www.post2baseball.com Open in urlscan Pro
54.208.212.1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://post2baseball.com/
Effective URL:
https://www.post2baseball.com/
Submission: On March 30 via automatic, source certstream-suspicious (March 30th 2022, 4:09:04 pm UTC) — Scanned from DE

Summary HTTP 261 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 69 IPs in 7 countries across 49 domains to perform 261 HTTP transactions. The main IP is 54.208.212.1, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.post2baseball.com.
TLS certificate: Issued by R3 on March 20th 2022. Valid for: 3 months.

This is the only time www.post2baseball.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 23	54.208.212.1 54.208.212.1	14618 (AMAZON-AES) (AMAZON-AES)
6	52.216.22.21 52.216.22.21	16509 (AMAZON-02) (AMAZON-02)
1 8	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2251:7e00:7:2cb3:cd40:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:224... 2600:9000:224a:6c00:17:ff67:4580:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:205... 2600:9000:2057:7a00:17:ff67:4580:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:205... 2600:9000:2057:4a00:17:ff67:4580:93a1	16509 (AMAZON-02) (AMAZON-02)
2	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1 1	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
9	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
6	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
8	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 1	35.190.13.22 35.190.13.22	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::1	60068 (CDN77 ^_^) (CDN77 ^_^)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42:200... 2a04:4e42:200::645	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1 2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
4	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:801::2010	15169 (GOOGLE) (GOOGLE)
6 9	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::645	54113 (FASTLY) (FASTLY)
2	2a04:4e42::645 2a04:4e42::645	54113 (FASTLY) (FASTLY)
1 5	99.86.7.79 99.86.7.79	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
2	2600:9000:206... 2600:9000:206f:4600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
2	151.101.12.159 151.101.12.159	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.1.194 151.101.1.194	54113 (FASTLY) (FASTLY)
1	35.227.239.69 35.227.239.69	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
3	3.64.152.215 3.64.152.215	16509 (AMAZON-02) (AMAZON-02)
3	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
1	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
2 6	185.33.220.100 185.33.220.100	29990 (ASN-APPNEX) (ASN-APPNEX)
6	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
9	2606:2800:233... 2606:2800:233:8173:898f:63b3:95c3:79d2	15133 (EDGECAST) (EDGECAST)
3 5	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
21	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
2	3.123.114.98 3.123.114.98	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
4	116.202.48.214 116.202.48.214	24940 (HETZNER-AS) (HETZNER-AS)
1 4	144.76.238.55 144.76.238.55	24940 (HETZNER-AS) (HETZNER-AS)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1 2	23.205.253.64 23.205.253.64	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	85.239.105.10 85.239.105.10	16097 (HLKOMM 04...) (HLKOMM 04107 Leipzig)
3	2606:4700::68... 2606:4700::6813:b979	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	67.202.105.23 67.202.105.23	32748 (STEADFAST) (STEADFAST)
2	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
4 4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 3	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
2 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	52.95.115.196 52.95.115.196	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
261	69

23 54.208.212.1 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-212-1.compute-1.amazonaws.com

post2baseball.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.post2baseball.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.216.22.21 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:7e00:7:2cb3:cd40:93a1 (United States)

ASN16509 (AMAZON-02, US)

ngin-bar.sportngin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:224a:6c00:17:ff67:4580:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn3.sportngin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2057:7a00:17:ff67:4580:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn1.sportngin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn2.sportngin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2057:4a00:17:ff67:4580:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn4.sportngin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.21 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.13.22 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 22.13.190.35.bc.googleusercontent.com

inlinemanual.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::1 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.inlinemanual.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:200::645 (United States)

ASN54113 (FASTLY, US)

jssdkcdns.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
identity.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.130 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)

cookiesync.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::645 (United States)

ASN54113 (FASTLY, US)

jssdks.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 99.86.7.79 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-79.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:4600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.159 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.194 (United States)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.239.69 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 69.239.227.35.bc.googleusercontent.com

storage.didna.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.64.152.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-152-215.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.220.100 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:2800:233:8173:898f:63b3:95c3:79d2 (United States)

ASN15133 (EDGECAST, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.35.236.247 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.114.98 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-114-98.eu-central-1.compute.amazonaws.com

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 116.202.48.214 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.214.48.202.116.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.238.55 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.55.238.76.144.clients.your-server.de

hal900021.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Hamburg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.253.64 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-253-64.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.239.105.10 (Leipzig, Germany) 1 redirects

ASN16097 (HLKOMM 04107 Leipzig, DE)

trf.greatviews.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:b979 (United States)

ASN13335 (CLOUDFLARENET, US)

www.parship.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:22::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.130.91 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.115.196 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1324 abs.twimg.com — Cisco Umbrella Rank: 1719 pbs.twimg.com — Cisco Umbrella Rank: 603	416 KB
27	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 cm.g.doubleclick.net — Cisco Umbrella Rank: 206 stats.g.doubleclick.net — Cisco Umbrella Rank: 95 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 250794	203 KB
23	post2baseball.com 1 redirects post2baseball.com www.post2baseball.com	792 KB
21	googlesyndication.com 008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 125	92 KB
15	rubiconproject.com 6 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 450 eus.rubiconproject.com — Cisco Umbrella Rank: 551 token.rubiconproject.com — Cisco Umbrella Rank: 669 pixel.rubiconproject.com — Cisco Umbrella Rank: 348	19 KB
14	sportngin.com ngin-bar.sportngin.com — Cisco Umbrella Rank: 63616 cdn3.sportngin.com — Cisco Umbrella Rank: 49181 cdn1.sportngin.com — Cisco Umbrella Rank: 47247 cdn4.sportngin.com — Cisco Umbrella Rank: 49205 cdn2.sportngin.com — Cisco Umbrella Rank: 49522	3 MB
11	twitter.com 1 redirects platform.twitter.com — Cisco Umbrella Rank: 579 syndication.twitter.com — Cisco Umbrella Rank: 828	279 KB
11	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 7 adservice.google.com — Cisco Umbrella Rank: 76	3 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 344	222 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	348 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45 storage.googleapis.com — Cisco Umbrella Rank: 494	191 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 31903 hal900021.redintelligence.net — Cisco Umbrella Rank: 278591	37 KB
7	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 245 acdn.adnxs.com — Cisco Umbrella Rank: 560	22 KB
6	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 278 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1196	5 KB
6	33across.com ssc.33across.com — Cisco Umbrella Rank: 1486 ssc-cms.33across.com — Cisco Umbrella Rank: 905	640 B
6	mparticle.com jssdkcdns.mparticle.com — Cisco Umbrella Rank: 5487 identity.mparticle.com — Cisco Umbrella Rank: 2536 cookiesync.mparticle.com — Cisco Umbrella Rank: 11846 jssdks.mparticle.com — Cisco Umbrella Rank: 5110	3 KB
6	amazonaws.com s3.amazonaws.com	139 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568	4 KB
5	google.de adservice.google.de — Cisco Umbrella Rank: 8069 www.google.de — Cisco Umbrella Rank: 5640	2 KB
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 132	4 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	40 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 389 mug.criteo.com — Cisco Umbrella Rank: 2685	1 KB
4	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 962 pixel.quantserve.com — Cisco Umbrella Rank: 418	20 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 136	198 KB
3	parship.de www.parship.de	3 KB
3	medialead.de 3 redirects pv.medialead.de — Cisco Umbrella Rank: 45052 medialead.de — Cisco Umbrella Rank: 44533	1 KB
3	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1085	352 B
2	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 15359	1 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 257	796 KB
2	clarium.io protected-by.clarium.io — Cisco Umbrella Rank: 1909	690 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 99	388 B
2	fastly.net confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1571	107 KB
2	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 894	2 KB
2	inlinemanual.com 1 redirects inlinemanual.com — Cisco Umbrella Rank: 16925 cdn.inlinemanual.com — Cisco Umbrella Rank: 18550	268 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	114 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 1951	3 KB
1	yahoo.com ads.yahoo.com — Cisco Umbrella Rank: 1030	194 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 599
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 385	707 B
1	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 367	715 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 396	14 KB
1	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 80262	312 B
1	greatviews.de 1 redirects trf.greatviews.de — Cisco Umbrella Rank: 369409	1 KB
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 43911	627 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 169	37 KB
1	lockerdome.com lockerdome.com — Cisco Umbrella Rank: 9475	341 B
1	didna.io storage.didna.io — Cisco Umbrella Rank: 77145	3 KB
1	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2556	650 B
0	advertising.com Failed adserver-us.adtech.advertising.com Failed
261	49

	Domain	Requested by
22	www.post2baseball.com	www.post2baseball.com
21	pbs.twimg.com	www.post2baseball.com platform.twitter.com
11	tpc.googlesyndication.com	008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com googleads.g.doubleclick.net www.post2baseball.com tpc.googlesyndication.com securepubads.g.doubleclick.net confiant-integrations.global.ssl.fastly.net
10	cdn.ampproject.org	confiant-integrations.global.ssl.fastly.net
9	abs.twimg.com	www.post2baseball.com platform.twitter.com
9	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
9	fonts.gstatic.com	fonts.googleapis.com
9	platform.twitter.com	www.post2baseball.com platform.twitter.com
8	pagead2.googlesyndication.com	008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com tpc.googlesyndication.com www.post2baseball.com
8	securepubads.g.doubleclick.net	www.post2baseball.com securepubads.g.doubleclick.net
8	www.google.com	1 redirects www.post2baseball.com tpc.googlesyndication.com
6	ib.adnxs.com	2 redirects www.post2baseball.com googleads.g.doubleclick.net acdn.adnxs.com
6	fastlane.rubiconproject.com	www.post2baseball.com
6	fonts.googleapis.com	www.post2baseball.com confiant-integrations.global.ssl.fastly.net hal900021.redintelligence.net
6	s3.amazonaws.com	www.post2baseball.com ngin-bar.sportngin.com s3.amazonaws.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com www.post2baseball.com
5	sb.scorecardresearch.com	1 redirects www.post2baseball.com storage.didna.io
5	www.google-analytics.com	www.post2baseball.com www.googletagmanager.com
4	token.rubiconproject.com	4 redirects
4	hal900021.redintelligence.net	1 redirects 008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com hal900021.redintelligence.net
4	hal9000.redintelligence.net	008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com hal900021.redintelligence.net
4	storage.googleapis.com	www.post2baseball.com storage.googleapis.com www.googletagmanager.com
4	connect.facebook.net	www.post2baseball.com connect.facebook.net
4	cdn4.sportngin.com	www.post2baseball.com
4	cdn1.sportngin.com	www.post2baseball.com
4	cdn3.sportngin.com	www.post2baseball.com
3	aax-eu.amazon-adsystem.com	2 redirects
3	pixel.rubiconproject.com	2 redirects
3	s.amazon-adsystem.com	2 redirects
3	ssc-cms.33across.com	storage.googleapis.com
3	www.parship.de	hal900021.redintelligence.net 008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com
3	ssc.33across.com	www.post2baseball.com
3	btlr.sharethrough.com	www.post2baseball.com
3	www.google.de	www.post2baseball.com
3	stats.g.doubleclick.net	www.post2baseball.com
3	adservice.google.com	securepubads.g.doubleclick.net 8019191.fls.doubleclick.net
2	eus.rubiconproject.com	storage.googleapis.com eus.rubiconproject.com
2	8019191.fls.doubleclick.net	1 redirects www.post2baseball.com
2	www.awin1.com	1 redirects 008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com
2	pv.medialead.de	2 redirects
2	s0.2mdn.net	www.post2baseball.com
2	protected-by.clarium.io	www.post2baseball.com
2	mug.criteo.com	www.post2baseball.com
2	gum.criteo.com	1 redirects
2	www.facebook.com	www.post2baseball.com
2	pixel.quantserve.com	www.post2baseball.com storage.didna.io
2	confiant-integrations.global.ssl.fastly.net	storage.googleapis.com confiant-integrations.global.ssl.fastly.net
2	cdn.syndication.twimg.com	platform.twitter.com
2	rules.quantcount.com	secure.quantserve.com
2	008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	jssdks.mparticle.com	www.post2baseball.com
2	secure.quantserve.com	www.googletagmanager.com storage.didna.io
2	syndication.twitter.com	1 redirects platform.twitter.com
2	identity.mparticle.com	www.post2baseball.com
2	www.googletagmanager.com	www.post2baseball.com
2	www.paypalobjects.com	www.post2baseball.com
1	ads.yahoo.com
1	id.rlcdn.com
1	px.ads.linkedin.com
1	acdn.adnxs.com	storage.googleapis.com
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.post2baseball.com
1	ad-server.eu	008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com
1	medialead.de	1 redirects
1	trf.greatviews.de	1 redirects
1	pb.media01.eu	hal900021.redintelligence.net
1	www.googletagservices.com	008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com
1	lockerdome.com	www.post2baseball.com
1	storage.didna.io	storage.googleapis.com
1	cookiesync.mparticle.com	www.post2baseball.com
1	www.gstatic.com	www.google.com
1	jssdkcdns.mparticle.com	www.post2baseball.com
1	cdn.inlinemanual.com	www.post2baseball.com
1	inlinemanual.com	1 redirects
1	cdn2.sportngin.com	www.post2baseball.com
1	www.paypal.com	1 redirects
1	ngin-bar.sportngin.com	www.post2baseball.com
1	post2baseball.com	1 redirects
0	adserver-us.adtech.advertising.com Failed	www.post2baseball.com
261	81

