning.com/advally-d1baseball/bl-e5e97ea-9cadcc5c.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40e7881b36ca7ef7d318a44967dd2a8608f4f83b3f095d871de488b5970c9166

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 20:53:22 GMT
content-encoding
gzip
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-version-id
VqD_eZHhcEOlVARhw1xgrItzxxeIdRM9
x-amz-cf-pop
FRA60-P4
age
115826
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
23408
x-amz-meta-git_commit
e5e97ea
last-modified
Fri, 10 Mar 2023 20:52:37 GMT
server
AmazonS3
etag
"3c5dd782ad9ecfdba28ab297ae71ced6"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
GHEByDT8EeJIHfUasDIjz9Wm5jbvkm_zYIGbu7vETB5PvVho-3wThA==
b-89d2da9-6aa60190.js
tagan.adlightning.com/advally-d1baseball/ Frame EF85
97 KB
36 KB
Script
General
Full URL
https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c95cbf7c131612add055a1924a6084e70b87b1a2f5cda609124b19322b70d9f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:08:25 GMT
content-encoding
gzip
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-version-id
pmyR7n3eTnLGjxxgCm1YfQ53hgx.m0Gi
x-amz-cf-pop
FRA60-P4
age
1515323
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
36150
x-amz-meta-git_commit
89d2da9
last-modified
Wed, 22 Feb 2023 15:55:07 GMT
server
AmazonS3
etag
"6102e53490416441d5e28777be3cc3a8"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
FWE0kiuazkxrOkdxCiFiue_lOa60vdBREHKfZYkgrhGnOcSu4QU9xw==
gen_204
pagead2.googlesyndication.com/pagead/ Frame EF85
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C_zx70IEg8FN80GepnArPEzWsMbhBT01K8MUCkngTKoSJAgfY9sH-Pbi_EuACMO2-karomHiZSIv-E2UH7sS_aDcXO48W_SNFAZNzTEzXueGf6eds
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EF85
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10167983971024172212&x=1&ct=76
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame EF85
78 KB
27 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27790
x-xss-protection
0
server
cafe
etag
3677590245327912432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 12 Mar 2023 05:03:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame EF85
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 17:32:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
41465
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 17:32:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame EF85
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 17:32:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
41460
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 17:32:47 GMT
l
www.google.com/ads/measurement/ Frame EF85
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSi8oQFj8qwXoGXm3fs1IKwMZelJ7GycI7UB7heJcyhqb-SZYNJNCgNgUrOVJ4GwK5n54xgJcH7yuoRr_vP23sTeY68Rw
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EF85
158 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49657
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678278820084806"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Mar 2023 05:03:48 GMT
rum
dsum-sec.casalemedia.com/ Frame F781
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOQI1kqREjWgSzOKa5FpD2Q&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOQI1kqREjWgSzOKa5FpD2Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYiNqa4QEwAQ&v=APEucNWx88tu71KxNay2Cyt4s-v55yGYPepzG3E-WmrGZ-brMyXQr1wq6joa0LRZBWH467cYBeZdBVLlOkTSesYWBGqVL4zqLfVJQ0fFGOcRdtLCOKCaweUOn7Ag_WXnUz562ZKp0dA_8uv3Ux_ypaykV7nsZFZgKhsUQGe2KR8vf6HWGvvLnSw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Mar 2023 05:03:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOQI1kqREjWgSzOKa5FpD2Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F781
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZA1dNJ9yL3bb7lkTptrZZwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENP4CgNH6JtIPW-qtAlSF5M&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENP4CgNH6JtIPW-qtAlSF5M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYiNqa4QEwAQ&v=APEucNWx88tu71KxNay2Cyt4s-v55yGYPepzG3E-WmrGZ-brMyXQr1wq6joa0LRZBWH467cYBeZdBVLlOkTSesYWBGqVL4zqLfVJQ0fFGOcRdtLCOKCaweUOn7Ag_WXnUz562ZKp0dA_8uv3Ux_ypaykV7nsZFZgKhsUQGe2KR8vf6HWGvvLnSw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Mar 2023 05:03:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENP4CgNH6JtIPW-qtAlSF5M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame F781
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJDo_uP6WZtq3Ba5oU-XjG4&google_cver=1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJDo_uP6WZtq3Ba5oU-XjG4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYiNqa4QEwAQ&v=APEucNWx88tu71KxNay2Cyt4s-v55yGYPepzG3E-WmrGZ-brMyXQr1wq6joa0LRZBWH467cYBeZdBVLlOkTSesYWBGqVL4zqLfVJQ0fFGOcRdtLCOKCaweUOn7Ag_WXnUz562ZKp0dA_8uv3Ux_ypaykV7nsZFZgKhsUQGe2KR8vf6HWGvvLnSw
Protocol
HTTP/1.1
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Mar 2023 05:03:48 GMT
AN-X-Request-Uuid
eb4e1add-08b2-4987-8c9b-81e32c4d8a15
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.201; 80.255.10.201; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJDo_uP6WZtq3Ba5oU-XjG4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F781
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ0MzU2Mjc3NjU0ODQ0MzU5Mw%3D%3D
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ0MzU2Mjc3NjU0ODQ0MzU5Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYiNqa4QEwAQ&v=APEucNWx88tu71KxNay2Cyt4s-v55yGYPepzG3E-WmrGZ-brMyXQr1wq6joa0LRZBWH467cYBeZdBVLlOkTSesYWBGqVL4zqLfVJQ0fFGOcRdtLCOKCaweUOn7Ag_WXnUz562ZKp0dA_8uv3Ux_ypaykV7nsZFZgKhsUQGe2KR8vf6HWGvvLnSw
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 12 Mar 2023 05:03:48 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.201; 80.255.10.201; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
77e31908-6489-46b7-9106-51704fedee2e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ0MzU2Mjc3NjU0ODQ0MzU5Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bl-e5e97ea-9cadcc5c.js
tagan.adlightning.com/advally-d1baseball/ Frame E655
53 KB
23 KB
Script
General
Full URL
https://tagan.adlightning.com/advally-d1baseball/bl-e5e97ea-9cadcc5c.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40e7881b36ca7ef7d318a44967dd2a8608f4f83b3f095d871de488b5970c9166

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 20:53:22 GMT
content-encoding
gzip
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-version-id
VqD_eZHhcEOlVARhw1xgrItzxxeIdRM9
x-amz-cf-pop
FRA60-P4
age
115827
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
23408
x-amz-meta-git_commit
e5e97ea
last-modified
Fri, 10 Mar 2023 20:52:37 GMT
server
AmazonS3
etag
"3c5dd782ad9ecfdba28ab297ae71ced6"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
AaoZuzHS2YNVPfHeGgKQiHEqN4REceRGSA0X1hi0BCfigTrDpaKZgg==
b-89d2da9-6aa60190.js
tagan.adlightning.com/advally-d1baseball/ Frame E655
97 KB
36 KB
Script
General
Full URL
https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c95cbf7c131612add055a1924a6084e70b87b1a2f5cda609124b19322b70d9f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:08:25 GMT
content-encoding
gzip
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-version-id
pmyR7n3eTnLGjxxgCm1YfQ53hgx.m0Gi
x-amz-cf-pop
FRA60-P4
age
1515324
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
36150
x-amz-meta-git_commit
89d2da9
last-modified
Wed, 22 Feb 2023 15:55:07 GMT
server
AmazonS3
etag
"6102e53490416441d5e28777be3cc3a8"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
dMrcUKXF52GZ5jCXp9YHCPhG6YDA7ZJZAei_qQ3JTtr0SmGWHNB0UQ==
gen_204
pagead2.googlesyndication.com/pagead/ Frame E655
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BjdBRR9S3xMTgEVsSlzYc5mHvj2_-ETsvrHiU6FJ1xqlepOFk0QJr2UNexyt9kcqafqqE0OB89rwtB0ki6atvPQ5dMn8-wxoU0wDUuXzBDs6SwjGM
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E655
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12207339257830508452&x=1&ct=76
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E655
78 KB
27 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27790
x-xss-protection
0
server
cafe
etag
3677590245327912432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 12 Mar 2023 05:03:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame E655
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 17:32:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
41465
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 17:32:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame E655
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 17:32:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
41461
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 17:32:47 GMT
l
www.google.com/ads/measurement/ Frame E655
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT896wm1RWByBrtxO-HEf1RJOTqxG3wiqhe_ZmjwyXNjBIX1nkSFdXoe7_bpP7OotyPcqqVPMTSabWFBr6o7x_PgReqsg
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E655
158 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49657
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678278820084806"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Mar 2023 05:03:48 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame DA66
106 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Origin
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 07:16:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78456
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 Mar 2023 07:16:12 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/elements/html/ Frame DA66
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 16:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
43586
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3023
x-xss-protection
0
server
cafe
etag
4221495933888618527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 16:57:22 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/ Frame DA66
28 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b4a6ebe3e504b894684b8e94e18e39c512908b42313776600c3cde2452f04df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 16:35:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
44880
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10962
x-xss-protection
0
server
cafe
etag
11760670070698444384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 16:35:48 GMT
container.html
ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F02D
6 KB
3 KB
Document
General
Full URL
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d1baseball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Mar 2023 05:03:47 GMT
expires
Mon, 11 Mar 2024 05:03:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame FFDD
624 B
285 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNXrv-AqsX0kzIOWItzlXWBYNiCL1wNQ6Bu_joDgRsgBki-HQ_XTKs8ZfvnypzCgpUvRwcT0z5OXmZP4D_z11n8iRGptGdpDGVQmQZCZHauRXC5f5NDUoles9DVV6ZDHBhlx051XkjWLfy7_KfpgQXw7ssdzOHhCbFSzBLe2PIZEWe0gK-U
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Mar 2023 05:03:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame EF85
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2551423003233&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EF85
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2551423003233&version=m202301230201&ct=76&x=1&cor=10167983971024173000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame EF85
95 KB
38 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B1YudtwA46U93oRbpKdvYs06fM4uC4waBoG3ocETgXmCXQHeOUFILARw_cKdhQ7TzUd9iVxVybY8reFo50Iw7NFTD0WpDcgmMWEFKyYO_EaQBjMrIfHHVAiDqejkZagoTGtEiEVbsMkJorGMlkd2YToewDcaWO2ZErYfNlOJbMkS0HP6s&dbm_d=AKAmf-C0tkBHxc-Vkje-6smZdfdJcnzuqBEmMsi4NAdHpYmbeP3c80IcDHCRkSopD1IH99_irWjYoOPUSFC80vCrARujBQxiQr8uBJ4l88CfJ2aKknRvbNF44XxR3d4jC-4nDq1Xj5HOocHFu6vVIaS5f0vPy3woM16OMMOvJgXjG20MUcvHOIBNpUKUnfo0u2QwDgI-MrVdQkGTNxAMF84cErasY4m92bacx7oHCh8n96xm0xZjYFEL7x273BY2OuiQBBevkdlEsRT7-xRh_KPZjx4WS7SeamQDPZOYsBX5GuyXvPgBq1HpPozXl9_oi4wPe9L-qzm45TUDqcR23vwU6anVj_uY_qtUURX1_K74ABZXn3SEynFVWbDMX2gBWLxXprF9iG86p68IfNSsJpZRRGMUy9LeIhHjOavCFyzlWkTZlrciCZx6yOCdgRFBT6KnAy1_ExKw4vQTF60N2XUmfHucuO2mE4ZW_LaKZ0XQ41f6FYBNbr0Z7TL9v3gl_hi1ncrYqUpxbOvJn6GuTpxzWt1K0KsFH_18vnURqCJDQvbhn6HNMc7pa8rQKsE1b5VoBmOYZ1VY4AF2nFYgQzH6jEUr9cZAc9lQSjTiujJ82WyTGu890rhFMNfegyxv353UVe9J4QskN5U_IdIdhKMSb1wV7anCqeqU7iCexXG-C39ZYnkTLXZjnra5p9kgfyo6lV_IZw6s1OfXkZ2rMpsxwRtBzmIHfqoXR_XCIUxn-3c9sXLpvjEgQni4cFSbgjGMnFn5xh2xTOrzBduBIbTJIi17EDCcBoSg9VuGVutJhbJAhPIW-f9V11zMgj3L2HWYcSF0MZ03tB0OZUBcLh7gZu2Q3Bd2mZQeF7jo_AbDtlpD1MnFULssbNul7jmjxp7Ao5fQqhGoi1VjI6Qd_Xi37k1ed8k2_kk6nc6rbbEyuoBt24YgPZwA5Puxz7fFq2ouZR2z-wUhWDtOxFZURdUEY6lGD1emefuFA9L2AnWhbU3b1-hzBqtvT57yVq3IC6120h-Jby8kbqI8FFXqtuTJ4ajN3XwQMNXgyiXYbDnuMHub5_qX5RzfVwg3-sqU4TuN9e8fUP8mNJp5wEhS56voEet8qZkITM7vK-JBTfb-8axVNsI_zRwunIyTPRtA1fS1bhz8EBpXyeT6TfgtMPO5RTpUoKnefQgVI5dIfHrws6S8eTdIpkrhEHZ4wQ5m_YT_dsCD8TN-wzj0PlKm8hIA7iTOThE8gWLvWDls2fONeZJ8_6BjS2awvwjAVgIV-UAbl1E8Y4Js8uWqoOSkQBwo_3UPDZ0dTqN1cv-QpG3D446VGN8rUTMcECGpA9QmuE4Yck16VhCE9GAi1W45L9sIOYJDaj9scv9sk2FUmT3c1QbClPCRPgkaJjTSD7cIHtyPcEaVd6ypqKMhc513Uo2ymd48HhjNH1aUy0F2oo_cDVWe8oPwEVx-A3zEGFc4U2PbxeEq8V5085NuSaiyG8uSivnAxJtXwhJuS5U_YbpkJ6TBnRrVXM82N_KRFaXRys2qdJ2EuJPe14Fk5CgTsLNQ8zTkYiBdw_QV5jOodZyg1w6aAMEpvZ6fTNn-8CYhXu5kQ1phf2zM80nQpUGqWI-wML6a1-neb9YEg6aS1Irz0DRh7jF4FNnxdOnuYTVy5D8kcsXOr-UnDWafYwGN7uLrW_CUaSMOcv5IfYFl5OTc1sj7DdZkGrXXfu2z1aXn8wLb74zvWYEoRLrvl4eAxmSZdCHDMpLeGGr3u8tRUmpd0BvQX4SX1b8xpVTaswAKaDfoPSxBgZmYOFZ_hdI7Y4_e4yOmYeMD7Gnpb6qtdwX8jNv5jtllD2erwHAyxi1R3FlTjo6tmUxxgBy3mmb8PVyYgeYvXpOPMPPDHekXlOqRxZBIQdw0ybg-BsiSiC63H0fIrKKlHhqROrgv0UBTD8b9YX45Z-gt9Jmi_1VZFFhPPbmHjzN6WPMtwO9q2W3-Pi7-69-sAnvyNu9AH5e5Eq4oo8dT04bmblXLLQuxg9lGHiYp2jJXN5VHOzrilzraq3pR8791lYHgANnAMbrtQ5mrAN0BJ5dA5j-j916MzXu9T9szr8tH_nikneq6yyfYhP2t7scTzCZQEQgK_cQGxsNdsuiCRo_NTPHByvchbNHAyC3R5-17Oylg1LTVD4iH8pV5XssqPZUvXCNtC9TfSqlDzyQkiy-7rSgO4Ezi6_K2ipRdqtDVVG5RvP0WgK7kBvNMprr6sn-zf72aA1XhkKHsXUUZnDmxseifInd_5yGcFQkBv1x3jWYe3Avx5h_3WQdBOsb902MV7SSK2RU2i4DTZ0V-U1lSXOwt7TcUTP5MzoFFAPh3CGgWwZx32mQxdRjRC1zFVA8Nf3lw_kFlB8wG0sXqBcZmHTZevRDUzuJ_EDf6-gRPapyfVlMx0fkI4LbUQ3H7Kln7woeo2af_WxV77hUuSvcnDXN5rLH37q2h0sYRy9z201es4aODjq-slFu96W1Qk-TbAkFBV9IZLnQyKIp32t496KPXuZ-NzGJ7s5YwwBaf9Sh6HFbUSKLim4WpfVTlIO3l6BdvamNTpQA2iuPF2MBMDocpnUmkKpAA7D78U_SJWc8_HdUfJn1fnvU36mcRgKak_clSaewx9ig1pKMFI0DiJ8yGSIwdnfCLKL9BhTkW9Cpfgm9h1tCghAfSVJKHUMmPhgR-l058uIqi2HXLN7XRgtp60wC9mqoGhdlwXtkGiPWNA96BRdQw7KM-GCrK-UJYpHeE1vAETvFwCjzWIWLXxWxUdqjrDXFcTO3kAhrVZ0EJOjSXa51zLY5svc1MsOSBan2lYQaa2tZoqw26qHAOv8Tu9PLKilpo7HKYr0bVHn92aMKvO3TNl2DmH1Jx2UYCxjnMk63IhrUpkds5oulkFTwkmykdDkkNRK-aTszzRLPWXruzX42ZnOZxjaU6RNqk3OJYnC1nNnXXCvshrVv1M72kPdXqqnR5rkmXPvN1pY4EC0MrUWmaG_ZNUTElbNy7RcvbQPWsXscflBZdEjbPRQ1KnRTbIyhMGVM_PIrgWcDo0keOr4LIQjlCnfaAkHVodMSzICPykI3TsudijFnC0_lthl-fyXRTzO2Z0IVSb2EcXefqOgsDZKGp3-w0cVJMfBPZYeZI8dliL9UAAPtQHT087Y9bDACIiMGHjVbPLBhTVaetJ_13APFNves6gvOaKAJLnHQKTP8PxVo8xn7IvzfEamODP7ggEsPzFKcMKYJT8J-QpBptnmmWf0zt_Al6HgzjhChlzynC5_vZ0pSd1A&cid=CAQSOwDUE5ym5xaZNRgAWl6k0bqTAjaBKwf75n9pn7fa95pZzuaDTByUebY7q13xyFDFR6hwoXdo09sxI67bGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fd1baseball.com%2F&ds=l&xdt=1&iif=1&cor=10167983971024173000&adk=2228999115&idt=39&cac=0&dtd=37
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8c99f18addd95cafcf5e47a96de3100f66f8f577832bcaf83af7980a9d25ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38376
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
local_storage_frame17.min.html
assets.bounceexchange.com/assets/bounce/ Frame BE5A
2 KB
1 KB
Document
General
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6

Request headers

Referer
https://d1baseball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
age
75949
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-encoding
gzip
content-length
1073
content-type
text/html; charset=UTF-8
date
Sat, 11 Mar 2023 07:57:59 GMT
etag
"5031d168ae9c52fda41762d5042bfd0b"
last-modified
Wed, 08 Mar 2023 20:15:24 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1678306524792761
x-goog-hash
crc32c=Wuzmtw== md5=UDHRaK6cUv2kF2LVBCv9Cw==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1073
x-guploader-uploadid
ADPycdu8iLv3QaMnWkyG7aetqIwok5oucANKt0Eg-pjuvVHp4gtQGbcRUVemOOuwj2zwPaafbLUTSxa1QeJQ374lQX8bZIyEqxQF
container.html
ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A4B9
6 KB
3 KB
Document
General
Full URL
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d1baseball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Mar 2023 05:03:47 GMT
expires
Mon, 11 Mar 2024 05:03:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame FFDD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKxGBIWOWAiwYZj-DdZEgFQ&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKxGBIWOWAiwYZj-DdZEgFQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNXrv-AqsX0kzIOWItzlXWBYNiCL1wNQ6Bu_joDgRsgBki-HQ_XTKs8ZfvnypzCgpUvRwcT0z5OXmZP4D_z11n8iRGptGdpDGVQmQZCZHauRXC5f5NDUoles9DVV6ZDHBhlx051XkjWLfy7_KfpgQXw7ssdzOHhCbFSzBLe2PIZEWe0gK-U
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Mar 2023 05:03:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKxGBIWOWAiwYZj-DdZEgFQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FFDD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZA1dNJ9yL3bb7lkTptrZZwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELMT4o9o0CH0W2tHJW2j2l8&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELMT4o9o0CH0W2tHJW2j2l8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNXrv-AqsX0kzIOWItzlXWBYNiCL1wNQ6Bu_joDgRsgBki-HQ_XTKs8ZfvnypzCgpUvRwcT0z5OXmZP4D_z11n8iRGptGdpDGVQmQZCZHauRXC5f5NDUoles9DVV6ZDHBhlx051XkjWLfy7_KfpgQXw7ssdzOHhCbFSzBLe2PIZEWe0gK-U
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Mar 2023 05:03:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELMT4o9o0CH0W2tHJW2j2l8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame FFDD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECGQ88gNDOI1qohiNmphm9U&google_cver=1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESECGQ88gNDOI1qohiNmphm9U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNXrv-AqsX0kzIOWItzlXWBYNiCL1wNQ6Bu_joDgRsgBki-HQ_XTKs8ZfvnypzCgpUvRwcT0z5OXmZP4D_z11n8iRGptGdpDGVQmQZCZHauRXC5f5NDUoles9DVV6ZDHBhlx051XkjWLfy7_KfpgQXw7ssdzOHhCbFSzBLe2PIZEWe0gK-U
Protocol
HTTP/1.1
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Mar 2023 05:03:49 GMT
AN-X-Request-Uuid
05802a9e-ca4c-4fe5-86dc-3555bb390534
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.201; 80.255.10.201; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESECGQ88gNDOI1qohiNmphm9U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FFDD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ0MzU2Mjc3NjU0ODQ0MzU5Mw%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ0MzU2Mjc3NjU0ODQ0MzU5Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNXrv-AqsX0kzIOWItzlXWBYNiCL1wNQ6Bu_joDgRsgBki-HQ_XTKs8ZfvnypzCgpUvRwcT0z5OXmZP4D_z11n8iRGptGdpDGVQmQZCZHauRXC5f5NDUoles9DVV6ZDHBhlx051XkjWLfy7_KfpgQXw7ssdzOHhCbFSzBLe2PIZEWe0gK-U
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 12 Mar 2023 05:03:48 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.201; 80.255.10.201; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ed9c3a77-06f8-4bc0-a4c8-1981907321a5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ0MzU2Mjc3NjU0ODQ0MzU5Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bl-e5e97ea-9cadcc5c.js
tagan.adlightning.com/advally-d1baseball/ Frame F02D
53 KB
23 KB
Script
General
Full URL
https://tagan.adlightning.com/advally-d1baseball/bl-e5e97ea-9cadcc5c.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40e7881b36ca7ef7d318a44967dd2a8608f4f83b3f095d871de488b5970c9166

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 20:53:22 GMT
content-encoding
gzip
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-version-id
VqD_eZHhcEOlVARhw1xgrItzxxeIdRM9
x-amz-cf-pop
FRA60-P4
age
115827
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
23408
x-amz-meta-git_commit
e5e97ea
last-modified
Fri, 10 Mar 2023 20:52:37 GMT
server
AmazonS3
etag
"3c5dd782ad9ecfdba28ab297ae71ced6"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
olLyAMiSuE3oB-WK2l22JO2Qr3hdmxg9X_1vpxs-y6x1JIaGfr1HdQ==
b-89d2da9-6aa60190.js
tagan.adlightning.com/advally-d1baseball/ Frame F02D
97 KB
36 KB
Script
General
Full URL
https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c95cbf7c131612add055a1924a6084e70b87b1a2f5cda609124b19322b70d9f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:08:25 GMT
content-encoding
gzip
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-version-id
pmyR7n3eTnLGjxxgCm1YfQ53hgx.m0Gi
x-amz-cf-pop
FRA60-P4
age
1515324
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
36150
x-amz-meta-git_commit
89d2da9
last-modified
Wed, 22 Feb 2023 15:55:07 GMT
server
AmazonS3
etag
"6102e53490416441d5e28777be3cc3a8"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
HsKXNydZYTv0eX3btZNmMfkxNIoeaYJ_G50gWvE420VdmtfCbCsNCw==
gen_204
pagead2.googlesyndication.com/pagead/ Frame F02D
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B2XpiG3EmptIba2ilJUbsPGtHImwQwwsYp9WxJB7nRGxx8N0oN95eTqixYKMq1AWQUdi_HZaj1zG_NDf-y0YLFHxJAIx-HyfKwWDwntVewT6qU34k
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F02D
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1034448653139733079&x=1&ct=76
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame F02D
78 KB
27 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27790
x-xss-protection
0
server
cafe
etag
3677590245327912432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 12 Mar 2023 05:03:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame F02D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 17:32:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
41466
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 17:32:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame F02D
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 17:32:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
41461
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 17:32:47 GMT
l
www.google.com/ads/measurement/ Frame F02D
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSV_-Hki4MSdky_Z4p5vLNwQL0rYdgOs6RLNePix4BRfXPK597OAIoT8nCUYKTZzdYDm7r6-_lamzExGCQqaLzf98XZiQ
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F02D
158 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49657
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678278820084806"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Mar 2023 05:03:48 GMT
index.html
s0.2mdn.net/sadbundle/325090680463534349/ Frame A217
7 KB
2 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/325090680463534349/index.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ea5f4377b4e52037ece02b9b7e4521041820790d01b43334e4b2644a294ed42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
509859
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2422
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 07:26:09 GMT
expires
Tue, 05 Mar 2024 07:26:09 GMT
last-modified
Tue, 14 Feb 2023 09:32:55 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame DA66
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuZCu1U2BirPfBEjtdRxO2FmaWwIThXGnI56O3OzBQz5Fq1hAvtvQK1KEfG8Ee4D3E1jz_jp1zC3VNbpBa3dlI9k2Z3csztOYqk8t8DboDur0iWgl9lV0JcnRF9Pvp5wpYiTMeXV7lAlkTxgctBEIhulI6390qPSz5FCYno0zP9ZozaxSz-eZO7hrQqJ51yk3Cjk06_FytQfFUKuumvIBi8yuOV7xgSicYoeu3_IlpOgCIvSB0N09MoIOutsK_03UBCIYEBUw-HIk28DjpysIFl-ZNVhg3dlhXnAAvG1fWTbMwz2stJ3Hfa5dIh6BHQDtyJ02k0Ka1XldKE0oZ-W8pSWoc4P0WU_YYb1xKxM6Z3VCEGIoS0loyS8LkvcEIU7I79x1bAR3vZwGON9FdKy_J1XoD4l2v05vDsr4nB7_WWHOZ1P2biYMxj8CowfYk4PN8OjnoDNqqSNFzvuVa-XNDyUyJYzhJRokQomHYwPPOT45AQcoMUfXRbDgcf9ryQo58tpz9So1sKPqCTFvUV-K4Zy_hbe0bUSLFD-W0ktwM6a9K_60kbZl6aVTh6-DUWS7WzzxhKg9UUxh7nLi5X3I0vWeT1q-tSjOQw2Lblch3XABWGS12A4ufknupSqarSFX2YvfcjSRFiLeu8a6EyAwderCl5AbjevKN_U9Al2dc3RSTN_k-L6PpPrY2TQblUauYohpUZBcLPhOulJT5ekNMv9zcPY0iJGyvmGSdksSbriYxOmn8QRZcPNaD7izISv8i_sag4EgRbB7gI0nO50UAjSJplEXgPF3SNkxho6xDuGTVKk7K3KkoKXjR6Gyszt_hyhZeygkT2Z3IORckdF9BHCnlzjfx9LQvnAzogpxKAOrWMvCqJ4KlPQPSsqdaVBRANfTzEc-H8ERckDFAgZHW1CnCMbrtOlOXtUtTm2Mv-d7jnXMpI4i2C9CCMrLkqkKXuCzqv2yQWQt2iPq5U4mpId0pHcOoVZYTo1Et8X4GHM32YadoybpocoArRjPKSFJf6TiggFu2xiDEYSHiiE61LwKE3rhdOT_7ouH1B19hK_52GUTyW5rf0XctDONmy-WSrdlX9dWBCGF5NuF93zB63n-1lWZ8R6fdV4pjwpAHd5yX8mYA8NEG7gAzWhMCKJfDcZwVMiwwDNHzm3HjTfO-IdxH9mWp4R4pH9M4eHsZmfxebzcG12tpz3eZgmpq-8iu_M1n5FB-h1Qk&sai=AMfl-YTSI9SgrzMcXoSlaMtw5t9J4MI4OuJY98_IcOhX2e4gZpHcmSY77FjOwpuCzs2kpt-sF7Il_bS5dBMGZFl2dsQMrTZzZO7p-kvIg8T2Bah5fs4Jto9ecfZbwpU32Hzvj2a5rizXFh8-v0XTlH2gGjGzThS6v76iJUYqYcu9FLltjA2xT8Bl0r7XNuCU2iaQj4xOEklHdPBx-XBQ003E8SFTc0pDzq8r8PUWx8aDIAwKdKH93K-jv90OSiHf6i1R0x9U&sig=Cg0ArKJSzKjMnGJ8naVfEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=617&cbvp=1&cstd=609&cisv=r20230308.29262&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 12 Mar 2023 05:03:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 12 Mar 2023 05:03:48 GMT
hit.gif
visitanalytics.userreport.com/ Frame DA66
43 B
516 B
Image
General
Full URL
https://visitanalytics.userreport.com/hit.gif?t=DCO2fa74be3&gdpr_consent=&gdpr=
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
fZAqbzuxSGtIKd7g0Oj0VzvG4UrkztnT
date
Sun, 12 Mar 2023 01:32:57 GMT
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
12652
x-amz-meta-cb-modifiedtime
Tue, 14 Apr 2015 11:43:27 GMT
x-cache
Hit from cloudfront
content-length
43
last-modified
Thu, 15 Oct 2015 11:22:45 GMT
server
AmazonS3
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
x-amz-cf-id
3NE5Rq4ZjD-0tnNoF1Q3eRO8HFAut-PUEAUD-2v0H0c1gCPnyWPwbA==
expires
0
skeleton.js
fw.adsafeprotected.com/rjss/st/990511/61634096/ Frame EF85
243 KB
73 KB
Script
General
Full URL
https://fw.adsafeprotected.com/rjss/st/990511/61634096/skeleton.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-9665351610288016&ias_chanId=1&ias_placementId=19422215943&bidurl=https://d1baseball.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hp77HwDq0PSPASVQLo54jw
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.111.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-111-128.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5bd39fc8f979d189a886d8c6aeaf63cbb087ca5fe97bb8f67bd7da3a3a90ca1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:49 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame EF85
106 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Origin
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 07:16:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78456
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 Mar 2023 07:16:12 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/elements/html/ Frame EF85
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 16:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
43586
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3023
x-xss-protection
0
server
cafe
etag
4221495933888618527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 16:57:22 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/ Frame EF85
28 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b4a6ebe3e504b894684b8e94e18e39c512908b42313776600c3cde2452f04df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 16:35:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
44880
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10962
x-xss-protection
0
server
cafe
etag
11760670070698444384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 16:35:48 GMT
container.html
ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 69F7
6 KB
3 KB
Document
General
Full URL
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d1baseball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Mar 2023 05:03:47 GMT
expires
Mon, 11 Mar 2024 05:03:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bl-e5e97ea-9cadcc5c.js
tagan.adlightning.com/advally-d1baseball/ Frame A4B9
53 KB
23 KB
Script
General
Full URL
https://tagan.adlightning.com/advally-d1baseball/bl-e5e97ea-9cadcc5c.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40e7881b36ca7ef7d318a44967dd2a8608f4f83b3f095d871de488b5970c9166

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 20:53:22 GMT
content-encoding
gzip
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-version-id
VqD_eZHhcEOlVARhw1xgrItzxxeIdRM9
x-amz-cf-pop
FRA60-P4
age
115827
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
23408
x-amz-meta-git_commit
e5e97ea
last-modified
Fri, 10 Mar 2023 20:52:37 GMT
server
AmazonS3
etag
"3c5dd782ad9ecfdba28ab297ae71ced6"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
AM6ovHayusqSegqjof_Im5UHQNKC0Yh9K725YqzMTmV_TXLvm78yGw==
b-89d2da9-6aa60190.js
tagan.adlightning.com/advally-d1baseball/ Frame A4B9
97 KB
36 KB
Script
General
Full URL
https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c95cbf7c131612add055a1924a6084e70b87b1a2f5cda609124b19322b70d9f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:08:25 GMT
content-encoding
gzip
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-version-id
pmyR7n3eTnLGjxxgCm1YfQ53hgx.m0Gi
x-amz-cf-pop
FRA60-P4
age
1515324
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
36150
x-amz-meta-git_commit
89d2da9
last-modified
Wed, 22 Feb 2023 15:55:07 GMT
server
AmazonS3
etag
"6102e53490416441d5e28777be3cc3a8"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
d3ebpqAuuY937TS-piRWC8Eyn3toyxGNPycfqh71I9cZy2aNFBjMFg==
gen_204
pagead2.googlesyndication.com/pagead/ Frame A4B9
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BxOzNCQ4Y_pE5j4pSK_7VzYpvw2hId5W8tdtUllcAC6np05Tpiplz7FaTd0Q7tApuwtASRonmvByiTDCHZj2cx1OIQzedzxThRKhgGsxresk5wRQI
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A4B9
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9712504172105568899&x=8&ct=2
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame A4B9
78 KB
27 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27790
x-xss-protection
0
server
cafe
etag
3677590245327912432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 12 Mar 2023 05:03:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame A4B9
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 17:32:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
41466
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 17:32:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame A4B9
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 17:32:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
41461
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 17:32:47 GMT
l
www.google.com/ads/measurement/ Frame A4B9
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgMkPkwXgktB_xeTW--7JFA34ylfombpcSBX-1P_NA__NBtH0O4RQgUHo3Ln2iVJost6UxETG94rJcsFUY-eAbvIwqZw
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A4B9
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 10:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
238339
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 08 Mar 2024 10:51:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A4B9
158 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49657
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678278820084806"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Mar 2023 05:03:48 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame EA90
624 B
242 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERCuvK_DAhimve7LATAB&v=APEucNX9yzWMlEADWpg06eaqYFZn798Z7G28R5Jg_Ht-xzPnwURPNOMwLYFsfdcllwIU52VMVGwXMkwW1Gyk4I5mjK7PJmUQJKdBs78QVyNznpMUzkM0xBLIRjipiWV9siZoA_GtEkVzM0IKl-1jANUom1pmSxSlJYDSkbp6yqbSFoEixaWK81w
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Mar 2023 05:03:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame E655
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5665081345044&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E655
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5665081345044&version=m202301230201&ct=76&x=1&cor=12207339257830509000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E655
87 KB
36 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CIUTATVVfo1J73_NtrSYctvQxT1uJVRkCTzsV9hnESxPhZ0luVnNYHkpwDCaI3EgIwZ2ET39hc3RO_yAqmTYzKAbUVSW7NgnxvfPzwiEM1nWXdFhgMLLebwQwuHJo5AOjoZKpESxufiqopNgFv05WdpyEBtT93f9Dh9G_ftn7trzQDd_A&dbm_d=AKAmf-Av28f7KWz3VmIITRVzLDuDIm1lr1XperQZTkgKmvaAgpXSkPYp1Dm_hJHSuKo8-UvomzFdYemTuXQOjW-LBXNoPaENLI1yKtw3o0AtxuFmrKwBq7tdUhi7bUWincIn0QtwPVqQWGnkeNfW0oe0HElAKA37yzarSgEvvE721K5mbULzh_EHjdrkquZGparBzUHcmAt5LwMtxYQpd8IAe1Jn2anRGw4QG8j1eno9dpE36oZaNEyhn2UxZUp928jxZ6wBRPk5m4VLhwoftfH8YwCQThZz45FSXJ4T5QK2Jm0fKBi_QiCm5dmbyklhMVAPs7grL1tgS-bUgzBkssHO3vJwjNmWb6SU15WQF5JLEQDp1SEMmtIQcX_GbEs2KcAepWkd9SzQO1dj8s7K0oQhxHnprlbScatUGi2IZ8GoRg5H3TzediGc98yRz8oqnDIMIzVscS94RO_y1W5tVES5_dRGUs0Fhp1qeq7uGlM1CVDRtqhxFuvuDZKUub06nFP6xcEs58-hs06h_oFj1G8-y8aWkj9OOsIGlpNpw9nTedJe4pNmulfwmvkwewKk9EKfyXq94MWiUdlsk-RblQUORMIXVrhhWZ4DCLIzFhx1syR8lBrab_a-BX8be_VvEkzTUxLra1nnoZHgcr8qa7JKQC8yvmfbKKjsZ92MgVzrVS-Pe97TXuV93EVDc72qbMKZ-6Lth_6ptTu87t3FFsSiCTdh1RdoeEyIsbeIPSyQNsMm54LOkiynsg78TkD7fBoXtUs7dV7fdTB17D-sCopYKnz7hPTKs9PefMjix4jYn2FiZ67UG6PRCdO49YSde0Y_HfYPi2thquLJb20JZlVvlyjgV2PArRBSInvYGhWnsJOx7-ji-5ozcJSIAul7fTTNjTLg2LDfbKRq4TgTuti3D1vPP44m9C1ABVslrCTQL0bDlyqxwBQfESJvbyUyD6wOh5rWMtfk7IcMvIo6LGSByaVE9CLGUCjJCShzjyrfsLeYHcjxPIMLFpHHdQH4GLf9XmCs77eqdOHShmBF6osROeCC2eOtTeyerJzgikL36xprNaDbQCx_cw0Hrmrsgf4Mq5K3r7EfuvMI-oO5mE5fK4l6IxqKDfQnbIXGQMbjpzEgtTwrpx3FmnVqXJxnCNCN9wHYYOUIjtpc7Y2MUdJYROVrWhX0mz3m405uFoFwPC_56dhQk2_77wJvymaiUgG996Ps-r1V1u3BBBakEmRRnV4zDRemGWZNyx3q_eQ5AHAtwA2eruf4HCKPH33xhrAdTWAsiHSY_1K9LK84XI2IB7Jf0fFnFFqdkX0EqCBG6fA5d2_87Xx7V8mKZeja83Nqs7T6z3PDen4Ewvp6dqaypaYAmSgxlbR_YalwlVXewLIFLR1WecH-e8WjB8MJngtAUNoVVUl-sKbXpnYRkPPbA0kQ6IcFwdPnCOHTUVf2TEa3Qm2z8DBKM5tfFyjFZXF3f2hr0EvEgPpp1gJ4ncgr0wcAiLn4Znkal-Yn2SSETctMspznoGiQxWVPrdmxVhn9e748MqnSDyMpH85ZAen6bNj0ynP8HmhzYStPHvWVA9rp5K63c9dBw1MLgIsK636hAxnO19fXi8dl4LR-63klD9DO7IK9sasNmvXQnoahKnpN09sdFKCUxZaTvAYK9kFNXfLeIxHPQdu0VlRrG0PaTkMIadOD8nesgSZWZt_OOdaBcrrz1rzutu250SduiRtdHMoSPLGAdSMDKCQrx78S0AZK7QKiPoAfLZvNhjZFHjnpSr4gdF2XIi6c99Cy4rLzuTaJf2dOBv_DtsW_p6-4jiDwaxkx57PzeExcCAih3dXduotu3ildRZAGO8FAWS8lpvP6pJGByNmRFGUmzXVufB-qmoIhi4T_vKnpj4I5buLCRwphBKKH3NGn-kPczGsocN8rl8XdWmQi1ieIWiGsz58Du10qzuMzJ1UfUuXPc-g3Kbv0sOca0YBEgY_tflSFNmAelbCDxY5mT_nae0HLPCKH3X8iat1EeSIDIs3hj7_dsyV6AjKMEWGwrIkeid4mNl-6wh8gM4Kqw6yFT4_ijrq2dmItxbdlNa6uli6KseobVfik0PEvzZ4CeBGSqcylgoDi93Nq4BEeapzkqAxX_-_4oIO_gbbu9vT9WP7l2fhn3jlhy1cXcC407mnEvsa6PVl0wdwgL6WaK5Bm6fHW0Jarf_-FC8DJadkP61rYTzyy0r1RNpB7CPxfChRhiSv4RqPNsBe80S3C0LxcsiGAsma8qD1wkr2QXmQeKMBnw6napLff67kdh-N0l-aoyw_ZLIIwKs6_4IYFotP2flkjM6RTsVNo87dJsjlALn4ujGRSAjdsS0HEKnchKjeqrsgHsWsSx9I3V9ePO_S1ROtmKIhtnlottIXT9DHlYNWgWvFy9Lw7eC4Mzo3fVjTXAa2WdAjIp-YdXWSoVUXZUxHWrBu_4Ci_HOphQ0BA1PWuP8-QqnAA_2dfDmMIvs_eySw9Yfc9h8_C-n9v4dgTm69CTZYGFSTEc_hrPkfr4dytLGYmuiknEr0lRR5m2CCpSdD3mJMtfo23IN6Kw15o_vr2YktJ3CkdeTDGx0kwXV7yUpfSSYohWKZLMxs4VJXm7Hs2ZFY5cEDzPGIUaLKhs1RmPZAi9xs2EbKiK9jnFGo8XZ5Z3UoqlI1zVp6dAAgzodu0jlZ94raM2LqByCHlRxOTO8qd7YuRdKL_gyaqsL9H1_TDM8HQsjzYJ_HmTQECr43pGk4VR-F9_GYmQLvrhKdlVryVvrqpbXQTCQEaHE0qSj_Og5ypOqhF9fVg1JrMN2b4iXzkBfAt_7UPHQvt2P5WB22jJOvFkXQFunN3jbR6-k_B2c-Fq1GuhBu2-FGOldSIgk_Up6U-2JYG83DgDeQXe3IocYDBnGg8DEYkdsw-n5T76dAH1gjY4NEu8lXwNA2rewoCexSyZi0qXI3wACduiqHxpUdaZPGfsoYNWfmolmogjnyhr3dua9rfOqKrlWdISh7W_LeOrOfqqXHEln_KXLduoAGg2b_QmxwPTKlQ8rmCEr8t7HeWrkmRUyRh0YBgjH-b9SOfs7Sbdm3nP3sPjJacmcNgsoO1-mQbvyYSDCQb--K3HjCoF5sBrlJhLjXXfhkfxYXhv9L_Duecc8hNYq_Lcb4e4G_DX09t_FMT0A0kMroVZJYE_Hov9qmkbYM2PHaK1smcxx-7W1rtiAVDV7Sf5NrnIzAgPQ_tVaPcEiFslHwGIJY_tRWzKTMz9r8iq7-hoeEi1ralFKnW2vzbwX3D3HIAqvTNNrgqCLqzkh60ukcU1MiBFO22gOa3uTARVwYEI9xTK-uw-9H_BivXKNyWdu0KxM3au0XppvvqkEDWsGuDTF7csl9KSF-J-hy4c_R6Tkn2ZCE28uGuGCWRGTi0TO-eE8Y5KJrZGsc6oUX2cIWV8Wk&cid=CAQSOwDUE5ymMZOrlIfYBbk1w2aSTag3GPwVoYQcUIMKjngPokYVKkTVpFkGAf6AM-dP-lEa4e0pk940cFEcGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fd1baseball.com%2F&ds=l&xdt=1&iif=1&cor=12207339257830509000&adk=3047537735&idt=38&cac=0&dtd=37
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3eea91d2a1da9a9f4e856691894e46d9565b4bcb19c0a2817e9468e6a7aedad2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36834
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame DA66
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80206
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Mar 2024 06:47:03 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8840
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
80535
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Mar 2023 06:41:34 GMT
etag
48472445140208031
expires
Sun, 12 Mar 2023 06:41:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame DA66
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee3da4f28fcdd9ef9f7f773dbfdcbf571a7fc75e99fc1b4857e2070be6ac0d16