This site contains links to these domains. Also see Links.

Domain
www.sportsengine.com
falb.sportngin.com
www.facebook.com
www.google.com
www.youtube.com
www.instagram.com
twitter.com
teamlocker.squadlocker.com
se-mobile-app.elevio.help
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
www.post2baseball.com R3	`2022-03-20` - `2022-06-18`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
se-bar.sportsengine.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
assets.ngin.com Amazon	`2021-09-03` - `2022-10-02`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-02-08` - `2023-01-10`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-06` - `2022-04-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
jssdkcdns.mparticle.com R3	`2022-02-25` - `2022-05-26`	3 months	crt.sh
identity.mparticle.com Go Daddy Secure Certificate Authority - G2	`2021-07-07` - `2022-08-08`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
jssdks.mparticle.com R3	`2022-02-25` - `2022-05-26`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
cdn.syndication.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-30` - `2022-07-30`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
storage.didna.io GTS CA 1D4	`2022-02-13` - `2022-05-14`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
ssc.33across.com GTS CA 1D4	`2022-03-22` - `2022-06-20`	3 months	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2021-09-27` - `2022-10-29`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
protected-by.clarium.io Gandi Standard SSL CA 2	`2020-04-03` - `2022-04-26`	2 years	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
redintelligence.net R3	`2022-03-29` - `2022-06-27`	3 months	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh
www.parship.de Cloudflare Inc ECC CA-3	`2021-06-09` - `2022-06-08`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://www.post2baseball.com/
Frame ID: CC1F82F9AEA0FC3E5AFDB41DE084CF46
Requests: 134 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fwww.post2baseball.com
Frame ID: 3A6957D4A8AD612B7ADD63365E07D74F
Requests: 2 HTTP requests in this frame

Frame: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DE6A98DD78A271AF0D4A1B3CD7D8A282
Requests: 1 HTTP requests in this frame

Frame: https://storage.didna.io/didna_trackers.html
Frame ID: 39D47EA90ED2A6F1CD376BC66D21B408
Requests: 6 HTTP requests in this frame

Frame: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E3AAE105CC7935017245CAB0660553D4
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjhk7vGATAB&v=APEucNUzU4b3VYFM4v8tF57CATxlajCHJSwxNhuWLExkBasrODvj4iF5oYffSOQtu5-CXIkk7RHTHFZ6ppA_oTdXVa4AtZk5bwGQ3xVQJwrKhwrDlLqsMBGSpVjKJPk3FFTeTCUM8qRt7RSwlxYYweknP8idvF8mnSf8xztUABus94Zo3RQ0uHU
Frame ID: 3B7DDB851880CCC9611C1F1EC384FA48
Requests: 5 HTTP requests in this frame

Frame: https://abs.twimg.com/emoji/v2/72x72/1f52e.png
Frame ID: 7F6902DAC1F61F7B0A4DAD7EB50068D1
Requests: 21 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 8FEA8D4396557ACF081F8BE6F5866842
Requests: 16 HTTP requests in this frame

Frame: https://abs.twimg.com/emoji/v2/72x72/1f52e.png
Frame ID: C0DCD5D572B152A9FDC54F10E1F94637
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9CE5D205376EB79A21AB8D80BDB14579
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=24721000174882704444540011914021&actionid=981741&produktid=&dt_url=
Frame ID: 6E662D459773D5537053532F29668162
Requests: 1 HTTP requests in this frame

Frame: https://www.parship.de/wplp/htlp/de/?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1648656537.5712300.b415651c-b043-11ec-8eb3-00155def0803ID
Frame ID: 5D220839DC8C0FFEA7428937A549585C
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CIu5-Jmc7vYCFcfMGwodqQQKhA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2737928645739.8975
Frame ID: D30F42BA3DB39AD24D34E5D70B4471C2
Requests: 2 HTTP requests in this frame

Frame: https://hal900021.redintelligence.net/request_content.php?s=24721000174882704444540011914021&a=7d427c8b
Frame ID: F09991ADF214570F0522947305DA3019
Requests: 6 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: F6ED9D5CAD4B47228DBF2B9735B30FBC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7340883A84599E0EDB46D84299612000
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BD14D15749A159A78B53E4BE04C46142
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 8D2B2FFCEFE65A9C463D2E3BF1C9BD78
Requests: 16 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cQGneY9Z4r6BaCaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 7A387F935262AD3D3F1B67F70F6ABF27
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dfIcbi9Z4r6ykxaKkGJozW&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 4D36CFFEB6DE0E8EB20EA441B167E051
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 986090BD1CF81F356F9766C11CC3A338
Requests: 10 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dr8UfG9Z4r6ykxaKkGJozW&gdpr_consent=undefined&us_privacy=undefined
Frame ID: AB7E1C6DC3B64D1ACE5355459C9ABE3C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2A7E1AC93CE92CD8EE088DF13302CCA1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fargo Post 2 American Legion Baseballchevron-leftappsarcheryarrow downarrow-right-circlearrow-right-circlearrow up downarrow upattachbankhandballbellsport climbingboxingfiltercameracanoe slalomArtboardcheck-circle-ocheck-circlecheck-square-oSelectedchevron-downArtboardchevron-leftchevron-rightchevron-upsport climbingcopyArtboard 2cyclingdatedibbsdivingchevron-leftchevron-rightdownloadearthedit_columns.svgemail_notificationmail-circleenvelopeequestrianfencingfilefilterCustom PresetArtboardyoutube-circleGrid Menugrip-horizgrip-vertpersons-three-circlegymansticshiddenhandballinfo-circle-ojudokaratetimelinkfilterlockkaratemergeminus-circle-omoney-circle-omoney-requestmoney-sendfinancial_settings_iconnavigationnavigationnoone-circletwo-circlethree-circlefour-circlefive-circlecanoe slalompencilperson-addperson-removepersons-threepersons-twophoneshootingplus-circle-oplus-circlepluspluspostprintprogramsquestion-circle-orefreshshootingrowingrunningmulti-hull sailingsearchsettings3E6C309B-D13C-44FF-8B2E-65CAF12B3036shootingsport climbingsport climbinglogo@3xsl-icon-outlineswap-verttable tennistaekwondoteam-flag-circle-filled-flagtext_notificationtimetimes-circle-otimes-circletimesshootingtrashtriathalonupdateuploadwarningwater polowebpageweight liftingwrench

Page URL History Show full URLs

https://post2baseball.com/ HTTP 302
https://www.post2baseball.com/ Page URL

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

261
Requests

92 %
HTTPS

49 %
IPv6

49
Domains

81
Subdomains

69
IPs

7
Countries

7429 kB
Transfer

14136 kB
Size

52
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sportsengine.com/
Title: SportsEngine

Search URL Search Domain Scan URL

URL: https://falb.sportngin.com/register/form/406923056
Title: Register: 2022 Player Registration

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Post2Dugout

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/Fargo+Post+2+Baseball/@46.8894348,-96.7783312,17z/data=!3m1!4b1!4m5!3m4!1s0x52c8c96493709a03:0x542c5a2b513dcd33!8m2!3d46.8894348!4d-96.7761425

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCmoEk11a78cHM7djIv_ks7A

Search URL Search Domain Scan URL

URL: https://www.instagram.com/post2clubhouse/

Search URL Search Domain Scan URL

URL: https://twitter.com/fargo_post2

Search URL Search Domain Scan URL

URL: http://teamlocker.squadlocker.com/#/lockers/fargo-post-2-baseball?_k=pp9qnw

Search URL Search Domain Scan URL

URL: https://falb.sportngin.com/register/form/428527566
Title: Register: Post 2 Alumni Contact Information Registration

Search URL Search Domain Scan URL

URL: http://se-mobile-app.elevio.help/en
Title: http://se-mobile-app.elevio.help/en

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/sportsengine-team-management/id499597400?mt=8
Title: https://itunes.apple.com/us/app/sportsengine-team-management/id499597400?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.sportngin.android&hl=en_US
Title: https://play.google.com/store/apps/details?id=com.sportngin.android&hl=en_US

Search URL Search Domain Scan URL

URL: https://www.sportsengine.com/solutions/
Title: Sports Relationship Management

Search URL Search Domain Scan URL

URL: https://www.sportsengine.com/corp
Title: ©2022 SportsEngine, Inc.