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame A217
60 KB
24 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/325090680463534349/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/325090680463534349/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 Mar 2023 05:03:49 GMT
cssruleplugin_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame A217
2 KB
1013 B
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/cssruleplugin_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/325090680463534349/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/325090680463534349/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
985
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:22:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 Mar 2023 05:03:49 GMT
main.js
s0.2mdn.net/sadbundle/325090680463534349/ Frame A217
6 KB
3 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/325090680463534349/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/325090680463534349/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc806e5924e10cb8a72cbd6031c135a34f32263b1902afd915aaa78942b71ff8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/325090680463534349/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 07:26:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
509860
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2587
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 09:32:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Mar 2024 07:26:09 GMT
container.html
ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7FCE
6 KB
3 KB
Document
General
Full URL
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d1baseball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Mar 2023 05:03:47 GMT
expires
Mon, 11 Mar 2024 05:03:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame EA90
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0c1gLHMJSAa7S9dSYyGYs&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0c1gLHMJSAa7S9dSYyGYs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERCuvK_DAhimve7LATAB&v=APEucNX9yzWMlEADWpg06eaqYFZn798Z7G28R5Jg_Ht-xzPnwURPNOMwLYFsfdcllwIU52VMVGwXMkwW1Gyk4I5mjK7PJmUQJKdBs78QVyNznpMUzkM0xBLIRjipiWV9siZoA_GtEkVzM0IKl-1jANUom1pmSxSlJYDSkbp6yqbSFoEixaWK81w
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Mar 2023 05:03:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=492
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0c1gLHMJSAa7S9dSYyGYs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame EA90
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZA1dNJ9yL3bb7lkTptrZZwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0c1gLHMJSAa7S9dSYyGYs&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0c1gLHMJSAa7S9dSYyGYs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERCuvK_DAhimve7LATAB&v=APEucNX9yzWMlEADWpg06eaqYFZn798Z7G28R5Jg_Ht-xzPnwURPNOMwLYFsfdcllwIU52VMVGwXMkwW1Gyk4I5mjK7PJmUQJKdBs78QVyNznpMUzkM0xBLIRjipiWV9siZoA_GtEkVzM0IKl-1jANUom1pmSxSlJYDSkbp6yqbSFoEixaWK81w
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Mar 2023 05:03:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=491
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0c1gLHMJSAa7S9dSYyGYs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame EA90
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELDVijHeuDkuOcv6dOYPtKk&google_cver=1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELDVijHeuDkuOcv6dOYPtKk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERCuvK_DAhimve7LATAB&v=APEucNX9yzWMlEADWpg06eaqYFZn798Z7G28R5Jg_Ht-xzPnwURPNOMwLYFsfdcllwIU52VMVGwXMkwW1Gyk4I5mjK7PJmUQJKdBs78QVyNznpMUzkM0xBLIRjipiWV9siZoA_GtEkVzM0IKl-1jANUom1pmSxSlJYDSkbp6yqbSFoEixaWK81w
Protocol
HTTP/1.1
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Mar 2023 05:03:49 GMT
AN-X-Request-Uuid
c94e36bc-ed31-4278-92e1-5b02cfcb370d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.201; 80.255.10.201; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELDVijHeuDkuOcv6dOYPtKk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EA90
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ0MzU2Mjc3NjU0ODQ0MzU5Mw%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ0MzU2Mjc3NjU0ODQ0MzU5Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERCuvK_DAhimve7LATAB&v=APEucNX9yzWMlEADWpg06eaqYFZn798Z7G28R5Jg_Ht-xzPnwURPNOMwLYFsfdcllwIU52VMVGwXMkwW1Gyk4I5mjK7PJmUQJKdBs78QVyNznpMUzkM0xBLIRjipiWV9siZoA_GtEkVzM0IKl-1jANUom1pmSxSlJYDSkbp6yqbSFoEixaWK81w
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 12 Mar 2023 05:03:49 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.201; 80.255.10.201; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b24c4676-6fd6-4198-95cb-d4041e873d87
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ0MzU2Mjc3NjU0ODQ0MzU5Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
init1.js
api.bounceexchange.com/bounce/
36 B
342 B
Script
General
Full URL
https://api.bounceexchange.com/bounce/init1.js?wklzs=387&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYB2ADgFYBOYgFgCZKibNgAvEKABkwHcBTAEY5UwPgH1UAEyg1ilUpgBOfHCAA2cNBgKFOnAB746epXxh9FyxVGwBDNWtQIA5mLiK1UABbBgABxwAUgBmAEFAugAxCMjJfAFbHEF7NQA6JBAAWxjMADdUYWAxDJAAa1Q+KEDiACEIujU-epDwujoffyC6cjCI8ii+qLiEpISHdKzB6LaIgGF6xWbemZniABFsEDKKqtr6ySkl1rpSIhIaTnJick5CKnI7sma6ebb8ySOiMipaBiIGOjBaobErlcSgEBiNS2RTOSowexJTACPxcTB8fxQADaAF1MH5gHhNpk-I5bMhxDBoc4bLkvLYoEA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
date
Sun, 12 Mar 2023 05:03:49 GMT
content-encoding
gzip
x-envoy-upstream-service-time
14
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
bl-e5e97ea-9cadcc5c.js
tagan.adlightning.com/advally-d1baseball/ Frame 69F7
53 KB
23 KB
Script
General
Full URL
https://tagan.adlightning.com/advally-d1baseball/bl-e5e97ea-9cadcc5c.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40e7881b36ca7ef7d318a44967dd2a8608f4f83b3f095d871de488b5970c9166

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 20:53:22 GMT
content-encoding
gzip
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-version-id
VqD_eZHhcEOlVARhw1xgrItzxxeIdRM9
x-amz-cf-pop
FRA60-P4
age
115828
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
23408
x-amz-meta-git_commit
e5e97ea
last-modified
Fri, 10 Mar 2023 20:52:37 GMT
server
AmazonS3
etag
"3c5dd782ad9ecfdba28ab297ae71ced6"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
A844DlxpDgRqGOk0l0shp2LivUlkwQW8F1e6X62UUSXL9uyJi_Cmfg==
b-89d2da9-6aa60190.js
tagan.adlightning.com/advally-d1baseball/ Frame 69F7
97 KB
36 KB
Script
General
Full URL
https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c95cbf7c131612add055a1924a6084e70b87b1a2f5cda609124b19322b70d9f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:08:25 GMT
content-encoding
gzip
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-version-id
pmyR7n3eTnLGjxxgCm1YfQ53hgx.m0Gi
x-amz-cf-pop
FRA60-P4
age
1515325
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
36150
x-amz-meta-git_commit
89d2da9
last-modified
Wed, 22 Feb 2023 15:55:07 GMT
server
AmazonS3
etag
"6102e53490416441d5e28777be3cc3a8"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
qz2LQEcY5kTrmV7DrYU5wjdlOYdx6XpRJqHTf2K-v9xGoFS0IyEAdw==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 69F7
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CV3stAXbPGymAwL6v22NfNKKQ6b9nI5z5_XOwDOYM-A8VNPM9BmnyZQP4mA2shPcrJiaOZa2IHOq98vcbg7lrDUxhBGyIS82RUNFvHrzQHGCrDG_s
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 69F7
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15844093981477834770&x=1&ct=76
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 69F7
78 KB
27 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27790
x-xss-protection
0
server
cafe
etag
3677590245327912432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 12 Mar 2023 05:03:49 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 69F7
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 17:32:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
41467
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 17:32:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 69F7
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 17:32:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
41462
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 17:32:47 GMT
l
www.google.com/ads/measurement/ Frame 69F7
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTiqi-pvviEn5fxGxDIJ0v1rJn9phUNKTGLdGvMJAu_JXybjXFh14ECIGks11GNJDk1QOHxLyB_6VV-GWDctsiHrsRh1A
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 69F7
158 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49657
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678278820084806"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Mar 2023 05:03:49 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame E655
170 KB
59 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Origin
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 07:15:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78483
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 Mar 2023 07:15:46 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/elements/html/ Frame E655
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 16:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
43587
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3023
x-xss-protection
0
server
cafe
etag
4221495933888618527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 16:57:22 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/ Frame E655
28 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b4a6ebe3e504b894684b8e94e18e39c512908b42313776600c3cde2452f04df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 16:35:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
44881
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10962
x-xss-protection
0
server
cafe
etag
11760670070698444384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 16:35:48 GMT
bl-e5e97ea-9cadcc5c.js
tagan.adlightning.com/advally-d1baseball/ Frame 7FCE
53 KB
23 KB
Script
General
Full URL
https://tagan.adlightning.com/advally-d1baseball/bl-e5e97ea-9cadcc5c.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40e7881b36ca7ef7d318a44967dd2a8608f4f83b3f095d871de488b5970c9166

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 20:53:22 GMT
content-encoding
gzip
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-version-id
VqD_eZHhcEOlVARhw1xgrItzxxeIdRM9
x-amz-cf-pop
FRA60-P4
age
115828
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
23408
x-amz-meta-git_commit
e5e97ea
last-modified
Fri, 10 Mar 2023 20:52:37 GMT
server
AmazonS3
etag
"3c5dd782ad9ecfdba28ab297ae71ced6"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
TBN5pe4jctbz8v_AQ3Zf0ftwXnK38hAeMzbJpVWpNw5LSG8pML8iPA==
b-89d2da9-6aa60190.js
tagan.adlightning.com/advally-d1baseball/ Frame 7FCE
97 KB
36 KB
Script
General
Full URL
https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c95cbf7c131612add055a1924a6084e70b87b1a2f5cda609124b19322b70d9f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:08:25 GMT
content-encoding
gzip
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-version-id
pmyR7n3eTnLGjxxgCm1YfQ53hgx.m0Gi
x-amz-cf-pop
FRA60-P4
age
1515325
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
36150
x-amz-meta-git_commit
89d2da9
last-modified
Wed, 22 Feb 2023 15:55:07 GMT
server
AmazonS3
etag
"6102e53490416441d5e28777be3cc3a8"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
_doTotxTBp-VKly9egGGep-GIfnlpnBt1Z2WU1fEdhdALrwjnGb-TQ==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FCE
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CDmzu89Fiv_CVJ4VSBby7hlL3DuP7pT_RlhejrVgJw4FsWy6R3J9lkELfsh6J3F4hWYt8t05zgF4ctPXLK-AKvZv6FGHdkzPDVGHVPKfEpk-itCa8
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FCE
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7506707467614073351&x=1&ct=76
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 7FCE
78 KB
27 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27790
x-xss-protection
0
server
cafe
etag
3677590245327912432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 12 Mar 2023 05:03:49 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 7FCE
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 17:32:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
41467
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 17:32:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 7FCE
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 17:32:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
41462
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 17:32:47 GMT
l
www.google.com/ads/measurement/ Frame 7FCE
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQohJE5TWHX-1K-ka3RyLB-V3cmeW_zLcgnejY1st5WmDZB_xNH6fCY4adRDuFBuYIHKQ_h8pVtnEoRcZJASbrZObUV8A
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7FCE
158 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49657
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678278820084806"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Mar 2023 05:03:49 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B229
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
82063
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 11 Mar 2023 06:16:06 GMT
expires
Sun, 10 Mar 2024 06:16:06 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4.js
static.adsafeprotected.com/ Frame EF85
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/990511/61634096/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-9665351610288016&ias_chanId=1&ias_placementId=19422215943&bidurl=https://d1baseball.com/&i...
  • https://static.adsafeprotected.com/4.js
1 KB
1 KB
Script
General
Full URL
https://static.adsafeprotected.com/4.js
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:223f:8a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 19:35:43 GMT
x-amz-version-id
vtoVcOeStqySRz0ovnOpcMO_.XzI7BRS
content-encoding
gzip
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
293286
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 22 Feb 2023 19:35:40 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
hffm4yp0L6CgLQ442HBCTaGcLOSvUmUuR52-fQqdtEw3Gwqn3wdO1g==

Redirect headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:49 GMT
server
nginx
x-server-name
app01.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 3D16
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:8a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
14822853
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
nWPhcsPpSezqnFjH9IAf7D5m5-GL6KOxivjqW9PiWnZTqaRX7lS2Mg==
pixel
cm.g.doubleclick.net/ Frame 8840
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEHAow-wxhbBM6D4nGo-43KY&google_cver=1&google_push=Aa02lx9RLxyPyF1xYq3Fw4TNsRBNnyGvWJ7pdq46Mo8eVJjofRqOu8Cfl5kX_Jfd1jWez4O51CJLfyJo4OwLLbyMZj9bUNlEVikv
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B1C244863C294D64A78168B499299A4E&google_push=Aa02lx9RLxyPyF1xYq3Fw4TNsRBNnyGvWJ7pdq46Mo8eVJjofRqOu8Cfl5kX_Jfd1jWez4O51CJLfyJo4OwLLby...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B1C244863C294D64A78168B499299A4E&google_push=Aa02lx9RLxyPyF1xYq3Fw4TNsRBNnyGvWJ7pdq46Mo8eVJjofRqOu8Cfl5kX_Jfd1jWez4O51CJLfyJo4OwLLbyMZj9bUNlEVikv
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 12 Mar 2023 05:03:49 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B1C244863C294D64A78168B499299A4E&google_push=Aa02lx9RLxyPyF1xYq3Fw4TNsRBNnyGvWJ7pdq46Mo8eVJjofRqOu8Cfl5kX_Jfd1jWez4O51CJLfyJo4OwLLbyMZj9bUNlEVikv
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 11 Mar 2023 05:03:49 GMT
pixel
cm.g.doubleclick.net/ Frame 8840
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEM2v1DLYLdUy6Wev7iqyltw&google_cver=1&google_push=Aa02lx9JE8ZcIm6T2uyhuTJsF4jR_6vm-vBxV_qwO-9l6a2dwMRX32QMFehN87bDudFQc0SdI1psvjvHP__ZUs9CqhYbx31...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9JE8ZcIm6T2uyhuTJsF4jR_6vm-vBxV_qwO-9l6a2dwMRX32QMFehN87bDudFQc0SdI1psvjvHP__ZUs9CqhYbx31X3xIB&google_hm=eS1iMENuY1g1RTJwR3JnV1...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9JE8ZcIm6T2uyhuTJsF4jR_6vm-vBxV_qwO-9l6a2dwMRX32QMFehN87bDudFQc0SdI1psvjvHP__ZUs9CqhYbx31X3xIB&google_hm=eS1iMENuY1g1RTJwR3JnV1ltWjlLUGM2R2ZpNTZ2WGhwLn5B
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 12 Mar 2023 05:03:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9JE8ZcIm6T2uyhuTJsF4jR_6vm-vBxV_qwO-9l6a2dwMRX32QMFehN87bDudFQc0SdI1psvjvHP__ZUs9CqhYbx31X3xIB&google_hm=eS1iMENuY1g1RTJwR3JnV1ltWjlLUGM2R2ZpNTZ2WGhwLn5B
content-length
0
dds
rtb.openx.net/sync/ Frame 8840
43 B
350 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEOF5WxwigMJv0YPiu4cxDGQ&google_cver=1&google_push=Aa02lx8oohpw0kK-xjKSvIPEESi8I9arT7mJuHLfLMwzIt-nPvGAlQPgkxUaGOCzH6vFA712xGv0XvJ3jmhihbBYD6j9hjhFhlAgLw
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:48 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
lfm5t264gr0r18r4cr4oo82uh1nt9hnr
pixel
cm.g.doubleclick.net/ Frame 8840
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENlzQvdLi4W2nxorRA5g5CA&google_cver=1&google_push=Aa02lx9taL9X9Cp36zFPY6r2dQ3gf0HlSdie9cGYGA2gG3ZKqYxNTAxgFPIZKuTC3VYm-DRce5qEYzX9ZT-4TG5A...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9taL9X9Cp36zFPY6r2dQ3gf0HlSdie9cGYGA2gG3ZKqYxNTAxgFPIZKuTC3VYm-DRce5qEYzX9ZT-4TG5ABpN9msPlF0Re2A
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9taL9X9Cp36zFPY6r2dQ3gf0HlSdie9cGYGA2gG3ZKqYxNTAxgFPIZKuTC3VYm-DRce5qEYzX9ZT-4TG5ABpN9msPlF0Re2A
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 12 Mar 2023 05:03:49 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9taL9X9Cp36zFPY6r2dQ3gf0HlSdie9cGYGA2gG3ZKqYxNTAxgFPIZKuTC3VYm-DRce5qEYzX9ZT-4TG5ABpN9msPlF0Re2A
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
XHFOsnqj3sDvLyfUgOVBtcfg8O1TU3AdLcF-UdVi_OjYOuLhHp1gww==
pixel
cm.g.doubleclick.net/ Frame 8840
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENDQcqALsKeVNYltqkdEAJ0&google_cver=1&google_push=Aa02lx-fCK3lO-R2mT9XcX1R_7SZY5hbHCq2teOtBVw-h2QdKCQEa4h9-QQe0v3_hgT1CHcEq_SxtcQuMQx7...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-fCK3lO-R2mT9XcX1R_7SZY5hbHCq2teOtBVw-h2QdKCQEa4h9-QQe0v3_hgT1CHcEq_SxtcQuMQx7KSL_g-z2kN5EQPYAJA
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-fCK3lO-R2mT9XcX1R_7SZY5hbHCq2teOtBVw-h2QdKCQEa4h9-QQe0v3_hgT1CHcEq_SxtcQuMQx7KSL_g-z2kN5EQPYAJA
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-fCK3lO-R2mT9XcX1R_7SZY5hbHCq2teOtBVw-h2QdKCQEa4h9-QQe0v3_hgT1CHcEq_SxtcQuMQx7KSL_g-z2kN5EQPYAJA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 8840
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEY3hUFvwUrjs-qNL0fl1rY&google_cver=1&google_push=Aa02lx8pVPBW71TDJkuUJJu7i2vhD8Ue4JI8ZqjTLxtK6fKwF3E-kYOmF6NUayVB2O_UmOzeg6GxZDUaLa-VqGJmmqz6pEcYsb...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx8pVPBW71TDJkuUJJu7i2vhD8Ue4JI8ZqjTLxtK6fKwF3E-kYOmF6NUayVB2O_UmOzeg6GxZDUaLa-VqGJmmqz6pEcYsbl...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjYxNjM2MTE1MTY4ODY5ODc5NzA3NA%3D%3D&google_push=Aa02lx8pVPBW71TDJkuUJJu7i2vhD8Ue4JI8ZqjTLxtK6fKwF3E-kYOm...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjYxNjM2MTE1MTY4ODY5ODc5NzA3NA%3D%3D&google_push=Aa02lx8pVPBW71TDJkuUJJu7i2vhD8Ue4JI8ZqjTLxtK6fKwF3E-kYOmF6NUayVB2O_UmOzeg6GxZDUaLa-VqGJmmqz6pEcYsbljoA
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjYxNjM2MTE1MTY4ODY5ODc5NzA3NA%3D%3D&google_push=Aa02lx8pVPBW71TDJkuUJJu7i2vhD8Ue4JI8ZqjTLxtK6fKwF3E-kYOmF6NUayVB2O_UmOzeg6GxZDUaLa-VqGJmmqz6pEcYsbljoA
date
Sun, 12 Mar 2023 05:03:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame 8840
0
45 B
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJCDDqY4EfVM6BZjtUtsMfA&google_cver=1&google_push=Aa02lx8PYGy2c3HivxwAF5luoTfJ540tgfpSs-OpO8nVc9g7xc_eq_cqM1vVQ2un0k_m7RwnAeKWWvHP7jStXrybkEELcE8bo9lpqQ
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:49 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 8840
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ITc2GwL4POPVFGnuvT2owzee9Kx2koFEZBioI68jJr2t4rY1hremm4UNz6aHtIV2U8HCcj
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9F0E
640 B
262 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY25DA3gEwAQ&v=APEucNXl8J2BSaMCLsx80QSDdepk68brf-b1t-v_cZFkOwX8sLRAOZh_N9rbTkEjG3ux46pPPFhAn7Upw-5yG71AtNdTHpRQHgy2Bko2xHqExyIuZV3k5Vub82JuMrRLUjgo9sbOiyZQAIJa02OonqmnIjtPtT9-rZsMcxezdAsv5SKp5k3psmw
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Mar 2023 05:03:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame F02D
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3838960278014&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F02D
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3838960278014&version=m202301230201&ct=76&x=1&cor=1034448653139733100
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame F02D
83 KB
35 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AFkAxG5Ns8uqSg73rbgXzhbX59YdXLPE7Or1CGghy_4bMJZU1MayRGY02JfChwCrzDphfw59zL8SFgnl8CltpuAqZFLerCDGUibGmbzAZ8rwrikltOK1yUa4hC10VAla_pbjhNUn5Q3UdEOEOrXrFayyl6UXqZ4N9Dluh1nk_rjL5XxVE&dbm_d=AKAmf-BQBQ3GdjI9TMOtaWDcICrzuPYCBj1V6yhxIlkj1oxko05NZUrdsDdL0_BZayikll175FqMEMzNSYo8XIbfadN3tMGop8IoYj4_lNKzK1be2z9Tx1xIL7YjVcVjj4Hdv4dcWTsKtBrTp8Yd4FKWm8AprL32Hkf7QcZQs-kxV4uwF6GlqJkKk5_Iv8Q_CStrnKx8lX9qvgJqiaCgaot5PaUqN34We-6KzD_GsgLHSS3TokS5A91bdPqLxTSF_fqkGqPiCahWAtTM3P6id0wtWFz5FLSErKGqpH4bv0OT__nNoW3Ejp2dgL_SeVAdEM62fcTZPk0XlPlvu9hAv68_Q81EesdUfZMzaqedr-SU50uDEC40rQt4n0S8lskxwkSTkSTRN6qhCTelwDd7uAmpmWVteP8JmOJIcv5bLX1yYXCC7jcbp6UK1-7vzPeU7Yyw4e2aynQGeF8OWV1XMePMtnVG03zT1t8x9kKA8AxIvOMdNWoDrMl3sG1ht-HnJba5HP9JBW9ryq_X5ekZeHmpptw_kQMjKZGJcKIthkb8oCSFk-YgixgBf2HHZdYaGRL3RU-NwZCzMQXwSp_MgjBc9FKkxpVTUJVhv3bBAjGmHIPXMIKg5ljKq1qRPEejTJnLWaOW4ie8gbxSEHZ89sN6foWAWxnX-6quJAK2bonlUU1XI-uGyWwpg_ncK8wtz4GrsUxSslRbQvTNdDCTwrV_45kK6yNUOlzUdwIn0qPezmp2RoWVAQ-et1ZrnZSGXU0AXMdXm1fI6glmkKx68fckf6aEUmlc3GSREOm6mPK275XlhQ49d2Hr1TSR7RmRop8iIA8myw_EYiRFB-zRDtuN8M6sCNOwTvnaTG3Wy1H5fAzjEDf7apfqDKVxMp5uHnVfVtD40GP7cvhgM1Ku34Qm0lTaVpgYfuNf4m5qOjTu8uS2DBBpUPHNzvXtzAOPk-N5BvYF4LrNmlA5e9Ci6Jb0FRbGwW390Q4_qiV9wO26poGOYzNOWsFnHOAi818UROIkgJrQLmPsRNQbkD5RxflDvnDPcPp6-RxneqKXIHLfB4QdBokEQ9zs6Gg-PFGySmbpTmZ8c9kN2ALZgE7Q-O0TBesn8DEZN2dLjf1Mv2U7x4mmuxI2SxF_kCv7HBk-W3vYR8jG9Z94FFeb5qh04n5_nUavR2UxBE2i8GiNzefuL2PRpqPh2vsyIXoR1rj-GE--inKD8OT7Orj7cSD_ZtofJTYoDx36hV5KpYplFOvsyDb-vilzpeW1sQUyMN9u60_1c3K8w147_bhxvmPrsAsylNYprV4xQDrjW3BrFUl3y4EebOEm-Jud1eBXXbV0lMJElHMTqTQEn-me5Ux6RmIMFpBI1lM0S1WAqMyKp_I7ZLdx-YycCe1SrHkhjhHJ3QivxOHJbLQckn_uckRjb23EcP08WrV33o62IpSqRpaufh5uBGUL6lXjYax4DFP16CTkedWMqP9YJOfuvspMF-fnKb75ofLE8rJm308c1KjzJ9bLfjLVYtKeTR0mghbLLro1vfC0rSpJKmkZ1nF585o3yASEISRMQQ6tDl71wy9e2kx0ImM0YV4NMQrERNQiXF-bwZB448uqAWGMVcqrKlcuf-neJqdR1WVzXkaNdneEFPw9yqRFEcycQ0kOjVDgujjOJ8VX8NRXMME9yoqbopl-ORbu9f-d-Jm-_4U9ENv0p4xqlLgTubf-D4Te0g57KzG_hBn7BQ0Ot-rU83q8zV0GVU00QlRxvpkpKnz8QUMOskEqraiGuLPTXkjA-rf0IWFZaPKcp1G13xzQG4OXVn2ob1krnv18RpPS408eLmPSmgB2B3daCVufprKlywfJq0066kaiquBz9z1s57lvVjfivYHHZvecayutmzSse7Z8BBsUwjwnwS86sJh171PTj1gJkJcRHY4opQr_KE7SUGwopF6rM4gX9RfqjRVgegHakQy0rkQj_qo_mkFBLcddLHNxwAYJ9eKyPTzZJzxLW0ufye4TUr7P7t6c33lwc2e4s39Mv7lUrx1aj7brxk46kRFHC8dLGIutgtnbNDA1iqngDJr2_IicTSNDGPiMXmr1M3yeS4uUxnN6PHNJpf_C4fIT8EmkDX5kZ2RKlSwCEwX8p5fYD-VtXgz5Cqp_hAzyEQ-_VoARpUxUB6LX3e0Z2jFJSVHwT2j9RsmqPLFUIMkz8dQqtHwAVSK22whNf_1E4vS3tAzyXUsF0VKYj3s8sUoWZFPR47CyBd8J9_DSv3v9tKOWBRokhO-LNmU8Wbjv605dNoF-9p6hYfVjJTLKo7v4H1rpowyYzVSTptV2RE0MWNNAaq5PAw_DHraDKbmKN-5rxIA84FAfEy_cBm7v5R6TXq8fo9tvJeJ9Wxi0t0jnUr4fRTdHoDT-JYrW1fVoL7mzSbxUZhrZrocr8FmOSZe15J_jf2oqbpD3rhzi0w99evz_ZFLIpuF-MX5gMBXJ5PqUgvc8RVQi3fV_J7h274FKsTR-XWfknEWWpT99wHtJMrzWSr7_ukDtFxR5m37rTbwicF3KsePo5QotTxLNdnu70exRzyWROR80jfRC5t8UNAJ_qcNjV1vwgCs7bhy9LRLuNehTNQzzvk3f_nW719bolN3_4-UiFHqy8qe-zBE5xFAyY3y_vqMUAK_gGvHlmyD2356d5IKJrieOS9gMgs0cLIy7HaOaAQOvh1nS7FyhJYkutd-eExZk5mXaIdNDKwPPU8QZYfj1I-Gu-6IlnV4I2HnEv1FO0ASvHO2hJjm6L3dMwoUgOsikvtkaUTwy5se7dKR2vmvcuFroVfbBL7v5wbKC99HBg7LmIFp7ySXk-TzV4uB4NbXMZj4SSOOWEtiILZlYHXw-5LoGjU6zkoNmRxotmfrOAPj7m42Zbton1qrRTz50E5dpmKeRZ59gmj2yo4r7c9TXrQ801q-kW_KGY4pOPnaCzld45bI0pC3349hpbQwFD_K2c3ChDzrDrqGlelxZVBytZIsQwHkKdgpdU1O3SWuI1Q1CSm1sAsiaqHhIlBavfhcULoJ04kUKkTBF5NperncT9fzZS7vDJ4-ycs6DGRSvEFFydrgjczT7rVDATjjeqrDUM3xPDnTwlgAoKqQYCBTMnT_mFU5Y0wYJYmNdegL7hxfIiZGRWI-zo5eoH0PHpCJn-NYkufsHK4o0ppTWL_NOr8wyfR1GoJhT4RMMn-SkqFB0FOdR5LkWGZAVr9C4p6xGUkO6ICNWhQLxt15egz-yWHjEpd5KQQr1gRFkkEs0IWBzBfMD932v_GSq2RMdBDm7UQJ9P16dXjt9l8xhTYvwVShfDtIUOk8rP2LLBtZ14DB8shaP6IjchmG9Qp-Wvw&cid=CAQSOwDUE5ymvL-AmtkRpaHbjlIeTRy-Jv3dAB9Pe38eu1iDX7ddqjucb7X6zLbiqU1eQWpMouaYYFO2WVhSGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fd1baseball.com%2F&ds=l&xdt=1&iif=1&cor=1034448653139733100&adk=2857193498&idt=29&cac=0&dtd=34
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
421e2a6c62ddf47fddb4ca94b743147eafc0796d77b7d68dc3be19628447da8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35873
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame EF85
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=92ef7120-c898-93bf-66e6-d8dafa294eda&tv=%7Bc:6CxhvJ,pingTime:-3,time:372,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:372,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B367~0%5D,as:%5B367~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tygnKp9+11%7C12%7C13%7C141%7C142%7C143%7C144%7C15%7C16*.990511-61634096%7C161%7C171%7C18%7C19%7C1a%7C1b%7C1c,idMap:16*,rmeas:1,rend:0,renddet:svg.us,siq:21%7D&br=c
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bc24:2ed2:9346:d7ba Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:50 GMT
server
nginx
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame EF85
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=92ef7120-c898-93bf-66e6-d8dafa294eda&tv=%7Bc:6CxhvL,pingTime:-6,time:374,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:374,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B369~0%5D,as:%5B369~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tygnKp9+11%7C12%7C13%7C141%7C142%7C143%7C144%7C15%7C16*.990511-61634096%7C161%7C171%7C18%7C19%7C1a%7C1b%7C1c,idMap:16*,rmeas:1,rend:0,renddet:svg.us,siq:21%7D&tpiLookup=ao:d1baseball.com*&br=c
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bc24:2ed2:9346:d7ba Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:50 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame EF85
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80206
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Mar 2024 06:47:03 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1AB8
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
80535
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Mar 2023 06:41:34 GMT
etag
48472445140208031
expires
Sun, 12 Mar 2023 06:41:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame EF85
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aab5c57bf8789729896b5e54de11faed1e927262c7011ae5ff5e1f08b28ce901

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/17990266662471768200/ Frame 8DF1
141 KB
22 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/17990266662471768200/index.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57c2b596262f49dfc85822938e3989a0345fcd5ddd698423283ca15f162f6b99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
258688
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22865
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Mar 2023 05:12:21 GMT
expires
Fri, 08 Mar 2024 05:12:21 GMT
last-modified
Wed, 09 Feb 2022 10:37:12 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame EF85
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss0yQUO0S8urpH-jSxnncJx6lgNIbnQ8PFNTpiH2_DnSMKnWiwyUBriiFE7clE7Rw69kzJMnMUKVNYkNYCa3CuZGNv76qKa7wgm-Eic5iIkS_gSkuOwa8bhYBnqCgZhEjS3Gy4XGwuT6J7hOZjispTcW_01Rq1Is9eljfrdEyXXWsRI6PpuInUBGqmhvbocwdzP8sCHfuyE06qf8qOrEyf9fQtH-mjbbLO6znPXVzyl14EOlVEwrK05mLY7xxVqtOwVJD2wK10l4NN-jMKj_b7NtQJZOGIqJYvnRLhov4f9MgZFtbRQWUNQisl-npIAAOxNRX3XVWB5OFUmc0mXqeqSF4L91MFNjaOoY03DJTPA-bRYel58hYyHl2NfUJCwiUaugqYfJNGyx-2ZWzKkyDM7uEJ7le1qbhgF-mDIbL-EdSw3GMuAh3nStbdDC7Nhi-iSK55yWqXOVi_-iEKWunRdRlA15WgptaLEbbJh9YLnHv3sr1JOKlHHnDp3OcaVKHL4-mdEYaXD9fMt_QhuGj0921Fzt_nrEpVAMpv206RX4RjujEr2d3_dhBOYGJtzgDX36WN0uqI5JDicduKbuyh6tU4rWZ7Y6tqCo14N2L157vFRLVj1oa-KXIRorrZcpfN6WaOUWnPPobJAgN2uUL_0i5jWChWLTUwnHkDM_IGwzF2fEd_ALjzjYxmrX9O05onHnISvOX0gAG5LTPvppz7rURZRZDv6V5OvSXhO67xVlF5vf5HtYkJ5h1dfYJ7VBHx2sVaM2xWAV2tciRiJX1XY9FvQV7ZviO5CbQdHLgXcHqtAgcnEdqHXk0wt7L7YCSX2zUhSHhUdAdJAsOxn3jxaDL6b9oPIJWoHe0t7NMrtWXqZpPJft0GBdN0dMa9tgapVCeD7NeGHs0FkTzYckhydFRa6AoqT5lsd0JUGDlf1uLPKsGl_Fvooy7gU1JPTqXCfT12UPwbtHwG0p-TE1uHLRqRc2lfC3zZ9MWyqidrx8LOr9Wy6GaALtaF1-ZBJ3wBZCgjSb1OjqWPl87iM8xxPSGPH4-LUg-VYsYMTgUWPGMPcGlBf2Y6kb0MLhCwRe8KdsETVgIU2x6vewMHOTJCI4H9LE0-FTtIBvEhboMd7RAUKKBAHx6Z_3BxlrWihxDx_5LpfAjR8Zk6Gfqyl2DonLV3cPeqaA9Z6REAb6_2T6p8AngH-wJCGLYP4jLCbtgLtOptftY2zhdo0qw7iHlwG2S7pf5szE29jHemOt03446AwFFcTEauG0uAuvbhW1jktrliAfGQuvLtRX-et&sai=AMfl-YTkIEVBgFXo5CZbSnLwjzNu0IWuTRvGtAEzsixJILMp3ezyNy2rSi4SU0Vdzc0sNCoXmb_f8kAEyO_yZfs2NXrS9FkauLx8uh4V9F1oIb7MWXZ7B1PZ2yO4rj54ZyxsNwVXcSPDNYMNXoGy4_fKtygaZteVac3k3SlpTUm2QEV8vi18w9fobnHu8WnkDEUmU1eel8I4dXtGfEUbY7avdaSlTht5mO5d1qa7T1FbaQNaKaPtjtd3HDPHSQt3eYN07fFP&sig=Cg0ArKJSzEnCSUHJo1eTEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1032&cbvp=1&cstd=1025&cisv=r20230308.53748&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 12 Mar 2023 05:03:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 12 Mar 2023 05:03:49 GMT
comdirect_berater_970x250_v2_js.png
s0.2mdn.net/sadbundle/325090680463534349/ Frame A217
124 KB
124 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/325090680463534349/comdirect_berater_970x250_v2_js.png
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2936fdc1c21003a76a9528b55a9b9e8dde948c5b1f294b3c5bc62f727e08587
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/325090680463534349/index.html
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 07:26:09 GMT
x-content-type-options
nosniff
age
509860
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126740
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 09:32:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Mar 2024 07:26:09 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame DA66
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuZCu1U2BirPfBEjtdRxO2FmaWwIThXGnI56O3OzBQz5Fq1hAvtvQK1KEfG8Ee4D3E1jz_jp1zC3VNbpBa3dlI9k2Z3csztOYqk8t8DboDur0iWgl9lV0JcnRF9Pvp5wpYiTMeXV7lAlkTxgctBEIhulI6390qPSz5FCYno0zP9ZozaxSz-eZO7hrQqJ51yk3Cjk06_FytQfFUKuumvIBi8yuOV7xgSicYoeu3_IlpOgCIvSB0N09MoIOutsK_03UBCIYEBUw-HIk28DjpysIFl-ZNVhg3dlhXnAAvG1fWTbMwz2stJ3Hfa5dIh6BHQDtyJ02k0Ka1XldKE0oZ-W8pSWoc4P0WU_YYb1xKxM6Z3VCEGIoS0loyS8LkvcEIU7I79x1bAR3vZwGON9FdKy_J1XoD4l2v05vDsr4nB7_WWHOZ1P2biYMxj8CowfYk4PN8OjnoDNqqSNFzvuVa-XNDyUyJYzhJRokQomHYwPPOT45AQcoMUfXRbDgcf9ryQo58tpz9So1sKPqCTFvUV-K4Zy_hbe0bUSLFD-W0ktwM6a9K_60kbZl6aVTh6-DUWS7WzzxhKg9UUxh7nLi5X3I0vWeT1q-tSjOQw2Lblch3XABWGS12A4ufknupSqarSFX2YvfcjSRFiLeu8a6EyAwderCl5AbjevKN_U9Al2dc3RSTN_k-L6PpPrY2TQblUauYohpUZBcLPhOulJT5ekNMv9zcPY0iJGyvmGSdksSbriYxOmn8QRZcPNaD7izISv8i_sag4EgRbB7gI0nO50UAjSJplEXgPF3SNkxho6xDuGTVKk7K3KkoKXjR6Gyszt_hyhZeygkT2Z3IORckdF9BHCnlzjfx9LQvnAzogpxKAOrWMvCqJ4KlPQPSsqdaVBRANfTzEc-H8ERckDFAgZHW1CnCMbrtOlOXtUtTm2Mv-d7jnXMpI4i2C9CCMrLkqkKXuCzqv2yQWQt2iPq5U4mpId0pHcOoVZYTo1Et8X4GHM32YadoybpocoArRjPKSFJf6TiggFu2xiDEYSHiiE61LwKE3rhdOT_7ouH1B19hK_52GUTyW5rf0XctDONmy-WSrdlX9dWBCGF5NuF93zB63n-1lWZ8R6fdV4pjwpAHd5yX8mYA8NEG7gAzWhMCKJfDcZwVMiwwDNHzm3HjTfO-IdxH9mWp4R4pH9M4eHsZmfxebzcG12tpz3eZgmpq-8iu_M1n5FB-h1Qk&sai=AMfl-YTSI9SgrzMcXoSlaMtw5t9J4MI4OuJY98_IcOhX2e4gZpHcmSY77FjOwpuCzs2kpt-sF7Il_bS5dBMGZFl2dsQMrTZzZO7p-kvIg8T2Bah5fs4Jto9ecfZbwpU32Hzvj2a5rizXFh8-v0XTlH2gGjGzThS6v76iJUYqYcu9FLltjA2xT8Bl0r7XNuCU2iaQj4xOEklHdPBx-XBQ003E8SFTc0pDzq8r8PUWx8aDIAwKdKH93K-jv90OSiHf6i1R0x9U&sig=Cg0ArKJSzKjMnGJ8naVfEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1809&vt=11&dtpt=1192&dett=3&cstd=609&cisv=r20230308.29262&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 12 Mar 2023 05:03:49 GMT
sd
us-u.openx.net/w/1.0/ Frame 9F0E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECfsark3J9Hi-QMQyGGHNlU&google_cver=1
43 B
114 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECfsark3J9Hi-QMQyGGHNlU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY25DA3gEwAQ&v=APEucNXl8J2BSaMCLsx80QSDdepk68brf-b1t-v_cZFkOwX8sLRAOZh_N9rbTkEjG3ux46pPPFhAn7Upw-5yG71AtNdTHpRQHgy2Bko2xHqExyIuZV3k5Vub82JuMrRLUjgo9sbOiyZQAIJa02OonqmnIjtPtT9-rZsMcxezdAsv5SKp5k3psmw
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:50 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECfsark3J9Hi-QMQyGGHNlU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 9F0E
43 B
219 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY25DA3gEwAQ&v=APEucNXl8J2BSaMCLsx80QSDdepk68brf-b1t-v_cZFkOwX8sLRAOZh_N9rbTkEjG3ux46pPPFhAn7Upw-5yG71AtNdTHpRQHgy2Bko2xHqExyIuZV3k5Vub82JuMrRLUjgo9sbOiyZQAIJa02OonqmnIjtPtT9-rZsMcxezdAsv5SKp5k3psmw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:50 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 9F0E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEAnWLbYiL1uzN1H7T_31Tdg&google_cver=1
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEAnWLbYiL1uzN1H7T_31Tdg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY25DA3gEwAQ&v=APEucNXl8J2BSaMCLsx80QSDdepk68brf-b1t-v_cZFkOwX8sLRAOZh_N9rbTkEjG3ux46pPPFhAn7Upw-5yG71AtNdTHpRQHgy2Bko2xHqExyIuZV3k5Vub82JuMrRLUjgo9sbOiyZQAIJa02OonqmnIjtPtT9-rZsMcxezdAsv5SKp5k3psmw
Protocol
H2
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

expires
Sun, 12 Mar 2023 05:03:50 GMT
pragma
no-cache
date
Sun, 12 Mar 2023 05:03:50 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEAnWLbYiL1uzN1H7T_31Tdg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 9F0E
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY25DA3gEwAQ&v=APEucNXl8J2BSaMCLsx80QSDdepk68brf-b1t-v_cZFkOwX8sLRAOZh_N9rbTkEjG3ux46pPPFhAn7Upw-5yG71AtNdTHpRQHgy2Bko2xHqExyIuZV3k5Vub82JuMrRLUjgo9sbOiyZQAIJa02OonqmnIjtPtT9-rZsMcxezdAsv5SKp5k3psmw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

expires
Sun, 12 Mar 2023 05:03:50 GMT
pragma
no-cache
date
Sun, 12 Mar 2023 05:03:50 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif
adview
securepubads.g.doubleclick.net/pagead/ Frame A4B9
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CtcyrNF0NZNnMCKGk9u8P-o-VuAr-0_evXM7PvdjqAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi05NjY1MzUxNjEwMjg4MDE2yAEJ4AIAqAMBqgT6AU_QpnSQ4ddD0b_pE4zKy_fFVQZMrdCPuhIFPEhUVpJpPG7EIVNcMypcbvBGGDEvf2ODfajLLZR4nkj2oLnMwf_4BJeSUyIBJv13RVzedVl3zxaPVtlJzOQMHenMCLWt1e0EfpgiPObw6Zk_alUyDu4shVpOui7WLqaQxnec2gRj13XrS_cpZl71V2_5h6z_dsHJW12-TVGfSTV_YcFkjv2ygVrS0b0_xvPeeAlF4Pzk_Un1k0W28QoQGqU2_kZJM3vLDRj_g65sx5KUpiyySkiTn9CjEFOgul7TvM2Dw9JYOmecwBsfv4QOO8gp6E5NCKxgFoff23OidMbgBAGABvCSi8727-nYW6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHQobEhRwdWItOTY2NTM1MTYxMDI4ODAxNhiqwYsB&sigh=pqVbR5-PZWU&uach_m=[UACH]&cid=CAQSOwDUE5ym39t-5LQymRADm2UZsoIxEiodKVo4BXEjJ0pk8nf9wcwoB53sHh5jx3PsAgwHChJDFH95ueJjGAE&tpd=AGWhJmux-byNjbyib73IxBj53eo-V1oYd3XfWCPFxk67Xjsaf2xtca_UGzJa_Y1o8OpICR1OM6n5HEbnr9WYkkd3JGnonGnxP7-Cvpg-nluXGh5a4PywL9GWXAxQl7cv21UYpkOGVJekgeDJxgq82kx3hXOMUax0hghvY3RtZrat8gQGCjxmQtYWWLIwefuGStabIc1vNx9XFY0Gt0sNJFIXph_Ce_3gcEY16wRkJ5II0eEf__Z2BudJ7WBQOyDZJV5vtie1AZ_16d0LrfL2rOOmjeSFL6cdffLVMMLj7JmXvfhiN-OVgNokjrDl8RmvNVkiMfpFo96ZsmGV9vVpqmL8wNPCVORuRFEUieZ-pnXKm5tM7YVpjsAtWaitSw4rn2Z51U7nMzVabXAvv00Qi1nH4c38Le5uCggVi29oBr-6yEiSeMcfAGsvXMzIfA1IvybTzxkpg67u95mywOkI5LxqjUUO8d815MytKgPlvoAyFC9GL3A6H4cm0JaV_0tHK9zu_qKOlRGNldVSAwn28Y3afmlf4aifMaDeAFZq-Lcsux7OLWcYKRBrTiABGIDs2874YKaL2ROC5alj_-h6rPBX0xPoqDUim8iEClLo6e6YnZpaHbacq9sH9xwXl9BFFLau3R43LneE--H1MMAPUuVeGn2yOj7sCU9oYN79cKbJvQM6jeUXOHXOBzqt1WW9jCBjfzdBn7dwlw9KJsv3brNDSP_fLRGAR6KSqG0kri_MYt4XFliM-85sq-wiDsw
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

dt
dt.adsafeprotected.com/ Frame EF85
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=92ef7120-c898-93bf-66e6-d8dafa294eda&tv=%7Bc:6CxhyH,pingTime:-2,time:556,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1689,beZ:1690,mfA:1691,cmA:1692,inA:1692,inZ:1697,prA:1697,prZ:1702,si:1710,poA:1715,poZ:1742,cmZ:1742,mfZ:1742,loA:2062,loZ:2069,ltA:2244,ltZ:2244%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:556,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B551~0%5D,as:%5B551~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tygnKp9+11%7C12%7C13%7C141%7C142%7C143%7C144%7C15%7C16*.990511-61634096%7C161%7C171%7C18%7C19%7C1a%7C1b%7C1c,idMap:16*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:svg.us,siq:21,sinceFw:528,readyFired:false%7D&br=c
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bc24:2ed2:9346:d7ba Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:50 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
index.html
s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/ Frame 1628
102 KB
28 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/index.html?e=69&leftOffset=0&topOffset=0&c=8Z7cxM0A4E&t=1&renderingType=2&ev=01_247
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ccea13e054f7c8d52be0c48d10e717e0bf2fb67089608832d0c14d7c11ecb540
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Mar 2023 05:03:50 GMT
expires
Mon, 11 Mar 2024 05:03:50 GMT
last-modified
Mon, 21 Nov 2022 08:59:17 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame E655
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuFeXjtlV-tXk_Zv9OfvEyh_gNXGlPnMnb8ZRdXuMZkbapzM-lRT0VKau4GaJ3wGKY2q5fgpwYYjhBCndsiuLzGOLiS34GD4ed5DnLVpr6xfrdF_RBEzNVmEvMLwxdnjqPYYo78Zh2OYBNaFcTam50JD0UEBid1rvXhnxjZIOipZBnAi0X77KFgEBErkNu59pMNw5GpPtj_B0c3fgxzyoOOtNmtFOwAsnsAvcsYPREVfLseri84sbpCIOAB1bl4KqUbJJumckeWR2CK3ugtUCsp9QQLjkTaNi0rtQhwtlO7g-VQPglL_IXr6UQSAWGvxvi_l-_RnK8fBYrPfvOoivIIl8NTjoQzzCZfPRGTThKDFryRNug27vd82rJEmHFOgmtvY5McJqoNP15V4OMInznrHaur62SI3tLBHMLVH7cTmzdLCKXi5V-1-m0DNonmXUL8fPcGN0_GSQQ54LhtHHgbhegGY0KwRvroJv3MUoMzL2JlZkDfexsQhwHP_943pIiqFVrHBNUVokufmC8mMm0NtOP49OhV-QP9gud7g8h1SOMIHg5P4pdXkmww0C7lXAyiVsHb8p56DSQLK2PU7ckZnYVLE5rMnrnhOFdRLPkODQFXP-54VmXFJHMzHM_9piklhb9RSBTyWrWdkTPBTK8Ld2ZvJgp7YVmnJGbnmcVDTHkcxrc2s0xcvzpJP3eIj56vjbTZXxqyJ1pn0cym9TY82_aD1ohR0nUG80I1AEvNPMoBk87vOCDI7owACm_oOtp9o9GNfTOoMhaHZUN9wdv21H3hdbmXZJVJ15adqi89tRTskxuD6yId10o1Jyzgjxh0q9YRuajy1wB8UzwN7KuL3apJsEMjAe7hITeSyxFlZeIjfgcAdNuY3I1RmRZ--QW5YKmivhjQFusZ5el5cea3cMwyf20clxj534ctBVRhXQUFM-ILEEpoyDdMfdy2Rl255hIZ6-V0IpZopRYUbnrGy1nTuwtxN8UOFG7M3cSvj4b-vWP_9cBFhX94JE5lHdNqr1F6y4vgM2RjsC0-AO0xj22dLSEc7JMOUDpJc62jJhhQtfeC9iuqZhvhsmFAbFMLnO5LSBD3jAt3WlZ4geWpnlDbiKsxe8DT-iNClIGnfLK8F-GDc2NoOL7NifdNFXL14Xb5bQaENTCt82ajYqONHEfJVXfcndDclbEUx3Cpr8b9lXIZcMN6Kma_SmcQCb6H2mChKfqxXeVJ6WQYMITwAA7qdMUXpoF_mJM-3yXnGXSuNqZJ2wfOh89ENIuQg_e37g3iKV_t1hNOM-lIF2mR56VjKMYn5I0&sai=AMfl-YTt4RsWcXRSM9DA657rzGkAvrK5WYw7D98qcyxshagOkfEwh0i15wo43w7_M0oubTUEC2hoko1p961m3V6RHpY22K_8VUbUXHKSjyWbSKU-z-XQFbiGp4cNRAbvopuGr7KIak7MIsxpBzj_mNBbGgsA6tBlyqLqS7CYjahLKM8UU9YvLf36lOqeIl_zwXqLtraHWkgfRruBnfqygA3iaAYL9jpncsCyY-bwX7k6COAY96KLJd2VRtysTiJb-VQdN9M8Nh7xj1_dPTk-r2xp-ElknrLz_A&sig=Cg0ArKJSzG0XsqASnlV4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=788&cbvp=1&cstd=779&cisv=r20230308.12915&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 12 Mar 2023 05:03:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 12 Mar 2023 05:03:50 GMT
impression_pixel
t.myvisualiq.net/ul_cb/ Frame E655
Redirect Chain
  • https://t.myvisualiq.net/impression_pixel?r=3302143526&et=i&ago=212&ao=1045&aca=27953220&si=6799994&ci=150962617&pi=338002783&ad=530141758&advt=10685373&chnl=-7&vndr=115&sz=10436&u=&gdpr=&gdpr_cons...
  • https://t.myvisualiq.net/ul_cb/impression_pixel?r=3302143526&et=i&ago=212&ao=1045&aca=27953220&si=6799994&ci=150962617&pi=338002783&ad=530141758&advt=10685373&chnl=-7&vndr=115&sz=10436&u=&gdpr=&gdp...
43 B
573 B
Image
General
Full URL
https://t.myvisualiq.net/ul_cb/impression_pixel?r=3302143526&et=i&ago=212&ao=1045&aca=27953220&si=6799994&ci=150962617&pi=338002783&ad=530141758&advt=10685373&chnl=-7&vndr=115&sz=10436&u=&gdpr=&gdpr_consent=&pt=i
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
3.120.29.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-29-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Sun, 12 Mar 2023 05:03:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://t.myvisualiq.net/ul_cb/impression_pixel?r=3302143526&et=i&ago=212&ao=1045&aca=27953220&si=6799994&ci=150962617&pi=338002783&ad=530141758&advt=10685373&chnl=-7&vndr=115&sz=10436&u=&gdpr=&gdpr_consent=&pt=i
Date
Sun, 12 Mar 2023 05:03:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 8DF1
29 KB
10 KB
Script
General
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17990266662471768200/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 05:53:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83392
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 Mar 2023 05:53:58 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame FCF2
261 B
122 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_Fw5IDEJ7Cz58DGMWToOMBMAE&v=APEucNVFNiUB7DHoxPM9UFCw_Re0uhze6l9OAUPvTf5YwQdyUyi2SF7x_W4toCSG3VcdYI6oRsCnmBJB_lnQf5Dx3NfXBcQcFBIDvtGGvThuCwOENnWtSJEXhjsgTXr-faZ8LkWeF7I6yoavLjLGu0AX1ZiyAyI6ziw6LLs7zAsemMvtokP3kqk
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
102
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Mar 2023 05:03:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame A4B9
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7710439987950&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A4B9
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7710439987950&version=m202301230201&ct=2&x=8&cor=9712504172105568000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A4B9
69 KB
31 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Czs-ayg4mXWJYtUp6OHhSpHrfile0_dN-3LlvbXEDHgy3gsMI5SC1yQsEk9KnuAQrBfkxlAYl5QN7bkquXY2pUX7DjVfhdeLJ_sVSkPDTf1Ng4eBG-MV8V9hdwcNmnRaIq2g26emX0i6J00pixJTYcg8dqXDt7JwkHcRIZO_5_z-T-MBg&cry=1&dbm_d=AKAmf-BhGebMF8Or2-N-jnepCxblmvGkfGBYzQfJjOcf_QY_2PH_53Umk5ZPE9dbksD1vYUbUAsE7vyWEJcOaewQi0HGxhNJiHkUFFESLSWT9O_xORS6WvGA62XA9JHwDggI8ZXy8O5IsQNyWhyQis-DZrRGfofGtyKsNwAZc72Oe30BpYyHKsSFSqGySO76qkreZFAbePbSJUJ0dVWnVcKHp7v4SgYoqRAiVXannRVRhI_jDC5ql-OosleehXQDUL2f13ebdLgoImHdKcwQOJOxzB50ddLIFlMADHWhkaQ8o4u5jZXLTgYrkq52yfgrr50l9pHSIgyqB0o8du1LTQ3PgL6mnSbBwXUzxEjCd5Sq7i75VxQmOwWEkQ5Z6djTwt-NnOEejBZmJ6nQRAyf6uRruo0o6BSIouBNYUx9WLNNAl-6aDFqItqlly_YRAfMhEUOiT6zsA-BuiEql3dqgcdSOV_Jg1wLeOA0Dm5CLjIUt5T9A7mwfhD8U33ZBzR33QqVZ1jVSuOOZbU1GXlIMrI4rOBj_Vr14nmJUEgMz2us4gVoShmOvHn-aYoYbPLGfyJfpArC7dnUG-Ync4S_0xXWDq4mjDID2EMje9-67zzNz2zDPIosrrGx9ySMVvzLw7YwsUXqhAiysKBZoGEYsdvpAPtFLopWbhpKpKDni9wfoMu2cqy2bOsCwMlQZ8Gkmi_mrJG9xX23hzVTcbmPXWtE-VwVq3feU5PLZ6Hw-5LogmAhJ5LND8hWYNrctqmaq5hohxqs3mVypECz9hoOUjhcyn5QxzzDRUwN9B8kPD2aTa9PKc7BHbMNNgo7XElpPy0jH2zZYvclCFB4lGp20jmcCbAkC3LU8yLwHgmSTcuxhi14IRuR9cAsoA1CaBezh70IQF2-8IxAr_ucVZ5TA0i2Vac1H36CCpdkfbDqlNOVGUG54viIYMySOpoUZtxhCYabqQwlsFealxiDZOgn5EqDG4LWs3_-DtHiaCkvwFGG5oN9sT3Lup8Tg2NIP1sflA06DdAlvjXQPfYCX3i3GEdHwiPFsRGzC66Yb32dBBfP1zcv1s4a2YcTNyUcljVNEnHP4HLh73Cr_pzA1M3NJ1aBZoxkAWd3Tx97b2fDqa9Q_ZgoOKSii6U6iVWmIcu-IhbmGcymEwCaTYiMVigeDX4D-seLdwvGLemP_Iwb1OBTrouJl39Nh5s-PUBOU3xAvYuthd_S4sCv5iUztRZ3mjkFTMev6F9xj-98IbA72q0epUSn57-lDmQKRqfZPI_3-GDJFJTl4whwmuW_8w7ul3bdIPwkbsQp8cm-ubRC-AVzmGOX8N5PNaE3yN6NnMqYitUSH0DqcqsgoHncKKewYzOICorepUJ1td9Jkk8iZnAU6LeooawWex3t9uMfR_D6Dbit1V5hEbkbgODv7zr1DLt-d4JL5OzlzMTISHXCFGhSxEtJSbr23lt80AopAiIhGc2I-rM_IJbkWWhB2Yi6mZ--pa95i9rIzM3ulGztYBqGIBSculO7YtYVHWjdQRvy-8Igamy0mRtNjuThzd97i8_f5wlcb24sUpEsRMy2YR1BMKukQC3z-0fcp4NxLV7PEAeHqcWDLlG300pA5Xc9F1jX1GT2yqoinMWriJsGgLoX-PQmMPuGbFr-wvfM782cLpXVUVUB5_JnQmlDoPcp6YyJAhFP2D1GxG79lPgilXsbkwo3B5DfLCK2FJS4cbs-EKnqU0cShFLe1nhP0t7yTGUZiTNuQuvfsdQmo_GMXhYAK9zzJPkhlzQx4VstkATlpi1tMPhpknoAyIWrgRoSSPLT7rsv428fxXikxkP7zEi8b0l66lIqa7NNMGz44EXfPYkO5e7kI9p9NFEyduByHNY9x7Vl1ndThYOa-dpq4-lopLSfaAP_OOAkvgwfsx9mh-HQLNkmk-0LSaCI9oydchnnhF1xjvKty0uildwRv5iWpbhlBaqtm9Vevl-GQHLfMoYD2P91MqS0Y5_IqafgRLixaZXATLos7mikhwvndXej6az6LQeY6fwC5_HXZ5t2wI-DH_qX3mNUu4rs6XrJnUpMkd1YTXpiXhp5-P0agTRyvCVmyrFQbBQuT0_m1CheYsKK_XYQf0zJkNEBBLi1_WeOMFV_iutKVEwXcvzF_kqv4nLSTmNa_FZ7u0sLUA2LwGy1JRyxnYQfgIlGkweudiRhb-OKuWlehZoMxqHRG18fpx4aOT8mZNNcHINSTu0LsBzzM7PqgScZVwHIsX-1n2P9gcQx_brqUDxFLTDC3B5YE12Of5-4uWCCFTW86GB45Y6voULfMns0V8DCCXAPh3aY0LET0-fJHUl-FEZIzIF56jWyDw5ux1SwCaRoBRdtmjOuy0Q13ADiPLBA40wbsLhiDgMZkXe4r_wAjBKDe5cHWxG4V68eMSnckf-9i1wGKsd5jis80EDcRLjfzZ1POJebMOF-rIkujwp7qDBXLHuCx7O35soRu1aD-oReNdo6d_5ZDQ5-gPo--ywBXdK3EyOIJeEBLcb7XmAtzjTEQY_bGMYeTd7bFso8l2xTtsqbbPidLehIOxArvY-dOlJN4JgYTU5LiBDNPFyNnO-V1B2bI_zhUAB1CTB72-FV693XDWPOl_IeAwQVw5sXJTgU6KIJ6r9uljXTufy1-htyz4VpSBZLz8Xf8EWKXYM97mWNP3vmlHTQHYVhR8CMNj11IDQciDU7jbXmSARXIJSQuQmjg241H15fAP8hllfxE0HK-DJtyocETNAQTS4EUinIK5WSkuHHBmIr5ev_5kBzOxkA66nW0SjgzqlgY1EzWeXlmix8xUMvqfWf_ZlShI2wtUEnPZTae5BFX_wfyt7pfqaVDg7-r_VcHXTgi5b4_hsTPr1F6OcSmWPhSRSMXnvg1687dDfGym9soqIC6sseVDrR0058KoCAQCQxypvOnRwqaMCynmZeHo6bzGKzbQSATSr-e36RVVd3MxN7dlkefSUhfvcIEQEg9SECQlkyZcAHRSF7KeUF4eUs4et0Dyw3gzdmNdVML_G4mJg0z0dK6weU27nW-sTU_Dzd0SLPViIB5cIPN8bivNAhciELGbo7_aXjGBpRq1Y5jznFY4sV8GNWCvYqMTY2mpPo7XoeHRR-1V5a3QJOIWLYWg1rcedtHYyzrderI2l6MCDnO2ui3a3u3xjicFcIDJhPadfqIu76D8Rbd9635ifg0pZs1CD1WyUz-xhrD7jRlJ7OQJRpCzyX2GOwBLPJ4pPvJ9K7UpXwj4n44D2QIHu8-QSsQTSZJ2VrgL4QzAivcAZtp4Fr6JQmX3AhUnmOw1aKr24kbaDZ2ExfA3ev0iRQJOy9xqGqfSWEPI3gh7iPekukhWVK4HCgNzkAG4-cNkJUFQ8euIYjp5BHA-nT3ZJEexOJcRBYIguMGTm3aEw9_UEGMWonWvDlseetIciazaycEOO7XK5UC2RRx9nASnlcpU1gpTxFSmQ_67N_DW43hltz0fp2BX10A_AjaknVeu-x4jskn8hjiI7XIhkJgbbOr8ZXgMTVDE1QTre0iE0_wcfPdXNCz8bLSo3gmKvKoeFE3nsi_K50TTmRGaL_nA8DcwADe4K-ztqIAn78l4J_jxth7eAjiRNrBamS28eA2OSVRW-eazydNEnqstgase6-VgYb5jA5r1hv-H7-M2UFjg&pr=8%3AAC0AD94828DCB114&cid=CAQSMgDUE5ymm73qWAe5fhDHKrClU_qKm9IDF6_uIQBL7ozCWag-k3pFz7arjmhXKZjRZp4OGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fd1baseball.com%2F&ds=l&xdt=1&iif=1&cor=9712504172105568000&adk=3155265419&idt=29&cac=0&dtd=5
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffc7b0cb3d02425110a9afb13bce78f1725efea55005a4d247f334c71e904dcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32168
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DA66
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuGwZhW7jb7g0-7LD8ec-GrikJXNVOM0u6_zHuCObignxn-VAR3W5OtsFZoUH_18ym2PCVkeS31nJJ7KnsRRXNG0SlXo7s8TSnVDEWYn_rMaEja3tCtSnjc6Plt&sai=AMfl-YQPFw2mj0CVsmLR2Ilm7XvABX8LIo8GPZ5Mn2rUVX7gNaspND-22N-ryPAGgkq-0btK5bkgAazED7zxPEtfu42RThQOWZ-i9gJvcN9KKuK8c2smCvAmh7srP6c&sig=Cg0ArKJSzANwWdIQ1a1DEAE&cid=CAQSOwDUE5ymFzztxQ6jlJMNFvqOSUEaHzazEQpQDF9WNZ1TWv7vdzuauBgZfBb1UEdTXbaA_R0aojVKybi5GAE&id=lidar2&mcvt=1284&p=822,315,1072,1285&mtos=0,0,0,1284,1284&tos=0,0,0,1284,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=0.46&if=1&vu=1&app=0&itpl=20&adk=3176910375&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678597427589&rpt=1451&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame F02D
106 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Origin
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 07:16:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78458
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 Mar 2023 07:16:12 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/elements/html/ Frame F02D
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 16:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
43588
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3023
x-xss-protection
0
server
cafe
etag
4221495933888618527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 16:57:22 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/ Frame F02D
28 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b4a6ebe3e504b894684b8e94e18e39c512908b42313776600c3cde2452f04df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 16:35:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
44882
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10962
x-xss-protection
0
server
cafe
etag
11760670070698444384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 16:35:48 GMT
Matter-Medium.woff2
s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/ Frame 1628
13 KB
13 KB
Font
General
Full URL
https://s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/Matter-Medium.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/index.html?e=69&leftOffset=0&topOffset=0&c=8Z7cxM0A4E&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f8bbc190d9cb158f38b0aae3c9491e89be9f4dd4028dc1c3bed86a7540eefac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/index.html?e=69&leftOffset=0&topOffset=0&c=8Z7cxM0A4E&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 13:16:51 GMT
x-content-type-options
nosniff
age
143219
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13308
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 08:59:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Mar 2024 13:16:51 GMT
Matter-Regular.woff2
s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/ Frame 1628
13 KB
13 KB
Font
General
Full URL
https://s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/Matter-Regular.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/index.html?e=69&leftOffset=0&topOffset=0&c=8Z7cxM0A4E&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
377bc25a040deafc0f0f6d97cc02a6b49db215b824e8ee637ff25f0fa5506033
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/index.html?e=69&leftOffset=0&topOffset=0&c=8Z7cxM0A4E&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 13:16:51 GMT
x-content-type-options
nosniff
age
143219
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13340
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 08:59:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Mar 2024 13:16:51 GMT
MatterSQ-Medium.woff2
s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/ Frame 1628
25 KB
25 KB
Font
General
Full URL
https://s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/MatterSQ-Medium.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/index.html?e=69&leftOffset=0&topOffset=0&c=8Z7cxM0A4E&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56b47c8cb579a37490b9e884cd34ff023ef4d512c3cf8d990375673e16dc1377
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/index.html?e=69&leftOffset=0&topOffset=0&c=8Z7cxM0A4E&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 13:16:51 GMT
x-content-type-options
nosniff
age
143219
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25172
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 08:59:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Mar 2024 13:16:51 GMT
MatterSQ-Regular.woff2
s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/ Frame 1628
25 KB
25 KB
Font
General
Full URL
https://s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/MatterSQ-Regular.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/index.html?e=69&leftOffset=0&topOffset=0&c=8Z7cxM0A4E&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97557bcb023f04ded9636b30d489a0aa8e6275da3a68eec98b057920540dc0c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/index.html?e=69&leftOffset=0&topOffset=0&c=8Z7cxM0A4E&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 13:16:51 GMT
x-content-type-options
nosniff
age
143219
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25144
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 08:59:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Mar 2024 13:16:51 GMT
MatterSQ-Bold.woff2
s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/ Frame 1628
32 KB
32 KB
Font
General
Full URL
https://s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/MatterSQ-Bold.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/index.html?e=69&leftOffset=0&topOffset=0&c=8Z7cxM0A4E&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
615e2800a9dea94b21e1b1242482215947235750a21c790f04456cce3733b01b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/index.html?e=69&leftOffset=0&topOffset=0&c=8Z7cxM0A4E&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 13:16:51 GMT
x-content-type-options
nosniff
age
143219
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32264
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 08:59:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Mar 2024 13:16:51 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 1628
118 KB
40 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/index.html?e=69&leftOffset=0&topOffset=0&c=8Z7cxM0A4E&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/index.html?e=69&leftOffset=0&topOffset=0&c=8Z7cxM0A4E&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 18:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37896
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 Mar 2023 18:32:14 GMT
gsap_3.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 1628
54 KB
22 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/index.html?e=69&leftOffset=0&topOffset=0&c=8Z7cxM0A4E&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8154aa9057e3367d9d3e4bb1f85db9645c01fc0690091aadc57dbae849ba3499
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/index.html?e=69&leftOffset=0&topOffset=0&c=8Z7cxM0A4E&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22005
x-xss-protection
0
last-modified
Mon, 11 Nov 2019 18:08:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 Mar 2023 05:03:50 GMT
truncated
/ Frame A217
46 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05606cc2fc47dffcf9056d38d0c28814fa8be2457841e601057b82343681a97a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame A217
16 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02f012d77f69d09efb2d4adc62a748a007a30a0c52f135f50d2873a9334db36d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame A217
33 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
381c15ec3889b1231b0a7556199933fac63fd895f13877c24c4ae542d7a50b4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/jpeg
m
ad.yieldlab.net/ Frame FCF2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEHgsKobFhaTukiVQgmizEMQ&google_cver=1
0
525 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEHgsKobFhaTukiVQgmizEMQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_Fw5IDEJ7Cz58DGMWToOMBMAE&v=APEucNVFNiUB7DHoxPM9UFCw_Re0uhze6l9OAUPvTf5YwQdyUyi2SF7x_W4toCSG3VcdYI6oRsCnmBJB_lnQf5Dx3NfXBcQcFBIDvtGGvThuCwOENnWtSJEXhjsgTXr-faZ8LkWeF7I6yoavLjLGu0AX1ZiyAyI6ziw6LLs7zAsemMvtokP3kqk
Protocol
HTTP/1.1
Server
104.109.73.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-73-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Mar 2023 05:03:51 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Sat, 11 Mar 2023 05:03:51 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEHgsKobFhaTukiVQgmizEMQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame FCF2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEIxh6feOALbEqpZ28N32xH4&google_cver=1&adform_v=1
43 B
163 B
Image
General
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEIxh6feOALbEqpZ28N32xH4&google_cver=1&adform_v=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_Fw5IDEJ7Cz58DGMWToOMBMAE&v=APEucNVFNiUB7DHoxPM9UFCw_Re0uhze6l9OAUPvTf5YwQdyUyi2SF7x_W4toCSG3VcdYI6oRsCnmBJB_lnQf5Dx3NfXBcQcFBIDvtGGvThuCwOENnWtSJEXhjsgTXr-faZ8LkWeF7I6yoavLjLGu0AX1ZiyAyI6ziw6LLs7zAsemMvtokP3kqk
Protocol
H2
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:51 GMT
last-modified
Wed, 11 Oct 2017 13:40:08 GMT
server
nginx
accept-ranges
bytes
etag
"59de1f38-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEIxh6feOALbEqpZ28N32xH4&google_cver=1&adform_v=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 164C
466 B
235 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjb2O2zATAB&v=APEucNUyQzvk9wmCupdBtqRb0O9rA0b8v69KZg-fAcjvYFfXZ_kOkBDoXjgMmxvfoVCVYt689swMQLT856iFOIQtRX0OmxFXMBCgflS0QORADcRnTWlj1YFFA9gxQ6CQ2pgxZXA4P9LKo-cdUWp536tY_C0q6d_9fPtVHfRo6ueFZBgxJ_YWGYE
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Mar 2023 05:03:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 69F7
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3157813707166&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 69F7
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3157813707166&version=m202301230201&ct=76&x=1&cor=15844093981477835000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 69F7
85 KB
36 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Clvrgi2MCDYoZE8g5H6qPUFn4txUKyApOwzQQPwKaQ3RS_SPVc3ISQhPn3qBC5SC8C5_ofZUHQHyMa0m9QV35Q0RyvGOYSt47sTdaBUrvegxtT7G8&cry=1&dbm_d=AKAmf-BgOL3FqhfD7H0KUvkeJ5_BZZrgtfrsVRw2GsJ_Ez5hJIEW0McUssT1hz4t8FYI7a2qEv2w_8kPYaLRVcxsyoEi27hd5zE1iDgNNg0AdvaAQeBP1uU8JJFI2uvJBltr4hLjKqsLvsPqKWFFxdKX9t2ePPOWT0nmja4r9NFDMwNs4rU42uYp0qqHxlqX2jkMfU02oOz7xeI1IJe87KnaujZYXFRt5QfFZcPDMiSn0irMuvqDP-2uvDdtNsQUrtlPR_1zMOU911xdILp9D13kQFBAn56RIDA9zrDivSSnJM0MUc2A91o6tKoFixdWbgZ_AQmB5M9ymuMIdGCGNEcnh9cJRdWR7SKDumFjpYsPT9vf1I4TLW7OmlxP5ey4N5Zv9uivAPbB43uc8KD8aXThdT1nJ4CyFnaOYuaAj_hu-5fQipmi5TOFDIJ2GBfMzsT6BkV2io5BzWqaBxEkE6hL0Vl9sZoqS6CzkXPC9u-6IJ6mHjDPBYEvl5YXgLpvRlYRxyKbmF-0gq0VlU4yga0_jEJSuGnUa7lYTkS1RYbt_9DyO7oYbUkmIekeBZUL-GW6nysiT8lJhYnNneDI-Dst9VEJI8nZx5faItvtuIaUHbF48lyyGrPIYzmgoyjS8q9Xe2INKnG5nS997FVPi62d6p6Hvj-DDy0jhrnXLoFgt7-Lq4E_PYAfqoSuSoisCty-clPBhqsAWGlayEVCnIJhZzguIDMkcS5wFr43Mbf3uhQ7b8T_JAJq69g-YXrFmlSsR_60xoIynV9UXAWUUVHh1dNGoVkZqXV9axcRDnNjk_SM23CWu7I_x4E_ypUGDC4eGfqB-e9DIZRuCrcvXHerpmT7PFpLIQWSBj6QduzEsHfkwkEvymTnJlxZQiaMbVxH_nWOZK86a0sLsf22An_f-E6NHp4dDg_b6j-TVpJsH9KpXoRBW4znBu51aHfzIKzUfYa1XSkNw9_-2PWp8aKlGJtCMvhJvFxN_UOGoKrKq6gDUVXYl0e73hbozJbUDScTIAICCZgxksGdb2eYYy8jcb7b02bZirU62Tx1mbOgAwb_Xll4f1I_ARL35NfM4RKFo0gKRxRAv35D0rMa7-_W4SV9yWrYkn4bxgQk5Key00Saud4pKkNzNHT4l0KMYAeCzjb0IKeqwujDC4jfgsKtX0O7MNX7Si4WahLIYGavoDqQCQyQi2Sbpjx5aHNqGYeqAqpZ6CgxGM3kUMr4ivtrdcHjaHqgzssviLNtLUkCK7fgyQ48yYYd8XjKEWxQqrG-tvcAOOinCIk7DLzT1rF64Dzo2JCjhYn-zjR4lTQdhgxZSa9ATu44Zi_wkHzsOz195okD513kFd2UzeIAkjpI2UcMVXhgUYqyzBQ11a71jF8B1OOGSrEcP8x_xlX1-Iw29mNNWBPnZGd5M8TVSyTl-RlUgjcMtjAOOlAPrK4sxagw3d7KxmdU1Y_4LLn2u-ZTj47zyTzqB-kMaFwf9XEtSdPomnyBIxSdgW7rMur4MixvJq4I2r39vL3DatMSghrYaLSqhwYg3jVcHSHffWka20IJ6GpJrUDXABZcDy3-8k2q5UYcM-ljJRbr6LMi7EmmqzPTAFkDk1xEIjtJ3mIKuWVYYFJiIcAH6cCeCtWLZklfgEx4s4ch-t5d54WulRuzW2Fb43cGbhdzQU-YM8tUcTlUP_J_6x_H9l6LT2RdkouhwoMwMtwkNaKAkJGyFfZ9-2OGNu0ejOaSq5ErwWe00IvK2z6qPBCHVMvXoBIi1fwvtj-nx_OVj3nO8BXM3tduIzMdg3nCVz4ksHKE0iCPVlSNrNTglPdpFTjlWrJR0rA8Y9tGYEr8VBcQYd-SHjxbFxetxTL3rsxdD2jhYA3mTFlemmnrCArAzlIQmwWVBS7HFWwpBrO6FYWMlB4TSdKsSRC7YaJTaCMs5Rj1H6GuAbR_9Iaf7AVVAUCBkQX4VJy62jRtpqgbMGpvSsNH9OwqAhJ6JpI675Qkyb9GBuBD_X5wwPfI2luqiBJLGCfMkZy99kbMLc4KjJZnNT7d2NT8ItfW59mjzsrvjbDf5s4P3HGPjZFbHpHVpkNubEnCArEJOz-I4i_wkVGN5b72KTtEWDtPMcCOOClr0mfTL_H7SARIwoaJJ4JCcw-1rIBYwZ9Apf4xtzow2CKwO_50Y20pRT3AmT27dPz5b8fcT5gkfOMk0fNSf0mBPA8hN6rkFuHU9AIWxnPsq0gsj0dN7_VKuFtSstM13qPhaSWEm55Rjd91F5aYsnIFHu21THF7GOjJg0ZaUAed5XQbgZ8ECmFKEymKZJUX54HfTwfCBeIQvRnfBbq-roJy4Goewp4sYpxc-VBORGd9Bls029jbtlGgh8GoY_LIpXv-dSeSvQBohOZWNCve2-0wzQNaK06N-TpKUwdYskQYmhze5QS-VQeqxjve75hDHere4My8TnNmYJZjLAT_UY-gRSuSmdALBjzfAbIHfve2BbZM2xO6HVsMcGgUxD2YZhdvHxjAH-ZTHK8axlxMNQ56iYn-fsFm_75hevvKX1NsKEaxyNiKwuK0ZF6l4z6DBE-XA8J5KpYwa5zv0NNoLz7BxeMsMTK4uX55JTCCfI7b3lEkyyH03gLl9ze0ySH6DLCNKWqnXfmGFfRzPQh4F_jFyoxOX0Gk5xNs09uQLQUvdxPG-WZJVbpDmodB_YgfI9VwQ8tDIglufdP9tNHLCqgwRQEqbe2Lz3cG5kP7ChzFyI3BugrkR6UvTD-amjKo6L4eVdoRRNYRHDhqDF6AynETwVqCbXE5uzdP97FZ_Pxjrvthl2Ppv5FPJBexP5BD5-CzN130eynlpjEFIhtREwOGek3Y5ZgR6QqE4bYTovp5mrxk8eiOU3-9w4nHkXpHhy6gCcjH97EQ6yPF7Cb3j9algUb-z7lSjVcAJtI8O_NMj6VnHF9sT4rZh4GUoBLrajY27-NLYJgoBY0BojCf4V8i6XPM94f6zc41cl7T7gQaaJef9UFC5wFxELwDaaSuKndwhyZ_CFG_9S78zpZ5pfICv5oEA66cfN9tIz-UCls-HMjYdDK4L-IwhZm6OepPEmVS8btMcgb3zae5Zl5exCVwW6y1IwE-W1_64eLuFFukHyvbvim98EvSQW6j5k4AxPZ3EJDfo7cr8iCIDF3ZFxQEvXMSVqpqaO6KEgCQ0dusgE-Uhy8fyJFMegjtHOpyWBI9iwAY3ZsGcYy9AX6Grg&cid=CAQSOwDUE5ymVv8bUnV2wmSABVsvMpADXCLVHFkm9GoKvHVvjcqEWq76t9deAfv5tP_8fZ8iiSG-eWVS1zX3GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fd1baseball.com%2F&ds=l&xdt=1&iif=1&cor=15844093981477835000&adk=3944675600&idt=38&cac=0&dtd=38
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
adc74646d7bf9561bb3772f9e48578b9b515080504d277adbb8a6f38d852e1d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js
pagead2.googlesyndication.com/bg/ Frame B229
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f43a06d94a8643f863e607ce1e7e28ca31192278a7db3dd5a87a84e543aaba11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 07:57:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
75983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14304
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 07:57:27 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0161
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
82064
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 11 Mar 2023 06:16:06 GMT
expires
Sun, 10 Mar 2024 06:16:06 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 1AB8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKdFmo7GZkgBSFEjtIYSHag&google_cver=1&google_push=Aa02lx80PSdnTWURToTJW4AF2LKjHEcCXGeZzHYXnR5H1G1_OYn8aSPWy5St2xVdmaLhERQrsZnL81QNSnorzjCFDEf0j109-nTP
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDA0ODgxMTk0MzM4MDA4MzQ0NQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPkAictJ1fF-vECNpYqH9cY&google_cver=1
43 B
398 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPkAictJ1fF-vECNpYqH9cY&google_cver=1
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 12 Mar 2023 05:03:50 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPkAictJ1fF-vECNpYqH9cY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1AB8
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMxor3adPaePVUPyT5nOOgg&google_cver=1&google_push=Aa02lx8T4HzrFNvvArwfBFsMQyEEevwXEHbtcysT4vznTM5rD2gqY7tvVUcO0UpHol7sI6wFBXT4V0azYqpPqyAS...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8Gq1M5iWQzWMPp7nurcxMg2&google_push=Aa02lx8T4HzrFNvvArwfBFsMQyEEevwXEHbtcysT4vznTM5rD2gqY7tvVUcO0UpHol7sI6wFBXT4V0azYqpPqyASMmCmjgLE_lpx
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8Gq1M5iWQzWMPp7nurcxMg2&google_push=Aa02lx8T4HzrFNvvArwfBFsMQyEEevwXEHbtcysT4vznTM5rD2gqY7tvVUcO0UpHol7sI6wFBXT4V0azYqpPqyASMmCmjgLE_lpx
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 12 Mar 2023 05:03:50 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8Gq1M5iWQzWMPp7nurcxMg2&google_push=Aa02lx8T4HzrFNvvArwfBFsMQyEEevwXEHbtcysT4vznTM5rD2gqY7tvVUcO0UpHol7sI6wFBXT4V0azYqpPqyASMmCmjgLE_lpx
x-host
tde-deliveryengine-production-86c874c4d8-zwq6n
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1AB8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOh2-7xR-IrFIPQxrJjLRug&google_cver=1&google_push=Aa02lx87QC--GUSVzFMuixYGVZb1qe8UzTUGsdFr4T2MsSyuLP15wF9uy1acB5G_-iBxQqj_xxc6lVZ8...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOh2-7xR-IrFIPQxrJjLRug&google_cver=1&google_push=Aa02lx87QC--GUSVzFMuixYGVZb1qe8UzTUGsdFr4T2MsSyuLP15wF9uy1acB5G_-iBxQqj_xxc...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc1NDAyMzY1Nzc5MDUzMDQ&google_push=Aa02lx87QC--GUSVzFMuixYGVZb1qe8UzTUGsdFr4T2MsSyuLP15wF9uy1acB5G_-iBxQqj_xxc6lVZ8z...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc1NDAyMzY1Nzc5MDUzMDQ&google_push=Aa02lx87QC--GUSVzFMuixYGVZb1qe8UzTUGsdFr4T2MsSyuLP15wF9uy1acB5G_-iBxQqj_xxc6lVZ8z8qluUpAQl7Qu84bLh6M
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc1NDAyMzY1Nzc5MDUzMDQ&google_push=Aa02lx87QC--GUSVzFMuixYGVZb1qe8UzTUGsdFr4T2MsSyuLP15wF9uy1acB5G_-iBxQqj_xxc6lVZ8z8qluUpAQl7Qu84bLh6M
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 1AB8
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHw3t6IuYRuPzNjkjm4voow&google_cver=1&google_push=Aa02lx_H9K9WdCvV_2zR6kYGG2Nh61fjIDgjMwj9wtmcTVI5Ay5InH3cGPBt1G3eyhh4O6siTKKiSVLeh7hjvfYS...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_H9K9WdCvV_2zR6kYGG2Nh61fjIDgjMwj9wtmcTVI5Ay5InH3cGPBt1G3eyhh4O6siTKKiSVLeh7hjvfYSwIxBQEkJkso
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_H9K9WdCvV_2zR6kYGG2Nh61fjIDgjMwj9wtmcTVI5Ay5InH3cGPBt1G3eyhh4O6siTKKiSVLeh7hjvfYSwIxBQEkJkso
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 12 Mar 2023 05:03:50 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_H9K9WdCvV_2zR6kYGG2Nh61fjIDgjMwj9wtmcTVI5Ay5InH3cGPBt1G3eyhh4O6siTKKiSVLeh7hjvfYSwIxBQEkJkso
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
O8KxJXfLJFiJMMsv3BNLEAQrPaqFVaT8ZKS0JcgMp4QAsOVsQgr5pg==
sync
ssbsync.smartadserver.com/api/ Frame 1AB8
0
44 B
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJMaK87n-vUSDoxyXgIY64A&google_cver=1&google_push=Aa02lx_2lM0Hu9vmLtv5OfkOwFAclICscclWRQkbKsT0ikpBUcJNerCiC6wKJmPe7lGDKVzxKbLKsFeCq_CrL5seYPcDyAAPk-0
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:50 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1AB8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEA2ED34ssL1uSdMYEp9VAUs&google_cver=1&google_push=Aa02lx8m_c1rpVE4-WX0_Rsu9y8A5vQm6m16PDHERWSfMThhyuaVruYqqeD1MgsJXMS_midrcN...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mSEFUUkZkRTJ1R0lwMnVWVUhka3hfUktkSTFiUGR0S35B&google_push=Aa02lx8m_c1rpVE4-WX0_Rsu9y8A5vQm6m16PDHERWSfMThhyuaVruYqq...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mSEFUUkZkRTJ1R0lwMnVWVUhka3hfUktkSTFiUGR0S35B&google_push=Aa02lx8m_c1rpVE4-WX0_Rsu9y8A5vQm6m16PDHERWSfMThhyuaVruYqqeD1MgsJXMS_midrcNnizHQVu9xsSlJT12C4o0GoMZLaEw
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mSEFUUkZkRTJ1R0lwMnVWVUhka3hfUktkSTFiUGR0S35B&google_push=Aa02lx8m_c1rpVE4-WX0_Rsu9y8A5vQm6m16PDHERWSfMThhyuaVruYqqeD1MgsJXMS_midrcNnizHQVu9xsSlJT12C4o0GoMZLaEw
date
Sun, 12 Mar 2023 05:03:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 1AB8
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBRsTdOFaHGsU4nRwTr-r9o&google_cver=1&google_push=Aa02lx97_qjR3FcQaZP2JhBT4CLlRxZJaPgZQDbWC8z3TMLCQxeNzx-oJfKosQ7yo51cC49rd1XDP-hjUC2...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx97_qjR3FcQaZP2JhBT4CLlRxZJaPgZQDbWC8z3TMLCQxeNzx-oJfKosQ7yo51cC49rd1XDP-hjUC2HojBHQd3dCbVr1pscaw
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 1AB8
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JWDLV7rV1br5meeCB9mKW_w2i-tnrX-iSL7PcQPVD4FwNgETNLId7sm3tB2psCvXYAGmTAmL0
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:50 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E655
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80207
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Mar 2024 06:47:03 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 545B
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
80536
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Mar 2023 06:41:34 GMT
etag
48472445140208031
expires
Sun, 12 Mar 2023 06:41:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E655
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
495a27ae37b682fceb11fec0318acd688d72d07d2000b6df2cf88ef4da333773