Search URL Search Domain Scan URL

URL: https://www.sportsengine.com/?utm_source=Sitebuilder&utm_medium=Footer&utm_campaign=SportsEngine+Internal+Link&utm_term=Footer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://post2baseball.com/ HTTP 302
https://www.post2baseball.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://www.paypal.com/en_US/i/scr/pixel.gif HTTP 301
https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Request Chain 37

https://inlinemanual.com/embed/player.cacb2d9a339b3500c03525980ca2a24c.js HTTP 301
https://cdn.inlinemanual.com/embed/player.cacb2d9a339b3500c03525980ca2a24c.js

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=mparticle_dmp&google_cm&MPID=-7106436119946427085&esid=38183&Key=us1-a493512c2a9ecb4b8ed2a4a2dd3702b6&env=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mparticle_dmp&google_cm=&MPID=-7106436119946427085&esid=38183&Key=us1-a493512c2a9ecb4b8ed2a4a2dd3702b6&env=2&google_tc= HTTP 302
https://cookiesync.mparticle.com/v1/sync/?id=CAESECiHVHYZJYyJho9dKhSemOc&MPID=-7106436119946427085&esid=38183&Key=us1-a493512c2a9ecb4b8ed2a4a2dd3702b6&env=2&google_cver=1

Request Chain 87

https://sb.scorecardresearch.com/b?c1=7&c2=6035083&c3=120100&ns__t=1648656536746&ns_c=UTF-8&cv=3.5&c8=Fargo%20Post%202%20American%20Legion%20Baseball&c7=https%3A%2F%2Fwww.post2baseball.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=6035083&c3=120100&ns__t=1648656536746&ns_c=UTF-8&cv=3.5&c8=Fargo%20Post%202%20American%20Legion%20Baseball&c7=https%3A%2F%2Fwww.post2baseball.com%2F&c9=

Request Chain 103

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.post2baseball.com%2F&domain=www.post2baseball.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=Gw5hZnw3NWhVTGxTNzZwRkRCUGFFTnB1RCtTMU00bnZnTUVZRUY3Q2tZNVJRdjNGT0dsVWVsU09QeURUZGdYMm5xZkkrakJGamRBTVBGWTdSYVdCWDFtM1VLRm5VZENCdks1bnpRRmRLT2lMM3ltTW8rLzdBSlR0RWNtb1lmVHh5K3MyQ0YwT0NYS3hvU2pCNGpCRTlCeHNsT3IzVW5EdzQ3STg3SHZKajVBeG1xNmlIME51T01FRzNsQnZrVloxVkhFNDFqTkZOR0RYUGNpSWxMTHNkc0xIQ3FHKzNWUWpFdUI1aFQvTEgrQ3lUTkNiNmE3SjBtRE5xWFVRRzdZOW1vemlwfA&cppv=2

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOFMLMe6nWf-FN24CVJ1_oc&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOFMLMe6nWf-FN24CVJ1_oc&google_cver=1&C=1

Request Chain 138

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkSAmFZae6ih1.dSoPmPogAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOFMLMe6nWf-FN24CVJ1_oc&google_cver=1&google_hm=2

Request Chain 139

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECXjfkSWbocSd-Ptd15oS9E&google_cver=1

Request Chain 140

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQyNzMxNjU2MDE3MzE4MjIz

Request Chain 179

https://hal900021.redintelligence.net/request.php?zone=joawi09wjq7m&nw=20&renderingType=javascript&namespace=bbac6438b1&subid=&uid=cdd92fc103f42c33&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUM3Nl4BEYpqjNcjk3wPpj56wAuvSwaFp_fTe9MUP8C4QASDpoLUeYJWqoIKwB8gBCakCth3U21qrsj6oAwGqBO8BT9D8I8uK2QLPEjpvkq3Zh6Zii-ws80DY15gq5uhpqh2kW0T2GEUYrmH1zOirjDqQ6cbQPpEDcs22_wbWeLuH0Mbb7386O_mamOtr9DKM_qepWpOnOfWP_AireWx2gIdsG1dNx5T7TchWBUy8gAM1WqOWM1XGy9AMwtvtB36JFDWh_JPaS9scvXKkqHQexpOaVHbdnGhsi7uVu9zXMlNeEHUpXWm45IsDwZefCE7SGseP72-kntptb18TPetYnyg2Pj71GcX1VixVf8B_B-O4OM3JmQ3TMzJ1EKDh-2-d-qy6FY2-j6ZLFAk8us79B2zABL6O6uT5A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoU_O00b-lbsAVitk1100dUskNLUd2AVdEbtUfNSDhh-ssE1LbtQ%26sig%3DAOD64_2SMqSG2_bmcHaAq4f96dH94E2jRg%26client%3Dca-pub-8272786997612568%26dbm_c%3DAKAmf-Aq0ApVL1grlPbbDa8fEcHUrPf19a2yEAmCSp_q1Peiwu3meSbJ-QIOiIazCWYJgS0xVuDG4iWYcLwWNxyDEtb7Czq8INbSdEjkhdgoZnHzBL4gMbIH3uQlWihHufXKa_mGXNh5y-A2f7dZS-rLJHW2pUiVjg%26cry%3D1%26dbm_d%3DAKAmf-Ao32euOb5F9EDKZ6V2g4KRruoK9q3C9iMhlC3B6KGNnANJ53bFNoCj7MtyuBSbSYrGidVXbXBDnXK9ri-XUKjMSjxZDG6UDwEUgmfo2n96BtRufiuWBn_xvQzOagJoXoz0gZn0IQyA2YE1a_dzXmSNS_H9Zml2hmXcK343oK5rzpZr_L5wNQ-HDjB1_JKPNraOHyrWuIZntuLBEP8g74lGjOK6-z1Aj4jzvJKukapzQ4xjCIG33fKTFEb5EKyFiUG7S2q81AbMJpfCX8vYrKAS-JIjadsexBX2_0XN0uA2SXpaYmzrgAa6mlEOvE1KEX8UfBYZvWAXivnY0Tl3luHWyqIgIiee6xsgMmnRWqPvjSxDBVwyMa85n5XcrFVzEu9-UxjL2xhkzTPqU4Nt_nQkOMUbACUAPVTDUh-wettudTA8dpegSiY4wj1cyCWkFThCt_ulnleNJJmV0bLBVegfUQGCSA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.post2baseball.com%2F&ancestorOrigins=https%3A%2F%2Fwww.post2baseball.com&random=8199279156038&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900021.redintelligence.net/request.php?zone=joawi09wjq7m&nw=20&renderingType=javascript&namespace=bbac6438b1&subid=&uid=cdd92fc103f42c33&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUM3Nl4BEYpqjNcjk3wPpj56wAuvSwaFp_fTe9MUP8C4QASDpoLUeYJWqoIKwB8gBCakCth3U21qrsj6oAwGqBO8BT9D8I8uK2QLPEjpvkq3Zh6Zii-ws80DY15gq5uhpqh2kW0T2GEUYrmH1zOirjDqQ6cbQPpEDcs22_wbWeLuH0Mbb7386O_mamOtr9DKM_qepWpOnOfWP_AireWx2gIdsG1dNx5T7TchWBUy8gAM1WqOWM1XGy9AMwtvtB36JFDWh_JPaS9scvXKkqHQexpOaVHbdnGhsi7uVu9zXMlNeEHUpXWm45IsDwZefCE7SGseP72-kntptb18TPetYnyg2Pj71GcX1VixVf8B_B-O4OM3JmQ3TMzJ1EKDh-2-d-qy6FY2-j6ZLFAk8us79B2zABL6O6uT5A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoU_O00b-lbsAVitk1100dUskNLUd2AVdEbtUfNSDhh-ssE1LbtQ%26sig%3DAOD64_2SMqSG2_bmcHaAq4f96dH94E2jRg%26client%3Dca-pub-8272786997612568%26dbm_c%3DAKAmf-Aq0ApVL1grlPbbDa8fEcHUrPf19a2yEAmCSp_q1Peiwu3meSbJ-QIOiIazCWYJgS0xVuDG4iWYcLwWNxyDEtb7Czq8INbSdEjkhdgoZnHzBL4gMbIH3uQlWihHufXKa_mGXNh5y-A2f7dZS-rLJHW2pUiVjg%26cry%3D1%26dbm_d%3DAKAmf-Ao32euOb5F9EDKZ6V2g4KRruoK9q3C9iMhlC3B6KGNnANJ53bFNoCj7MtyuBSbSYrGidVXbXBDnXK9ri-XUKjMSjxZDG6UDwEUgmfo2n96BtRufiuWBn_xvQzOagJoXoz0gZn0IQyA2YE1a_dzXmSNS_H9Zml2hmXcK343oK5rzpZr_L5wNQ-HDjB1_JKPNraOHyrWuIZntuLBEP8g74lGjOK6-z1Aj4jzvJKukapzQ4xjCIG33fKTFEb5EKyFiUG7S2q81AbMJpfCX8vYrKAS-JIjadsexBX2_0XN0uA2SXpaYmzrgAa6mlEOvE1KEX8UfBYZvWAXivnY0Tl3luHWyqIgIiee6xsgMmnRWqPvjSxDBVwyMa85n5XcrFVzEu9-UxjL2xhkzTPqU4Nt_nQkOMUbACUAPVTDUh-wettudTA8dpegSiY4wj1cyCWkFThCt_ulnleNJJmV0bLBVegfUQGCSA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.post2baseball.com%2F&ancestorOrigins=https%3A%2F%2Fwww.post2baseball.com&random=8199279156038&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 182

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 205

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=24721000174882704444540011914021&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=24721000174882704444540011914021&actionid=981741&produktid=&dt_url=

Request Chain 206

https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=24721000174882704444540011914021&pv=1 HTTP 302
https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ HTTP 302
https://www.parship.de/wplp/htlp/de/?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1648656537.5712300.b415651c-b043-11ec-8eb3-00155def0803ID

Request Chain 207

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2737928645739.8975 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CIu5-Jmc7vYCFcfMGwodqQQKhA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2737928645739.8975

Request Chain 209

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=24721000174882704444540011914021 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=24721000174882704444540011914021 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 215

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 265

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1DRJ8Z4-I-9IL

Request Chain 267

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=unnT8fJVRc2r9bwAOhXWVA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=unnT8fJVRc2r9bwAOhXWVA

Request Chain 268

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjkxODRkYjNlN2MzZjZkMjAzMjg1ZDI3YjM0NGI4YmExNGIxMWYzNA

Request Chain 269

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=BvJTm9TgR3-9ZsERZr_uPA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=BvJTm9TgR3-9ZsERZr_uPA

Request Chain 270

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFEUko4WjQtSS05SUw=

Request Chain 271

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFLYvf7UxJSedERHCbGfl8Y&google_cver=1

Request Chain 272

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1DRJ8Z4-I-9IL&sigv=1&esig=2~36b402cc802c055335c3a57f717baad556ba2542

261 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.post2baseball.com/
Redirect Chain

https://post2baseball.com/
https://www.post2baseball.com/

73 KB
20 KB

474ms
133ms

Document
text/html

54.208.212.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.post2baseball.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.208.212.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-208-212-1.compute-1.amazonaws.com