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/ Frame A4B9
28 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b4a6ebe3e504b894684b8e94e18e39c512908b42313776600c3cde2452f04df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 16:35:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
44882
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10962
x-xss-protection
0
server
cafe
etag
11760670070698444384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 16:35:48 GMT
9994169000815885812
s0.2mdn.net/simgad/ Frame A4B9
36 KB
36 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/9994169000815885812
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fe10aedccd8c9aae643e857f89de45eb87d0416fffba52739bb57fee3bf61ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 23:04:02 GMT
x-content-type-options
nosniff
age
107988
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36517
x-xss-protection
0
last-modified
Fri, 10 Mar 2023 11:31:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Mar 2024 23:04:02 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/elements/html/ Frame A4B9
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 16:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
43588
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3023
x-xss-protection
0
server
cafe
etag
4221495933888618527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 16:57:22 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A4B9
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsviWzfMLaEkz3ucXLmQgYO6WOOsQ94ugxWE3ch2EdGajjxm6MY7814iOrOqfhPp0BLjvWKSLqqO7cFRXcHSs5jsGtXhTzOea7Pcogd_LAM3T4CyElEuPQ5AOPA4lizrLrh54rT9-VDA08IbwAmvD_OC-s9HjiNLcgvxkwYWNqKf2WGZ5h3LUfph6WBKLatf3qxjzUlRfDq77suikt2NJ5Ae6g14q6WuDCQk9Hk76hlpNmssUBjuRp5mKB35yzpRnTVBZ3ZbYCQSVx2pUyzb9MQiJDklRXT4AmWbPK3QFdCPhlqou7P4jWLNMzUsv6tHTonbIAgcVEUTGdCqLnlg8LYBgBU8r2VpTlOzoG_06ECNAH9lugFoKM8RQCJVC16HBMUopjAZqBGNCUM7h6Ao7431VVKzGJJluOOrdd0b9r9rkbLpwIMN8zjvn7sglmAIV-GwMyuHPcHBq--T2POmElYE1v1PJt2rh97iHuidt3eNb-HHH7WBUqu52pAau1N0G6oiPcycLYTJY5H3yVCXOjk3Pv7TV0OzEVqUjWsUAW5H8Ns6GfXV4M0iRyvMo2gTKB13Cu7ERr0bxXBioGt28FutGel328nU0CVzwGCYm9Bzo13AMx4TqqMBABYud-hRypEDskNMRE4fNP49PpV1HUiKe7h4sut-HHEvkGbtFoOPupVnxjULxfFei9Glf8UkZlpzukdjsWV9tVmFHFgkhPgDIjqEgDCn5VFHQv0-h5VVQu_p-hixbuH_YsDsAisZScd9QdVT24a6bjNCM3y2Z9znIP-aF3CL8HLZWdht61-gzGu3sLNwITgxhSEHR1wttowjDmp76PtKJy90Dfb4nb0k0iv4nnO916BBHbnQLBgWoPGuAI9uJxmJx5LVdX2GKI-DX0u_CRoQMTZ9EDMlrg6A4C4Q2nZj19DPMlRxXBTsI_YkShurr7aLvCW7IXfyz6SBq3TN13pjS6OXHNeSWNtm1lDHoKzt0BI6GaXiHhHIRLENnC1u7nzJoaPyUb1s6eNIzGnqrvVe-rcsDbO0fTMEv4sYdOGKnGttewdqf4Y7Os9a-q2AD_rKohgOnC_sOj7yQQDTPKnx2s6YDrn_1bL0FXZB_M_uJmDch5Lj5_u_ssXJIKVFw4PJwg_6mOC8no7yiZS7YG_zX-FGBwDYllLp7eGDoKNh11P_NiFnAjbtAyoJjtoZ6iNi_40x1vgPBGXslgfKRaTfNnM5fE6K3G8Qxg3EdEvVvQTb&sai=AMfl-YQZMn4X8LDG-NFlOHI26PSgfZwa-k0gIcJlDa-Z2xwd_fa2WN0DSfldZiBM0dzLYFFAskjbvPGJSHw6A0yzDAdV88gSFjtPXYE0WkpQ4Q5qRKub5PzbFAQza8YBCXbxcaNapK3_sEJ6h7NoKeqd82Fq6tsQnCV226wDAg1KWR-Tg5QCxE8UhWuxMb5Oa66SGVgmrzMmzhIMghnIFdNgylX1lVNWhPAf7CjpeDwrjdTTCJNcQutUcvDCBps&sig=Cg0ArKJSzIfViXGGeN9AEAE&uach_m=[UACH]&pr=8:AC0AD94828DCB114&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230308.32486&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 12 Mar 2023 05:03:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 12 Mar 2023 05:03:50 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A4B9
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80207
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Mar 2024 06:47:03 GMT
partner
sync.search.spotxchange.com/ Frame 164C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEC6Lnqe1gTsvFwaLaynr5yI&google_cver=1
43 B
548 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEC6Lnqe1gTsvFwaLaynr5yI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjb2O2zATAB&v=APEucNUyQzvk9wmCupdBtqRb0O9rA0b8v69KZg-fAcjvYFfXZ_kOkBDoXjgMmxvfoVCVYt689swMQLT856iFOIQtRX0OmxFXMBCgflS0QORADcRnTWlj1YFFA9gxQ6CQ2pgxZXA4P9LKo-cdUWp536tY_C0q6d_9fPtVHfRo6ueFZBgxJ_YWGYE
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 05:03:51 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
71
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEC6Lnqe1gTsvFwaLaynr5yI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 164C
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NDc3ZjdlYzktYzA5My0xMWVkLWJkNDQtMTRlNTgzMzAwNDA2
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NDc3ZjdlYzktYzA5My0xMWVkLWJkNDQtMTRlNTgzMzAwNDA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjb2O2zATAB&v=APEucNUyQzvk9wmCupdBtqRb0O9rA0b8v69KZg-fAcjvYFfXZ_kOkBDoXjgMmxvfoVCVYt689swMQLT856iFOIQtRX0OmxFXMBCgflS0QORADcRnTWlj1YFFA9gxQ6CQ2pgxZXA4P9LKo-cdUWp536tY_C0q6d_9fPtVHfRo6ueFZBgxJ_YWGYE
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 12 Mar 2023 05:03:51 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NDc3ZjdlYzktYzA5My0xMWVkLWJkNDQtMTRlNTgzMzAwNDA2
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
49
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 164C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1raFhQQ0cxRTJ1Rkx3MzhwM25hMDNubjBiYVpvNWpNVn5B
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1raFhQQ0cxRTJ1Rkx3MzhwM25hMDNubjBiYVpvNWpNVn5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjb2O2zATAB&v=APEucNUyQzvk9wmCupdBtqRb0O9rA0b8v69KZg-fAcjvYFfXZ_kOkBDoXjgMmxvfoVCVYt689swMQLT856iFOIQtRX0OmxFXMBCgflS0QORADcRnTWlj1YFFA9gxQ6CQ2pgxZXA4P9LKo-cdUWp536tY_C0q6d_9fPtVHfRo6ueFZBgxJ_YWGYE
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1raFhQQ0cxRTJ1Rkx3MzhwM25hMDNubjBiYVpvNWpNVn5B
date
Sun, 12 Mar 2023 05:03:51 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
googleads.g.doubleclick.net/xbbe/ Frame BED7
398 B
222 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDy79cCGKL2kuIBMAE&v=APEucNXqUCjnBevCxvBch_eQnxiDG8Ww_uHD7a4rPcCDHM5kxe3wSNwGKQiRj6R7y-H_jbgtEULsvinK1IiDtV9qtbmCBqWlh43dBU9pZe5sRvMmbQGSeGZRUAbb7TwINKtDwNU0OcwpD8gXU9Cxo5tZQnwvzjHzseUolE86OQwFSpdMVJuwtFM
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
202
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Mar 2023 05:03:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FCE
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9343157281303&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FCE
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9343157281303&version=m202301230201&ct=76&x=1&cor=7506707467614074000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 7FCE
82 KB
35 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZ0j1asg3-ZRaLVVDxh-W0JDjZlHlyQt-FIODk5zqow9IA2tzOrDC7wIbUhufMLJmpmsGEd7vy7yuB-RYmnl_LZ49_sw&cry=1&dbm_d=AKAmf-CZmQno0mJJMgvZFb93UOjtz2QXEEN7gfLJ-akMAyd6qEBxM-STwcg0h86NjkSql14iFk738jAXkuT1m4hI-_zKBaxUK4D0Qu7_5wDbaUAMcczqzwnYC3NRXBZ6QItWi9bFxT-c_1VI_IdhihKsTUPOkObNgs0rUYCElZ1suYOQZPkfRiobe8ZB9r-BgZQRLoBF14ETmE6IvX2oFs-f1s2WqymPDEGHu8-gkR0FFOBjtz8b_8FyAVwaGIv67fwvRnUZH0Vfozvbw3nfnKCVnXuHI2fE7UMXvf-bU8EKgW0lZpAnXiXVZXhFr-vvPlLRz0PjmWpuQWREIHZM4BQ5MkEEncymJNtmEF6qXOgdBkwCrsjzWxMl-SuY5ghZbSU1B4wjoHcCLg_Bl_61C1rE18eajCRUCk-ujFr1VUQZuGyyEcJtaOmCnC0tDRcs-68ECMMQfL7CAJ9hRCrrGoANXXdY3swr7WeMtfoo-ZWLsIY0ccsBWIsIOhM-HnKQMOo5xse4KyME_o_oFZ8imKbbvupcCX94hHnqFGIOSrr-Plhj-aPtKu2a2056N5PhUGkYGunmafD4tnsq1ye0SDbQq6HajvPvnvkQ-7Mum2H3p7d3R83z2YZi_4fdRWbFQqLJ5tz1q6RMkB_zFKtBm0c4DAXMiYh0cc_w6I41pBJZyqd3btj2Z81v3vrlWjsd6BVhO0IsmNZVh9dnMrVto85f6aJiZ9oJVAICXan0LP2-9uPBpy1dXQWsG1lu_hQG-yHnQmNpmn0GGWV0tH15JDJmAGoKEo4mttTdep8sk6ssPddcbpALS0ibLzbYYeVBkUS1qw0ogivaqNyax3x5Nnle7HZAbiX1FaSvB6yBBGgpkQJGfkF2oCe0awvsMtjjkZDtNlIEB6lnt4fkLuu5fC0pfViRA_wAdev8i1rPOC_z_RPbElusAnobP_BEVvrT4NWkXUvLVEyHZ8m9y_3j1wkwp_AC3MEPenV-MghYCX4ZeZVj7xJ_mJC8ntR6FsGmcnepqW1EAZ9TZLM4XJeQxPLVEJyCpVushm-fuH_VMydEOuhB46tzQwIo05Wet_X--jAgloYag3udqPPB8giPwEf_tztwFjlPJWzVqHn3v92N2iygGoKG2BCPjx3xivmOIZvt4euQ61-s8VtwU-bKwCvYyFg-PxHk4N3J1-p0Nd7N5s_QnISw4DNvRMI0PXEjoaJ8Q6x-oLWPJKjGp7rsLZBvDnmZoJTZkYFpr2VqGXRo20qqfQwMOvOXy7UZ-a6IOwyw-wDDPYQrn6VEKUBc3Y4j6szoxRwxqW9w7oHBJSpFO2hydmIKUHkSh65NjVAg4X_3V9saGILFOLI5s8GrZYEd7eznH-3WNitdhlcy3fgk_bnzMFtWBOD6rCqTOfdesBitUu_D5hoDHhRTBgsgX1gpFAJVZRD6SCmbz0ScB-kYQJXRgpSrrpVzVwG7eMwulg_N4Dehh7-ASSHqjuf6OSAW0u7hyr5xS2fC06FrCkJFWptqbfuMZKKziw3q5SEtipEqOUMbWH0cYQtrMLI5aA-nrSAm9nDxRXDIXvvR9b2-s9MvGytVBVf2Sac78uVmuOROUxMpcnkp1xyHhybOeqdYydthJtTE1PIB44dy24xdF_z8dMjfH63ajOVYH9obwqb-GnL4JGJx7y2xRbNycln_K3G1Hfxr8oV8jIGrty3sKXALgwCZItwT4891uF1-1XzTGK6RE-Sm_xbIcDM5oTK9B-WxaGfbujW8r7-Be-8aICnp0C-G-CiHplEBvtgCernb5YDUhvNDFKfmcEwcjQOCzOx4f6HWgHm3i9-b1lDL4Zc9hSC9-37S73GkqIAnN67Bh_sjIpQwPmXp4zpxBAOccOiw6d6WnVZ8nHQhpviJYm_bze-Hcsgq4-hFjQN8aDixyujrhSby9P4ORXBJalwayidPj9oUX0aujfde5THnF8_4kvXOIX60iGYzRxwCPw-3IqovvF1QNNQ2Xl_sKiruXCAeftVI8jHZ5pRbFUQsqWB1eNghWoXNwibPDn9gA_aNoCEFRQgFxSSIudOn6WEu4xOy3zQwx9rX5W3I2-1WBf7HuB3ztn-hPvFXrTYyW9efWNREzDG2aa7ixRvCDDD01bDnCfbuF82tKaSveK1VThFTINIpEcpdsCN_tpvSUgFvY1AWPtFFGy6_JOjBIZiH2tK8eVG6v4W9cTQFaN0mAvkf_38l4pj6x34wWmiwk3hEiSfPAePLc_tTB_RxSkKOrQMSGtgaoGAWKxDhaC9OaV3pdJBS7q5KExKJ-CQ79xFkqmBcN16jJanuRz5ofjmp_DkOfkMhIZCf5FgtZolag8fMeZR-XBl806x-h8KGIpmybPvGiqcZolV2ASU30_0qDB8io8FtOeAwGsXlc2JbdpMOs0pY8iOKMoP4HYPn-9o0ZdxC2toMsfvkrTx6AIe0Gq1GuI870gfNQaRP5d9x9BiWjZprj9bnmOOdxj_2wWD7ZexzrNE87hYythP0ywVxhu1k0TKAh66eXUq3SQm7Wiqyq3dxOiUkYm-3yjbWlpiAwZz8jR41JKCunbyy_tuDTvlTreklIc-oJfV-ewHhpD4cugeJPIR_ght_9yJGlYwYNqrgKfy5-tlVzJWaoWG_VUl2-LkD6ljz860hX12UNOEHxz8C8Dn1_zJfvj-0xq4QdyYducysaKK3-YGsjp98aIc_wILc4QakCLJC3QDt5I7uHZZq0oUcWYVYoukZL2t7dPbmbsA49jNAFlAOcSaQTVwzYrW3a3Zy3wDjjpNRBWJiMBjrbn3KMZPmadEY9LaTHHKF5m6xXy5xuKVTxctrHYWZAEEVn2RJimH3yjrZ-xBD3iBk8yQ3Xe4p2vfDiVrvyn-UzVZ6kO7CbrnbEXn8mERS15GTUokF2DeQgda-u9hUChobBAvw0cWTe8VBQ_jvebB7v7FeQqGKEDoMfbsSXLmks6SmlnbY3NX2gikZx3JuZ08bv0HT60aVvTqE0lqMFQEi6sozV_Nuhk1WC7Eq7-JRoP_lRGk0w538nMUpB3WkWbO8XBOYtxKrLEQs58oDlWMhj4NS3hnXqohtXnsp_tkIXssDQqFGuizwszSS0514VrJXGolk5wQIFgUKUkVAl5aAW17jxp1JmYlmDnvFSfYpWa8WWhhWssXDqC8M9TPnJBusI-ZPv1mClnyR5bX_duJugFP6Ws_6zfTqZLR19Xp6s7zRiDtVSUqLbpdnvo5APVDOJAw&cid=CAQSOwDUE5ymUS0pcVnTvnNWDEEI8bUkR2DF1l_O7iaryvZ87HMvIQbQOJ41PB5k-5zxg885fOoXuCgBXFgQGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fd1baseball.com%2F&ds=l&xdt=1&iif=1&cor=7506707467614074000&adk=943508955&idt=42&cac=0&dtd=41
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
321464bf05ae113640bc77a9e85ed70682af15a892ed5f4849ec361c1ac93060
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35494
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/3263477118759043584/ Frame A705
20 KB
4 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/3263477118759043584/index.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b076101487cbac8906c8953abefe6faa66f231ee9f48afde2b15f232692da126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
273817
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3775
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Mar 2023 01:00:14 GMT
expires
Fri, 08 Mar 2024 01:00:14 GMT
last-modified
Fri, 13 Jan 2023 13:51:30 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame F02D
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst30F-Ztf3WAOsT047QBtM1KNQntI-kM7a8gNSz-jEolPPfrLtvcz9WAE4Sxuhxmp4wAxnsmOe1p1eS3XwEXH6Mb3yOVswBg1vlFf_bnr20mlC7rXd6-3So9ZpX-MFt7Vr3UfiHO7SFWyKDhdF5hArt_6g-XutEvQzbarSDtc7UYWF_MbDWyzgZfY5XsWktTJLlmVe9BtUqih_18soniFkQHhUhOSZnr5PlpJtCh4EBdFba5KCopY0g54awCbWdA36fRblWYMHq67ArUWOHr-emLT7RhW-bCgVrsnCBeIFZFFIGnuRQqENNy4hr3jIt5rJlMYjcIayU8GZTcrfy9shBuViQkoAmjOpDNuo7wvKIax_Dpmhj4SQbZCcN22hKcokXf1wwyLbx84GWu09Mv5OZfCV_pgyPxuBJgI2g60qquruqQINqvouDIiCit71fUPExmp5yEjcSahm12YxHgLf8wzrzbq_HheTFFy6SO054_1dKbayeU9atEHZUuA04ObptMyngKxqGcKN9C5-JPYHxHzDJNuodJ_qZzgDKs4htYZJd1fmS0qZ_h4wFZbL-9lbDyzK4PgaN1udSkHd7l9e7LVteBPmNHaJVJ-_YfM8S_X1ub0Q_rOZd9ULKxemP4JDJ4_eqstJ1JypC9wRTJFv2qwAYozelzXUeioPRF8MDwygq-iDVaGRuIl6GRK40-D3SOrmjf0pMq8STo5aTT_o4d2eBNic5NuE1zu5zpx4OF8oRxTfum49U9tmRUPC69zAqJh0B3iRV3ghOi5g4Ks1JcqkEmXVcwxq44omGMZhWtMMVE8B7JDvc2cONc2XlinStQQrEwxaxWSr6Py3t_tUmUHBpP9xuyCGkTzUkOz5Ysyc_PjeVir7w80D1nOYJNC8sUDlM6k3TyRDDVYw6T1ytNSfCseCJKQwpR5ZblduA7n05xzty3jxPPwgiQlnbytCD-nAehHyI_dfeIdIHyOpPWhh6N8dhR8lCDs5B19ng1LPCaudUfiYZ-aQ6u1bXCi7dYLDX16LJdoDydMs74w8WaTHNgxhO8Z5vWjHFUymqzW6YHisNpnPDC3f7JRFlJ5ut4Z5-MjZ5Fm4OEyqNPGFnDLB5S80j--LlEH8sbHDw8p2t8bijyrtktnbJzospq9UzvUUFQkFBcHqrG4emCpl8Fd0CkFAI8x-aq9ZBu2rgqxTltOfIS7yuJIDPK4EogJVlHyKBC46nX_d7sGUjO9IaP7qMcn4&sai=AMfl-YQkLXyEWoJbGxsJABCwORJWD6En76jKuo9Z8Q1ismXHY-JLfVkOTMm6JIHo5lICKMGvsfHyn3ZMvjoniYo90H4ISscTZz06zZPWe_EIKIGdZEjYqisCJ_Sc-Exog3yJWuR6rxHR2eHYLOHtNGBb9QG3CQDaG5-bCqkA1hj2N1qau54wggm2wF879FMHTsbtgqDyCiw0f5kNWKXwPXi3H-IKpoIo5_gVYZraOO9ubIIU87a_1iwjjMPw4n3MhxgcXEr9&sig=Cg0ArKJSzO0LLrqEfDQ7EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=651&cbvp=1&cstd=646&cisv=r20230308.93135&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 12 Mar 2023 05:03:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 12 Mar 2023 05:03:51 GMT
img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=29181076;s.a=3213511;p.a=357376930;a.a=548234172;cache=2461712631;
ad.atdmt.com/i/ Frame F02D
0
0

html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 69F7
170 KB
59 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Origin
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 07:15:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78485
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 Mar 2023 07:15:46 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/elements/html/ Frame 69F7
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 16:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
43589
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3023
x-xss-protection
0
server
cafe
etag
4221495933888618527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 16:57:22 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/ Frame 69F7
28 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b4a6ebe3e504b894684b8e94e18e39c512908b42313776600c3cde2452f04df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 16:35:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
44883
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10962
x-xss-protection
0
server
cafe
etag
11760670070698444384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 16:35:48 GMT
/
rtb-csync.smartadserver.com/redir/ Frame BED7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEIFMavVvMKNBXV4-EXA1e0o&google_cver=1
43 B
113 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEIFMavVvMKNBXV4-EXA1e0o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDy79cCGKL2kuIBMAE&v=APEucNXqUCjnBevCxvBch_eQnxiDG8Ww_uHD7a4rPcCDHM5kxe3wSNwGKQiRj6R7y-H_jbgtEULsvinK1IiDtV9qtbmCBqWlh43dBU9pZe5sRvMmbQGSeGZRUAbb7TwINKtDwNU0OcwpD8gXU9Cxo5tZQnwvzjHzseUolE86OQwFSpdMVJuwtFM
Protocol
H2
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:50 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEIFMavVvMKNBXV4-EXA1e0o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame BED7
43 B
113 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDy79cCGKL2kuIBMAE&v=APEucNXqUCjnBevCxvBch_eQnxiDG8Ww_uHD7a4rPcCDHM5kxe3wSNwGKQiRj6R7y-H_jbgtEULsvinK1IiDtV9qtbmCBqWlh43dBU9pZe5sRvMmbQGSeGZRUAbb7TwINKtDwNU0OcwpD8gXU9Cxo5tZQnwvzjHzseUolE86OQwFSpdMVJuwtFM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:50 GMT
content-type
image/gif
view
googleads4.g.doubleclick.net/pcs/ Frame EF85
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss0yQUO0S8urpH-jSxnncJx6lgNIbnQ8PFNTpiH2_DnSMKnWiwyUBriiFE7clE7Rw69kzJMnMUKVNYkNYCa3CuZGNv76qKa7wgm-Eic5iIkS_gSkuOwa8bhYBnqCgZhEjS3Gy4XGwuT6J7hOZjispTcW_01Rq1Is9eljfrdEyXXWsRI6PpuInUBGqmhvbocwdzP8sCHfuyE06qf8qOrEyf9fQtH-mjbbLO6znPXVzyl14EOlVEwrK05mLY7xxVqtOwVJD2wK10l4NN-jMKj_b7NtQJZOGIqJYvnRLhov4f9MgZFtbRQWUNQisl-npIAAOxNRX3XVWB5OFUmc0mXqeqSF4L91MFNjaOoY03DJTPA-bRYel58hYyHl2NfUJCwiUaugqYfJNGyx-2ZWzKkyDM7uEJ7le1qbhgF-mDIbL-EdSw3GMuAh3nStbdDC7Nhi-iSK55yWqXOVi_-iEKWunRdRlA15WgptaLEbbJh9YLnHv3sr1JOKlHHnDp3OcaVKHL4-mdEYaXD9fMt_QhuGj0921Fzt_nrEpVAMpv206RX4RjujEr2d3_dhBOYGJtzgDX36WN0uqI5JDicduKbuyh6tU4rWZ7Y6tqCo14N2L157vFRLVj1oa-KXIRorrZcpfN6WaOUWnPPobJAgN2uUL_0i5jWChWLTUwnHkDM_IGwzF2fEd_ALjzjYxmrX9O05onHnISvOX0gAG5LTPvppz7rURZRZDv6V5OvSXhO67xVlF5vf5HtYkJ5h1dfYJ7VBHx2sVaM2xWAV2tciRiJX1XY9FvQV7ZviO5CbQdHLgXcHqtAgcnEdqHXk0wt7L7YCSX2zUhSHhUdAdJAsOxn3jxaDL6b9oPIJWoHe0t7NMrtWXqZpPJft0GBdN0dMa9tgapVCeD7NeGHs0FkTzYckhydFRa6AoqT5lsd0JUGDlf1uLPKsGl_Fvooy7gU1JPTqXCfT12UPwbtHwG0p-TE1uHLRqRc2lfC3zZ9MWyqidrx8LOr9Wy6GaALtaF1-ZBJ3wBZCgjSb1OjqWPl87iM8xxPSGPH4-LUg-VYsYMTgUWPGMPcGlBf2Y6kb0MLhCwRe8KdsETVgIU2x6vewMHOTJCI4H9LE0-FTtIBvEhboMd7RAUKKBAHx6Z_3BxlrWihxDx_5LpfAjR8Zk6Gfqyl2DonLV3cPeqaA9Z6REAb6_2T6p8AngH-wJCGLYP4jLCbtgLtOptftY2zhdo0qw7iHlwG2S7pf5szE29jHemOt03446AwFFcTEauG0uAuvbhW1jktrliAfGQuvLtRX-et&sai=AMfl-YTkIEVBgFXo5CZbSnLwjzNu0IWuTRvGtAEzsixJILMp3ezyNy2rSi4SU0Vdzc0sNCoXmb_f8kAEyO_yZfs2NXrS9FkauLx8uh4V9F1oIb7MWXZ7B1PZ2yO4rj54ZyxsNwVXcSPDNYMNXoGy4_fKtygaZteVac3k3SlpTUm2QEV8vi18w9fobnHu8WnkDEUmU1eel8I4dXtGfEUbY7avdaSlTht5mO5d1qa7T1FbaQNaKaPtjtd3HDPHSQt3eYN07fFP&sig=Cg0ArKJSzEnCSUHJo1eTEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2356&vt=11&dtpt=1324&dett=3&cstd=1025&cisv=r20230308.53748&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 12 Mar 2023 05:03:51 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A4B9
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsviWzfMLaEkz3ucXLmQgYO6WOOsQ94ugxWE3ch2EdGajjxm6MY7814iOrOqfhPp0BLjvWKSLqqO7cFRXcHSs5jsGtXhTzOea7Pcogd_LAM3T4CyElEuPQ5AOPA4lizrLrh54rT9-VDA08IbwAmvD_OC-s9HjiNLcgvxkwYWNqKf2WGZ5h3LUfph6WBKLatf3qxjzUlRfDq77suikt2NJ5Ae6g14q6WuDCQk9Hk76hlpNmssUBjuRp5mKB35yzpRnTVBZ3ZbYCQSVx2pUyzb9MQiJDklRXT4AmWbPK3QFdCPhlqou7P4jWLNMzUsv6tHTonbIAgcVEUTGdCqLnlg8LYBgBU8r2VpTlOzoG_06ECNAH9lugFoKM8RQCJVC16HBMUopjAZqBGNCUM7h6Ao7431VVKzGJJluOOrdd0b9r9rkbLpwIMN8zjvn7sglmAIV-GwMyuHPcHBq--T2POmElYE1v1PJt2rh97iHuidt3eNb-HHH7WBUqu52pAau1N0G6oiPcycLYTJY5H3yVCXOjk3Pv7TV0OzEVqUjWsUAW5H8Ns6GfXV4M0iRyvMo2gTKB13Cu7ERr0bxXBioGt28FutGel328nU0CVzwGCYm9Bzo13AMx4TqqMBABYud-hRypEDskNMRE4fNP49PpV1HUiKe7h4sut-HHEvkGbtFoOPupVnxjULxfFei9Glf8UkZlpzukdjsWV9tVmFHFgkhPgDIjqEgDCn5VFHQv0-h5VVQu_p-hixbuH_YsDsAisZScd9QdVT24a6bjNCM3y2Z9znIP-aF3CL8HLZWdht61-gzGu3sLNwITgxhSEHR1wttowjDmp76PtKJy90Dfb4nb0k0iv4nnO916BBHbnQLBgWoPGuAI9uJxmJx5LVdX2GKI-DX0u_CRoQMTZ9EDMlrg6A4C4Q2nZj19DPMlRxXBTsI_YkShurr7aLvCW7IXfyz6SBq3TN13pjS6OXHNeSWNtm1lDHoKzt0BI6GaXiHhHIRLENnC1u7nzJoaPyUb1s6eNIzGnqrvVe-rcsDbO0fTMEv4sYdOGKnGttewdqf4Y7Os9a-q2AD_rKohgOnC_sOj7yQQDTPKnx2s6YDrn_1bL0FXZB_M_uJmDch5Lj5_u_ssXJIKVFw4PJwg_6mOC8no7yiZS7YG_zX-FGBwDYllLp7eGDoKNh11P_NiFnAjbtAyoJjtoZ6iNi_40x1vgPBGXslgfKRaTfNnM5fE6K3G8Qxg3EdEvVvQTb&sai=AMfl-YQZMn4X8LDG-NFlOHI26PSgfZwa-k0gIcJlDa-Z2xwd_fa2WN0DSfldZiBM0dzLYFFAskjbvPGJSHw6A0yzDAdV88gSFjtPXYE0WkpQ4Q5qRKub5PzbFAQza8YBCXbxcaNapK3_sEJ6h7NoKeqd82Fq6tsQnCV226wDAg1KWR-Tg5QCxE8UhWuxMb5Oa66SGVgmrzMmzhIMghnIFdNgylX1lVNWhPAf7CjpeDwrjdTTCJNcQutUcvDCBps&sig=Cg0ArKJSzIfViXGGeN9AEAE&uach_m=[UACH]&pr=8:AC0AD94828DCB114&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=339&vt=11&dtpt=338&dett=2&cstd=0&cisv=r20230308.32486&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 12 Mar 2023 05:03:51 GMT
dt
dt.adsafeprotected.com/ Frame EF85
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=92ef7120-c898-93bf-66e6-d8dafa294eda&tv=%7Bc:6CxhSx,pingTime:-10,time:1786,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTExLjAuNTU2My42NCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000020222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1678597431313%7C%7C8deb1da76730b20bbc74774bb28246b1%7C%7C048cfc492222ea08fb0159cb46ab52cc%7C%7Cda1639b6d1fa8d55718e90dcb61845a9%7C%7C8d9ff50ff7fa4a41e2349790144874cb%7C%7Ce6b648f32f5a1c31ee4dc8a76f4c6fab%7C%7C1d48ba9beccde0f3f210383c2717fe06%7C%7Cde6797a1da2828cc2b3bf2aad93dda12%7C%7C1663701684,im:%7Bpci:%7Btdr:1740%7D%7D%7D
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bc24:2ed2:9346:d7ba Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
server
nginx
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
be5378b0e49920c13f3cf085dd30e34c.svg
s0.2mdn.net/sadbundle/3263477118759043584/images/ Frame A705
282 B
235 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/3263477118759043584/images/be5378b0e49920c13f3cf085dd30e34c.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3263477118759043584/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40a1019fdab5886ad4f109e8c7ec6f46751c04c5ca107ea41653a80cb7bb86e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3263477118759043584/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104136
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200
x-xss-protection
0
last-modified
Fri, 13 Jan 2023 13:51:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Mar 2024 00:08:15 GMT
0a675dd3dcff790ce5d077ecbf84ab0e.svg
s0.2mdn.net/sadbundle/3263477118759043584/images/ Frame A705
14 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/3263477118759043584/images/0a675dd3dcff790ce5d077ecbf84ab0e.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3263477118759043584/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b08e612d62809f76537387641695e80be8a6d39935dfefb420ca6cb42cb6314
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3263477118759043584/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 05:21:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258118
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1578
x-xss-protection
0
last-modified
Fri, 13 Jan 2023 13:51:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Mar 2024 05:21:53 GMT
89c7bd4a9244fa0ca692833494d2f13d.jpg
s0.2mdn.net/sadbundle/3263477118759043584/images/ Frame A705
38 KB
38 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/3263477118759043584/images/89c7bd4a9244fa0ca692833494d2f13d.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3263477118759043584/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7c87f2c48785e7064c957c752d54851998571daec41f55e31a4972c18892f37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3263477118759043584/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 14:00:08 GMT
x-content-type-options
nosniff
age
140623
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39239
x-xss-protection
0
last-modified
Fri, 13 Jan 2023 13:51:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Mar 2024 14:00:08 GMT
1160b1a08024ec5cecf4add9c010b551.svg
s0.2mdn.net/sadbundle/3263477118759043584/images/ Frame A705
813 B
432 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/3263477118759043584/images/1160b1a08024ec5cecf4add9c010b551.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3263477118759043584/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b9e0b0db3a19e8603578ea612cfce5f6c9222dc979754f9465a7375370cf930
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3263477118759043584/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 21:07:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114998
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
395
x-xss-protection
0
last-modified
Fri, 13 Jan 2023 13:51:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Mar 2024 21:07:13 GMT
e40c19666bc811b2d7f242927afb7be5.svg
s0.2mdn.net/sadbundle/3263477118759043584/images/ Frame A705
5 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/3263477118759043584/images/e40c19666bc811b2d7f242927afb7be5.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3263477118759043584/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5824bb199f36a42c091df319b8e05bc4a3668988cff9bef3f6aed944a49da911
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3263477118759043584/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 05:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
257629
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1946
x-xss-protection
0
last-modified
Fri, 13 Jan 2023 13:51:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Mar 2024 05:30:02 GMT
e05a14bc49c8f29b78c086cca8895314.jpg
s0.2mdn.net/sadbundle/3263477118759043584/images/ Frame A705
34 KB
34 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/3263477118759043584/images/e05a14bc49c8f29b78c086cca8895314.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3263477118759043584/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87fd9fed09b825db82f2c6c42868871e6a8f8ac4344f2587db3bcdad4476f08f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3263477118759043584/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 16:36:43 GMT
x-content-type-options
nosniff
age
304028
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34411
x-xss-protection
0
last-modified
Fri, 13 Jan 2023 13:51:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Mar 2024 16:36:43 GMT
d4d51f757b746ec0e01f8b2f9f6db617.svg
s0.2mdn.net/sadbundle/3263477118759043584/images/ Frame A705
857 B
479 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/3263477118759043584/images/d4d51f757b746ec0e01f8b2f9f6db617.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3263477118759043584/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eca81edfd1a3c8061eadd203630d09c4681620cd6aa063a891328f7ed6b3c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3263477118759043584/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 05:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
172537
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
442
x-xss-protection
0
last-modified
Fri, 13 Jan 2023 13:51:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Mar 2024 05:08:14 GMT
9ff38dfd2487d37191511179a7ebb735.svg
s0.2mdn.net/sadbundle/3263477118759043584/images/ Frame A705
147 B
179 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/3263477118759043584/images/9ff38dfd2487d37191511179a7ebb735.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3263477118759043584/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82b77cd1ab9532f7a1bdeacd50c37fd1f9fdcf2c433917ba0513f3cf4f00a394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3263477118759043584/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 08:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
331994
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142
x-xss-protection
0
last-modified
Fri, 13 Jan 2023 13:51:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Mar 2024 08:50:37 GMT
fbdab5cb2af6996abb1791ccae0eefb2.svg
s0.2mdn.net/sadbundle/3263477118759043584/images/ Frame A705
6 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/3263477118759043584/images/fbdab5cb2af6996abb1791ccae0eefb2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3263477118759043584/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93056e22d27e4790555c463d786a7428354169214992d1957255317e7bf10819
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3263477118759043584/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 05:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
172537
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2120
x-xss-protection
0
last-modified
Fri, 13 Jan 2023 13:51:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Mar 2024 05:08:14 GMT
90a4a4d2afb4a0e3d53dac3735b44298.svg
s0.2mdn.net/sadbundle/3263477118759043584/images/ Frame A705
2 KB
948 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/3263477118759043584/images/90a4a4d2afb4a0e3d53dac3735b44298.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3263477118759043584/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66cc46bcd958b87327c507bb2b3333176833d9b5d9be22cb1d771c425c9edc85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3263477118759043584/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 15:12:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
222677
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
911
x-xss-protection
0
last-modified
Fri, 13 Jan 2023 13:51:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Mar 2024 15:12:34 GMT
24eef6d3f6577b0c662e41f29548944a.svg
s0.2mdn.net/sadbundle/3263477118759043584/images/ Frame A705
3 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/3263477118759043584/images/24eef6d3f6577b0c662e41f29548944a.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3263477118759043584/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a500718fa6453092ab94c7a63ecc7de49492ea9cb793fff94f1913b50d027b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3263477118759043584/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 18:22:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
384059
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1238
x-xss-protection
0
last-modified
Fri, 13 Jan 2023 13:51:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Mar 2024 18:22:52 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5662
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
82065
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 11 Mar 2023 06:16:06 GMT
expires
Sun, 10 Mar 2024 06:16:06 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame 545B
35 B
464 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGmo8xz3UU7eOqDCvYqUBxU&google_cver=1&google_push=Aa02lx_bSXWs-OFIjKXoSVjkYa_E7R0jUl5JixYMzBJt4YoFvuw77XyvN7237qMv2BJVlu6gEuD31sFb0smTArqVykvcehNB4CIjBA
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 545B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECM_0FehjePldl_XiJocSkA&google_cver=1&google_push=Aa02lx8kIQrcj0V4wEVycoV4EbeBvMHxc9Pzcx9GDr0vA7vMcUmclH-d1W_iWsoeqzaGcouryG4zOLcM0XDNMoj6...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8kIQrcj0V4wEVycoV4EbeBvMHxc9Pzcx9GDr0vA7vMcUmclH-d1W_iWsoeqzaGcouryG4zOLcM0XDNMoj6zpzs-GSBohOnlQ
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8kIQrcj0V4wEVycoV4EbeBvMHxc9Pzcx9GDr0vA7vMcUmclH-d1W_iWsoeqzaGcouryG4zOLcM0XDNMoj6zpzs-GSBohOnlQ
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 12 Mar 2023 05:03:51 GMT
Server
MT3 569 46451a0 master zrh-pixel-x8 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8kIQrcj0V4wEVycoV4EbeBvMHxc9Pzcx9GDr0vA7vMcUmclH-d1W_iWsoeqzaGcouryG4zOLcM0XDNMoj6zpzs-GSBohOnlQ
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 12 Mar 2023 05:03:50 GMT
pixel
cm.g.doubleclick.net/ Frame 545B
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEN2uHBWmBsjQ6Fe_--mZm_w&google_cver=1&google_push=Aa02lx9CViiusVODUYZ8ePeNJ7OA5684Rpc297JtTA6U8qo95O6Im64bfheCjdupwrAySU555tU5rx_ahMiW0nfNjA-stL_BI98Vog
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B1C244863C294D64A78168B499299A4E&google_push=Aa02lx9CViiusVODUYZ8ePeNJ7OA5684Rpc297JtTA6U8qo95O6Im64bfheCjdupwrAySU555tU5rx_ahMiW0nf...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B1C244863C294D64A78168B499299A4E&google_push=Aa02lx9CViiusVODUYZ8ePeNJ7OA5684Rpc297JtTA6U8qo95O6Im64bfheCjdupwrAySU555tU5rx_ahMiW0nfNjA-stL_BI98Vog
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 12 Mar 2023 05:03:51 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B1C244863C294D64A78168B499299A4E&google_push=Aa02lx9CViiusVODUYZ8ePeNJ7OA5684Rpc297JtTA6U8qo95O6Im64bfheCjdupwrAySU555tU5rx_ahMiW0nfNjA-stL_BI98Vog
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 11 Mar 2023 05:03:51 GMT
pixel
cm.g.doubleclick.net/ Frame 545B
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBA4J1qI6Po-du4Yn7x_G_0&google_cver=1&google_push=Aa02lx9kCphvjc0EbRTIn4TXHYt-tmKQ37nPkhxIDGpIkdNpvXduYtC_AZQWqHL-WCRMj7qiAXxVWyTL79akSzhz...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8Gq1M5iWQzWMPp7nurcxMg2&google_push=Aa02lx9kCphvjc0EbRTIn4TXHYt-tmKQ37nPkhxIDGpIkdNpvXduYtC_AZQWqHL-WCRMj7qiAXxVWyTL79akSzhzyNsl3kVxK1QrQw
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8Gq1M5iWQzWMPp7nurcxMg2&google_push=Aa02lx9kCphvjc0EbRTIn4TXHYt-tmKQ37nPkhxIDGpIkdNpvXduYtC_AZQWqHL-WCRMj7qiAXxVWyTL79akSzhzyNsl3kVxK1QrQw
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 12 Mar 2023 05:03:51 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8Gq1M5iWQzWMPp7nurcxMg2&google_push=Aa02lx9kCphvjc0EbRTIn4TXHYt-tmKQ37nPkhxIDGpIkdNpvXduYtC_AZQWqHL-WCRMj7qiAXxVWyTL79akSzhzyNsl3kVxK1QrQw
x-host
tde-deliveryengine-production-86c874c4d8-zwq6n
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 545B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBq4ih0Tc1HNGwHEmoCZ1DU&google_cver=1&google_push=Aa02lx9yQIszG7DV5-CEtWprYzlk_aZJOIlXDeBgvHfPby5Ow3F6atqIGU3spVxbp5PHZteV-E2WFz__cXHV7Jiw08AY...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBq4ih0Tc1HNGwHEmoCZ1DU&google_cver=1&google_push=Aa02lx9yQIszG7DV5-CEtWprYzlk_aZJOIlXDeBgvHfPby5Ow3F6atqIGU3spVxbp5PHZteV-E2WFz__cXHV7J...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9yQIszG7DV5-CEtWprYzlk_aZJOIlXDeBgvHfPby5Ow3F6atqIGU3spVxbp5PHZteV-E2WFz__cXHV7Jiw08AYpftJW1PgFQ&google_hm=RV9PQSoTQJmT6NyIazyvhw==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9yQIszG7DV5-CEtWprYzlk_aZJOIlXDeBgvHfPby5Ow3F6atqIGU3spVxbp5PHZteV-E2WFz__cXHV7Jiw08AYpftJW1PgFQ&google_hm=RV9PQSoTQJmT6NyIazyvhw==
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9yQIszG7DV5-CEtWprYzlk_aZJOIlXDeBgvHfPby5Ow3F6atqIGU3spVxbp5PHZteV-E2WFz__cXHV7Jiw08AYpftJW1PgFQ&google_hm=RV9PQSoTQJmT6NyIazyvhw==
date
Sun, 12 Mar 2023 05:03:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 545B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECEVAPkxiCCIvrihZKtMEj4&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECEVAPkxiCCIvrihZKtMEj4&google_hm=ZA1dNJ9yL3bb7lkTptrZZwAADGcAAAAB&google_nid=index&google_push=Aa02lx_WTn7AtFi65P3nw_5_8UP62UKKh7Hs2...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECEVAPkxiCCIvrihZKtMEj4&google_hm=ZA1dNJ9yL3bb7lkTptrZZwAADGcAAAAB&google_nid=index&google_push=Aa02lx_WTn7AtFi65P3nw_5_8UP62UKKh7Hs2HD8eMPLTdXNLwD253iLfDFRweClUGvnmjaDI1MpqtYv7M4fFeRGR1rJpKSrSweh
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 12 Mar 2023 05:03:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECEVAPkxiCCIvrihZKtMEj4&google_hm=ZA1dNJ9yL3bb7lkTptrZZwAADGcAAAAB&google_nid=index&google_push=Aa02lx_WTn7AtFi65P3nw_5_8UP62UKKh7Hs2HD8eMPLTdXNLwD253iLfDFRweClUGvnmjaDI1MpqtYv7M4fFeRGR1rJpKSrSweh
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
sync
ssbsync.smartadserver.com/api/ Frame 545B
0
44 B
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEIrFlMDXqy4IT2UKGGoC_Lk&google_cver=1&google_push=Aa02lx9x3K_-2HNxzRS_VJf6q0z5d6s1vU_yogCaJ25RvD6on1UXKZ29ig5StT0En1azV7VasIjvUlaG7zI_JxTZJAPH68SQHzb88A
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:51 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 545B
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13InHj-OKo0v0JdH1n2ZOr0ZrOq7HKzu9G90is1xxvSPqGDGPkDLsCoV45nShA0NtjzfwZSD
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-F18EQH3BTV&gtm=45je3360&_p=1918949435&cid=729490629.1678597426&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1678597426&sct=1&seg=1&dl=https%3A%2F%2Fd1baseball.com%2F&dt=D1Baseball.com%20%7C%20College%20Baseball%20Rankings%2C%20Scores%2C%20News&en=page_view&_et=28
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F18EQH3BTV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d1baseball.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E655
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuFeXjtlV-tXk_Zv9OfvEyh_gNXGlPnMnb8ZRdXuMZkbapzM-lRT0VKau4GaJ3wGKY2q5fgpwYYjhBCndsiuLzGOLiS34GD4ed5DnLVpr6xfrdF_RBEzNVmEvMLwxdnjqPYYo78Zh2OYBNaFcTam50JD0UEBid1rvXhnxjZIOipZBnAi0X77KFgEBErkNu59pMNw5GpPtj_B0c3fgxzyoOOtNmtFOwAsnsAvcsYPREVfLseri84sbpCIOAB1bl4KqUbJJumckeWR2CK3ugtUCsp9QQLjkTaNi0rtQhwtlO7g-VQPglL_IXr6UQSAWGvxvi_l-_RnK8fBYrPfvOoivIIl8NTjoQzzCZfPRGTThKDFryRNug27vd82rJEmHFOgmtvY5McJqoNP15V4OMInznrHaur62SI3tLBHMLVH7cTmzdLCKXi5V-1-m0DNonmXUL8fPcGN0_GSQQ54LhtHHgbhegGY0KwRvroJv3MUoMzL2JlZkDfexsQhwHP_943pIiqFVrHBNUVokufmC8mMm0NtOP49OhV-QP9gud7g8h1SOMIHg5P4pdXkmww0C7lXAyiVsHb8p56DSQLK2PU7ckZnYVLE5rMnrnhOFdRLPkODQFXP-54VmXFJHMzHM_9piklhb9RSBTyWrWdkTPBTK8Ld2ZvJgp7YVmnJGbnmcVDTHkcxrc2s0xcvzpJP3eIj56vjbTZXxqyJ1pn0cym9TY82_aD1ohR0nUG80I1AEvNPMoBk87vOCDI7owACm_oOtp9o9GNfTOoMhaHZUN9wdv21H3hdbmXZJVJ15adqi89tRTskxuD6yId10o1Jyzgjxh0q9YRuajy1wB8UzwN7KuL3apJsEMjAe7hITeSyxFlZeIjfgcAdNuY3I1RmRZ--QW5YKmivhjQFusZ5el5cea3cMwyf20clxj534ctBVRhXQUFM-ILEEpoyDdMfdy2Rl255hIZ6-V0IpZopRYUbnrGy1nTuwtxN8UOFG7M3cSvj4b-vWP_9cBFhX94JE5lHdNqr1F6y4vgM2RjsC0-AO0xj22dLSEc7JMOUDpJc62jJhhQtfeC9iuqZhvhsmFAbFMLnO5LSBD3jAt3WlZ4geWpnlDbiKsxe8DT-iNClIGnfLK8F-GDc2NoOL7NifdNFXL14Xb5bQaENTCt82ajYqONHEfJVXfcndDclbEUx3Cpr8b9lXIZcMN6Kma_SmcQCb6H2mChKfqxXeVJ6WQYMITwAA7qdMUXpoF_mJM-3yXnGXSuNqZJ2wfOh89ENIuQg_e37g3iKV_t1hNOM-lIF2mR56VjKMYn5I0&sai=AMfl-YTt4RsWcXRSM9DA657rzGkAvrK5WYw7D98qcyxshagOkfEwh0i15wo43w7_M0oubTUEC2hoko1p961m3V6RHpY22K_8VUbUXHKSjyWbSKU-z-XQFbiGp4cNRAbvopuGr7KIak7MIsxpBzj_mNBbGgsA6tBlyqLqS7CYjahLKM8UU9YvLf36lOqeIl_zwXqLtraHWkgfRruBnfqygA3iaAYL9jpncsCyY-bwX7k6COAY96KLJd2VRtysTiJb-VQdN9M8Nh7xj1_dPTk-r2xp-ElknrLz_A&sig=Cg0ArKJSzG0XsqASnlV4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2052&vt=11&dtpt=1264&dett=3&cstd=779&cisv=r20230308.12915&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 12 Mar 2023 05:03:51 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 7FCE
106 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Origin
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 07:16:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78459
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 Mar 2023 07:16:12 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/elements/html/ Frame 7FCE
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 16:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
43589
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3023
x-xss-protection
0
server
cafe
etag
4221495933888618527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 16:57:22 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/ Frame 7FCE
28 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230308/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b4a6ebe3e504b894684b8e94e18e39c512908b42313776600c3cde2452f04df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 16:35:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
44883
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10962
x-xss-protection
0
server
cafe
etag
11760670070698444384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Mar 2023 16:35:48 GMT
usync.html
eus.rubiconproject.com/ Frame EDB9
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 12 Mar 2023 05:03:51 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1764
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
80537
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Mar 2023 06:41:34 GMT
etag
48472445140208031
expires
Sun, 12 Mar 2023 06:41:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F02D
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80208
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Mar 2024 06:47:03 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1A1A
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
80537
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Mar 2023 06:41:34 GMT
etag
48472445140208031
expires
Sun, 12 Mar 2023 06:41:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F02D
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f090c7e6dd7692a1054ed0646b590b3ca5a94711cf2bf16222c724c27514d8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js
pagead2.googlesyndication.com/bg/ Frame 0161
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f43a06d94a8643f863e607ce1e7e28ca31192278a7db3dd5a87a84e543aaba11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 07:57:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
75984
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14304
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 07:57:27 GMT
truncated
/ Frame A4B9
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c30fad058e885802dc2393faa4017b387bc13c2427e207eb39f074a49ea51a20

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame DA66
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3652555847590&version=m202301230201&ct=76&x=1&cor=5296266378636369000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame EDB9
33 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
92d4d5a6a2b357f0c44d723a2f9e237301f8c1614c02368c71febaea70b65696