Software

nginx + Phusion Passenger / Phusion Passenger

Resource Hash

a26be85074d02f2601f951563662602fc236d93dd6a74a8e34cc193e0dbc72ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control: max-age=0, private, must-revalidate
Connection: close
Content-Encoding: gzip
Content-Security-Policy-Report-Only: block-all-mixed-content; report-uri /csprep/log;
Content-Type: text/html; charset=utf-8
Date: Wed, 30 Mar 2022 16:08:53 GMT
ETag: W/"b135cfc004b4f415178ce504011c5132"
Server: nginx + Phusion Passenger
Status: 200 OK
Transfer-Encoding: chunked
Vary: Accept-Encoding Origin
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
X-Request-Id: d748f276-b2dd-4861-b319-74133d399ae1
X-Runtime: 0.023093
X-SE-K: 0
X-SE-K-POD: 0
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Date: Wed, 30 Mar 2022 16:08:53 GMT
Location: https://www.post2baseball.com/
Server: nginx + Phusion Passenger
Status: 302 Found
Transfer-Encoding: chunked
Vary: Origin
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
X-Request-Id: 8411fe09-0fbe-44e1-8b4e-f54991c3916d
X-Runtime: 0.005545
X-SE-K: 0
X-SE-K-POD: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK page_elements.css
www.post2baseball.com/site_stylesheets_secure/1609/itasca/ 102 KB
16 KB 328ms
122ms Stylesheet
text/css 54.208.212.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.post2baseball.com/site_stylesheets_secure/1609/itasca/page_elements.css?1617976616

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.208.212.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-208-212-1.compute-1.amazonaws.com

Software

nginx + Phusion Passenger / Phusion Passenger

Resource Hash

9ea09c2bf7ae6123e3cddf3f1280d0d4f2816aeb8bd2b9b62da08fc5f985c5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-SE-K: 0
X-Powered-By: Phusion Passenger
Transfer-Encoding: chunked
Status: 200 OK
X-SE-K-POD: 0
Connection: close
X-XSS-Protection: 1; mode=block
X-Request-Id: 6ebea70f-a2be-4fcf-aeaa-724ace38464d
X-Runtime: 0.015289
Server: nginx + Phusion Passenger
ETag: W/"22444da4f36372d51899c00d6a28953c"
Vary: Accept-Encoding, Origin
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=2592000
Expires: Fri, 29 Apr 2022 16:08:54 GMT

GET
H/1.1 200
OK sports.css
www.post2baseball.com/site_stylesheets_secure/1609/itasca/ 218 KB
33 KB 328ms
122ms Stylesheet
text/css 54.208.212.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.post2baseball.com/site_stylesheets_secure/1609/itasca/sports.css?1617976616

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.208.212.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-208-212-1.compute-1.amazonaws.com

Software

nginx + Phusion Passenger / Phusion Passenger

Resource Hash

076dce4465180be1c967735596bfe0b50016160abe708db7dff71a0f1ad7306e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-SE-K: 0
X-Powered-By: Phusion Passenger
Transfer-Encoding: chunked
Status: 200 OK
X-SE-K-POD: 0
Connection: close
X-XSS-Protection: 1; mode=block
X-Request-Id: 78e698bf-cdea-48e0-9960-024c29a4e895
X-Runtime: 0.015272
Server: nginx + Phusion Passenger
ETag: W/"1d4c1966f09c9de5e693089d14d02c84"
Vary: Accept-Encoding, Origin
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=2592000
Expires: Fri, 29 Apr 2022 16:08:54 GMT

GET
H/1.1 200
OK default.css
www.post2baseball.com/site_stylesheets_secure/1609/itasca/ 386 KB
66 KB 334ms
126ms Stylesheet
text/css 54.208.212.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.post2baseball.com/site_stylesheets_secure/1609/itasca/default.css?1617976616

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.208.212.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-208-212-1.compute-1.amazonaws.com

Software

nginx + Phusion Passenger / Phusion Passenger

Resource Hash

f1dfcd3398944b875bbad4a743d5e624fa4639d43e78526e9224c6e7f5a16c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-SE-K: 0
X-Powered-By: Phusion Passenger
Transfer-Encoding: chunked
Status: 200 OK
X-SE-K-POD: 0
Connection: close
X-XSS-Protection: 1; mode=block
X-Request-Id: 24230e58-8ddd-48d2-867b-f24a1f093728
X-Runtime: 0.018671
Server: nginx + Phusion Passenger
ETag: W/"49bc742121adcf657f98bca034b279ca"
Vary: Accept-Encoding, Origin
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=2592000
Expires: Fri, 29 Apr 2022 16:08:54 GMT

GET
H/1.1 200
OK theme.css
www.post2baseball.com/site_stylesheets_secure/1609/itasca/ 52 KB
10 KB 331ms
122ms Stylesheet
text/css 54.208.212.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.post2baseball.com/site_stylesheets_secure/1609/itasca/theme.css?1617976616

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.208.212.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-208-212-1.compute-1.amazonaws.com

Software

nginx + Phusion Passenger / Phusion Passenger

Resource Hash

1818c502c185828aa93a7baa58ec7836bf36a4d968164c8ea9d01f5d680af79a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-SE-K: 0
X-Powered-By: Phusion Passenger
Transfer-Encoding: chunked
Status: 200 OK
X-SE-K-POD: 0
Connection: close
X-XSS-Protection: 1; mode=block
X-Request-Id: 4f7cfbbd-d55e-4ff2-b877-89f81f767f25
X-Runtime: 0.014745
Server: nginx + Phusion Passenger
ETag: W/"a037c143ea9c77a3d8e673b78292bf27"
Vary: Accept-Encoding, Origin
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=2592000
Expires: Fri, 29 Apr 2022 16:08:54 GMT

GET
H/1.1 200
OK jquery_treeTable.css
www.post2baseball.com/site_stylesheets_secure/ 960 B
1 KB 323ms
114ms Stylesheet
text/css 54.208.212.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.post2baseball.com/site_stylesheets_secure/jquery_treeTable.css?1617976616

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.208.212.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-208-212-1.compute-1.amazonaws.com

Software

nginx + Phusion Passenger / Phusion Passenger

Resource Hash

cf549b33cb314e67d8f9f5ff1c533c8d19fbabe8078cedb8955abfd9af94224f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-SE-K: 0
X-Powered-By: Phusion Passenger
Transfer-Encoding: chunked
Status: 200 OK
X-SE-K-POD: 0
Connection: close
X-XSS-Protection: 1; mode=block
X-Request-Id: 0ed0b47e-71bb-40f8-866d-4556ceb71a27
X-Runtime: 0.006280
Server: nginx + Phusion Passenger
ETag: W/"c1d9ec57693bc250f2d6cd8b6660e1c6"
Vary: Accept-Encoding, Origin
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=2592000
Expires: Fri, 29 Apr 2022 16:08:54 GMT

GET
H/1.1 200
OK shared_components.css
www.post2baseball.com/stylesheets/sn/ 21 KB
4 KB 318ms
109ms Stylesheet
text/css 54.208.212.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.post2baseball.com/stylesheets/sn/shared_components.css?1617976616
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.212.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-212-1.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e1aa73fe50a4957f50bad80b0262cae0010d4c47807e56bbfd300ae9f228c5bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Mar 2022 15:48:55 GMT
Server: nginx
X-SE-K: 0
ETag: W/"62447be7-5292"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: close
Expires: Sat, 27 Mar 2032 16:08:54 GMT

GET
H/1.1 200
OK ngin-bar.css
s3.amazonaws.com/sportngin-snap-production/ui_themes/ngin/latest/ 5 KB
2 KB 450ms
126ms Stylesheet
text/css 52.216.22.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/sportngin-snap-production/ui_themes/ngin/latest/ngin-bar.css?20190108
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.22.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f332a03f201e9067f99a92dce5922b5606eafb2f00e4b03f676c417b50588125

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Mar 2022 18:24:29 GMT
Server: AmazonS3
x-amz-request-id: HJC7HBR2JVBKSMB5
ETag: "4081b4a54b1dc41e53c6b89a8170e2fd"
Content-Type: text/css
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 1624
x-amz-id-2: lpAYL+pxBlqS8Vy8dBsx9DPvV1YFn/H/KPx9PF/XW4BHwC/MLXRjd+idAc/Ovn5MUCTtCzzCOfM=

GET
H/1.1 200
OK semparticle.js Show response
www.post2baseball.com/javascripts/ 221 KB
56 KB 637ms
111ms Script
application/javascript 54.208.212.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.post2baseball.com/javascripts/semparticle.js?1624378150
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.212.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-212-1.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b3f9eef591e70315cacf7e7ba47853097fd87f49f2b2da698376c9872b12d9b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Mar 2022 15:48:55 GMT
Server: nginx
X-SE-K: 0
ETag: W/"62447be7-37333"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: close
Expires: Sat, 27 Mar 2032 16:08:54 GMT

GET
H/1.1 200
OK jquery-1.7.1.min.js Show response
www.post2baseball.com/javascripts/jquery/ 92 KB
33 KB 640ms
109ms Script
application/javascript 54.208.212.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.post2baseball.com/javascripts/jquery/jquery-1.7.1.min.js
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.212.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-212-1.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Mar 2022 15:48:55 GMT
Server: nginx
X-SE-K: 0
ETag: W/"62447be7-16eac"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: close
Expires: Sat, 27 Mar 2032 16:08:54 GMT

GET
H/1.1 200
OK base_packaged.js Show response
www.post2baseball.com/javascripts/ 1 MB
281 KB 648ms
111ms Script
application/javascript 54.208.212.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.post2baseball.com/javascripts/base_packaged.js?1624378150
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.212.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-212-1.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b47c58784a4482652b469c038e3de37b248e1a6fa7b39a546fb1a11d8a3e7196

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Mar 2022 15:49:46 GMT
Server: nginx
X-SE-K: 0
ETag: W/"62447c1a-10c51f"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: close
Expires: Sat, 27 Mar 2032 16:08:54 GMT

GET
H/1.1 200
OK angular_packaged.js Show response
www.post2baseball.com/javascripts/ 615 KB
152 KB 757ms
118ms Script
application/javascript 54.208.212.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.post2baseball.com/javascripts/angular_packaged.js?1624378150
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.212.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-212-1.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7c85da40fe4627203945a68181968dacfec7f4171b8c782da52fec5ca96873bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Mar 2022 15:50:07 GMT
Server: nginx
X-SE-K: 0
ETag: W/"62447c2f-99d1a"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: close
Expires: Sat, 27 Mar 2032 16:08:54 GMT

GET
H/1.1 200
OK main.css
s3.amazonaws.com/sportngin-snap-production/ui_themes/inline-manual/1/ 38 B
441 B 449ms
124ms Stylesheet
text/css 52.216.22.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/sportngin-snap-production/ui_themes/inline-manual/1/main.css?20190108
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.22.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c6d525ed10ffdd03111f29cb2fa381c51e097e5da3691aedbc8cfaa7d7dd61a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:55 GMT
Content-Encoding: text
Last-Modified: Mon, 28 Mar 2022 18:26:14 GMT
Server: AmazonS3
x-amz-request-id: HJC82H93XGTTXF4R
ETag: "2c7f0116063ab5b8b5ccc76f8075cfa5"
Content-Type: text/css
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 38
x-amz-id-2: TGnofS8tngsg6ojIFJuDHPJNhN4Xw98BMPtpEQQTWuaAPwDGZ9yvgYu6QbGKBjx1RumeqvfJNNE=

GET
H/1.1 200
OK grecaptcha.js Show response
www.post2baseball.com/javascripts/ 772 B
689 B 749ms
109ms Script
application/javascript 54.208.212.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.post2baseball.com/javascripts/grecaptcha.js?1624378150
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.212.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-212-1.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a9287f91b897cbdd4715f9166db5069d26f1c454f6e547583f9e00dfed834e35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Mar 2022 15:48:55 GMT
Server: nginx
X-SE-K: 0
ETag: W/"62447be7-304"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: close
Expires: Sat, 27 Mar 2032 16:08:54 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 918 B
993 B 76ms
29ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=recaptchaOnloadCallback&render=explicit

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6bbf3fd71f475c927313b0e2f84a6b28b16dd3109adb6cdf7f4ac75e0cce9fbe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 580
x-xss-protection: 1; mode=block
expires: Wed, 30 Mar 2022 16:08:55 GMT

GET
H/1.1 200
OK theme.js Show response
www.post2baseball.com/javascripts/themes/itasca/ 44 KB
11 KB 866ms
115ms Script
application/javascript 54.208.212.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.post2baseball.com/javascripts/themes/itasca/theme.js?1624378150
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.212.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-212-1.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6d95fed0a1780cad39166f03d66f244fdd85815642e29961833265d59483c6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Mar 2022 15:49:01 GMT
Server: nginx
X-SE-K: 0
ETag: W/"62447bed-afbc"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: close
Expires: Sat, 27 Mar 2032 16:08:54 GMT

GET
H/1.1 200
OK jquery.toolbar.min.js Show response
www.post2baseball.com/javascripts/jquery/ 4 KB
2 KB 1069ms
108ms Script
application/javascript 54.208.212.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.post2baseball.com/javascripts/jquery/jquery.toolbar.min.js
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.212.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-212-1.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f7b9a61e6fc00f0df348cc69db0ef6f1def0525ad5a05a7fef69439e4c3dfaa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Mar 2022 15:48:55 GMT
Server: nginx
X-SE-K: 0
ETag: W/"62447be7-eef"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: close
Expires: Sat, 27 Mar 2032 16:08:54 GMT

GET
H2 200 nginbar.js Show response
ngin-bar.sportngin.com/ 831 KB
216 KB 96ms
22ms Script
application/javascript 2600:9000:2251:7e00:7:2cb3:cd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ngin-bar.sportngin.com/nginbar.js
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:7e00:7:2cb3:cd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: abe6f6d4300b686a452046c7744a3eafd6d249400e8993b1c69af492e50878ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: 9H66AAMgW0fu5xdsrYhNHqCcLwstRLzD
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:21:22 GMT
server: AmazonS3
age: 135
etag: W/"4d17e8e75a02cd2c8b0af3a0f7ce79a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Wed, 30 Mar 2022 16:06:41 GMT
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: x5O7kBKR9RYLQII23tnj2yfnb17D1LARobDibcGl7GDuyhPGtmQfXA==

GET
H2 200 10599470_943338472359418_8631626473637673060_n_large.jpg
cdn3.sportngin.com/attachments/photo/28a9-156775681/ 124 KB
124 KB 628ms
564ms Image
image/jpeg 2600:9000:224a:6c00:17:ff67:4580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.sportngin.com/attachments/photo/28a9-156775681/10599470_943338472359418_8631626473637673060_n_large.jpg
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:6c00:17:ff67:4580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7377d8a02a260237e0dbfad8640e90d51fec627e3511f255d583541eee557189

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 30 Mar 2022 16:08:56 GMT
via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
last-modified: Wed, 14 Apr 2021 02:05:44 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "eb06b0d13718862e951b5a00013597ce"
x-cache: Miss from cloudfront
x-amz-version-id: vFlOco94D.Uoy_4AevPZ81A86xycwJvz
accept-ranges: bytes
content-type: image/jpeg
content-length: 126471
x-amz-cf-id: 2fkl0hY9FmRqPmsjVb4jgdU2W168uLuybV616ucWn_l1I2XsJsEi3A==
expires: Mon, 13 Apr 2026 20:00:00 GMT

GET
H2 200 state_titles_editable_2019_large.png
cdn3.sportngin.com/attachments/photo/357b-147098357/ 411 KB
411 KB 311ms
248ms Image
image/png 2600:9000:224a:6c00:17:ff67:4580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.sportngin.com/attachments/photo/357b-147098357/state_titles_editable_2019_large.png
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:6c00:17:ff67:4580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f85229ccb1304b88cc44cf3cbeb5fba86f62b6a08b28e97b1a7a8c6f1be0e447

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 30 Mar 2022 16:08:56 GMT
via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
last-modified: Sat, 08 Aug 2020 23:33:00 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "6a608f7036c689f8f30c5b9d534b2fb1"
x-cache: Miss from cloudfront
x-amz-version-id: YGALHlP4VcdGtjW6wOyrgx99PoC4DJVv
accept-ranges: bytes
content-type: image/png
content-length: 420404
x-amz-cf-id: OI7cXrHmnOEYyqFne7ITHnbUmAAIpbh4uyWtXjXhqgoe466vOvTvuQ==
expires: Fri, 08 Aug 2025 20:00:00 GMT

GET
H2 200 IMG_20200724_190058752_HDR_large.jpg
cdn1.sportngin.com/attachments/photo/58ac-156776856/ 68 KB
68 KB 321ms
258ms Image
image/jpeg 2600:9000:2057:7a00:17:ff67:4580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.sportngin.com/attachments/photo/58ac-156776856/IMG_20200724_190058752_HDR_large.jpg
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7a00:17:ff67:4580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4655288bb36144adf90da3846bdefb707596ed7856d5c30744ddf532556a34a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 30 Mar 2022 16:08:56 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
last-modified: Wed, 14 Apr 2021 02:23:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "62e3ee060665f0dd97f4356ccd3d44d2"
x-cache: Miss from cloudfront
x-amz-version-id: XKyLdPZCNyMAhvIvlQX4Kh.AS0eN.ggW
accept-ranges: bytes
content-type: image/jpeg
content-length: 69626
x-amz-cf-id: 1xMc7mJW0IdM1U_wtF5smiCLFktuHTEucGKruR12vYqCCkXkxjkxyA==
expires: Mon, 13 Apr 2026 20:00:00 GMT

GET
H2 200 IMG_9702_large.JPG
cdn1.sportngin.com/attachments/photo/398a-155788074/ 164 KB
165 KB 545ms
482ms Image
image/jpeg 2600:9000:2057:7a00:17:ff67:4580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.sportngin.com/attachments/photo/398a-155788074/IMG_9702_large.JPG
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7a00:17:ff67:4580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0484085b10d87f5c1786e48f76dccf9fc442a6ffabcccb6558b9692877171471

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 30 Mar 2022 16:08:56 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
last-modified: Wed, 24 Mar 2021 03:04:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "515d6089ef80977fb04ef50162f03fc6"
x-cache: Miss from cloudfront
x-amz-version-id: O7BKlTt.TB_AuhkudY58AZXxD27PDf5C
accept-ranges: bytes
content-type: image/jpeg
content-length: 168122
x-amz-cf-id: KUNfNmlx9vCqe7xdovNTL623VSZvdsL76JgL_183GQ-jsn1TytUGGQ==
expires: Mon, 23 Mar 2026 20:00:00 GMT

GET
H2 200 Image-1__2_.jpg
cdn1.sportngin.com/attachments/photo/151f-168196596/ 302 KB
303 KB 676ms
613ms Image
image/jpeg 2600:9000:2057:7a00:17:ff67:4580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.sportngin.com/attachments/photo/151f-168196596/Image-1__2_.jpg
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7a00:17:ff67:4580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5894f0aa914fad6ac053e0a8affc79e6b293d7b31aed47055f641447ed586fb1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 30 Mar 2022 16:08:56 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
last-modified: Sat, 18 Dec 2021 04:41:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "3d9f6709b90f2f539044d289584df69b"
x-cache: Miss from cloudfront
x-amz-version-id: s2kbCu2YpY4QIyzr9ql8w1L02wLcUAyW
accept-ranges: bytes
content-type: image/jpeg
content-length: 308849
x-amz-cf-id: bec3I3jdDvUx_jUyKNNH68jWkYHq96re6bTULJZRSmV2LBm9RUpm5g==
expires: Thu, 17 Dec 2026 20:00:00 GMT

GET
H2 200 IMG_20140807_205427_534_large.jpg
cdn4.sportngin.com/attachments/photo/8513/3743/ 30 KB
31 KB 523ms
468ms Image
image/jpeg 2600:9000:2057:4a00:17:ff67:4580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.sportngin.com/attachments/photo/8513/3743/IMG_20140807_205427_534_large.jpg
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4a00:17:ff67:4580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5cb3b13c89eb392d781de5afcdac1a254330bf92211de8490b84af067d9b912d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
last-modified: Sat, 17 Jun 2017 05:17:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "85c82afd09f88ac3a2f4218d98f37628"
x-cache: Miss from cloudfront
x-amz-version-id: yuMAccf64_cQcO2w3WY2QChoKrpHYP3S
accept-ranges: bytes
content-type: image/jpeg
content-length: 31098
x-amz-cf-id: dMn5KXI7dFqXKJf6RBVIMtXRE7EUhBEIa3RJ_nVl82o1gruAC88ZlQ==
expires: Thu, 16 Jun 2022 20:00:00 GMT

GET
H2 200 IMG_20140807_074710_522__2_.jpg
cdn4.sportngin.com/attachments/photo/8524/6679/ 99 KB
100 KB 612ms
557ms Image
image/jpeg 2600:9000:2057:4a00:17:ff67:4580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.sportngin.com/attachments/photo/8524/6679/IMG_20140807_074710_522__2_.jpg
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4a00:17:ff67:4580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ed80cf883403dfeaf08daa47d162cb630bd7d6c22e693ef5b9c45a8cf6d9b689

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
last-modified: Tue, 20 Jun 2017 03:31:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "9f6b28decd8e187633f4d76c87d3b5da"
x-cache: Miss from cloudfront
x-amz-version-id: AXngHl04GdUtsPsvi_mWjoUQWXRZiUua
accept-ranges: bytes
content-type: image/jpeg
content-length: 101374
x-amz-cf-id: pHaJuLdSMbdeKwClQ1ubxiXkvLXN9qjOtwz55UbYpj2xB5zmTBjslQ==
expires: Sun, 19 Jun 2022 20:00:00 GMT

GET
H2 200 IMG_20140804_165726_641.jpg
cdn4.sportngin.com/attachments/photo/cf7d-168196617/ 1 MB
1 MB 523ms
468ms Image
image/jpeg 2600:9000:2057:4a00:17:ff67:4580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.sportngin.com/attachments/photo/cf7d-168196617/IMG_20140804_165726_641.jpg
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4a00:17:ff67:4580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71c91f812d6ccbdbaa76edd6575a0a6b586c3b36825c8d9a6bcc225cb01fb79c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 30 Mar 2022 16:08:56 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
last-modified: Sat, 18 Dec 2021 04:43:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "ed68b8b31a33d3f12569bb467cf92f2c"
x-cache: Miss from cloudfront
x-amz-version-id: 8HC1YglkaSDcl7VbrnTziqbDs7hYnp7T
accept-ranges: bytes
content-type: image/jpeg
content-length: 1307293
x-amz-cf-id: lIuz60U02nU4f5fO1R19xhMtwYplJo8b739uOIo46a-F4HCBeE16DA==
expires: Thu, 17 Dec 2026 20:00:00 GMT