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 05:03:51 GMT
Content-Encoding
gzip
Last-Modified
Sat, 11 Mar 2023 12:13:17 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=25762
Connection
keep-alive
Content-Length
9996
Expires
Sun, 12 Mar 2023 12:13:13 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1628
7 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c41a6cb75f679db85ddbc5b68d2b31770e33b14df2eb6a35168e93a3409d26f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5779
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/7314573151872791710/ Frame C342
108 KB
25 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=WfCpitZIAn&t=1&renderingType=2&ev=01_247
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22ec56df25744866a27efb0d3a95c71bec34cd151f986376a9f2e10f498760c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Mar 2023 05:03:51 GMT
expires
Mon, 11 Mar 2024 05:03:51 GMT
last-modified
Thu, 23 Jun 2022 10:58:10 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 69F7
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss6mhCtNZ366ZocOpt3vhc-S22Zlk2ZKq0tcTHoQBi42oVKl2WYgIZd5GV0Cp-TaK1rQfKrZP_oNlBUf1aygTJhXdsxy8Q4cp0DkLtoH3YJOMYAhF8qv7fEJDp8VH0QsBYjBEiS6PuKTZnxSbc7xu3588hq1g7YQ5JluHHOs3gbldX16SpsauCnVJHCxWZY_nguA0JBh2n7kEKpjMQij3NFNeJN-663EZzAf9FxSzoY8GQXDOeuQcD6B62PbX_bNh8PQlXdaSi_bvx2sIx4UbPWgv5b-mV0l9KNpzW2Q28kXDXMoYbtv7U1D8t6l5FnAC72HS5yFfGVSpdFwqtyc4hEA-pztX6CLnrBBvU-eJWwCmmVuWFeMNLtlq9C7OUiJArSsKwto5MDe0-fcX5iWAdH1IXjiu4HESNf98gxx99NkVybYG7krm3d25uLQ4UnRBn5-3lD9rTPyOrd48xi6SUURHbkqI-8-AUATEsd2iRi74Mf7-VIX0hjrbnt6gEKg_M4qXtEDEZYRErA86BX9VPYKDS3-GK6V8yvrpri8gA4ZKqHC7fE60enqPaMDV2h1xJlg3Po20xG7S_532GmY6_s8Uqah3D-45ROZ3vkP32tBsjvd1eXDsQbOTxUugOP0QO34CjL9s3JyMoD7EAfcgxHuvcey0IguUiByxhnnWET7AYiUsct-PvNc81adrUGAxAicOBNNknnegTVwtlb2GUBVH9iOt79qv_2mWK8kZZPOF74znivEfV3iclNlg6oSKw-yj6ntqA8A7maOTQJ7e8amvHCuv9GuQdM9Mtl-pm4jbyZt0gXXPbKblWtxhk8cK_2Ykbvo3Va3VJylYC5RF7mFlqevifYstnb6A2Q3ilAzy3aFGlGQdecLZj_8RbOVmMLLOfMsbQIzTnS1DDR-Y5vA8dzB7jZ4twTh0zS8SFX5wYVjcFnELabVSAkwSoHNZJRMUXBt31Uh-eGWDvt1L17uVXKDeUxRK_Quy44gDg0cQUvX2fELLAZP3Lfwif3FM3sn_KTHiV698ytJHhhYteFZcvo3KUOL5XuglJDNHIMwQhXZ7ELXXhJAsDNQV_jKyKjf6lyVtuZLuB7Jypvj11XzHtZo5LMcbccUORvF6Toht87_TFYLDpaBnBvsZEMKeRg3m3W83fY3K10Cy1GBW2e0BEXZ_jsVQ5wnK00EfBnW_i8seXnmEotPVJYDSHBCZnYV2lHPdkwfB6R3b5bKt22VXqXepzKMuI6vkMiEGNUaYTDfN9bAwcqDtC-bdjd&sai=AMfl-YSb5LKmDVmlD4nQ4ZjRneGagHG9FSNUbS4JLIMwgkMGlc8krLIHqVnUEbdZaFk-u4LDO9ICrmf-5WHituHExynzTs3Gvn1jc0rG5ijS5Ung6fVNUsxTy4mcYPf74Nn8LAVqi-rLe23uTdYu9F8dAW1g9E9jFN_sXrYNSIAXN8O_ct3PeJYZqcuopXaFQir2z4V2B1gI5QWTsG1HledUmiSratfHofolVokjcE22ZzIuoUTFHyBMJTZtVvctksL2-30z&sig=Cg0ArKJSzB7EVqSMSEYREAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=385&cbvp=1&cstd=378&cisv=r20230308.54194&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 12 Mar 2023 05:03:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 12 Mar 2023 05:03:51 GMT
cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 8DF1
2 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17990266662471768200/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 04:51:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1056
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 09:19:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 Mar 2023 05:06:09 GMT
logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 8DF1
3 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17990266662471768200/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 04:57:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
362
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1288
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 13:24:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 Mar 2023 05:12:49 GMT
tui_live_happy_white.svg
s0.2mdn.net/creatives/assets/4426814/ Frame 8DF1
8 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/4426814/tui_live_happy_white.svg
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c043552be6d98da422ec5c2946c7a6588600e29d9f2a871ba1ea1206d3db813b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17990266662471768200/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2962
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 10:17:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 Mar 2023 05:18:18 GMT
head2_2line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 8DF1
12 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head2_2line_paare.svg
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9711c16a64e8b4086724485013257f3ba812d103630ddd609e3bcc677a07a0bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17990266662471768200/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 04:53:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
608
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3441
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 08:21:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 Mar 2023 05:08:43 GMT
head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 8DF1
4 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17990266662471768200/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 04:57:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
375
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1610
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 Mar 2023 05:12:36 GMT
728x90_kv_paare.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 8DF1
36 KB
36 KB
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/4453672/728x90_kv_paare.jpg
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15ddf64a1db0b06797a274e5975f2303bbfd68ca43e0539ddb4f5aac2bcaa456
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17990266662471768200/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 04:54:45 GMT
x-content-type-options
nosniff
age
546
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37294
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 08:21:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 Mar 2023 05:09:45 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9798
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
82065
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 11 Mar 2023 06:16:06 GMT
expires
Sun, 10 Mar 2024 06:16:06 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame F02D
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst30F-Ztf3WAOsT047QBtM1KNQntI-kM7a8gNSz-jEolPPfrLtvcz9WAE4Sxuhxmp4wAxnsmOe1p1eS3XwEXH6Mb3yOVswBg1vlFf_bnr20mlC7rXd6-3So9ZpX-MFt7Vr3UfiHO7SFWyKDhdF5hArt_6g-XutEvQzbarSDtc7UYWF_MbDWyzgZfY5XsWktTJLlmVe9BtUqih_18soniFkQHhUhOSZnr5PlpJtCh4EBdFba5KCopY0g54awCbWdA36fRblWYMHq67ArUWOHr-emLT7RhW-bCgVrsnCBeIFZFFIGnuRQqENNy4hr3jIt5rJlMYjcIayU8GZTcrfy9shBuViQkoAmjOpDNuo7wvKIax_Dpmhj4SQbZCcN22hKcokXf1wwyLbx84GWu09Mv5OZfCV_pgyPxuBJgI2g60qquruqQINqvouDIiCit71fUPExmp5yEjcSahm12YxHgLf8wzrzbq_HheTFFy6SO054_1dKbayeU9atEHZUuA04ObptMyngKxqGcKN9C5-JPYHxHzDJNuodJ_qZzgDKs4htYZJd1fmS0qZ_h4wFZbL-9lbDyzK4PgaN1udSkHd7l9e7LVteBPmNHaJVJ-_YfM8S_X1ub0Q_rOZd9ULKxemP4JDJ4_eqstJ1JypC9wRTJFv2qwAYozelzXUeioPRF8MDwygq-iDVaGRuIl6GRK40-D3SOrmjf0pMq8STo5aTT_o4d2eBNic5NuE1zu5zpx4OF8oRxTfum49U9tmRUPC69zAqJh0B3iRV3ghOi5g4Ks1JcqkEmXVcwxq44omGMZhWtMMVE8B7JDvc2cONc2XlinStQQrEwxaxWSr6Py3t_tUmUHBpP9xuyCGkTzUkOz5Ysyc_PjeVir7w80D1nOYJNC8sUDlM6k3TyRDDVYw6T1ytNSfCseCJKQwpR5ZblduA7n05xzty3jxPPwgiQlnbytCD-nAehHyI_dfeIdIHyOpPWhh6N8dhR8lCDs5B19ng1LPCaudUfiYZ-aQ6u1bXCi7dYLDX16LJdoDydMs74w8WaTHNgxhO8Z5vWjHFUymqzW6YHisNpnPDC3f7JRFlJ5ut4Z5-MjZ5Fm4OEyqNPGFnDLB5S80j--LlEH8sbHDw8p2t8bijyrtktnbJzospq9UzvUUFQkFBcHqrG4emCpl8Fd0CkFAI8x-aq9ZBu2rgqxTltOfIS7yuJIDPK4EogJVlHyKBC46nX_d7sGUjO9IaP7qMcn4&sai=AMfl-YQkLXyEWoJbGxsJABCwORJWD6En76jKuo9Z8Q1ismXHY-JLfVkOTMm6JIHo5lICKMGvsfHyn3ZMvjoniYo90H4ISscTZz06zZPWe_EIKIGdZEjYqisCJ_Sc-Exog3yJWuR6rxHR2eHYLOHtNGBb9QG3CQDaG5-bCqkA1hj2N1qau54wggm2wF879FMHTsbtgqDyCiw0f5kNWKXwPXi3H-IKpoIo5_gVYZraOO9ubIIU87a_1iwjjMPw4n3MhxgcXEr9&sig=Cg0ArKJSzO0LLrqEfDQ7EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1188&vt=11&dtpt=537&dett=3&cstd=646&cisv=r20230308.93135&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 12 Mar 2023 05:03:51 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1628
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 12 Mar 2023 05:03:51 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame C342
118 KB
40 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=WfCpitZIAn&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=WfCpitZIAn&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 18:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37897
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 Mar 2023 18:32:14 GMT
index.html
s0.2mdn.net/sadbundle/4043993433838689384/ Frame 21D4
163 KB
25 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/4043993433838689384/index.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad7264a550bae2ce17a861172643a4bf68c4147bb12cb7cb3f85bc4afb0d78f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
109414
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
25260
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Mar 2023 22:40:17 GMT
expires
Sat, 09 Mar 2024 22:40:17 GMT
last-modified
Fri, 24 Feb 2023 14:40:06 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 7FCE
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssl9hxUFWcjl2Jl9ccxyo7ziR5FK9Nw2ogKWgQSClgSNDRTL-1M1c1KUFuAA_tNdLpB74cUj1z3prxt75596UW4xhBqgFu--la7m21z01xV37Gz9MLPAZb1lPXIWhkF0uHVwzrxAfKlpwarNg97tF3cPtsHWu5eKYT4VbiA3tSonQaNgcwvjAnvyi4DJWiO6riKBAJ3nY1NBxiV2Z_tR-2cJd5TqSTnEkt4tKyAHb-dbLEFDq0jUHzDVM1satuJZgrxESNnHaic4JoJlPdLK0CbIhv3qEJ6_GmUTj7lqqAvwImmFJkWjeTCNtxEBMFFMahAW-6eJuN3lgxa8N1HxhKOjc10qW2EB8b6g8x-rEpuAu1kpQpObkqx_Vjm_hRfEYbSrnXFgFNQeebgRr4evocbZNtPmza3CboPUk_bO0977V7y2Cp4_EfRzI0-8bh3Xg1Q3WWtBzuwIPQT4EO6BCvi1jY4_PXkiWgyObtp84zVuDsjI-IwBLngfVjmKkJhUvb4tGpbpqHEXyRzJq8mCdzUWu0-46qpWsiCnFDCsCUNoMLpxI9EckAZrezoikAel0XvnPhkuH0bIQ3ibRPhg4Lfh1DzQRCAdEUH5PgPS-xLVJAX0mXpoVrkWYMHoa-kQUa92IIKiABd4JXyZcMoBsCv8embAOZ_EJS0fCgtE0cbGuJK9fqeHkhudrAw-62JvtEL-Oi9YKECGsKif_O4c1dOLrJbZpN01zjFH6c8V4EEbVrZKVGxGANxfewz7440rCuHIC2RMNjxtxlgWjmVFqq5dg38ShPESYVfvEpRkh29asLwms3rSdFFlbAmT8HSbCbI209PTohE3W7GsGvP3zhTi1EYZPav7LUXWKOcKerwgZmKNS-hZfhtmBeqshyfA-12HLPHdnrPm8WSMazHdOQys9w9jR0GlDjDHoR1BV_-nGOOLEESU8h6JgqrTWUXEfRVZEhGs58XUsgLrT67eYnbRi0skT2mgkRrygqYeVegq78RjdbVrkl9bnKKcVsMaldmBrscqCmjxCr7-3_k0gJBxXIme4s40X1rdP03-ZKCBAe7FSe9LPRTjYRubXFjjgifur4ZgY0g-fPZI0_PeXyIWPsqpFZvTnMD_Kq0mbGQkmcXo-n9Qm1l0RfyX2Fk6gcy3NJ2iasFbXLTdIhRWGP1o95nMVtlaTZDQJiaUojbDC1tgIT0XbIffrUHDD5i8pPKD-D-FUmlAHvajf1sDaPLrjiqmducYLJubTBdcI6oQBTk6txxK_C0kfM&sai=AMfl-YTOyh4WqjcRjkXT-zMkbgsWkJYxuIuViKPphfWpW5DRfC50dPvzBXKdXmz7Z7rOk0kwxBujzYn7_SGk77HxQFDACiFWAsyTAiknpOrz19VYlzpp9un5V4gMlwYB0w4J7P0cBLPa9dsefuR4Q2D75Uv8A6mq67XGxiYLWIHomd-1YLQlx5kcuSwWlvQHWSumL-wq2WCObAI7s-Gb0Ef1FDaihy8TaNJ-2cCipcdAWiiS7FXI1-xgN2phQy-LSjsAlJr9&sig=Cg0ArKJSzDPpednxPxl-EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=232&cbvp=1&cstd=224&cisv=r20230308.20052&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 12 Mar 2023 05:03:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 12 Mar 2023 05:03:51 GMT
pixel
cm.g.doubleclick.net/ Frame 1764
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELAmbbcEctSUex1JqN9rabU&google_cver=1&google_push=Aa02lx_Sghl_8suidIF14xVDv0ugKnHMY76tfS25hYTxB1c-SMPscHx2dC...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx_Sghl_8suidIF14xVDv0ugKnHMY76tfS25hYTxB1c-SMPscHx2dCB9T8ajpzwKj99GVewJWJc-8iskyFBkWJIz4EhRea_p&google_hm=7KmgqN9doHX4...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx_Sghl_8suidIF14xVDv0ugKnHMY76tfS25hYTxB1c-SMPscHx2dCB9T8ajpzwKj99GVewJWJc-8iskyFBkWJIz4EhRea_p&google_hm=7KmgqN9doHX4h2oE4sdp3Q
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx_Sghl_8suidIF14xVDv0ugKnHMY76tfS25hYTxB1c-SMPscHx2dCB9T8ajpzwKj99GVewJWJc-8iskyFBkWJIz4EhRea_p&google_hm=7KmgqN9doHX4h2oE4sdp3Q
pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1764
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENJfCH5-0ZnWRBxJxKIejOk&google_push=Aa02lx8S8Uvvd73GyaRuqI2r9FF0E0tTf1XUQkAlaYM0rN75dC-gzc_gVD...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENJfCH5-0ZnWRBxJxKIejOk&google_push=Aa02lx8S8Uvvd73GyaRuqI2r9FF0E0tTf1XUQkAlaYM0rN75dC-gzc_gVDbBRviTVXmb_Pkyrxk7C1BnjGvMfWdtwQfcFSeDqrUQ
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230061-FRA
pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1678597432.793633,VS0,VE92
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENJfCH5-0ZnWRBxJxKIejOk&google_push=Aa02lx8S8Uvvd73GyaRuqI2r9FF0E0tTf1XUQkAlaYM0rN75dC-gzc_gVDbBRviTVXmb_Pkyrxk7C1BnjGvMfWdtwQfcFSeDqrUQ
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 1764
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEId0yM0-KMo4fhTpcAaL54A&google_cver=1&google_push=Aa02lx-XoQL3T2qbk0v1f_oiP0u6dyGZZOg36y_jvYfQG7TvntQ3kHPQb1fAX51QeuwbBKx21jROtlodwAqL2TVOcfbNgEEK2jg
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B1C244863C294D64A78168B499299A4E&google_push=Aa02lx-XoQL3T2qbk0v1f_oiP0u6dyGZZOg36y_jvYfQG7TvntQ3kHPQb1fAX51QeuwbBKx21jROtlodwAqL2TV...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B1C244863C294D64A78168B499299A4E&google_push=Aa02lx-XoQL3T2qbk0v1f_oiP0u6dyGZZOg36y_jvYfQG7TvntQ3kHPQb1fAX51QeuwbBKx21jROtlodwAqL2TVOcfbNgEEK2jg
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 12 Mar 2023 05:03:51 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B1C244863C294D64A78168B499299A4E&google_push=Aa02lx-XoQL3T2qbk0v1f_oiP0u6dyGZZOg36y_jvYfQG7TvntQ3kHPQb1fAX51QeuwbBKx21jROtlodwAqL2TVOcfbNgEEK2jg
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 11 Mar 2023 05:03:51 GMT
google
match.adsrvr.org/track/cmf/ Frame 1764
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAwsTo4P0UtZmUvhWuqkUMA&google_cver=1&google_push=Aa02lx-n9vvt0CLnNQGyBiVKQ3nmGfxF7Zyh3R2qHAxDbKExCii6LKC16Cvzcra40a2VhHjoy5O3qnO_lwYqzFQ9lC6j24MgOzul
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 1764
0
173 B
Image
General
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEE1mJnKoUY0ReMFukC-JGsc&google_cver=1&google_push=Aa02lx-PoRT6d5WfXfHQSbm8wvIEFePerwv-YUJWeldRgdOW3cYEyZMnYbxmUCLoVZIRsZJm-rHPI9AZT_mqx7kT_xjbdDtKsHu3
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:51 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 1764
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEL7YOXD4CME0ASd7r-DFvVk&google_cver=1&google_push=Aa02lx9LSMQeIwDBvfWQJt847M-dLGFhrJ8PcxpycU7iwAePUrwKlGUEW_u2bjOqvAkQTb9zOCS1Nh70wkPfHo5234l6Xt...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEL7YOXD4CME0ASd7r-DFvVk&google_cver=1&google_push=Aa02lx9LSMQeIwDBvfWQJt847M-dLGFhrJ8PcxpycU7iwAePUrwKlGUEW_u2bjOqvAkQTb9zOCS1Nh70wkPfHo52...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=xokTO9VSRz6T3szRKEKJ0Q&google_push=Aa02lx9LSMQeIwDBvfWQJt847M-dLGFhrJ8PcxpycU7iwAePUrwKlGUEW_u2bjOqvAkQTb9zOCS1Nh70wkPfHo5...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=xokTO9VSRz6T3szRKEKJ0Q&google_push=Aa02lx9LSMQeIwDBvfWQJt847M-dLGFhrJ8PcxpycU7iwAePUrwKlGUEW_u2bjOqvAkQTb9zOCS1Nh70wkPfHo5234l6XtBSBokk
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=xokTO9VSRz6T3szRKEKJ0Q&google_push=Aa02lx9LSMQeIwDBvfWQJt847M-dLGFhrJ8PcxpycU7iwAePUrwKlGUEW_u2bjOqvAkQTb9zOCS1Nh70wkPfHo5234l6XtBSBokk
access-control-allow-origin
*
date
Sun, 12 Mar 2023 05:03:51 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 1764
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECRY2YGFeVF6lM9JdUwn6YA&google_cver=1&google_push=Aa02lx_0tBmTTu5o8oDHPmoVX06iVPFqADiAz162HKtkLTf-h1O0kCi6byvILo1GDqougSLUz-...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mSEFUUkZkRTJ1R0lwMnVWVUhka3hfUktkSTFiUGR0S35B&google_push=Aa02lx_0tBmTTu5o8oDHPmoVX06iVPFqADiAz162HKtkLTf-h1O0kCi6b...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mSEFUUkZkRTJ1R0lwMnVWVUhka3hfUktkSTFiUGR0S35B&google_push=Aa02lx_0tBmTTu5o8oDHPmoVX06iVPFqADiAz162HKtkLTf-h1O0kCi6byvILo1GDqougSLUz-QmBXxRPzB7Y_Un2DOu3PNjISrEnQ
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mSEFUUkZkRTJ1R0lwMnVWVUhka3hfUktkSTFiUGR0S35B&google_push=Aa02lx_0tBmTTu5o8oDHPmoVX06iVPFqADiAz162HKtkLTf-h1O0kCi6byvILo1GDqougSLUz-QmBXxRPzB7Y_Un2DOu3PNjISrEnQ
date
Sun, 12 Mar 2023 05:03:51 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 1764
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LG_JCadhWcluOZrHsT3tK_ckmgGugGMe1Cp0obaXDZLrZCXVVcpXTr0atzFX_UyZpB6Qyn3g
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 09CB
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
82065
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 11 Mar 2023 06:16:06 GMT
expires
Sun, 10 Mar 2024 06:16:06 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 1A1A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGCUygPGXncJ2bZ3IXBaGMw&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGCUygPGXncJ2bZ3IXBaGMw&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b0d6anpvazAxUEJkUzc1&google_gid=CAESEGCUygPGXncJ2bZ3IXBaGMw&google_cver=1&google_push=Aa02lx-I40rEfRN5shTzFaaY4qZhdMN8t29rh0FC1gm3a67...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b0d6anpvazAxUEJkUzc1&google_gid=CAESEGCUygPGXncJ2bZ3IXBaGMw&google_cver=1&google_push=Aa02lx-I40rEfRN5shTzFaaY4qZhdMN8t29rh0FC1gm3a67rJz6qBFo609iIe4OSjQy51xg2Z8dibqMZ8rRn-FtBHzggr95ouLrHvA
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 12 Mar 2023 05:03:51 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-769-g9857bbc#rel-ec2-master i-00e9cdd216e437ef6@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b0d6anpvazAxUEJkUzc1&google_gid=CAESEGCUygPGXncJ2bZ3IXBaGMw&google_cver=1&google_push=Aa02lx-I40rEfRN5shTzFaaY4qZhdMN8t29rh0FC1gm3a67rJz6qBFo609iIe4OSjQy51xg2Z8dibqMZ8rRn-FtBHzggr95ouLrHvA
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1A1A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDuwhtq-U7UU7QeeUmeH8ck&google_cver=1&google_push=Aa02lx_NdKbH4LGNF5bvkylgieOPB0UHvjjzEBoMHZWKzymHtM0Ao6wa_5Ggxl7AE_pPGDMjoFsD4baez419vM...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwOTUyMTA2OTMwNTIzMTUwOQ%3D%3D&google_push=Aa02lx_NdKbH4LGNF5bvkylgieOPB0UHvjjzEBoMHZWKzymHtM0Ao6wa_5Ggxl7AE_pPGDMjoFsD4baez419vMs0OC...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwOTUyMTA2OTMwNTIzMTUwOQ%3D%3D&google_push=Aa02lx_NdKbH4LGNF5bvkylgieOPB0UHvjjzEBoMHZWKzymHtM0Ao6wa_5Ggxl7AE_pPGDMjoFsD4baez419vMs0OC1RQPOgWvETWA
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwOTUyMTA2OTMwNTIzMTUwOQ%3D%3D&google_push=Aa02lx_NdKbH4LGNF5bvkylgieOPB0UHvjjzEBoMHZWKzymHtM0Ao6wa_5Ggxl7AE_pPGDMjoFsD4baez419vMs0OC1RQPOgWvETWA
Date
Sun, 12 Mar 2023 05:03:51 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 1A1A
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEO94Pkqc4tZDa1Kv1s0QcjE&google_cver=1&google_push=Aa02lx8TUgmFnLtVBK5pXMe0s80ZGERrclIBX7nhG_DSsFke3FeSMhu9FZ56X_I2YZHcPMD8YCONN1K7qJjUkTm0...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8Gq1M5iWQzWMPp7nurcxMg2&google_push=Aa02lx8TUgmFnLtVBK5pXMe0s80ZGERrclIBX7nhG_DSsFke3FeSMhu9FZ56X_I2YZHcPMD8YCONN1K7qJjUkTm0sU5GDTV8BKpwsg
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8Gq1M5iWQzWMPp7nurcxMg2&google_push=Aa02lx8TUgmFnLtVBK5pXMe0s80ZGERrclIBX7nhG_DSsFke3FeSMhu9FZ56X_I2YZHcPMD8YCONN1K7qJjUkTm0sU5GDTV8BKpwsg
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 12 Mar 2023 05:03:51 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8Gq1M5iWQzWMPp7nurcxMg2&google_push=Aa02lx8TUgmFnLtVBK5pXMe0s80ZGERrclIBX7nhG_DSsFke3FeSMhu9FZ56X_I2YZHcPMD8YCONN1K7qJjUkTm0sU5GDTV8BKpwsg
x-host
tde-deliveryengine-production-86c874c4d8-zwq6n
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1A1A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKRagLkEu5E9Lv8eJSE5BGI&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKRagLkEu5E9Lv8eJSE5BGI&google_hm=ZA1dNJ9yL3bb7lkTptrZZwAADGcAAAAB&google_nid=index&google_push=Aa02lx_-hk_9B2krrU7zmXH6rI8JuSmumnHhh...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKRagLkEu5E9Lv8eJSE5BGI&google_hm=ZA1dNJ9yL3bb7lkTptrZZwAADGcAAAAB&google_nid=index&google_push=Aa02lx_-hk_9B2krrU7zmXH6rI8JuSmumnHhhkQ1Te7nMHnm7rsrjzcuR3piap7f-AMf3zzJq3j41kmjfA3bxpFxB4SNvdSxS8Tv7Q
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 12 Mar 2023 05:03:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKRagLkEu5E9Lv8eJSE5BGI&google_hm=ZA1dNJ9yL3bb7lkTptrZZwAADGcAAAAB&google_nid=index&google_push=Aa02lx_-hk_9B2krrU7zmXH6rI8JuSmumnHhhkQ1Te7nMHnm7rsrjzcuR3piap7f-AMf3zzJq3j41kmjfA3bxpFxB4SNvdSxS8Tv7Q
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame 1A1A
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHii2LNh8hzp1wXNEs9RN74&google_cver=1&google_push=Aa02lx8qx8IppNGSglWoUoPcCBGmrKCRwLkNYhXO9irzLhF3ZjRPX5qVs3JHaMwZLdeHCuY0nGX-5581oYFjtPQzn...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHii2LNh8hzp1wXNEs9RN74&google_cver=1&google_push=Aa02lx8qx8IppNGSglWoUoPcCBGmrKCRwLkNYhXO9irzLhF3ZjRPX5qVs3JHaMwZLdeHCuY0nGX-5581oYFjtPQzn...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8qx8IppNGSglWoUoPcCBGmrKCRwLkNYhXO9irzLhF3ZjRPX5qVs3JHaMwZLdeHCuY0nGX-5581oYFjtPQznixVwGJj-t9F8A&google_hm=GS9vsGZHm8_w_HXOSXOV...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8qx8IppNGSglWoUoPcCBGmrKCRwLkNYhXO9irzLhF3ZjRPX5qVs3JHaMwZLdeHCuY0nGX-5581oYFjtPQznixVwGJj-t9F8A&google_hm=GS9vsGZHm8_w_HXOSXOVGDAP
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 12 Mar 2023 05:03:51 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8qx8IppNGSglWoUoPcCBGmrKCRwLkNYhXO9irzLhF3ZjRPX5qVs3JHaMwZLdeHCuY0nGX-5581oYFjtPQznixVwGJj-t9F8A&google_hm=GS9vsGZHm8_w_HXOSXOVGDAP
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 1A1A
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEC8q5sJ7Yh3ND2aLguZDkLA&google_cver=1&google_push=Aa02lx9V9mD5lX3f8oYo6RBgGvydzW8GH4vnQX4s-imIbK-54QOPExRunqXnoM2YoC_sIvCjscT3OI_XJauDD2ox43m_t7W8S6N_
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjYxNjM2MTE1MTY4ODY5ODc5NzA3NA%3D%3D&google_push=Aa02lx9V9mD5lX3f8oYo6RBgGvydzW8GH4vnQX4s-imIbK-54QOPExRu...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjYxNjM2MTE1MTY4ODY5ODc5NzA3NA%3D%3D&google_push=Aa02lx9V9mD5lX3f8oYo6RBgGvydzW8GH4vnQX4s-imIbK-54QOPExRunqXnoM2YoC_sIvCjscT3OI_XJauDD2ox43m_t7W8S6N_
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjYxNjM2MTE1MTY4ODY5ODc5NzA3NA%3D%3D&google_push=Aa02lx9V9mD5lX3f8oYo6RBgGvydzW8GH4vnQX4s-imIbK-54QOPExRunqXnoM2YoC_sIvCjscT3OI_XJauDD2ox43m_t7W8S6N_
date
Sun, 12 Mar 2023 05:03:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 1A1A
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEAnHBtsbUH-rG1b07uouz5Q&google_cver=1&google_push=Aa02lx99a2G3pAvcl...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzQ0MzU2Mjc3NjU0ODQ0MzU5Mw%3D%3D&google_gid=CAESEAnHBtsbUH-rG1b07uouz5Q&google_cver=1&google_push=Aa02lx99a2G3pAvclMMhXsWjVvXDxWwTrk...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzQ0MzU2Mjc3NjU0ODQ0MzU5Mw%3D%3D&google_gid=CAESEAnHBtsbUH-rG1b07uouz5Q&google_cver=1&google_push=Aa02lx99a2G3pAvclMMhXsWjVvXDxWwTrkzoBhvqwV0XOt7QTH0PtfBVK2RnQ6dU4pnml5e7mAYIZva9lZGejY4lmqqMkZe_REzybv0
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 12 Mar 2023 05:03:51 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.201; 80.255.10.201; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
dca7d34a-18d9-4c1a-87f7-635192bb826b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzQ0MzU2Mjc3NjU0ODQ0MzU5Mw%3D%3D&google_gid=CAESEAnHBtsbUH-rG1b07uouz5Q&google_cver=1&google_push=Aa02lx99a2G3pAvclMMhXsWjVvXDxWwTrkzoBhvqwV0XOt7QTH0PtfBVK2RnQ6dU4pnml5e7mAYIZva9lZGejY4lmqqMkZe_REzybv0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 1A1A
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LWXmbdFCXU7L1RayX29EdGwRcrGZME0eF23hW9iCCZBHAKncxubMsNr9ZleK7c-Cc9mb2nCw
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js
pagead2.googlesyndication.com/bg/ Frame 5662
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f43a06d94a8643f863e607ce1e7e28ca31192278a7db3dd5a87a84e543aaba11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 07:57:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
75984
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14304
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 07:57:27 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 69F7
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80208
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Mar 2024 06:47:03 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 64A2
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
80537
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Mar 2023 06:41:34 GMT
etag
48472445140208031
expires
Sun, 12 Mar 2023 06:41:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 69F7
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3de296fe130894638a6b6533d724b08634986a1338aebcf9e09f5eecec231298

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
khaos.jpg
token.rubiconproject.com/ Frame EDB9
284 B
1 KB
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 21D4
29 KB
10 KB
Script
General
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4043993433838689384/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4043993433838689384/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 05:53:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83393
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 Mar 2023 05:53:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7FCE
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80208
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Mar 2024 06:47:03 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 24F8
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
80537
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Mar 2023 06:41:34 GMT
etag
48472445140208031
expires
Sun, 12 Mar 2023 06:41:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7FCE
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1409370db472d466f400f6807f0094d987e27d7a6fcb66b342bf6bc77dcc3794

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 21D4
30 KB
14 KB
Script
General
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=0.9779974923070209
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4043993433838689384/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:51 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx0000015bdd5c9ed468257-0063765d71-32940f80-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
blank.png_1668891844298_blank.png
s0.2mdn.net/dynamic/2/11029762/cdn.ad-lib.io/v2/partners/5c8fc746b301b0322c3f5247/assets/single-files/image/png/152d175dde739a79e9397f1373ad1fa6/ Frame 1628
930 B
959 B
Image
General
Full URL
https://s0.2mdn.net/dynamic/2/11029762/cdn.ad-lib.io/v2/partners/5c8fc746b301b0322c3f5247/assets/single-files/image/png/152d175dde739a79e9397f1373ad1fa6/blank.png_1668891844298_blank.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b45124cb404564b355f62ca079dcab451a55d21c26cf9ffcc69434d254c312b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/index.html?e=69&leftOffset=0&topOffset=0&c=8Z7cxM0A4E&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 13:38:12 GMT
x-content-type-options
nosniff
age
55539
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
930
x-xss-protection
0
last-modified
Sat, 19 Nov 2022 21:04:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 13:38:12 GMT
IGlogo.png_1668891844298_IGlogo.png
s0.2mdn.net/dynamic/2/11029762/cdn.ad-lib.io/v2/partners/5c8fc746b301b0322c3f5247/assets/concepts/5f4fffe045825c0006a0d7a7/templates/6357d27e4cf23ca019c91464/content/ Frame 1628
884 B
915 B
Image
General
Full URL
https://s0.2mdn.net/dynamic/2/11029762/cdn.ad-lib.io/v2/partners/5c8fc746b301b0322c3f5247/assets/concepts/5f4fffe045825c0006a0d7a7/templates/6357d27e4cf23ca019c91464/content/IGlogo.png_1668891844298_IGlogo.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6df419a42560ba41dd14ca27a7e3dc3d31154d28bdbe61b42dee9d0a092c124c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/index.html?e=69&leftOffset=0&topOffset=0&c=8Z7cxM0A4E&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 13:16:51 GMT
x-content-type-options
nosniff
age
143220
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
884
x-xss-protection
0
last-modified
Sat, 19 Nov 2022 21:04:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Mar 2024 13:16:51 GMT
IGcomLogoNavy.png_1668891844298_IGcomLogoNavy.png
s0.2mdn.net/dynamic/2/11029762/cdn.ad-lib.io/v2/partners/5c8fc746b301b0322c3f5247/assets/single-files/image/png/467e4808c42c02472ac2fad2da43786c/ Frame 1628
2 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/dynamic/2/11029762/cdn.ad-lib.io/v2/partners/5c8fc746b301b0322c3f5247/assets/single-files/image/png/467e4808c42c02472ac2fad2da43786c/IGcomLogoNavy.png_1668891844298_IGcomLogoNavy.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a8260f8a74804c1fe63793ecaf03c5884ad437d12ac3187be8f8508411f44e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/index.html?e=69&leftOffset=0&topOffset=0&c=8Z7cxM0A4E&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 13:16:48 GMT
x-content-type-options
nosniff
age
143223
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1618
x-xss-protection
0
last-modified
Sat, 19 Nov 2022 21:04:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Mar 2024 13:16:48 GMT
Volatility_EUR_USD_728x90_v3.png_1668891844298_Volatility_EUR_USD_728x90_v3.png
s0.2mdn.net/dynamic/2/11029762/cdn.ad-lib.io/v2/partners/5c8fc746b301b0322c3f5247/assets/single-files/image/png/c04180dd859a31ae427c3fb6ec7d46cc/ Frame 1628
49 KB
49 KB
Image
General
Full URL
https://s0.2mdn.net/dynamic/2/11029762/cdn.ad-lib.io/v2/partners/5c8fc746b301b0322c3f5247/assets/single-files/image/png/c04180dd859a31ae427c3fb6ec7d46cc/Volatility_EUR_USD_728x90_v3.png_1668891844298_Volatility_EUR_USD_728x90_v3.png
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0b33dced2daf2471c3a594f88967be061c79f7f5c48c830a58ebfd9168758be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/index.html?e=69&leftOffset=0&topOffset=0&c=8Z7cxM0A4E&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 13:17:36 GMT
x-content-type-options
nosniff
age
143175
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50178
x-xss-protection
0
last-modified
Sat, 19 Nov 2022 21:04:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Mar 2024 13:17:36 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E655
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhUeZ_-3Hhu9a5MB1xXopcQrZSRxM9A4pMhOpLqqZpI1fzPg9cZciq1BrE9Wqt9JS9eYQSh5j1C31J5tW-0oHbBEWxUALzVcjovIHksgc-VgeL-k72V2NAKuOCl4P-aW3yIwQIpA&sai=AMfl-YTg7BIZUv3t9CHdcJWAnimXpw-ld1ARgZbHfjko1sJXn144pbUJ3HonOE2tNj3sbikzqwcD5f5KNuA03qzcfCTAF7OZM_lVaTsOD5XZ6hytg-rzBB7oGd4wRTk&sig=Cg0ArKJSzASacgkiMDSlEAE&cid=CAQSOwDUE5ymMZOrlIfYBbk1w2aSTag3GPwVoYQcUIMKjngPokYVKkTVpFkGAf6AM-dP-lEa4e0pk940cFEcGAE&id=lidar2&mcvt=1067&p=1105,436,1195,1164&mtos=1067,1067,1067,1067,1067&tos=1067,0,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=808825833&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678597427987&rpt=2851&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js
pagead2.googlesyndication.com/bg/ Frame B4FC
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f43a06d94a8643f863e607ce1e7e28ca31192278a7db3dd5a87a84e543aaba11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 07:57:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
75984
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14304
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 07:57:27 GMT
9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js
pagead2.googlesyndication.com/bg/ Frame 9798
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f43a06d94a8643f863e607ce1e7e28ca31192278a7db3dd5a87a84e543aaba11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 07:57:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
75984
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14304
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 07:57:27 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8B16
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
82065
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 11 Mar 2023 06:16:06 GMT
expires
Sun, 10 Mar 2024 06:16:06 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 64A2
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEBomw-4AnuV8vLc_Q0yryQc&google_cver=1&google_push=Aa02lx9BnztGi3dXOiCxcAdn0csbIjPdMhXgpTHzG65OAe0iEu7DSYoCjEr0XIyYqQPwgybl8oVeFvShyYqYUGiHGTicxW_3Gfk8
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B1C244863C294D64A78168B499299A4E&google_push=Aa02lx9BnztGi3dXOiCxcAdn0csbIjPdMhXgpTHzG65OAe0iEu7DSYoCjEr0XIyYqQPwgybl8oVeFvShyYqYUGi...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B1C244863C294D64A78168B499299A4E&google_push=Aa02lx9BnztGi3dXOiCxcAdn0csbIjPdMhXgpTHzG65OAe0iEu7DSYoCjEr0XIyYqQPwgybl8oVeFvShyYqYUGiHGTicxW_3Gfk8
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 12 Mar 2023 05:03:51 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B1C244863C294D64A78168B499299A4E&google_push=Aa02lx9BnztGi3dXOiCxcAdn0csbIjPdMhXgpTHzG65OAe0iEu7DSYoCjEr0XIyYqQPwgybl8oVeFvShyYqYUGiHGTicxW_3Gfk8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 11 Mar 2023 05:03:51 GMT
google
match.adsrvr.org/track/cmf/ Frame 64A2
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBqDV9VwvKHzyp8KpsYnArc&google_cver=1&google_push=Aa02lx-D1DIPJGAkT_884FfMDL57Jg3OLNFLF3xg78YQjhsH_CAfoecLew5o5wGIx9_KuGMWyTEQr1TfNXarceYdDb3zOTnRmHnQ
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 64A2
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEP_9ofzYMwJ7LG3F2R8yS6s&google_cver=1&google_push=Aa02lx-COwXRgJ5SXMji3zIiMQU5wMlFUVsbrSabM5uMn1y0vy8WVXcjYjjAm4nrnSpYmav-FA_-4xj87AIX39...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx-COwXRgJ5SXMji3zIiMQU5wMlFUVsbrSabM5uMn1y0vy8WVXcjYjjAm4nrnSpYmav-FA_-4xj87AIX394fhGFkJ3oTidOd&google_hm=hmQNXTeh1oV4QBSZa...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx-COwXRgJ5SXMji3zIiMQU5wMlFUVsbrSabM5uMn1y0vy8WVXcjYjjAm4nrnSpYmav-FA_-4xj87AIX394fhGFkJ3oTidOd&google_hm=hmQNXTeh1oV4QBSZaQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D640D5D37A1D6857840149969BLIS
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx-COwXRgJ5SXMji3zIiMQU5wMlFUVsbrSabM5uMn1y0vy8WVXcjYjjAm4nrnSpYmav-FA_-4xj87AIX394fhGFkJ3oTidOd&google_hm=hmQNXTeh1oV4QBSZaQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D640D5D37A1D6857840149969BLIS
date
Sun, 12 Mar 2023 05:03:51 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 64A2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECjEdTarv9f8GuqhhtkraZs&google_cver=1&google_push=Aa02lx-rSIQsfltAaiXYWb8TKRzwe_VurqorZDZancKurx5IEiw-hnDDo7i2PIukzcYqW6QwCUCkNm6P...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc1NDAyMzY1Nzc5MDUzMDQ&google_push=Aa02lx-rSIQsfltAaiXYWb8TKRzwe_VurqorZDZancKurx5IEiw-hnDDo7i2PIukzcYqW6QwCUCkNm6Po...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc1NDAyMzY1Nzc5MDUzMDQ&google_push=Aa02lx-rSIQsfltAaiXYWb8TKRzwe_VurqorZDZancKurx5IEiw-hnDDo7i2PIukzcYqW6QwCUCkNm6PoqnhUdsi4mELInXA68Td
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc1NDAyMzY1Nzc5MDUzMDQ&google_push=Aa02lx-rSIQsfltAaiXYWb8TKRzwe_VurqorZDZancKurx5IEiw-hnDDo7i2PIukzcYqW6QwCUCkNm6PoqnhUdsi4mELInXA68Td
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 64A2
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=79KJ13GMTZaSmKI8F_nccw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=79KJ13GMTZaSmKI8F_nccw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx9SinVeylXnIzITWMjQKgTY5psJ1mIuMK6gDEOFOoYLvLBIsnztyoA3xe5dMOXUgavD2JWfiQyq702aOD58iY6NkXMweQVp
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=79KJ13GMTZaSmKI8F_nccw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx9SinVeylXnIzITWMjQKgTY5psJ1mIuMK6gDEOFOoYLvLBIsnztyoA3xe5dMOXUgavD2JWfiQyq702aOD58iY6NkXMweQVp
date
Sun, 12 Mar 2023 05:03:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 64A2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAYMwvdef5x9a9_VSuim4pg&google_cver=1&google_push=Aa02lx9FhA7h-7Wy0ajpLrnrLP5xAGaqOgreSlirgnK6zglyX_AbTdl0QNpVmQ33nTMMA-e273B...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEY0WEtKU1YtMUgtSFM0Mw==&google_push=Aa02lx9FhA7h-7Wy0ajpLrnrLP5xAGaqOgreSlirgnK6zglyX_AbTdl0QNpVmQ33nTMMA-e273BBbhbs-pysDP0s-h-49272pjQ
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEY0WEtKU1YtMUgtSFM0Mw==&google_push=Aa02lx9FhA7h-7Wy0ajpLrnrLP5xAGaqOgreSlirgnK6zglyX_AbTdl0QNpVmQ33nTMMA-e273BBbhbs-pysDP0s-h-49272pjQ
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEY0WEtKU1YtMUgtSFM0Mw==&google_push=Aa02lx9FhA7h-7Wy0ajpLrnrLP5xAGaqOgreSlirgnK6zglyX_AbTdl0QNpVmQ33nTMMA-e273BBbhbs-pysDP0s-h-49272pjQ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
/
onetag-sys.com/match/ Frame 64A2
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEIdLcQGQZj9JXY7sEhKT77c&google_cver=1&google_push=Aa02lx8N34VoHEr4D0Pv64gViLYxP_x-yWwG8k_I4repWR0dhFjJH8tQ3Qhdn-KlHFNhIi9_dKdcOMmyLbm...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8N34VoHEr4D0Pv64gViLYxP_x-yWwG8k_I4repWR0dhFjJH8tQ3Qhdn-KlHFNhIi9_dKdcOMmyLbmSoKX-deexlIYoLGW4
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 64A2
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JhLWSuegIa2n-xQTVMP_8R7fSvkxil3SBsPY4wRXRQaduxRNCWvUuB0mrm2Yo7HGjcsIOIaQ
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
btn_cta_arrow.svg
s0.2mdn.net/sadbundle/7314573151872791710/ Frame C342
366 B
308 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/7314573151872791710/btn_cta_arrow.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=WfCpitZIAn&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65ecaacea233cbd58cd42e885e80df77cbc92fc6cfd6e85f1d0e9d2852e1e7ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=WfCpitZIAn&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 13:58:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140704
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
269
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 10:58:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Mar 2024 13:58:47 GMT
kia.woff
s0.2mdn.net/sadbundle/7314573151872791710/ Frame C342
23 KB
23 KB
Font
General
Full URL
https://s0.2mdn.net/sadbundle/7314573151872791710/kia.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=WfCpitZIAn&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=WfCpitZIAn&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 19:02:44 GMT
x-content-type-options
nosniff
age
122467
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23072
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 10:58:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Mar 2024 19:02:44 GMT
9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js
pagead2.googlesyndication.com/bg/ Frame 09CB
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f43a06d94a8643f863e607ce1e7e28ca31192278a7db3dd5a87a84e543aaba11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 07:57:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
75985
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14304
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 07:57:27 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 69F7
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss6mhCtNZ366ZocOpt3vhc-S22Zlk2ZKq0tcTHoQBi42oVKl2WYgIZd5GV0Cp-TaK1rQfKrZP_oNlBUf1aygTJhXdsxy8Q4cp0DkLtoH3YJOMYAhF8qv7fEJDp8VH0QsBYjBEiS6PuKTZnxSbc7xu3588hq1g7YQ5JluHHOs3gbldX16SpsauCnVJHCxWZY_nguA0JBh2n7kEKpjMQij3NFNeJN-663EZzAf9FxSzoY8GQXDOeuQcD6B62PbX_bNh8PQlXdaSi_bvx2sIx4UbPWgv5b-mV0l9KNpzW2Q28kXDXMoYbtv7U1D8t6l5FnAC72HS5yFfGVSpdFwqtyc4hEA-pztX6CLnrBBvU-eJWwCmmVuWFeMNLtlq9C7OUiJArSsKwto5MDe0-fcX5iWAdH1IXjiu4HESNf98gxx99NkVybYG7krm3d25uLQ4UnRBn5-3lD9rTPyOrd48xi6SUURHbkqI-8-AUATEsd2iRi74Mf7-VIX0hjrbnt6gEKg_M4qXtEDEZYRErA86BX9VPYKDS3-GK6V8yvrpri8gA4ZKqHC7fE60enqPaMDV2h1xJlg3Po20xG7S_532GmY6_s8Uqah3D-45ROZ3vkP32tBsjvd1eXDsQbOTxUugOP0QO34CjL9s3JyMoD7EAfcgxHuvcey0IguUiByxhnnWET7AYiUsct-PvNc81adrUGAxAicOBNNknnegTVwtlb2GUBVH9iOt79qv_2mWK8kZZPOF74znivEfV3iclNlg6oSKw-yj6ntqA8A7maOTQJ7e8amvHCuv9GuQdM9Mtl-pm4jbyZt0gXXPbKblWtxhk8cK_2Ykbvo3Va3VJylYC5RF7mFlqevifYstnb6A2Q3ilAzy3aFGlGQdecLZj_8RbOVmMLLOfMsbQIzTnS1DDR-Y5vA8dzB7jZ4twTh0zS8SFX5wYVjcFnELabVSAkwSoHNZJRMUXBt31Uh-eGWDvt1L17uVXKDeUxRK_Quy44gDg0cQUvX2fELLAZP3Lfwif3FM3sn_KTHiV698ytJHhhYteFZcvo3KUOL5XuglJDNHIMwQhXZ7ELXXhJAsDNQV_jKyKjf6lyVtuZLuB7Jypvj11XzHtZo5LMcbccUORvF6Toht87_TFYLDpaBnBvsZEMKeRg3m3W83fY3K10Cy1GBW2e0BEXZ_jsVQ5wnK00EfBnW_i8seXnmEotPVJYDSHBCZnYV2lHPdkwfB6R3b5bKt22VXqXepzKMuI6vkMiEGNUaYTDfN9bAwcqDtC-bdjd&sai=AMfl-YSb5LKmDVmlD4nQ4ZjRneGagHG9FSNUbS4JLIMwgkMGlc8krLIHqVnUEbdZaFk-u4LDO9ICrmf-5WHituHExynzTs3Gvn1jc0rG5ijS5Ung6fVNUsxTy4mcYPf74Nn8LAVqi-rLe23uTdYu9F8dAW1g9E9jFN_sXrYNSIAXN8O_ct3PeJYZqcuopXaFQir2z4V2B1gI5QWTsG1HledUmiSratfHofolVokjcE22ZzIuoUTFHyBMJTZtVvctksL2-30z&sig=Cg0ArKJSzB7EVqSMSEYREAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=789&vt=11&dtpt=404&dett=3&cstd=378&cisv=r20230308.54194&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 12 Mar 2023 05:03:52 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C075
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
82066
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 11 Mar 2023 06:16:06 GMT
expires
Sun, 10 Mar 2024 06:16:06 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
current
dclk-match.dotomi.com/match/bounce/ Frame 24F8
0
104 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFatKBjUtZdr7PnKJc1BjEc&google_cver=1&google_push=Aa02lx_6yAPmbT3Hqt2VwrqwfRvVRR9_7BIY7AiRH8lkE6jQzF3EF1BN8d1ZDhbAUCqi4V8H_geFs9x8VxqqSpIqWAksEi7FPToj
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 24F8
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOqrJWJ4ONdNYvIsplwhxn8&google_cver=1&google_push=Aa02lx_sto_cxCc-7ogNZgqge0EOlhf6239pIOtAU8s2jfclHH14_Pl2dKUBWKvJa54xgjWMGvhIO1Au2DWbAGpVn_RX6Rk...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_sto_cxCc-7ogNZgqge0EOlhf6239pIOtAU8s2jfclHH14_Pl2dKUBWKvJa54xgjWMGvhIO1Au2DWbAGpVn_RX6Rkgvsw&google_hm=eS1iMENuY1g1RTJwR3JnV1l...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_sto_cxCc-7ogNZgqge0EOlhf6239pIOtAU8s2jfclHH14_Pl2dKUBWKvJa54xgjWMGvhIO1Au2DWbAGpVn_RX6Rkgvsw&google_hm=eS1iMENuY1g1RTJwR3JnV1ltWjlLUGM2R2ZpNTZ2WGhwLn5B
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 12 Mar 2023 05:03:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_sto_cxCc-7ogNZgqge0EOlhf6239pIOtAU8s2jfclHH14_Pl2dKUBWKvJa54xgjWMGvhIO1Au2DWbAGpVn_RX6Rkgvsw&google_hm=eS1iMENuY1g1RTJwR3JnV1ltWjlLUGM2R2ZpNTZ2WGhwLn5B
content-length
0
dds
rtb.openx.net/sync/ Frame 24F8
43 B
135 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEPIi_e6Lh8OOeRig6FLlmD4&google_cver=1&google_push=Aa02lx9019twBkFQJFTibeaUD6Yocjut-gHvlrpy-xwgB8DMNlfuRW5fT74LumSihNApzHqrql-hVNxG14QIcj2kkKWGEon9Gow
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:51 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
otjgsk9l6qgd53cvqd62ejv0e5e1f8hs
pixel
cm.g.doubleclick.net/ Frame 24F8
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=n8NbyoHLTG-zq2KJui5CBQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=n8NbyoHLTG-zq2KJui5CBQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx9rK6hVDLIUrOCGT3HCvb3cCvFZ48PSP3zRBxAPgJYwIPkyOiktM401E9jA985VlR5eJMPm3A91jB4dPBSgJ2NE3-uoHH77
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=n8NbyoHLTG-zq2KJui5CBQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx9rK6hVDLIUrOCGT3HCvb3cCvFZ48PSP3zRBxAPgJYwIPkyOiktM401E9jA985VlR5eJMPm3A91jB4dPBSgJ2NE3-uoHH77
date
Sun, 12 Mar 2023 05:03:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 24F8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF5MQBJ8rEVABbYp9-GjmRw&google_cver=1&google_push=Aa02lx9PRCesfY9Np-OTGIPEtwY8cu9XK-CwdCvilA9qpdEFfQQWGSnC-LT8NgPQG1WtG_hAUAl...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEY0WEtKU1YtMUgtSFM0Mw==&google_push=Aa02lx9PRCesfY9Np-OTGIPEtwY8cu9XK-CwdCvilA9qpdEFfQQWGSnC-LT8NgPQG1WtG_hAUAljryup4KmI0g576mW5Dcy7W0g
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEY0WEtKU1YtMUgtSFM0Mw==&google_push=Aa02lx9PRCesfY9Np-OTGIPEtwY8cu9XK-CwdCvilA9qpdEFfQQWGSnC-LT8NgPQG1WtG_hAUAljryup4KmI0g576mW5Dcy7W0g
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEY0WEtKU1YtMUgtSFM0Mw==&google_push=Aa02lx9PRCesfY9Np-OTGIPEtwY8cu9XK-CwdCvilA9qpdEFfQQWGSnC-LT8NgPQG1WtG_hAUAljryup4KmI0g576mW5Dcy7W0g
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame 24F8
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAROYW_OE5bhEAx9io50PwQ&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAROYW_OE5bhEAx9io50PwQ&google_hm=ZA1dNJ9yL3bb7lkTptrZZwAADGcAAAAB&google_nid=index&google_push=Aa02lx9lWXJ85hYpvQMOrJ-pAtbFk3hx5hWiT...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAROYW_OE5bhEAx9io50PwQ&google_hm=ZA1dNJ9yL3bb7lkTptrZZwAADGcAAAAB&google_nid=index&google_push=Aa02lx9lWXJ85hYpvQMOrJ-pAtbFk3hx5hWiTGMC-E1jqdWY_VdIdKsMpVrm8l36tqw8r83HwI3e9b_f8EPpd1zFxC-nGsMsV-Ew
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 12 Mar 2023 05:03:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAROYW_OE5bhEAx9io50PwQ&google_hm=ZA1dNJ9yL3bb7lkTptrZZwAADGcAAAAB&google_nid=index&google_push=Aa02lx9lWXJ85hYpvQMOrJ-pAtbFk3hx5hWiTGMC-E1jqdWY_VdIdKsMpVrm8l36tqw8r83HwI3e9b_f8EPpd1zFxC-nGsMsV-Ew
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame 24F8
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESED2C29F7KjKD8L5Zv4G9oxE&google_cver=1&google_push=Aa02lx-8vvP_bMUvszSun7C9DcQBbb6Ao-IM578Ak1hJwRlo5-wt-CkOJHyZb6vpdeBYPbiJZsrUrHSMRn6DobYir2uod_AJsSs0
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjYxNjM2MTE1MTY4ODY5ODc5NzA3NA%3D%3D&google_push=Aa02lx-8vvP_bMUvszSun7C9DcQBbb6Ao-IM578Ak1hJwRlo5-wt-CkO...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjYxNjM2MTE1MTY4ODY5ODc5NzA3NA%3D%3D&google_push=Aa02lx-8vvP_bMUvszSun7C9DcQBbb6Ao-IM578Ak1hJwRlo5-wt-CkOJHyZb6vpdeBYPbiJZsrUrHSMRn6DobYir2uod_AJsSs0
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjYxNjM2MTE1MTY4ODY5ODc5NzA3NA%3D%3D&google_push=Aa02lx-8vvP_bMUvszSun7C9DcQBbb6Ao-IM578Ak1hJwRlo5-wt-CkOJHyZb6vpdeBYPbiJZsrUrHSMRn6DobYir2uod_AJsSs0
date
Sun, 12 Mar 2023 05:03:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 24F8
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I2Bjpi8BUYyT1UKd5YH4r8POdoNk4IScH8iu1Ou8prqQkFa7Z2nlEf77P3kDTiTd50jkVI
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ Frame C342
7 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab9ba524c1cad2c23c52c76ea6940e62e0cf033f6b4aa5259eaccb7b6816c43e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5718
x-xss-protection
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame EDB9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9eu&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAA...
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=LF4XKJSV-1H-HS43&ex=d-rubiconproject.com&status=ok&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoi...
43 B
479 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=LF4XKJSV-1H-HS43&ex=d-rubiconproject.com&status=ok&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
HTTP/1.1
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Mar 2023 05:03:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PCBH0Z9R40PW3BDF9WXV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=LF4XKJSV-1H-HS43&ex=d-rubiconproject.com&status=ok&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
setuid
px.ads.linkedin.com/ Frame EDB9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABA...
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LF4XKJSV-1H-HS43&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIA...
0
648 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LF4XKJSV-1H-HS43&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:52 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 8C4022BC420B43AA8996EF9A98EA1690 Ref B: FRAEDGE1413 Ref C: 2023-03-12T05:03:52Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX2rOus17Y5yO1VPBb3vg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LF4XKJSV-1H-HS43&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cvxO5r4DufdhkbtrZDV0n8n5EUdSAgOZEtemQ7w0kco
pr-bh.ybp.yahoo.com/sync/rubicon/ Frame EDB9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAE...
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/cvxO5r4DufdhkbtrZDV0n8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAI...
43 B
425 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/rubicon/cvxO5r4DufdhkbtrZDV0n8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H2
Server
2a05:d018:d29:3601:3b7f:c7ff:6b3c:c070 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