GET
H2 200 btn_donateCC_LG.gif
www.paypalobjects.com/en_US/i/btn/ 3 KB
3 KB 151ms
22ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FA3) /

Resource Hash

33a91bd6d378215fcd413c279aa88d48bda6c8b2ef7695892777c87de37de256

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 May 2021 14:20:07 GMT
server: ECAcc (frc/8FA3)
etag: "60afaa97-c1b"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/gif
paypal-debug-id: 2b4c172ba8a6d
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 3099
expires: Wed, 30 Mar 2022 17:08:55 GMT

GET
H2

200

pixel.gif
www.paypalobjects.com/en_US/i/scr/
Redirect Chain

https://www.paypal.com/en_US/i/scr/pixel.gif
https://www.paypalobjects.com/en_US/i/scr/pixel.gif

43 B
142 B

19ms
19ms

Image
image/gif

192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F24) /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:55 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Aug 2019 04:57:34 GMT
server: ECAcc (frc/8F24)
etag: "5d5637be-2b"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/gif
paypal-debug-id: 81b5359302d60
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 43
expires: Wed, 30 Mar 2022 17:08:55 GMT

Redirect headers

date: Wed, 30 Mar 2022 16:08:55 GMT
via: 1.1 varnish
x-timer: S1648656535.221513,VS0,VE138
x-served-by: cache-hhn4057-HHN
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
location: https://www.paypalobjects.com/en_US/i/scr/pixel.gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: f82825508f1b0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 0
x-cache-hits: 0

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 109ms
18ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6731) /
Resource Hash: c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:55 GMT
Content-Encoding: gzip
Age: 1339
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 29178
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:46:17 GMT
Server: ECS (frb/6731)
Etag: "f7f936f48944db7f829585c4368f33ae+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 squadlocker_small.jfif
cdn4.sportngin.com/attachments/text_block/91b6-150360594/ 5 KB
5 KB 478ms
478ms Image
image/jpeg 2600:9000:2057:4a00:17:ff67:4580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.sportngin.com/attachments/text_block/91b6-150360594/squadlocker_small.jfif
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4a00:17:ff67:4580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c045fa37655cd5222b72999720e1caa0ced01e62b4b71a286df10259d442e994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 30 Mar 2022 16:08:56 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
last-modified: Sun, 25 Oct 2020 21:22:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "6c6ce5d02d4f8af1347c3355d2af1670"
x-cache: Miss from cloudfront
x-amz-version-id: qD1znVY2o9hq7cqNd1l1FYecQJjYcsUW
accept-ranges: bytes
content-type: image/jpeg
content-length: 4981
x-amz-cf-id: uZ3YsiDb-dmM0W2aQ5r20Rjyiw8wjZ4TysCRY121EVF7xU_Ri-3KmA==
expires: Sat, 25 Oct 2025 20:00:00 GMT

GET
H2 200 sports_engine_large.png
cdn2.sportngin.com/attachments/photo/ba20-125279012/ 112 KB
112 KB 481ms
481ms Image
image/png 2600:9000:2057:7a00:17:ff67:4580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.sportngin.com/attachments/photo/ba20-125279012/sports_engine_large.png
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7a00:17:ff67:4580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 85cceb200bf6c5e72d94ee2a159f4f9f5e4fe187b64792198737abdf5ba5d67b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
last-modified: Thu, 23 May 2019 12:23:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "5941eb9d70d97d8a9e4da72d92d8bca0"
x-cache: Miss from cloudfront
x-amz-version-id: p6Vz2xl8cE.Nfdl6ZUdaOBndOFLDZsuP
accept-ranges: bytes
content-type: image/png
content-length: 114557
x-amz-cf-id: dUMrkjVRIyWMKNETvie2Jz1vXKr_2Hqcw1dpLytf9sTeFBtnx0mXzw==
expires: Thu, 23 May 2024 20:00:00 GMT

GET
H/1.1 200
OK white_logo.png
www.post2baseball.com/logo_images/ 2 KB
2 KB 315ms
106ms Image
image/png 54.208.212.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.post2baseball.com/logo_images/white_logo.png
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.212.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-212-1.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 30ecb55821b6901e1cd228a4b59a6f640c079e679848272af56c5021dc5aa216

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:55 GMT
Last-Modified: Wed, 30 Mar 2022 15:49:01 GMT
Server: nginx
X-SE-K: 0
ETag: "62447bed-90b"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 2315

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 82ms
32ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic,100,100italic,300,300italic,900,900italic|Titillium+Web:400,200,200italic,300,300italic,400italic,600,600italic,700,700italic,900

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/site_stylesheets_secure/1609/itasca/theme.css?1617976616

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6bf203511e34a886eb0c944b6179fd3feed9111344b68d2f9b548ce4793173bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 16:08:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 30 Mar 2022 16:08:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Mar 2022 16:08:54 GMT

GET
H/1.1 200
OK utd Show response
www.post2baseball.com/apigateway/v3/ 741 B
1 KB 323ms
115ms XHR
application/json 54.208.212.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.post2baseball.com/apigateway/v3/utd?platform=ngin&org_id=1598&platformSubSec=cms

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.208.212.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-208-212-1.compute-1.amazonaws.com

Software

nginx /

Resource Hash

639dd237e6350335b327090ce8d6646fae62ed3eb4e29c00d93500a8dd59e102

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

X-NewRelic-ID: XAECQldVDwAB
Referer: https://www.post2baseball.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:55 GMT
Via: 1.1 6306947fb6ab60dc617ca2e025941652.cloudfront.net (CloudFront)
x-amzn-Remapped-Content-Length: 741
Age: 489
X-SE-K: 0
x-amzn-RequestId: 1062b173-377b-452a-a4d7-4318e025efa5
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-amzn-Remapped-Server: nginx
Connection: close
Content-Encoding: gzip
x-amz-apigw-id: Pzi7OEWyoAMFbiQ=
X-Amz-Cf-Id: YhCbqrqCEvLC6r9TXJ-kfyuaGqtpuuCWZRxXBbSNTpYPuQlIV5C7dw==
X-Request-Id: f62a5b70-768c-4573-9236-53f163637566
X-Runtime: 0.018517
Server: nginx
X-Frame-Options: ALLOWALL
ETag: W/"639dd237e6350335b327090ce8d6646f"
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Cache-Control: max-age=0, private, must-revalidate
X-Amz-Cf-Pop: IAD50-C2
x-amzn-Remapped-Date: Wed, 30 Mar 2022 16:00:46 GMT
x-amzn-Remapped-Connection: keep-alive

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 194 KB
62 KB 86ms
38ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TMK6MGB

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8437dd6dc2ff6919bf58f379d673870785ad2cd67a23e0109859aeb7beed337f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63097
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Mar 2022 16:08:55 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 155 KB
52 KB 65ms
37ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGG8ZWR

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2456a021a8575b4a112f1956318b905b4f9363bc7fa6e56fa1b103ca34e1db62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53584
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Mar 2022 16:08:55 GMT

GET
H/1.1 200
OK website_print_v4.css
www.post2baseball.com/stylesheets/print/ 8 KB
3 KB 327ms
105ms Stylesheet
text/css 54.208.212.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.post2baseball.com/stylesheets/print/website_print_v4.css?1617976616
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.212.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-212-1.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d82b37a13080bf6d6ae35063aa789f6d9c9957224f12f767cd87121845a8a554

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Mar 2022 15:48:55 GMT
Server: nginx
X-SE-K: 0
ETag: W/"62447be7-1ec1"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: close
Expires: Sat, 27 Mar 2032 16:08:56 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 80ms
30ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/javascripts/base_packaged.js?1624378150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

6cd35f67ac10adcf7948c9957995b2c16718a38be6e9073e202cbd1ad042c6d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28200
x-xss-protection: 0
server: sffe
etag: "1172 / 693 of 1000 / last-modified: 1648638702"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 30 Mar 2022 16:08:55 GMT

GET
H2

404

player.cacb2d9a339b3500c03525980ca2a24c.js
cdn.inlinemanual.com/embed/
Redirect Chain

https://inlinemanual.com/embed/player.cacb2d9a339b3500c03525980ca2a24c.js
https://cdn.inlinemanual.com/embed/player.cacb2d9a339b3500c03525980ca2a24c.js

0
0

125ms
39ms

Script
text/html

2a02:6ea0:c700::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inlinemanual.com/embed/player.cacb2d9a339b3500c03525980ca2a24c.js
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Redirect headers

location: https://cdn.inlinemanual.com/embed/player.cacb2d9a339b3500c03525980ca2a24c.js
date: Wed, 30 Mar 2022 16:08:55 GMT
via: 1.1 google
server: nginx/1.14.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 185
content-type: text/html

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 56ms
18ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

139df69c40bf7ab2f2cc690390c9ac18755f7d37558cd972790df60be2d3655a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: RsRc1Jowi4gQd0ABhUguJQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: Xev25LTz64fIR1xUfE7mC+aVSXBUhubEFSQZK1wliD62K+vJp4vEO3Ex4yFp98dWlLhhQ86TOjvA8gSmqCcM+g==
x-fb-trip-id: 917726464
x-fb-content-md5: 8a58419d0d264b15336be60b182a0744
x-frame-options: DENY
date: Wed, 30 Mar 2022 16:08:55 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "36fdeb427527915fbbcb5f191eec611a"
timing-allow-origin: *
expires: Wed, 30 Mar 2022 16:11:51 GMT

GET
H2 200 DEpLQyHUwAABZ27.jpg
cdn3.sportngin.com/attachments/background_graphic/9183/4672/ 332 KB
333 KB 531ms
489ms Image
image/jpeg 2600:9000:224a:6c00:17:ff67:4580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.sportngin.com/attachments/background_graphic/9183/4672/DEpLQyHUwAABZ27.jpg
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:6c00:17:ff67:4580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd8302d6cb76d7e66e00b08e9b4213e0b937fd3c50a9002b4c298d980a12a87e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
last-modified: Thu, 19 Oct 2017 21:42:45 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "2312c3b7c5882a6939df184a2b19f33a"
x-cache: Miss from cloudfront
x-amz-version-id: 90_fcb5exWZ4rckniTrGhoYRQKapyc_.
accept-ranges: bytes
content-type: image/jpeg
content-length: 339987
x-amz-cf-id: XnjXyPyRtSTxYlYoSIu5uT9hgxS8Kz0gkEAsCUmVyN_YF3-DX9clBg==
expires: Wed, 19 Oct 2022 20:00:00 GMT

GET
H2 200 IMG_20170627_201701_small.png
cdn3.sportngin.com/attachments/logo_graphic/9175/9373/ 10 KB
10 KB 493ms
451ms Image
image/png 2600:9000:224a:6c00:17:ff67:4580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.sportngin.com/attachments/logo_graphic/9175/9373/IMG_20170627_201701_small.png
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:6c00:17:ff67:4580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7ff5dec5b89b77775951a47704a7bbed6ed5eef0b5e12981fec5f01842d0dd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
last-modified: Tue, 21 Nov 2017 11:52:14 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "41045e26ac2ee257a0065a8d4cc55d94"
x-cache: Miss from cloudfront
x-amz-version-id: kGsID.C8EdvMJ2mkYHxWNy83VgwBWSoe
accept-ranges: bytes
content-type: image/png
content-length: 9802
x-amz-cf-id: xzU4zaIOaGIiTxcQsoGVkCLds4_i0S3bba3O9j1-x-zN8Z8jmG8YYA==
expires: Mon, 21 Nov 2022 20:00:00 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 89ms
42ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic,100,100italic,300,300italic,900,900italic|Titillium+Web:400,200,200italic,300,300italic,400italic,600,600italic,700,700italic,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.post2baseball.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 592705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Mar 2023 19:30:30 GMT

GET
H2 200 NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
fonts.gstatic.com/s/titilliumweb/v14/ 12 KB
13 KB 67ms
21ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v14/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.post2baseball.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:42:44 GMT
x-content-type-options: nosniff
age: 591971
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12372
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:39 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Mar 2023 19:42:44 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.post2baseball.com/fonts/FontAwesome/ 55 KB
56 KB 316ms
107ms Font
application/octet-stream 54.208.212.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.post2baseball.com/fonts/FontAwesome/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/site_stylesheets_secure/1609/itasca/default.css?1617976616
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.212.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-212-1.compute-1.amazonaws.com
Software: nginx /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: https://www.post2baseball.com/site_stylesheets_secure/1609/itasca/default.css?1617976616
Origin: https://www.post2baseball.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:55 GMT
Last-Modified: Wed, 30 Mar 2022 15:48:55 GMT
Server: nginx
X-SE-K: 0
ETag: "62447be7-ddcc"
Content-Type: application/octet-stream
Connection: close
Accept-Ranges: bytes
Content-Length: 56780

GET
H/1.1 200
OK 386813569 Show response
www.post2baseball.com/page_element/ajax/ 3 KB
2 KB 377ms
168ms XHR
text/html 54.208.212.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.post2baseball.com/page_element/ajax/386813569?width_percentage=100&page_node_id=272274&subseason=

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.208.212.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-208-212-1.compute-1.amazonaws.com

Software

nginx + Phusion Passenger / Phusion Passenger

Resource Hash

e73edd987009c1dd2e056890c08b795abd3d8b52879296f67ee5e92bf6b9b37c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
X-NewRelic-ID: XAECQldVDwAB
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Referer: https://www.post2baseball.com/

Response headers

Date: Wed, 30 Mar 2022 16:08:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-SE-K: 0
X-Powered-By: Phusion Passenger
Transfer-Encoding: chunked
Status: 200 OK
X-SE-K-POD: 0
Connection: close
X-XSS-Protection: 1; mode=block
X-Request-Id: f85009b7-a4dd-4269-b6ae-d86ae5d19123
X-Runtime: 0.059871
Server: nginx + Phusion Passenger
ETag: W/"c156d39c06664e01a9435042f2320cba"
Vary: Accept-Encoding, Origin
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=0, private, must-revalidate
Content-Security-Policy-Report-Only: block-all-mixed-content; report-uri /csprep/log;

GET
H2 200 Picture2.png
cdn1.sportngin.com/attachments/banner_graphic/9182/1061/ 161 KB
162 KB 498ms
487ms Image
image/png 2600:9000:2057:7a00:17:ff67:4580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.sportngin.com/attachments/banner_graphic/9182/1061/Picture2.png
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7a00:17:ff67:4580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41fe42a0e40f8fd09d15b1f112973a8a19844de0237e12eacccb6f513bbfb82d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
last-modified: Thu, 19 Oct 2017 17:54:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "4100ebe5173318235007c6a3399f845d"
x-cache: Miss from cloudfront
x-amz-version-id: vOeXDcy0bKBosssyX2lhX.dN.wue0v_4
accept-ranges: bytes
content-type: image/png
content-length: 164768
x-amz-cf-id: tT9MwzW5sOO8t7oicPSd1BFHgYf2PqwJTQLC1p0WYWVy4Cz33AQ_dQ==
expires: Wed, 19 Oct 2022 20:00:00 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 42ms
25ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.post2baseball.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 01:31:09 GMT
x-content-type-options: nosniff
age: 484666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Mar 2023 01:31:09 GMT

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffGjEGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v14/ 12 KB
12 KB 38ms
37ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v14/NaPDcZTIAOhVxoMyOr9n_E7ffGjEGItzYw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d14d732f8caf915919ff661157edc3456a85f408b7a3c5ee1e21357e7df07e1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.post2baseball.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 01:55:44 GMT
x-content-type-options: nosniff
age: 483191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12384
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:00:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Mar 2023 01:55:44 GMT

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v14/ 12 KB
12 KB 33ms
32ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v14/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.post2baseball.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:49:27 GMT
x-content-type-options: nosniff
age: 591568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12136
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Mar 2023 19:49:27 GMT

GET
H2 200 config Show response
jssdkcdns.mparticle.com/JS/v2/us1-a493512c2a9ecb4b8ed2a4a2dd3702b6/ 20 KB
2 KB 82ms
18ms XHR
text/plain 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdkcdns.mparticle.com/JS/v2/us1-a493512c2a9ecb4b8ed2a4a2dd3702b6/config?env=0
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 3e8e5b1e31f76a49877c009bfa9cfb53b5ad926e5bff5449b8be13108c2c6e92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:55 GMT
content-encoding: gzip
age: 292
x-origin-name: fastlyshield--shield_ssl_cache_iad_kjyo7100178_IAD
x-cache: HIT, HIT
content-length: 1997
x-served-by: cache-iad-kjyo7100178-IAD, cache-hhn4039-HHN
access-control-allow-origin: *
server: Kestrel
x-timer: S1648656535.276616,VS0,VE0
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
accept-ranges: bytes
x-cache-hits: 1, 2

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/ 361 KB
143 KB 66ms
20ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptchaOnloadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0315120b66d5141c4d2e381fb5b33602ac16ae8a11d3f9b53073c04ed1e2082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.post2baseball.com/
Origin: https://www.post2baseball.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145570
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 04:03:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Mar 2023 16:07:47 GMT

GET
H/1.1 200
OK main-v2.css
s3.amazonaws.com/sportngin-snap-production/ui_themes/ngin-bar/latest/ 29 KB
6 KB 121ms
121ms Stylesheet
text/css 52.216.22.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/sportngin-snap-production/ui_themes/ngin-bar/latest/main-v2.css?20190108
Requested by: Host: ngin-bar.sportngin.com
URL: https://ngin-bar.sportngin.com/nginbar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.22.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8958e7b9939ad41a98b5f7f622007d9c4a0f83768b9b52500991d9bb3fd18017

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Mar 2022 18:26:34 GMT
Server: AmazonS3
x-amz-request-id: 1MD0SVKKJC1YHPXY
ETag: "b5b17de404b1aedc21ed58427a0ffa6c"
Content-Type: text/css
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 5909
x-amz-id-2: VMfgxdy3YqpZDI8OX48vHWgBsU6G8i0k0ayS230Ho0GQXDKFIZqfydep6zyQSgFeM8J1Jm7yvZQ=

GET
H/1.1 200
OK system-sprite.svg Show response
s3.amazonaws.com/sportngin-snap-production/ui_themes/assets/latest/images/ 305 KB
66 KB 453ms
128ms XHR
image/svg+xml 52.216.22.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/sportngin-snap-production/ui_themes/assets/latest/images/system-sprite.svg
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.22.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 29f96c5f13c30f1083555ae77b4bfc9f2242fe90f431a820aec33d928d51dab2

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.post2baseball.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Mar 2022 18:24:38 GMT
Server: AmazonS3
x-amz-request-id: 1MD58J0CS392X2C3
ETag: "4b6fbb3cf0b7799638641ca1d516f034"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 66660
x-amz-id-2: 1aMC/Zc4fu6AIqLFjJNYleXF/HGpcDC1lLxuBBN7Fbi9/qVZ+i2Ak1u8qBLLVHSxr6foUjsNeg8=

GET
H/1.1 200
OK powered-by-sportsengine.svg
www.post2baseball.com/logo_images/ 10 KB
10 KB 317ms
106ms Image
image/svg+xml 54.208.212.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.post2baseball.com/logo_images/powered-by-sportsengine.svg
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/site_stylesheets_secure/1609/itasca/theme.css?1617976616
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.212.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-212-1.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8009a25c3edf0ec92e8c55776208b427dd373fa274163b035418eaaa30cbb689

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/site_stylesheets_secure/1609/itasca/theme.css?1617976616
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:55 GMT
Last-Modified: Wed, 30 Mar 2022 15:48:55 GMT
Server: nginx
X-SE-K: 0
ETag: "62447be7-27b2"
Content-Type: image/svg+xml
Connection: close
Accept-Ranges: bytes
Content-Length: 10162

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v14/ 12 KB
12 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v14/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.post2baseball.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:47:24 GMT
x-content-type-options: nosniff
age: 591691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11796
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Mar 2023 19:47:24 GMT

GET
H/1.1 200
OK jwplayer.js Show response
www.post2baseball.com/javascripts/ 70 KB
24 KB 317ms
109ms XHR
application/javascript 54.208.212.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.post2baseball.com/javascripts/jwplayer.js?_=1648656536059
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.212.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-212-1.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2851984c6847228569755458bcd54c3c3ea545fc9bd8ff1f0307915a8a35af5a

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
X-NewRelic-ID: XAECQldVDwAB
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Referer: https://www.post2baseball.com/

Response headers

Date: Wed, 30 Mar 2022 16:08:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Mar 2022 15:49:01 GMT
Server: nginx
X-SE-K: 0
ETag: W/"62447bed-11964"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: close
Expires: Sat, 27 Mar 2032 16:08:55 GMT

GET
H/1.1 200
OK loader2.gif
www.post2baseball.com/app_images/ 7 KB
7 KB 311ms
105ms Image
image/gif 54.208.212.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.post2baseball.com/app_images/loader2.gif
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.212.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-212-1.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0627a2a2c6a03f476f123756e01358c2f9be05bc8f227ce1116d7aa07abedb62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:55 GMT
Last-Modified: Wed, 30 Mar 2022 15:48:55 GMT
Server: nginx
X-SE-K: 0
ETag: "62447be7-1aa4"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 6820
Expires: Fri, 29 Apr 2022 16:08:55 GMT

OPTIONS
H2 204 identify
identity.mparticle.com/v1/ Frame 0
0 106ms
54ms Preflight 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-mp-key
Access-Control-Request-Method: POST
Origin: https://www.post2baseball.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,x-mp-key
access-control-allow-methods: POST
access-control-allow-origin: *
age: 1091
date: Wed, 30 Mar 2022 16:08:55 GMT
server: Kestrel
strict-transport-security: max-age=900
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 436
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by: cache-hhn4073-HHN
x-timer: S1648656535.411702,VS0,VE0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 63ms
18ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/javascripts/semparticle.js?1624378150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 249
date: Wed, 30 Mar 2022 16:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 30 Mar 2022 18:04:46 GMT