Location
https://pr-bh.ybp.yahoo.com/sync/rubicon/cvxO5r4DufdhkbtrZDV0n8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame EDB9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAA...
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggA...
42 B
1 KB
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&put=CAESEPC_5eyUh-mFz6qpo7EuM9M&google_cver=1
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&put=CAESEPC_5eyUh-mFz6qpo7EuM9M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
511
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame EDB9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAA...
  • https://match.adsrvr.org/track/cmb/rubicon?gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAA...
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=68509d32-dd47-4b7f-9381-47fd81e53056&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBA...
42 B
1 KB
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=68509d32-dd47-4b7f-9381-47fd81e53056&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&expires=30
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=68509d32-dd47-4b7f-9381-47fd81e53056&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
601
pixel
cm.g.doubleclick.net/ Frame EDB9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAA...
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWIyMWEwMWRhMWQ5NDA3MWFhZjg4MjNhNGNkNjA4MDczODY1NTVkNQ&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAA...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWIyMWEwMWRhMWQ5NDA3MWFhZjg4MjNhNGNkNjA4MDczODY1NTVkNQ&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWIyMWEwMWRhMWQ5NDA3MWFhZjg4MjNhNGNkNjA4MDczODY1NTVkNQ&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
s.amazon-adsystem.com/ Frame EDB9
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSg...
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSg...
43 B
568 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&dcc=t
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Mar 2023 05:03:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
S1NAN06XNEK62XRZWVXF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 12 Mar 2023 05:03:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
45103546SFBX7NGYJMCY
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EDB9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABA...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEY0WEtKU1YtMUgtSFM0Mw==&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABAR...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEY0WEtKU1YtMUgtSFM0Mw==&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEY0WEtKU1YtMUgtSFM0Mw==&gdpr=1&gdpr_consent=BPohaQIPohaQI__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIQAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAAEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C342
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 12 Mar 2023 05:03:52 GMT
9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js
pagead2.googlesyndication.com/bg/ Frame 8B16
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f43a06d94a8643f863e607ce1e7e28ca31192278a7db3dd5a87a84e543aaba11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 07:57:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
75985
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14304
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 07:57:27 GMT
null
s0.2mdn.net/sadbundle/4043993433838689384/ Frame 21D4
43 B
75 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4043993433838689384/null
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4043993433838689384/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4043993433838689384/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:52 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
expires
Sun, 12 Mar 2023 05:03:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B229
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-cxYM10NZNe6O5Op7gPI27nIBAAAAAA4AeAEAg&bg=!OTqlOm7NAAZKh9k7aoc7ADkAdvg8WkV_CDf00ebkV8vmRdrEB08KBph1j79J-ogHvRN3BNlXqJK99BDg1bISO2dyUnYDWvwl6D8CAAAC9lIAAAADaAEHCgB5-W4edQREu9Oazu0gdtkhqubVJIVocy3e6U_YPWp63N7E-qQJxfPTIvqjYw7HDFkBMVljGu0HFg_F8qruAbVVepwDK_ZjXvs4R-ZnsWxNixmVMbMl1n19FBEWw4WUvXgBTdATE37FcCATHVhssZczbYibnD40pTm3wpkDESSDgZAOew_20OlKvsTbiyg1Yu4XzplzCmPoCj1SRSBu5KMYZjV0mg_HWY-UjldN02sLIfd3aEggDI1pywMSh7KMsQBN3WtxLMVy2RJT3DGnRJPRPwNtam4zlwsGZ4eFQiYYsPztABZVsy6JIkngg4y1NPJ4BqK6Br3aAAL_2Jl_mZB0pdAGhjcOMFyEWUF6jUjyGM7Bgbw3Ke2hlcC258g-k8lFvgX8BJzWwQ3IFirKDZx5-VSt3eVXIRTlrY5RiKLpjLK2zpY91w09IS4qOxPBxQMiEsGpup2meLEMP2WlHBgJuvtpYgMariRmE_p7tBPyLbPBjeDOOCUWPZSZWc1rsiBz2YlCj7saF032Z79aCX4K5pXnSCkgnyFrREfy8cBzQFYZtl_Tj4R2ZkTOIIJ8z-RUORvzPg3keeZVpu0kH49jESEj1RWAncFNNjkQ9gOMPORJLzKxbT3wNmyGKDqvh-BTlerI-MI56MZi9VJq1C-7is9nCv7KIEWZgaXOn-_Dj8fXzDEBP_KCWwHFLHRNdDuEC72gVAVspqOknsfbbBO6jws6YchRo4O-xNFkPCmT6vtD9xH63xxPDejlOTnAPC13RE9a1u0s9pi8FVWlp_dCSEDvOuHRTDw1fZ8csZP3yQMNKGsuNJdEw3PbKO5lGaYEoKRlyjQCUvarJ1q_zI2dYv4AjcvFIG6zc_zlBoPDdRaCaYDQ7vvXMTCJcPNFWNdljcRE6sRc_9VW3FqM5izsdTZ3DiXwO1ypAFzsGpyprbGE4VOiSiofyLvnXKlJheFMfUCV_h9ycw9kCiPGBqcS4RU5RsZKPtafCX1aZ9ROnSAOatjMDZuumkeOWczEhKpTsbv2DkaoR3C-aEEE7cR53I26uGWK8QHagjlODWltbzR68txI4xWMqe-q0Xs33kgzheX2GWICQ2lhsRPEhG2j4txbCnCa6gnYzOeC3CPvVy13fQih6jDcMWQmKWZriVzfSP3IBYpFiqU8LCsMLIyAwH5eeJKrWP7LEGCW2WCXR74ZI34p8oBtPFuYKMJ7
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo_kia.svg
s0.2mdn.net/sadbundle/7314573151872791710/ Frame C342
1 KB
713 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/7314573151872791710/logo_kia.svg
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4caec19fb48c8b123d8f1dd3443f2bd70863adf6408db3ea83b1ee46df65c454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=WfCpitZIAn&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 21:07:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114987
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
674
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 10:58:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Mar 2024 21:07:25 GMT
bg_01.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/85803309/dirty/ Frame C342
17 KB
17 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/85803309/dirty/bg_01.jpg
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de0612c4b4b44658387671e1dc3095ac9fb94e44e61a2d42363c10a386fcea8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=WfCpitZIAn&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:01:57 GMT
x-content-type-options
nosniff
age
50515
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16993
x-xss-protection
0
last-modified
Thu, 02 Sep 2021 12:07:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 Mar 2023 15:01:57 GMT
bg_02.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/85749131/dirty/ Frame C342
15 KB
15 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/85749131/dirty/bg_02.jpg
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8b9f230be361444ca929718ca596995ed4519288374b7f69530dd931474325a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=WfCpitZIAn&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 05:24:03 GMT
x-content-type-options
nosniff
age
85189
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15025
x-xss-protection
0
last-modified
Thu, 02 Sep 2021 12:07:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 Mar 2023 05:24:03 GMT
bg_03.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/85803315/dirty/ Frame C342
11 KB
11 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/85803315/dirty/bg_03.jpg
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dfb1f667f1c1811ad36406f4c24055bc1cd750d9517a836acd40e0cdd38769e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=WfCpitZIAn&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 12:20:04 GMT
x-content-type-options
nosniff
age
60228
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11049
x-xss-protection
0
last-modified
Thu, 02 Sep 2021 12:07:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 Mar 2023 12:20:04 GMT
bg_04.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/85803312/dirty/ Frame C342
15 KB
15 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/85803312/dirty/bg_04.jpg
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7449c651cd98e922e90c54da024e3fbb9f8ca32f4bfa42ec98fe8fbf4e215a0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=WfCpitZIAn&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 17:27:17 GMT
x-content-type-options
nosniff
age
41795
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15453
x-xss-protection
0
last-modified
Thu, 02 Sep 2021 12:07:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 Mar 2023 17:27:17 GMT
9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js
pagead2.googlesyndication.com/bg/ Frame C075
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f43a06d94a8643f863e607ce1e7e28ca31192278a7db3dd5a87a84e543aaba11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 07:57:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
75985
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14304
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 07:57:27 GMT
9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js
pagead2.googlesyndication.com/bg/ Frame D64E
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f43a06d94a8643f863e607ce1e7e28ca31192278a7db3dd5a87a84e543aaba11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 07:57:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
75985
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14304
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 07:57:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0161
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKdowNF0NZLv1HKG39u8PjOyUgAgAAAAAOAHgBAI&bg=!-_il-KzNAAZKh9k7aoc7ADkAdvg8WpC5HdN-2h0mIezWTBc66leDw2HAsErHAw4AaomQuZqlj4jEDHlwKM3uzqGim87gbHEI6X4CAAACDlIAAAADaAEHmQMvZmnBNbqexwqchOQJwKtUPt9rxdnavxfxTCymg2GpxbKwCRHGX54fPj27W7RBjDjHs2q1Mf2NN7_oBFiKp8k6kU3FTPfoZUr-qcIi-7hUvy7wlV6zUdFlY8my1MHSNiUPwK7Cfhg6zwGhgIfrTgWw5sXRy6f4J5Ku57q26QWykaPQZA2at3_Rmv84-pBbV3xDLIrmGgPDovAfT9tbUo08f4-KEb2B-2scPVCn9bQl6Sveb6QgD6_LQIIwBTyUPGRsZDTFNVxY4VtKdeEleB8RARh0c8U6RQLKQYR5bX6Zw2cvoMqdoGxaanAN_N9Wl2EjQ7ErDNvUf-MTqH5wbpHwTL7Op3X_RFi6ZpJjKEAoE7dL5IeCTtzUzlFTNiDzGSpOS9qHDCBVK4xeY96QEZBwjMehSdDNEQcz_lLBHS_BA5_pWL4VUkLEwN5Vaq4WqOQibW6xFtdaKa-sUjeg81IeG6skVoPw1z5R3vhke98jaEUyqRocxFTe0Xbh87735SSci-AFt36kmKvbc19j8SSW_icJlspwJ4_XASPFw7s2qAn8nA_bQxFXRBTLfVybvcCVADEEPSrSWrMBXeBUMAcXNiyn42-lkli9gQLS_NMkgGYEGlxMDDtWR1boIkmAWepq2ObZhnyAmUHBxzL6KYyBeCFifIDAeZNKyyFi7sciWbjFwXRszWevJEevaZHuqWpeFMC4fpTFKtCMnvJbyWY06-VdeOGzb2Th5n9__87hRYlbITq_mecgX9yhDwdUjmH5N2-I24GG7byYuFxDbpnffZOT660RiUQB0maluA7k8noy2iBhMVHogvisVqWmplbN0NdX_INbhW39ouMzlQpSn7jbwP9eAMmdb3zZa0GFfOMUSCpbxs2ymUcE4touWgictEvuKtb5SCVJIrpCF5pCoV5gVmmFIOvdMMcSKUuGOntGHM9PNW4rd5D17U4675CW5e16EGBpaz5jHyxA3a9aGXhGy-we_fP6lG58nM3Y8blXlztyOpypH9UPuEZr9irKhS9sWu_LuwDrXkSYKWcY3nWp74h2LBpHPyxTE1RurJA5MMFcF8VedixvKqaR5Jg
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5662
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BcorFNV0NZKDbAZ_Dx_APurOEqA8AAAAAOAHgBAI&bg=!QEOlQxfNAAZKh9k7aoc7ADkAdvg8WpEErb6pWRtImcArdMVE118WMwkdF5spVKQN1OcCfESBg5BxWH8qdka-tJGuzS1UEbG5oygCAAAB1lIAAAACaAEHmQMpxI_U-I0gooH489e9U_xu5aXSYlIl2UyaeHImsjKfP-6s7WIdpfLmRqrmgI4ymQvbTWrFroc_blBuLeRoPjbpYmsi0sW2aLHhn73plU94YDBPL3TH6H3acN69uOiC_lZjnU93DypKB8c_8xnyAYu1etS5DvnPom3kmjhIDfWqUOTvFfjjQCTWp4JZgtBIAe28zEgynzYbd7eCrD1b4bLkCo6cF80SBhC7vUA1aGONJs5uIsNHRme8zGhwNJ8Z8MDQNXS3TlwE7HX9BG2-zG4NyLUYdQ5IL6lK4B6DjqkI-y3uisze47hL_8VaVVeDYNZq0wbS5jh8mbK6i8XOfs-1N_coICzFoF1NQerb2AbxmqHNIdIU75wBMDPmsXU9-Ohmm62br9SQ3-LukpMj6y3-zLu8UcAXF9mpBfb7EwT5tcvRnTYhzU_yo6RqvEE-1h2cy28BFyfKrOVTUhlRWqe2ZqnRUr8uIokpt3IuIj_mbl1MaHpSbVu0eJidWumtPia8Wmh_iFNO6a3ZLQhhmynO7Wcmrs7OAcVp0KUL5X9CrenfZ77yJ-ZjZkJBJmMyS2xa_EZrhbuBUC40puCoTBo-gsGWx2-UlgEDqLASrNLi30hVG_WCViYPFIkb99aQSJ73eNDdOIulY0iDjgBf7igXJ-hWRwfW18irGwn0-NDpYZ0LLzNxyTEsdR9P4YmAwKv59DYtdqki-zciihIBt3HXguhnoe4jmxOuUb4qjC9GHDBWTtUTBkU7G9uFW6LenpJwLNsuEJzUT6MIWQWNIdsRyGFVHJaujHdPRBamRgS_u950jV3uqcVjjWgfcMncY_3Fhv0JBj4RivUQbEMSqLJj2voGr7j_bNfQRO4RmgISxyNAVYSO180BkYduy1XEPsVJD2Io2iIiuE3s8BrHoSWicvTHaiT0vUbZ_UZa_l7P6bIsQrZ-1OAAVtP11-VORDb8QroC86HplNrO5pGSqFjaflru0rRidRNIADIDUJWRH8PaAfRSxIO6bSKtw4KI139gzayJqJpsSsfx1Xw_AgqupjAbLt6R6k2AQlNwo64c7VnpsOWDSQZfKPg
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9798
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCMU2Nl0NZNP7FIqR3gOsx5ngBwAAAAA4AeAEAg&bg=!LC-lL3vNAAZKh9k7aoc7ADkAdvg8WpU0nX30BEZAqvM1jpls9RXsrTP0h-7S47yN7Iwo26l_wmCtB5Pw76wGeyy2fxWB5dBKJz8CAAABl1IAAAACaAEHmQMNpq1xN7Y8uIVrcdq7Vr90k_1h6U_mhfy8RsL0G6gMB53kArH-0DLpNBX4eSEXjj8Ru0kdm1AUWrHa1eoaegOt3myefwa3h9Tfl0v_dQEtxriMr923z5o3M3TdNz_4vYuMhlcWUDN08jSKolkZGrWlffXzTMUVtSB2lBAaItljU6xLnzlmK6-k0MNuafFzs7deZgElwPwQ87VsoaoPUEQtmjuYWAqFjm-tENMx7Z2wTqnQpXEM5fbjEzmYYfCdxQmidN2gIApVIa1Vzx4hfj-pIxBWmajeZeCziZm9lYOTwY92r1hT3rBN96eFIIpLlCpJSUh9Lf3cm74OZYsk_spmqXaUBusUXUaKtJCkl50fNrCjUOZ9gW6sMwdPJzCjMnTQmlNrv759Fqp6GWlMhVjz_0ra1IQhdcZ-31a8cZ_ky8K3Q2NAOy5s46f4nyL7cvPRRsNuno3kBaRO-xedyFKbtPJnrRW0sm_rLWtVZscAYFWxNaPH6l7yjfJUdi46oHKCdjP7P6MyfShS9O7BTOEodQOOtvnx1BC3seYvImNgU05rbX1vCqmyqsNVycBnzxa4oO5J1kjDtO5IUvlb3AZfVVzpA0F83uZTOjPLeCXpwbwdQ2pVAJPI6GFp-liFwK67DCnPXZf2fGLq6lBln1IskAlauSuVcQIz0iiYvo8-5Ynhqz0OrcnVUhrq-ipUqlaN3TTxJYOX_1--kOc6FbPa2bWc5n1CcfD7BL0x-nKFlT1KtIixwbRQczXT3g5BZXU3CjNGsir8VMQCH3H1DOWoGXkdAFRDggcSRCmfhYzwyaQ9mF15ReMiFahBKL5O0rXRE6qbb41913PNRFzrWhskOqVSUbDgrWfh1yCQOaTfHJVXnvAY7wxePCMOZORmODUksRTygBvtVZtD3lqfAhdr74OsE8vZMyP5Ubx-TADqVrQkNp6naiTixLk2_mlx3BfYOyDAsmv8RskrHjl0ticmnswI2zsCpGk94EFGMqvaTNuYDqd0sOV5IYwp7sWsrXW21CFbntffA8jUN2WLfg
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 09CB
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_1sINV0NZOO9M4Wm3gPClYrIDgAAAAA4AeAEAg&bg=!Hh2lHUnNAAZKh9k7aoc7ADkAdvg8WozRLg9waJ9vt6bXrsmJcwsss3tTg0y3rv2OY7O4rXaEe5eFJmFoaJWpANEAolBXK0D8MRICAAABcFIAAAACaAEHmQMJAzDR9i-eE0pQyJ0duPWVP8wfQh0HjJedHtlUOSF6RDbOGC2yQhvGKQHI85SobldpDQ8YFefGfFmr-gVotcv-CeAwt03I0wzuyB0XIK1D4LA_H7K103Dxv4E3gvQuMy4_8Cmfs4RYYB6UjLJ_OZadgI00gejOQvqXitKXLtlWRxnw7h_eLHqHDsnh0j6-zhfWVRMoqd5CE7FeDsbsHgGNaWun9Wo2417CniPNrUG8SOGNLCqJpY49wwD-0DbBAhPEoyhi_l-aNRUv8DebwjTlvOPkexTxqooORg8FXLfFqMlwE6qzNp-Pb7pVrw0AYetmLILuWAaTdN-cDfZBdSsiWlpBROQjuTV92xp9DLZFeeEt34X4wAQNRG-rbhcz86SzH9wm0LLr96bJ8tkO7UhpJ7e7htjSB4nmPC2JVRK-Z12IQdG4iGbO-0eG8jm4Y_4sBj5zFaExOyXbrwM5Ebyq5Rz1dO87XDtyAMT7ti0XEvSo70xr--RV7hIVDcu3KxQEzd_khqlYGfLbTTpuYmfsfg-R9AKG40xQ9tr0nrzSmr-nHF1YnurtN8uslMBNWsEO7o-5lqLMJKVyXHkQSer7iNTcuVVeUajbelY7_k2SEVfcOBP-M3P-yf7DeWc35pmWGxUL-A8I0pD5IJvawweaK83CkWtG3grH5rZYsqFSbCTBEPZguUwcg0sOkVzmKkmG14Fkq9-jQ6xR7wknr6NRSHCELOGHCGK9A2xs6eIIzkM0DLmp-iLc70mD50dX7WCiL-53GrtXmFdqo1XGoFKImFJbjMB5G-oORxtJY44xSM3VIxkTRwAQ7pLwC0xfc_-dk9lxGbeU6VVu0TvoGSU151k9fkGsdKyrZFvpDYXRjtib-xqcgquH-PhEw4ktMfPFsahxW7CRbsP_3GkVPDoBwFvDAJpUpcZOktpRGixt23AvzKHDGQsx4J16J_fErC5duwEMShcm5mRTMKP-aUaqRVKS1ehYl7axkFuk71tUleFqEveB0tB13yT6kYIQWjMh4fjpQnxOiszX
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8B16
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bz5wsNl0NZMKuMdrA9u8Pp5eWqAUAAAAAOAHgBAI&bg=!8vGl8aXNAAZKh9k7aoc7ADkAdvg8Wv2JadVcIvJZ59odd2C_r1mtXZYXzGZhQHkdh3GRjq6Z0gbjEIR8WGyZVr5LPbL1lH0IcaECAAABL1IAAAACaAEHCgASn5sEfaMBDageFW70tkKKSqdRmQMj5F1zJ0m0p22q26peP6pQ-GZ2HzmNvA49XIDSFYttwLE5dbynlLwVnY4bfLOz-dl3soXcRUhBBuJYhY5qC7js89J4eoJYjKrRsb8P-EU_si84SLnc30572GCvyKh_lWflgSoUyfuH2crMKkxCtfLaLBrQZ19rRHSN9fTUVa901yNa0MRN-s5ZX8eNcUD4zR9pX0HyE9LvhtUne16c55vUwVxveb1q0svpeWoHlIoYlOgkMhJ06QYzCHjYF5fnDPMfh-6QK68YuNfNkxBhlQvZOnrxNALnCA-i3qxnXK-KbZbpP_WSzMDAe4X3S1dXG_6SaplZXPo16nWNLpKK0gKu83bfzMQYPuoocxD1Oa2zTTZcgZ5Xa0P8jkflwBxaJJe9QpdECVcPverfM_jAUdsVeMo86-DhzNxYFEg2G85c2B0vKtnj6Hj5cxST52r_DtyoNUBaFKfVW5GuTbThoMSAq31buKh_UuGJyeHPWnbR-QMA5h7G7XGA4REeDxgeolr-OEvWwUQ6dLYFcQaqpuZS7x6iX6nn4zg2rX4LN5xhPHrfA0mXr_BYXAmTSdOsWXZhzj40q7L0So9LJyVxmgRGblPBB9FznAWuH91u4GZoci0Rk2Ogc0oINjBXZxf3XaOVR_6ymMXRLAISbP6rMlW5LtsrBB7trwqSl-1TUqJP1RpUCreYFPp4juIZG9V3lS1IwGjNOAoOGkYOuLgcbrEFg3mXzoyjLQ1ZmlRDiIPPkuuV-VwcCje3VzsIzVpxVy4r9SoMO7HbH0yp0o31vYG6gNeiMW-97HQ7BpRBwXT_IUm76DEKBFptgcC0wwzClegYsymi7NxGWvBWqRnLpwR1S02UHOpZZBNCG3LcPUNkLXwCT7O1Jb_v8QrkDZosPhEjMGrBi6HJlZ5GZhxw76oAQgMgXVUMObv4y4IcntVXz3GuicZ4Tq-0rVpCJ3_nUEtVKXwRfZ28rz1IFpUmbyOMOkepCpHf4dd1oVDGNsSFp3DiWHPD1KSmc4pLeVOC_sUqpQkFjwM1qmLbfrb_MCbEz0-0597ibqa4105XAS4gtlhwQHU
Requested by
Host: d1baseball.com
URL: https://d1baseball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C075
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bu8XVN10NZO7PBPD_7_UP5fet8AgAAAAAOAHgBAI&bg=!QUKlQhbNAAZKh9k7aoc7ADkAdvg8WsWT6hlbRB6fNrm9F4OBm-8yrayPh8hZqrgGhlO1Ub4-zD-Eu0XrOtVBhXKrdcJiRvFktR0CAAAA8VIAAAADaAEHCgAtPyfble5_P7WqEN1PQQw3xSlPi3gFcx-JIGjkp6V1bpPx6vAAqvvlcpFNh7B0mQMftv6ozbW039KzZh1BhcvSxfjzfCkXjtun7pXSu7ogVSBsZjbrZg-xgQox0IByTzD0gxCN0SsA2pDsUUueP8gGpa60feCs1jYZmTPVMAaSQ9JdH89yQ85f_rtpErAZwxqh5n4WdvdMxWnOkTkow1FVk8zWO0X1mWQoTW6Hx41Xbz4cHPcRnSnjat2b0jEuQaowQdUUxPyb5LOWOMJzp_ADuy33YgSohsZ9m1oEv-VXQX3TccgEGDS9-D2U3Vo9KaieTO_ZAkfzDby0rehGUnYRKZZKGqtMXv9yx_JcmbmzGSb-e1SuFzp9loqRWcBDD48_EIJCrkuUX5_GrTjJSDy7GEs6THhnxw_ZhOF_x4VyUMXxECWvSNpZt5_AMbQdWdpifyqIlWek-4YT96eHLE-Cj9NKhstWt08PGWhkqdC31A-fI-qrY9XUYjLPuYtDaLMXTXPpHPzHuzwRjPCztfAaXdKoG8tvcqJ3X-V8WqkCVl1hx-AN58Ernzi6AwznCaSDbH16IPjqLXO2Apm3kfnzgLV3Ye305WXbql9ASiJwIoH9rcVWb1cHy5iApTIhoSawuSbcqgT3tukPXqqy_6rr-FIyt3zCWPCk7WwGFTZvrLeGrigrTj77w8OQy9eWQ5qMv36uMcquLkzwDy-DXoH4cwOmJv7hLhDPGJzlrAOheG9M5FwX02FmN0TuVrEUV0gzG2V8xKGbQer5nJwzvWBzEMG16azNT5tvKVgQdxUygtXGKVb-Fu1qR_GsxRc2DH4DqxWv7yeAfC6I3-HR3ZPdqIUXSOkugM9mP87JOP4N1JACnHbM3AAotT9MCRgtBZ3h4DAJtydMH-Rs0FvAkbsUkvhiqcmlDMmiqvIi8TP3pxxdIhrutfT_BuMcY0_wp6mJ3Eikft6ZQKKKQlbIo5MhYPSOzG53iQTJH-hEu-BiVuWy6N61uxRnKlN81puRl78Ta0-RpCFoDJiULtFBVCpKTUoVmQEiTE4GqU7Zb7PGSyyf21BaJTRnyXYGD7hPPDoe-A2fr9_jiod4nFJ9gtq4NkUh6r8IV27_dE8Kl5iVyw
Requested by
Host: ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
URL: https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EF85
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2551423003233&version=m202301230201&ct=76&x=1&cor=10167983971024173000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E655
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5665081345044&version=m202301230201&ct=76&x=1&cor=12207339257830509000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7FCE
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssl9hxUFWcjl2Jl9ccxyo7ziR5FK9Nw2ogKWgQSClgSNDRTL-1M1c1KUFuAA_tNdLpB74cUj1z3prxt75596UW4xhBqgFu--la7m21z01xV37Gz9MLPAZb1lPXIWhkF0uHVwzrxAfKlpwarNg97tF3cPtsHWu5eKYT4VbiA3tSonQaNgcwvjAnvyi4DJWiO6riKBAJ3nY1NBxiV2Z_tR-2cJd5TqSTnEkt4tKyAHb-dbLEFDq0jUHzDVM1satuJZgrxESNnHaic4JoJlPdLK0CbIhv3qEJ6_GmUTj7lqqAvwImmFJkWjeTCNtxEBMFFMahAW-6eJuN3lgxa8N1HxhKOjc10qW2EB8b6g8x-rEpuAu1kpQpObkqx_Vjm_hRfEYbSrnXFgFNQeebgRr4evocbZNtPmza3CboPUk_bO0977V7y2Cp4_EfRzI0-8bh3Xg1Q3WWtBzuwIPQT4EO6BCvi1jY4_PXkiWgyObtp84zVuDsjI-IwBLngfVjmKkJhUvb4tGpbpqHEXyRzJq8mCdzUWu0-46qpWsiCnFDCsCUNoMLpxI9EckAZrezoikAel0XvnPhkuH0bIQ3ibRPhg4Lfh1DzQRCAdEUH5PgPS-xLVJAX0mXpoVrkWYMHoa-kQUa92IIKiABd4JXyZcMoBsCv8embAOZ_EJS0fCgtE0cbGuJK9fqeHkhudrAw-62JvtEL-Oi9YKECGsKif_O4c1dOLrJbZpN01zjFH6c8V4EEbVrZKVGxGANxfewz7440rCuHIC2RMNjxtxlgWjmVFqq5dg38ShPESYVfvEpRkh29asLwms3rSdFFlbAmT8HSbCbI209PTohE3W7GsGvP3zhTi1EYZPav7LUXWKOcKerwgZmKNS-hZfhtmBeqshyfA-12HLPHdnrPm8WSMazHdOQys9w9jR0GlDjDHoR1BV_-nGOOLEESU8h6JgqrTWUXEfRVZEhGs58XUsgLrT67eYnbRi0skT2mgkRrygqYeVegq78RjdbVrkl9bnKKcVsMaldmBrscqCmjxCr7-3_k0gJBxXIme4s40X1rdP03-ZKCBAe7FSe9LPRTjYRubXFjjgifur4ZgY0g-fPZI0_PeXyIWPsqpFZvTnMD_Kq0mbGQkmcXo-n9Qm1l0RfyX2Fk6gcy3NJ2iasFbXLTdIhRWGP1o95nMVtlaTZDQJiaUojbDC1tgIT0XbIffrUHDD5i8pPKD-D-FUmlAHvajf1sDaPLrjiqmducYLJubTBdcI6oQBTk6txxK_C0kfM&sai=AMfl-YTOyh4WqjcRjkXT-zMkbgsWkJYxuIuViKPphfWpW5DRfC50dPvzBXKdXmz7Z7rOk0kwxBujzYn7_SGk77HxQFDACiFWAsyTAiknpOrz19VYlzpp9un5V4gMlwYB0w4J7P0cBLPa9dsefuR4Q2D75Uv8A6mq67XGxiYLWIHomd-1YLQlx5kcuSwWlvQHWSumL-wq2WCObAI7s-Gb0Ef1FDaihy8TaNJ-2cCipcdAWiiS7FXI1-xgN2phQy-LSjsAlJr9&sig=Cg0ArKJSzDPpednxPxl-EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1293&vt=11&dtpt=1061&dett=3&cstd=224&cisv=r20230308.20052&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/b-89d2da9-6aa60190.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 12 Mar 2023 05:03:52 GMT
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023030701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
91e21f28bebdda81b0b431432f7383b20d958837b81a06771253c7d8e4271b1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11324
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 12 Mar 2023 05:03:52 GMT
cta_arrow.png
s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/ Frame 1628
167 B
209 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/cta_arrow.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c68ab9bd07a8b529be4b91d29f7370da54270189b14d2e5cacf76c0ffdef7bcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3348841482463598720/728x90-Latin/index.html?e=69&leftOffset=0&topOffset=0&c=8Z7cxM0A4E&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 13:57:56 GMT
x-content-type-options
nosniff
age
227156
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 08:59:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Mar 2024 13:57:56 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FC08
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d1baseball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
22569
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 11 Mar 2023 22:47:43 GMT
expires
Sun, 10 Mar 2024 22:47:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AD4B
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-d1baseball/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
68d07b29b70e853b8b05bbb7c9785d9c2a3a05ac21618451d66d9d96603223d1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OXWlhZqVrIBEFmtGduXZzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d1baseball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-OXWlhZqVrIBEFmtGduXZzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 12 Mar 2023 05:03:52 GMT
expires
Sun, 12 Mar 2023 05:03:52 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js
pagead2.googlesyndication.com/bg/ Frame FC08
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f43a06d94a8643f863e607ce1e7e28ca31192278a7db3dd5a87a84e543aaba11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 07:57:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
75985
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14304
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 07:57:27 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame AD4B
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023030701&jk=4499537524418107&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame FC08
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?EF8S7A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 05:03:52 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame F02D
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3838960278014&version=m202301230201&ct=76&x=1&cor=1034448653139733100
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A4B9
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7710439987950&version=m202301230201&ct=2&x=8&cor=9712504172105568000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 69F7
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3157813707166&version=m202301230201&ct=76&x=1&cor=15844093981477835000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023030701&jk=4499537524418107&bg=!FRalFkLNAAZKh9k7aoc7ADkAdvg8Wr8AwNjwo5pksKC0N1B5JxVKSs_K5hnYPuUkCso6Rfh7rVa6xGx_tkFZZyvda_3GhW-yL9YCAAAAh1IAAAADaAEHCgBRc-mHvlHqdufgQXwpZUOmFZI1A2Q-7JIWpfYyH9I2w8n8v93i0kEQu-wwRMZhhbLfpCFFEQnEk1rYp-ypwrbugtjFFMybs0_6Qz-JTI8AKuWnmQLBjia6W3SGxsWOHivTbRtrAaomyy_LbBoad3SRHfhbW0FpMuDqvSLZfzJvlqGdH04FYKe6IwK9ATgO44_uZzANqBegKajdI1PtgI3-PTlwWYGtCaLG6Qs6Z4pA4HOl7jlD5L6905Ksn_Xuj0lrV6gHjQd5bDgycHFXJNo6qXJrkjeOkehePnTcAHBS7_3zt7la5O6Q-RsfEyMFwmj2wy_8HYbkboR2G_wpMoc6z914UbwFXOMhhTXDLAqSGwLqNNVeAhTVdqmYil6uP5JxoWYmzdc1f-h3Es-y5laDMlQGyWUa-LCztWzt0neJbDZHxOu5s8LOxbEWzK2rG1kJu9D1Z6beCNhyGKf30vdJRjQfvk8hYoh2ISVrocXBE7Hzv2aKDH7OmGggL9O9T2KoRKD5HUy09xOcvDysP-Xorto7nKaaj2KNgOTB5DeNBxD7YTEQ6wbF8lqTTO3uH89vMhYeu53uRoX-BZNGTacEkFq2S7VA7Ucl9_VQB-XhCo0EhAdUScdHOYvCi6Rac7QFWxFAHembGntODd5CEcHO8QLhueeQf-GqpA_8rg4beD1TRWzt6b_295h1rRJ4J9vJE2F8IhMVfQzNsltmkuU2pRgYHnKj4gbp2MD8vtHWg1NV-WJZwo3B5cXZnOqE7ZHZzbKCaVtEpEAPdu9vpknrLmbklxrKzfrHTUgLALez_Tq1UDQRUYav6mTF55UdMPNBnz1VjD0Bt2xVcFgHNft4fBuUxlUaFcjEqWBwee7bj1RXChRqaQGeeoRI-U3PaPCsJoYTtniLCqkVnaAm4-NP5lzUSSbleFRof-voK0yTG6opXRhzyJ5RUqGzJvzDsLYo0Oxnf0I9_FxTRtDwsVKn9MBIjEF5To7YPMRnNH3rZguOsR8_SN1DxudHUmVNrqhf_0FF2VioNGcj5Z4xTW8AiwTFT_N_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1baseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FCE
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9343157281303&version=m202301230201&ct=76&x=1&cor=7506707467614074000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 05:03:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ad.atdmt.com
URL
https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=29181076;s.a=3213511;p.a=357376930;a.a=548234172;cache=2461712631;

Verdicts & Comments Add Verdict or Comment

247 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 boolean| credentialless object| Typekit undefined| $ function| jQuery function| tap string| TapfiliateObject object| urlParams object| d1_main function| favTeams function| viewport object| FontAwesomeCdnConfig string| cssUrl function| SearchIndex function| Bloodhound object| enr_frontend_params object| lightcase object| gtc_frontend_params function| gtag object| dataLayer object| dynamic_stats function| powerpress_pinw function| admiral object| googletag string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| advally function| Cookies object| integritive object| woocommerce_params object| pollsL10n function| poll_vote function| poll_process function| poll_result function| poll_booth function| poll_process_success object| mailchimp_public_data object| mailchimp object| mailchimp_cart object| mailchimp_billing_email object| mailchimp_username_email object| mailchimp_registration_email boolean| mailchimp_submitted_email function| mailchimpReady function| mailchimpGetCurrentUserByHash function| mailchimpHandleBillingEmail object| html5 object| Modernizr function| yepnope object| Highcharts function| Carousel function| Fancybox function| Panzoom object| d1_win_probability object| d1_load_more object| sv_wc_payment_gateway_payment_form_params function| parcelRequire function| _typeof function| _createClass function| _get function| _classCallCheck function| _possibleConstructorReturn function| _inherits object| omapi_data object| advpbjs undefined| cmd object| apstag object| google_tag_manager object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady function| 4dm1r11545242527 object| $mcSite object| webpackChunkom_api_js object| _omapp function| OptinMonsterApp boolean| om_loaded function| SV_WC_Payment_Form_Handler_v5_10_8 function| WC_Authorize_Net_Payment_Form_Handler function| wc_authorize_net_cim_credit_card_accept_hosted_handler boolean| apstagLOADED object| _aps object| ggeac object| google_js_reporting_queue object| advpbjsChunk object| _pbjsGlobals object| mnet undefined| google_measure_js_timing undefined| conf string| x object| slotRules object| apscustom object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| lotame_sync_16576 object| nYpFBQ2 function| nYpFBQ3 object| xop object| -1i7p75mh7t34 object| -14lta3fohxj4 function| lotameIsCompatible function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_Q object| sync16576_ua object| sync16576_va function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_K function| sync16576_L function| sync16576_M function| sync16576_J function| sync16576_la function| sync16576_N function| sync16576_O function| sync16576_P function| sync16576_ma function| sync16576_R function| sync16576_na function| sync16576_oa function| sync16576_pa function| sync16576_S function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_ta function| sync16576_T function| sync16576_U function| sync16576_wa function| sync16576_V function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_xa function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_1 function| sync16576_Aa function| sync16576_ya function| sync16576_2 function| sync16576_za function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_6 function| sync16576_Ca function| sync16576_Da function| sync16576_Ba function| sync16576_8 function| sync16576_Fa function| sync16576_Ga function| sync16576_Ea function| sync16576_9 function| sync16576_7 function| sync16576_Ha function| sync16576_Ia function| sync16576_Ja function| sync16576_Ka function| sync16576_$ function| sync16576_La function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| setImmediate function| clearImmediate object| ID5 object| regeneratorRuntime object| ox_esp object| __uid2SecureSignalProvider object| __uid2 object| snpD1B function| snpD1z object| xblacklist object| m76lhM2 function| m76lhM3 function| xblocker boolean| DFPMessageEnabled object| bouncex function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie object| GoogleGcLKhOms object| google_image_requests

54 Cookies

Domain/Path Name / Value
.d1baseball.com/ Name: _gid
Value: GA1.2.1192175985.1678597426
.d1baseball.com/ Name: _gat
Value: 1
.d1baseball.com/ Name: _ga
Value: GA1.1.729490629.1678597426
.d1baseball.com/ Name: _ga_F18EQH3BTV
Value: GS1.1.1678597426.1.1.1678597426.0.0.0
.d1baseball.com/ Name: _fbp
Value: fb.1.1678597426338.1566568398
d1baseball.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.openx.net/ Name: i
Value: 7341c495-2c50-4880-8354-66e818aa5ac1|1678597427
.d1baseball.com/ Name: _awl
Value: 2.1678597427.5-719d2da0c1877e3437ee9ea618cab597-6763652d6575726f70652d7765737431-0
.adnxs.com/ Name: uuid2
Value: 7443562776548443593
.casalemedia.com/ Name: CMID
Value: ZA1dNJ9yL3bb7lkTptrZZwAA
.casalemedia.com/ Name: CMPS
Value: 3175
.casalemedia.com/ Name: CMPRO
Value: 3175
.doubleclick.net/ Name: IDE
Value: AHWqTUlAGK9jmXpjwLSESP0H8mLNKSKZVO4DhdkGA-tQXOTlHaSStOqFyy4gBWk7zOk
.d1baseball.com/ Name: __gads
Value: ID=23dfb2029bb4abd8:T=1678597427:S=ALNI_MZybW6lNemZM_fzi5UTAlUbHCQfWw
.d1baseball.com/ Name: __gpi
Value: UID=00000bc3b170b8c7:T=1678597427:RT=1678597427:S=ALNI_MYWfBhbyAPUjlCAg-FYEr1bCX5y4g
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In3gKyd0!]tcJ8i_iqf!oN/@E'zz<*Z0Q.1)7Y2@E>^UlD[QoB.'Yx5bc)rviU[bA)B#TD._*PlZ[C[-kX-Sg#Ay
.3lift.com/ Name: tluid
Value: 2616361151688698797074
.simpli.fi/ Name: suid
Value: B1C244863C294D64A78168B499299A4E
.yahoo.com/ Name: A3
Value: d=AQABBDVdDWQCEPMjL_cUK9pIbnYQt3pUN-oFEgEBAQGuDmQXZAAAAAAA_eMAAA&S=AQAAAl5eqIHQcvTfMo-c9Q3Jj0Y
.myvisualiq.net/ Name: tuuid
Value: 07998b0e-83df-4f88-81a5-f74b00143a5d
.myvisualiq.net/ Name: c
Value: 1678597430
.myvisualiq.net/ Name: tuuid_lu
Value: 1678597430
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22F06AB533-9896-4335-8C3E-9EE7BAB73132%22%7D
.adform.net/ Name: C
Value: 1
.spotxchange.com/ Name: audience
Value: 477f7ec9-c093-11ed-bd44-14e583300406
.adform.net/ Name: uid
Value: 27540236577905304
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~2agt:18yl~2agt"
.turn.com/ Name: uid
Value: 4048811943380083445
ads.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22F06AB533-9896-4335-8C3E-9EE7BAB73132%22%7D
.quantserve.com/ Name: d
Value: EA8BCQG_KIEA
.quantserve.com/ Name: mc
Value: 640d5d37-5b4d5-0e526-e1f7f
.bidswitch.net/ Name: tuuid
Value: 455f4f41-2a13-4099-93e8-dc886b3caf87
.bidswitch.net/ Name: c
Value: 1678597431
.bidswitch.net/ Name: tuuid_lu
Value: 1678597431
.mathtag.com/ Name: uuid
Value: 45f7640d-5d38-4300-a975-da320fe16faf
.mathtag.com/ Name: mt_mop
Value: 4:1678597432
.bidswitch.net/ Name: google_push
Value: Aa02lx9yQIszG7DV5-CEtWprYzlk_aZJOIlXDeBgvHfPby5Ow3F6atqIGU3spVxbp5PHZteV-E2WFz__cXHV7Jiw08AYpftJW1PgFQ
.blismedia.com/ Name: b
Value: 640D5D37A1D6857840149969BLIS
.adfarm1.adition.com/ Name: UserID1
Value: 7209521069305231509
.w55c.net/ Name: wfivefivec
Value: oGzjzok01PBdS75
.lijit.com/ Name: ljt_reader
Value: GS9vsGZHm8_w_HXOSXOVGDAP
.360yield.com/ Name: tuuid
Value: c689133b-d552-473e-93de-ccd1284289d1
.360yield.com/ Name: tuuid_lu
Value: 1678597431
.w55c.net/ Name: matchgoogle
Value: 5
.rubiconproject.com/ Name: khaos
Value: LF4XKJSV-1H-HS43
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZA1dNwAApl6F-ABG
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: EFD289D7-718C-4D96-9298-A23C17F9DC73
.adsrvr.org/ Name: TDID
Value: 68509d32-dd47-4b7f-9381-47fd81e53056
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCP6Sr8umsNE7EAUYBSABKAIyCwi-zrL3vLDROxAFOAE.
.rubiconproject.com/ Name: audit
Value: 1|/ezCFL6hiYcvsBapCA4WNN+iICmt8Lm+V96XjVh7KpoUA/VNKEYIigAY4XAsG2tzqIeTsqzORAjLv0ZnN1+t0WpeS2MlTsz5tvacoCptBQ67766Ljq4grY1YBiydVd/L9TDIfB9kYOtALrS87woQ1X5L2q9qmCNPBGBWt6IEQb8TvmGxEG33fPr2txpHIO+WQglbQ0zTchcQ34WIKQkJYpeV4zQUAoiddhEt/Dlz318CeKllS49mk60yXmu5JAcZiOGrbGIBCr+MoQsrZLC0DLiCYzSWP7j+lOyCXXZigKNuJAeEy/aME22WTdwuMuaAyqt4ohc5wWXEi5HJblRAwx2QM5OsEwiOGpPqc0uZCul0NQ91ihtFtvIs7joTOKgHqusxtkTkyIzejZRo/nOrASVhu+sKeVKsiAPAm7Zo0kfOao5DTvj+wh4VtEaL5Ak2hXmDkXMNEu7Dm5xBB77c8zmX7ABkmwk4K0N42l/z2BnNvPh+lQgRsWncuGwUQODolOyCXXZigKOkijDvRvoOtK9AkE8z0xSP
.linkedin.com/ Name: bcookie
Value: "v=2&d9d24868-c1f0-4fd3-8d5a-bb9786e33981"
.linkedin.com/ Name: li_gc
Value: MTswOzE2Nzg1OTc0MzI7MjswMjGgezhXffrn8AO6V7GWQcnA251E9Vo2sU3+lyUDTeGewQ==
.linkedin.com/ Name: lidc
Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2598:u=1:x=1:i=1678597432:t=1678683832:v=2:sig=AQHqwJDhBjjwGSFvzh1cJepFkOncic8h"

2 Console Messages

Source Level URL
Text
network error URL: https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=29181076;s.a=3213511;p.a=357376930;a.a=548234172;cache=2461712631;
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://s0.2mdn.net/sadbundle/4043993433838689384/null
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: data: blob: wss:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ad.atdmt.com
ad.turn.com
ad.yieldlab.net
ads.travelaudience.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.bounceexchange.com
assets.bounceexchange.com
bcp.crwdcntrl.net
c.amazon-adsystem.com
c1.adform.net
cautiouscredit.com
cdn.adligature.com
cdn.d1baseball.com
cdn.datatables.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
chimpstatic.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
code.highcharts.com
connect.facebook.net
d1baseball.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
ef2f25f080b11c05b7468f5484fd393b.safeframe.googlesyndication.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
lb.eu-1-id5-sync.com
match.360yield.com
match.adsrvr.org
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.typekit.net
pagead2.googlesyndication.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pro.ip-api.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
px.ads.linkedin.com
r.turn.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
s1.adform.net
script.tapfiliate.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
sync.teads.tv
t.myvisualiq.net
tag.bounceexchange.com
tagan.adlightning.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
use.typekit.net
visitanalytics.userreport.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ad.atdmt.com
104.109.73.198
104.109.78.125
104.111.217.42
108.138.4.10
108.138.7.62
13.248.245.213
13.32.121.7
141.95.98.64
142.250.181.226
142.250.186.66
143.204.94.230
151.101.2.49
162.19.138.82
172.67.69.254
18.66.147.69
18.66.97.9
185.29.132.241
185.64.189.115
185.80.39.216
185.86.139.94
185.94.180.125
2.17.177.117
2001:4860:4802:34::36
2001:4860:4802:36::178
216.52.2.86
2400:52e0:1e00::1081:1
2600:1901:0:d733::1
2600:1f18:1aca:4280:bc24:2ed2:9346:d7ba
2600:9000:211e:d200:1b:5138:8a40:93a1
2600:9000:223f:8a00:8:48e:53c0:93a1
2600:9000:2250:e400:4:cd41:fa80:93a1
2600:9000:2250:e400:a:e047:752:b361
2606:4700:10::6816:325d
2606:4700:10::6816:3556
2606:4700:10::6816:4998
2606:4700::6810:5714
2606:4700:e2::ac40:840f
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2a00:1450:4001:800::2003
2a00:1450:4001:803::2003
2a00:1450:4001:803::2008
2a00:1450:4001:806::2001
2a00:1450:4001:806::2010
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2006
2a00:1450:4001:813::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c00::9c
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:16::215:14a0
2a02:fa8:8806:16::1400
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a05:d018:d29:3601:3b7f:c7ff:6b3c:c070
2a06:98c1:3120::3
3.120.29.218
3.71.149.231
3.74.185.105
34.102.146.192
34.111.8.32
34.120.107.143
34.120.253.250
34.91.62.186
34.96.105.8
34.98.64.218
34.98.72.95
35.186.253.211
35.190.0.66
37.157.2.239
37.157.2.247
37.157.4.23
37.252.171.52
37.252.173.215
46.228.164.11
51.77.64.70
51.89.9.252
52.223.40.198
52.46.143.56
52.48.111.128
52.49.217.141
52.58.237.138
54.194.48.138
54.224.95.202
67.220.228.203
69.173.144.138
85.114.159.118
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02f012d77f69d09efb2d4adc62a748a007a30a0c52f135f50d2873a9334db36d
033e0749f8158d222c10ec42a544afb64e164468b3343b87dbbd6717e380b7d7
0377e2532170d63ea7ef7def4590b8f1433da71f8400f3a1da9d51368ebc31b3
03d87f337bb68d971d9fdb8ed746c0ab6f4008e6060e63ed67057f444a05a6a6
05606cc2fc47dffcf9056d38d0c28814fa8be2457841e601057b82343681a97a
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
06527c45f5d2009a0b4cbc1fef692941ce321aee8c003d6accc66ed325acbded
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08d0b1b48ad1a845522a8a41c2cc865c91f03ecf3097ac80d911804a52bf357a
0a427e95e8011ef43fc9f65de1de4e82762bef6179218569020f66b59b2a9938
0a500718fa6453092ab94c7a63ecc7de49492ea9cb793fff94f1913b50d027b4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bda3b7f2bd3ccf922d3bc779d317594dde6f9e26f779dab916162025918ffbc
0c32be21920869f3eddf641a1592d4a8662ac13be217d529f913f5b785d6cd0a
0d00ec6271ae198f5081287fda85d154c7ee59b01a11b7c50535b0f6918ab25c
0eca81edfd1a3c8061eadd203630d09c4681620cd6aa063a891328f7ed6b3c73
0f8bbc190d9cb158f38b0aae3c9491e89be9f4dd4028dc1c3bed86a7540eefac
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f
1198df402a6a159ae3f3974f0e8a1825ca8f227f14a0cc8235f1e173edc05443
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1409370db472d466f400f6807f0094d987e27d7a6fcb66b342bf6bc77dcc3794
15ddf64a1db0b06797a274e5975f2303bbfd68ca43e0539ddb4f5aac2bcaa456
15ecfba35cf32e2444a97e58312d61104aaac6eb6c80028df974febe1776b776
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
18336635cd5e9edf2aff3ae18b67250684311c2a459457091b063dafba57d526
1900b69cc8483b8bc2f0aad23051a47d3eabf3c8f98364dbc3de221f6853d7d8
198d5c4c0d908452f6632da880972c8e65d657b7c7cb138a1d856c17389a349c
1c41a6cb75f679db85ddbc5b68d2b31770e33b14df2eb6a35168e93a3409d26f
1ee7f8f930e105469865810cdc78c03d83f56931ec4f2677d6de044af3e29c7d
1ef9ea0486ab4a340089b70c5102bdf6fa53360ba62553958f671570ecaa7122
1f4f317c7334c8bf3f3286db1ccd8cfa54a44fbac5edf9a0d46c745e10d3d9fe
1fbc42d0181201b26dc04a802ba3be5fafb38e3e24060f77a4e0965be6507315
22ec56df25744866a27efb0d3a95c71bec34cd151f986376a9f2e10f498760c9
23c718824a5c88b1469f12f9a4ee4c08481076fd26df5159a34835664cdfc3f6
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
284e7e109678de1ade545b1140f50a4e9c6d7f3783b3b43adda409c42a70829a
286200c5e002448c35e12911a5c2f71afdd954c4b5fa5f2526e3857a4afcd45c
29934ab52db572c893d40563016fedd46dc3da5bb231af5d5b187e7fe66be9d0
29a8260f8a74804c1fe63793ecaf03c5884ad437d12ac3187be8f8508411f44e
2a35eaa1e1f6361c4d7f6182e8a7f4df57f79cf9078768aa0cd23000dcb76303
2b0f8526e7a1b0f1fb42e8acec3c1e7737a1a3065b773ebd13a492952f557967
2dc8e1ebc3500014f0e4072d8d2db22cff83d8a301b8b62bb0bd5df909e4240e
2ea5f4377b4e52037ece02b9b7e4521041820790d01b43334e4b2644a294ed42
2ed5b8cbe9c0e8731180d791d77992e2ee88e9711d7d6b61dcb20268e03639a2
2ef89ad613854bf1798852bcfb4e7404ee37dea7bea3cab7bc1dd67c655809b7
313b389b850f19083db18c039cbd804bf39ef85a2418fd567b2058a94c39255e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
319bb5a941405ea67cbe14748fa6d42bd9cab0868c5027c4f16eae14da4c251e
31b11a2e634abd7166080ec689881f1152413a31284ab5fdff37ffd2cfac3212
321464bf05ae113640bc77a9e85ed70682af15a892ed5f4849ec361c1ac93060
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329c9c7026d1c9423b642686137df4cd4e720aecb0059ed286a5bb1b520b9fc9
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3663058ada0ff50176d23fd110cff17ec6d438b1342cfcac8ca86c7a71cefd9e
377bc25a040deafc0f0f6d97cc02a6b49db215b824e8ee637ff25f0fa5506033
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
37dcd72ceb3924a0706774df447ccd8b95e2053b4a4215596da32fdd6466cb1e
37df023c2038ebaf1a80b917b7a1b1a881bef6c076f971424f30356c89b4a5a9
381c15ec3889b1231b0a7556199933fac63fd895f13877c24c4ae542d7a50b4a
39f5028a106bec687259482194c91a0e7274c0fd0bea779ca55ad67731be5998
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
3d790aa9ffe3bfff038ed28fb2e130f83835fab53bde5e1dd0fda13c3ba7a1e8
3d8a9299e4999d41a6bfda057db961c5e205a87a0b26e3b94f2d13ba4d5890ef
3de296fe130894638a6b6533d724b08634986a1338aebcf9e09f5eecec231298
3e3d55c26926133b75a4188bb5accc4e6d3e44d0d852ccc2e448f8161d9b162a
3eea91d2a1da9a9f4e856691894e46d9565b4bcb19c0a2817e9468e6a7aedad2
3fbb7dc619788ae13aec18ac90445854ead7eafa6262fe5bd343485f9be7e49a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40a1019fdab5886ad4f109e8c7ec6f46751c04c5ca107ea41653a80cb7bb86e6
40e7881b36ca7ef7d318a44967dd2a8608f4f83b3f095d871de488b5970c9166
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
421e2a6c62ddf47fddb4ca94b743147eafc0796d77b7d68dc3be19628447da8d
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42f769644193a8af8891745259d73a8d2fef4b06b4f168ff4a71b62bd1252218
44798a517a7c8d28c1e371a1b8b869bae1608bd48df7ed50800cbed8703612c1
4552e8f83ebc6080577342a2b4614fb5f05e7e0d0b20df5cdbe017d848796f7f
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
495a27ae37b682fceb11fec0318acd688d72d07d2000b6df2cf88ef4da333773
4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c
4994b1388a16904d79e209e535b0e541fae8adf7e525bdb1068bc735eb72df80
4a33d093820151918c2f34a1b163118b751f8d7ad0013f57cf8cec708dabd9f8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c0092148c9c28f095b5d557dce3f3852345c61695c4c000dd2bd26a26bd48c5
4caec19fb48c8b123d8f1dd3443f2bd70863adf6408db3ea83b1ee46df65c454
4d8d1572235ebd38b0fcdf3c837919a63066fe5220e066eacb1e8dac66c8d6a5
4ded4e1a92a6ae365f5dc0a4e06ce91a78795b7df47acc1126ce0d24f03c0277
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
4fe10aedccd8c9aae643e857f89de45eb87d0416fffba52739bb57fee3bf61ab
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
507c7250034a616ad2441c580ac5735302241f0247c312b30c0eaf895d8ddae8
50de719051ac450992625c5ff7b3dc8de4a1b2e83be9a088e9e36ab7452e25be
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a75b698f766b9b6566bc68a1bcbdc9bf755f0a3296d58059285ac7bd5df8e2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b47c8cb579a37490b9e884cd34ff023ef4d512c3cf8d990375673e16dc1377
5723df998f0016451437a52f14914efa760c9e97c43b048b3283e0e05140dcc0
57c2b596262f49dfc85822938e3989a0345fcd5ddd698423283ca15f162f6b99
5824bb199f36a42c091df319b8e05bc4a3668988cff9bef3f6aed944a49da911
589405077e8808e851b67cfa520aeaeba7fc63d5ec23f2fe78ec7ad7a746ae26
58fb75e3eebef6f543c49f2d8b79bf460e10ea0ddd64f977b73dd0cd7ec3d46e
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5b45124cb404564b355f62ca079dcab451a55d21c26cf9ffcc69434d254c312b
5bd39fc8f979d189a886d8c6aeaf63cbb087ca5fe97bb8f67bd7da3a3a90ca1e
5cb70ed14e203084cc29116cd282fbbadf7e874ebd12aab5287c8ec1445152c9
5df9f530a6d9d503d73a5b89738c888eabae2bd098482df8b52f4f494c74f515
5efe778f9887e53ee7ceb3425102bfb2f51c953b46093e509856ac8c170f976d
5f090c7e6dd7692a1054ed0646b590b3ca5a94711cf2bf16222c724c27514d8d
6063e81c5a07865e6091bde60f6773998397a95ae98b438d96f2eb3a9c946fe7
61420df1d3b7db0b8f112f35adb4cb45c3e7e2e952db8854060ff9229a03721d
615e2800a9dea94b21e1b1242482215947235750a21c790f04456cce3733b01b
6178e786ceee737a7336cf1d452046b9082314b638b9cdbd2fc9ece2a6bd9651
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4e3deaf9bd80b768a237961887c0fd46da4e7858da8bf090a17290d16b41e
61f7de13520a14ec37ba246b4846f5850ab87ffbc0d5b366709509c1d97d83b5
62b193a7068a1b0cb384e685c05033c344ef2f1e0c50e299fc6f974c7dc24dde
65a9e4b742dd64f35c7c5b2bd342c84f9baf41f9119a11f5ab0d84fb82cc4b6b
65ecaacea233cbd58cd42e885e80df77cbc92fc6cfd6e85f1d0e9d2852e1e7ed
66cc46bcd958b87327c507bb2b3333176833d9b5d9be22cb1d771c425c9edc85
672a82dee3009bae098d1d4c546c1dbb629b0bf840cbad3a5f1146730bc4f104
68d07b29b70e853b8b05bbb7c9785d9c2a3a05ac21618451d66d9d96603223d1
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
6df419a42560ba41dd14ca27a7e3dc3d31154d28bdbe61b42dee9d0a092c124c
704c6f91b45fb1832efa715c25fc7f70dd72309b3306b7ffc7ea9b60aa9c9a16
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
72da95dcd2360d00d8ef3852e23aa8053491a3a7c82b77b1c4d272f7bf7a7e87
7449c651cd98e922e90c54da024e3fbb9f8ca32f4bfa42ec98fe8fbf4e215a0d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7474e01002813cfba15a5d7b34256c03bda6945a8386ef38e6a7beb36fac9b6b
7758e1a2d3060e4c5804f888ebc944bd436b667712a72fc6f51f4cf31431ae1f
77afdb91b243187311da6bf6529cba227f8a165ad2a86e9569cc3663a4d2db47
78716e23d970dcb7acc853b923d0249cbd976e9a945ca84028581b1bd17da9b6
79a6be7c19a9e1326cb2050ea5a67f47c9932a9c25e2da24ed371d2428f4f948
7c0409c113ae3752471908ad06e1956a53ad5ea24efc0f14322a9d5435d29aa1
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7dbcf8e468897d1283f3e0fec3fce2fc171b44211766893d2d6474a268f08669
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
804f76250ea78fa365e95e46e454121f76e56e7734d6e81423e793a1c44a519e
80865f40e0227605b339f3bfd7f9fab0244cb8f3cbd452a0ce5d8898675f8511
8154aa9057e3367d9d3e4bb1f85db9645c01fc0690091aadc57dbae849ba3499
82b77cd1ab9532f7a1bdeacd50c37fd1f9fdcf2c433917ba0513f3cf4f00a394
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
84274b8f972e0f2f1f10260f90ac67421c2d7ee1148e60531cdbdc5d4308ef88
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85239d4b77274f8aeb812b71bb4ae42d1f55953eeed17f6eea62110d9378c098
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
87fd9fed09b825db82f2c6c42868871e6a8f8ac4344f2587db3bcdad4476f08f
8821cd10861112ac07254592b0b332abd02cfb6ac32c0ac71378be0fb58c309f
885a3c3ed9990cf54ce828353610025f4a88a43581dab47d3d50daf3eb988fc7
88675d02b468546bc0eea3901c3c79ee7496cdf6cc4bb62f3e1740dd2e15bfc5
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1c33c0f88a3dd3265fceb76050c2798b6696e66f8ff91806263d462e2d2bcb
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
91e14949e443f1f5c63b2c75b4b9c8563b73d9a3c9abd732873e444f958277df
91e21f28bebdda81b0b431432f7383b20d958837b81a06771253c7d8e4271b1b
92d4d5a6a2b357f0c44d723a2f9e237301f8c1614c02368c71febaea70b65696
93056e22d27e4790555c463d786a7428354169214992d1957255317e7bf10819
93b93e917c6de0af8c92681e21b4ef82b8804798c58900e5c4b87775f79a3c3d
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9711c16a64e8b4086724485013257f3ba812d103630ddd609e3bcc677a07a0bb
97400ee56ee0bc49966b49ecbac4cc913b4e0112728271fcfb3aa5c18a5f7573
97557bcb023f04ded9636b30d489a0aa8e6275da3a68eec98b057920540dc0c4
98cb2f58c80faff9b6cd08f75a63eaf3571569e011d550c56274586fd65d0547
99b84324eae8bc4063375495892edf2ce5616e4ac8d09531ea31088a860b6ded
9a0585c3598e0bb9fc00259dccd5f24fefc1621ecd5de485f2e2206c14997bb4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9abec92b072fae4a837346c9e645cf30ea279fb5c33d62d2281966b252ba962e
9b08e612d62809f76537387641695e80be8a6d39935dfefb420ca6cb42cb6314
9b4a6ebe3e504b894684b8e94e18e39c512908b42313776600c3cde2452f04df
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9b9e0b0db3a19e8603578ea612cfce5f6c9222dc979754f9465a7375370cf930
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
9df028f2af5affc6b975358132525b34018522d0e5ee9e61676fc6fd75e14a97
9effa8a61af1770fbcc6e7d233fa86a35fcf84714579dc64b0e2ce7e1117824f
9f3e1aae5b1b48ce7a9c619cd9fbaebde282436c3126edbf4dbe31ba7d8e714c
9fa1a314a315d2baa199b3669600e6a2234514d4d5b8b34549f76b2813b208f0
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a210b1564ae040cf98a0639fbf673de64f0a0728ecbfd1b1d96401e1fa075d6c
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
a3f757a755b18e98d4dfb3de042e6fc5f735c9ffc28130a3588cd8528cce4384
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ca5ffb30696def925aaf216875407dd65609a1d88052e7670185f3898d16ec
a67e86b7f5b03d2017080fb3d210007b67a13df1e74251d3cba316c0e080ceca
a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501
aa43888d20f6d8bbe6d11ae8db26eca226c8e3578ad960f97b92f3bb86ad59d6
aa68e17fb13028f96c0d5b38fcf7006182894eb694625f9dedf5824d5066a5f0
aab5c57bf8789729896b5e54de11faed1e927262c7011ae5ff5e1f08b28ce901
ab9ba524c1cad2c23c52c76ea6940e62e0cf033f6b4aa5259eaccb7b6816c43e
ac118ac2854ec98e07e5b88a54f75e1bf9378a4f0601ae5a4e18065b5c9efa99
ad7264a550bae2ce17a861172643a4bf68c4147bb12cb7cb3f85bc4afb0d78f6
adc74646d7bf9561bb3772f9e48578b9b515080504d277adbb8a6f38d852e1d5
ade11a781ff76223c32cdda408ec3af85b07a09d566d797fd137bcd65421d928
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b076101487cbac8906c8953abefe6faa66f231ee9f48afde2b15f232692da126
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1be2ad4fd234932009623fe0e95905a53fb434b7cb36a6bc37d3cb3cacc7b05
b4d08e9df3626ea8ac2ca6bbe904be004f0f4cbcf3179d115b51e7128f1b610e
b8b5d726b51416b29efc4a4799396c73d7a2327f80ebd6ccc682254794dfd33d
baadcb80f1167388c2e6768ce25b138667b32ee639059fb4b4608044536def56
bc316eb29d59e9fd6921160cad376f07c89f4b38f1a6eee0d2b1991cf76cd25d
bc4c8f226eab01325b4ffba9ab7f6a2062e2d41a336a4598f78e7096402ce2be
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bf844665e82fb605b98a4e3a437e02d1228c60d848bad70190bfa8dc25a99e6e
c01bffb49baf84cc43d44a47bdbeab458c7e5f12dfd1de822f95db5e4a3f841e
c043552be6d98da422ec5c2946c7a6588600e29d9f2a871ba1ea1206d3db813b
c0b33dced2daf2471c3a594f88967be061c79f7f5c48c830a58ebfd9168758be
c0cf3cb493f89de244ccb1e0539f9799c52ad5ab3432a58980dbd49bab2f34d4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c30fad058e885802dc2393faa4017b387bc13c2427e207eb39f074a49ea51a20
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c39b42998ad64a936fc68b30314f320a4c4dd1513ec18b42f4b23cf9687a8aa4
c4136bff9d34e01a3fb1f1459d3b66b6e0d14c81a4d5c880c042c7cb8a9f91ac
c4f5a45f990b75fbd082c3cfcb8569dbe5e58b585345d8f02ad29c2df2a8a1ef
c5e4ed3a4d1206f0f598dd5ea0166c616ce16ecbf257362af0257af5f51c6c18
c68ab9bd07a8b529be4b91d29f7370da54270189b14d2e5cacf76c0ffdef7bcd
c95cbf7c131612add055a1924a6084e70b87b1a2f5cda609124b19322b70d9f1
c96037e7a94386bbb2d49f231a771a3162803d80db2b8ece29bd2e4ff6842cb7
c97c6e7742fde0fc4f268897e971691e1bc2962d37f3863ce996c72a1bcd16e5
c9aca03be41dffa1eccaa55f3779224ca09d690930e5228226d62675fb924940
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
cb6e6037584a8dc9c3d2d0fce72201393a4d658767ec62fc539add88a9ebbe8a
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ccdef63a1236abf7b5af0ae6c89023fc19544dffc96f87a880d70c0941df213c
ccea13e054f7c8d52be0c48d10e717e0bf2fb67089608832d0c14d7c11ecb540
ce545c77552e78e7d59dd03b75c3ab950b77c4adf2ca984f78a3d8df8662e885
ced12bb5e40b66b89afdd543442e40cdd41e5ac240d18d5b3e8b594a4b25434b
cef56cfb50af106eee13a8077d15efd46d114217ffa7446463414fb8b25e028e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc34531bbd751b67520a56bc4ffbd8bc64620c509ad83c2367081533e5eb61e
d07dcdbb3ddaba0dda7d56d496cbb5d8fbb1bdadc23f812126d3c4c6ab39e158
d09989b620f9d03fdd09ac7652033679a0ce8cea8ed0e3532a619028652664c4
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d116717e65e4beed505bb32773e7abcb9e759e3141a09a31a93a22315f79ff1e
d1a7f655b0b8be63ec6bc38b04028198ba32b8aab86c194a2b628e80c59aca2a
d2d0a729f5fbbee8e93ac81df2a50ff1d9523c8bfaf34e465de71147ac4299d5
d3c3ab8ebdca56c735a753ebadc4de78cbf6753e12d99d51e5ce9105d4fa8175
d524f0551554a4cad23f55c2428a4b42924766843dcf9ae1643faae1e67f611c
d60235a4b1177847cd63d13c25ce541629711871f19b1dfece7d6bc06f95b005
d66628080bd861870456cc9a761f4fe0420a6789444fdc8ced3366fe80c11cab
d72a9625d0f7ef5234a30455d49f3fd3359ab88b8ff199d3983d4a2f7b6de14c
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9
d9b410c68b3b5f06ca3aa100d694d9cd1250fc6f12b21ccd7355779c17ce1936
da38fa49b7324fe60efeaf0aa68d6fd7e5d81ade79b17a7960ffef1ce20688bf
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
de0612c4b4b44658387671e1dc3095ac9fb94e44e61a2d42363c10a386fcea8e
deee83939325d68ab9e026c98a6a4cd6e3692eedc8460459a494d090a88ecc90
df2f946d3437d3495aeab386500f1de4a68ca15d5d89ca23f9a1c2d930b90701
dfb1f667f1c1811ad36406f4c24055bc1cd750d9517a836acd40e0cdd38769e7
e23064f0de65944686ada90242a58d8c0de5ed90225c573b883640d315104c04
e2936fdc1c21003a76a9528b55a9b9e8dde948c5b1f294b3c5bc62f727e08587
e2b1a998da72c985f4de8df95636710089babc2a5b2674cad9c6efec32f32486
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e58798939afd607aa76e8be948216df69422fb6cb44d15aa7775e56c51ec4bad
e6998c1dd622d8d73a5c9f2ece40f7d194b9fb7bde26836a506b92365d84b577
e7e3908f244f0bba03237b2b9d7e5807c6fa76874b41f9e7e15d1f7be8ad62c2
e81ace42ab8d0734bb48cf738e39b6aa77664ba4e6d6c07b6761f0fc921c1d39
e8b9f230be361444ca929718ca596995ed4519288374b7f69530dd931474325a
e8c803b4ebcbfdcdcb4eb9c9276ec2642bf38e527bf6cc6aa7a5640ae431541f
e8c99f18addd95cafcf5e47a96de3100f66f8f577832bcaf83af7980a9d25ad6
e91f7b4165319a8664b4da9c7436ac831654d04605193b6df4685da43d7a32fa
e9b730ddf3283e484653cf949d4aa05c0e76e3133e75f0ea534e30a2f02ffec3
eab5b9c59d32922ef3f4e87c6d400d0030cbf349103117ff89aef4d4bf4bcb4f
ee03159a1ee2d979a8f7d9afbdf9d29fd7597ee9d38a2ee3e323dd99300c511d
ee3da4f28fcdd9ef9f7f773dbfdcbf571a7fc75e99fc1b4857e2070be6ac0d16
ee5e5a53c03ba71393dc66f1e6b09498e7b58fea19fd83c2d12162108eeefc08
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9265c5005547e7c56246760a0d8b02b1e659925c1be0782f409161e1dda7c8
f07d06b027cc20cc28930a75f2848bfba8c904d0130164af1d1372a619237fb8
f2f6f7d8fb01136f78edd2bd0f5b3484ed2c5bd663ec7210450f3ed030615719
f32a549132fffee763a12b06d1c0d94df2469f3fcc26344a347018c273cb7e9a
f43a06d94a8643f863e607ce1e7e28ca31192278a7db3dd5a87a84e543aaba11
f4dc202afbb150983375a541b3857d81be1f46c351ffacfc362e432a806e1e30
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7455356008a0713cf45bcd28bdf4ffcdedf1a0f181d240474a0d6dfac77e78d
f7c87f2c48785e7064c957c752d54851998571daec41f55e31a4972c18892f37
f8cdfbea94abbdea441cc6cdfc3fa842871125fe0a73892e2e8dd307a42c54ef
f963a6b0afb3692ec8e0bed3cba24b1aa5e2f91981a0ec15b4db302ebf7c6a6c
f99d6b61adf2b3939d64d51c9391bb941bdbf00d773ab630bdff9df0f7c46874
f9be09bc2d5b8d41fc355ec0499577745a8b6cf1a2ca2ce01805c8139ea37aaa
fc299ccb7f231da26440dc6dd1fe5898bfaffc33197fe8cdd713eefafe4866fd
fc3575c93a1b6b59914c16e49cd84c248eda35012f1357a4600f3354e48fd794
fc806e5924e10cb8a72cbd6031c135a34f32263b1902afd915aaa78942b71ff8
fdd41ffba3df4d21d5aaf73aa5817fb15bb239339a898a53414110b7b0ba288a
fdec74b3370ff70cf95f3f26e2497879d7273412c0c8a7cc79141b3cdde4e347
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218
fe748d17db7faaf0b817f622f02501378e0fc02cb2c925b85052e0f3ef91153a
ffc7b0cb3d02425110a9afb13bce78f1725efea55005a4d247f334c71e904dcd
ffd634c1b5b7d55af8d3142d4728eb1a22bfdd1af1de9a67f555f3e166e705c6