POST
H2 200 identify Show response
identity.mparticle.com/v1/ 176 B
279 B 121ms
121ms XHR
application/json 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

a2aa7c15e8c98a522281d7ddc905262df85748b446cb0746e3599742e1cde81a

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

x-mp-key: us1-a493512c2a9ecb4b8ed2a4a2dd3702b6
Referer: https://www.post2baseball.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 30 Mar 2022 16:08:55 GMT
content-encoding: gzip
server: Kestrel
x-timer: S1648656535.439933,VS0,VE104
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by: cache-hhn4073-HHN
vary: Accept-Encoding
x-cache: MISS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=900
accept-ranges: bytes
via: 1.1 varnish
x-cache-hits: 0

GET
H/1.1 200
OK widget_iframe.a58e82e150afc25eb5372dd55a98b778.html Show response
platform.twitter.com/widgets/ Frame 3A69 319 KB
104 KB 19ms
18ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fwww.post2baseball.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674D) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 664745
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105433
Content-Type: text/html; charset=utf-8
Date: Wed, 30 Mar 2022 16:08:55 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 16 Feb 2022 18:36:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/674D)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 3A69 367 B
504 B 182ms
129ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=5bbfa1a14a5c6e4987e7287170d6801cd5e4127f

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fwww.post2baseball.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

20c1fd17d1447f6b4e763adbb5ddf11fb771a68587b40b2c449ee24423799f31

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-response-time: 112
date: Wed, 30 Mar 2022 16:08:54 GMT
content-encoding: gzip
last-modified: Wed, 30 Mar 2022 16:08:55 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: f759e7ad41c4a7c62ebd262ca8e07f6fdc0d7744c30d889ba346ab58328ff537
content-length: 223

GET
H3 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v22/ 24 KB
24 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.post2baseball.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 01:53:42 GMT
x-content-type-options: nosniff
age: 483313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24448
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:12:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Mar 2023 01:53:42 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 60ms
19ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TMK6MGB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:55 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 06 Apr 2022 16:08:55 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 41ms
20ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26320
x-xss-protection: 0
pragma: public
x-fb-debug: LN2ykIztvNIQyf1Pqq/RQZvE9oogIZbYNwuyJ5SSor8b7XC4SbnVAu0tMpSN47f6i9rfRBojYAj+8GILJihXNQ==
x-frame-options: DENY
date: Wed, 30 Mar 2022 16:08:55 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 didna_config.js Show response
storage.googleapis.com/didna_hb/sports_engine/sitebuilder/ 21 KB
21 KB 175ms
129ms Script
text/javascript 2a00:1450:4001:801::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/didna_hb/sports_engine/sitebuilder/didna_config.js
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3e4bd7a7b4cb3ffd4ea31bda0b08027c3fb62456d1a449cf8111fe0fbe0ecba6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:55 GMT
age: 0
x-guploader-uploadid: ADPycdtth15dxUmxpGpeeT9ObgB42EfSVz3RHjbvdD-Rg3IzkuY2moW8WQyhP1mIG2vaK6bEE-zRIEO_PrtZCsd66UvXomZyeQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21238
last-modified: Sat, 22 May 2021 17:26:13 GMT
server: UploadServer
etag: "a5bb63f2f55d526ce354bfb1ffe07946"
x-goog-hash: crc32c=5fphTQ==, md5=pbtj8vVdUmzjVL+x/+B5Rg==
x-goog-generation: 1621704373766510
cache-control: no-cache
x-goog-stored-content-length: 21238
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 30 Mar 2023 16:08:55 GMT

GET
H2

204

/
cookiesync.mparticle.com/v1/sync/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=mparticle_dmp&google_cm&MPID=-7106436119946427085&esid=38183&Key=us1-a493512c2a9ecb4b8ed2a4a2dd3702b6&env=2
https://cm.g.doubleclick.net/pixel?google_nid=mparticle_dmp&google_cm=&MPID=-7106436119946427085&esid=38183&Key=us1-a493512c2a9ecb4b8ed2a4a2dd3702b6&env=2&google_tc=
https://cookiesync.mparticle.com/v1/sync/?id=CAESECiHVHYZJYyJho9dKhSemOc&MPID=-7106436119946427085&esid=38183&Key=us1-a493512c2a9ecb4b8ed2a4a2dd3702b6&env=2&google_cver=1

0
207 B

203ms
115ms

Image
text/plain

2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cookiesync.mparticle.com/v1/sync/?id=CAESECiHVHYZJYyJho9dKhSemOc&MPID=-7106436119946427085&esid=38183&Key=us1-a493512c2a9ecb4b8ed2a4a2dd3702b6&env=2&google_cver=1
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
via: 1.1 varnish
fastly-original-body-size: 0
x-timer: S1648656536.061871,VS0,VE90
x-served-by: cache-hhn4057-HHN
x-origin-name: 6pOFtq5qpnIJ0Pt8WbH5c2--F_us1_origin
x-cache: MISS
accept-ranges: bytes
server: Kestrel
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Wed, 30 Mar 2022 16:08:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cookiesync.mparticle.com/v1/sync/?id=CAESECiHVHYZJYyJho9dKhSemOc&MPID=-7106436119946427085&esid=38183&Key=us1-a493512c2a9ecb4b8ed2a4a2dd3702b6&env=2&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 387
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 Forwarding Show response
jssdks.mparticle.com/v1/JS/us1-a493512c2a9ecb4b8ed2a4a2dd3702b6/ 0
197 B 70ms
19ms XHR
text/plain 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v1/JS/us1-a493512c2a9ecb4b8ed2a4a2dd3702b6/Forwarding
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.post2baseball.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 30 Mar 2022 16:08:55 GMT
via: 1.1 varnish
server: Kestrel
x-timer: S1648656536.673776,VS0,VE2
x-served-by: cache-hhn4083-HHN
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache: MISS
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3 200 pubads_impl_2022032106.js Show response
securepubads.g.doubleclick.net/gpt/ 364 KB
124 KB 47ms
20ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js?cb=31065885

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126678
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 20:13:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 30 Mar 2023 16:08:01 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 81 B
102 B 52ms
26ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.post2baseball.com

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

af55c4202cf919eafd0a4780d8f88decb0507e4fc24c1715af49896b4f47c2fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Mar 2022 16:08:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77
x-xss-protection: 0
expires: Wed, 30 Mar 2022 16:08:55 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 70ms
20ms Script
application/javascript 99.86.7.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-79.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 02:29:19 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 49233
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 95jSvV6_7_GDOyZagadPd_nQNMdoDk584wcDJb-3pR_lq4YzubmSSA==

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 288 KB
82 KB 40ms
19ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=61247646836ce03c1aaff3bdd51d6384

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6ed73631c4766f5bee9fa7befec84527436b0769ec675ac63907a136c37cc31f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.post2baseball.com/
Origin: https://www.post2baseball.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: W706njVFcorWTrgDW7fLKg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84127
x-fb-rlafr: 0
x-fb-debug: Kd7BXPlBVO2qg8XtBRGkD97gfrb9bQig9owBj6zNwfEqekuRgUW1eWZ2K9iDP/U25uNVKZDpbUWugMMfPgzJ7g==
x-fb-content-md5: 8c9d6dce62204839846443a013cea10a
x-frame-options: DENY
date: Wed, 30 Mar 2022 16:08:55 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "02930bc7811a4d8bf280b5cb345e1710"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 30 Mar 2023 15:42:08 GMT

GET
H/1.1 200
OK moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js Show response
platform.twitter.com/js/ 25 KB
8 KB 19ms
18ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6738) /
Resource Hash: 48c9a4d4aa290a866126159687441006eb39adf48ae31e1910aa0f21e0b21376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:55 GMT
Content-Encoding: gzip
Age: 664748
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 8012
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:36:23 GMT
Server: ECS (frb/6738)
Etag: "3123bdaf11a1d77bcf1836091c9b4631+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.34cf38a85ac899f1d6a0438a1659decc.js Show response
platform.twitter.com/js/ 20 KB
7 KB 18ms
18ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.34cf38a85ac899f1d6a0438a1659decc.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6731) /
Resource Hash: 8875e0e5a0f6bfaf4d66fde0622a609e9fe7b599adaef3ad01d6d613574c69b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:55 GMT
Content-Encoding: gzip
Age: 664746
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 6444
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:36:23 GMT
Server: ECS (frb/6731)
Etag: "0a27acfd1028aaadad57ff8929bf7266+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 78ms
31ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.post2baseball.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js?cb=31065885

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Mar 2022 16:08:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 72ms
26ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.post2baseball.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js?cb=31065885

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Mar 2022 16:08:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 57 KB
14 KB 577ms
577ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1149010867101363&correlator=683182664199963&eid=31065842%2C31065885%2C31063247&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fif&iu_parts=5727661%2CDesktop%2Cfundraising%2Chomepage&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90&ifi=1&adks=2380289105&sfv=1-0-38&ecs=20220330&fsapi=false&prev_scp=pos%3D1%26tile%3D1&cust_params=zone%3Dhomepage%26siteid%3D1609%26pagenodetags%3D272274%26sport%3Dbaseball-softball%26controller%3Dpage%26pntn%3Dhome&sc=1&cookie_enabled=1&abxe=1&dt=1648656536576&lmt=1648656536&dlt=1648656534562&idt=1981&biw=1600&bih=1200&adxs=315&adys=492&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.post2baseball.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=970x0&msz=970x0&fws=4&ohw=970&ga_vid=865354860.1648656537&ga_sid=1648656537&ga_hid=2142360097&ga_fc=false&btvi=0&nvt=1

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

7e1eedbb160bcfa5e821494f80f4b32d6ae3885c78ac64b623009a7a9c73974f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14081
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.post2baseball.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 282ms
282ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1149010867101363&correlator=683182664199963&eid=31065842%2C31065885%2C31063247&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fif&iu_parts=5727661%2CDesktop%2Cfundraising%2Chomepage&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=728x90%7C468x60&ifi=2&adks=4142821338&sfv=1-0-38&ecs=20220330&fsapi=false&prev_scp=pos%3D2%26tile%3D4&cust_params=zone%3Dhomepage%26siteid%3D1609%26pagenodetags%3D272274%26sport%3Dbaseball-softball%26controller%3Dpage%26pntn%3Dhome&sc=1&cookie_enabled=1&abxe=1&dt=1648656536583&lmt=1648656536&dlt=1648656534562&idt=1981&biw=1600&bih=1200&adxs=315&adys=3842&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.post2baseball.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=970x10&msz=970x0&fws=4&ohw=970&ga_vid=865354860.1648656537&ga_sid=1648656537&ga_hid=2142360097&ga_fc=false&btvi=1&nvt=1

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

167db66a2e1448614d572b5bb0b94ab9493e2e6c9dcdb97d7bb711e07ad01e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8784
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.post2baseball.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DE6A 6 KB
4 KB 98ms
27ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js?cb=31065885

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Mar 2022 16:08:55 GMT
expires: Thu, 30 Mar 2023 16:08:55 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 51ms
25ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2142360097&t=pageview&_s=1&dl=https%3A%2F%2Fwww.post2baseball.com%2F&dp=https%3A%2F%2Fwww.post2baseball.com%2F&ul=en-us&de=UTF-8&dt=Welcome&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=1258774640&gjid=1617861046&cid=865354860.1648656537&tid=UA-821370-88&_gid=2018027046.1648656537&_r=1&_slc=1&cd6=Sitebuilder&cd5=Sitebuilder&cd7=Sitebuilder&cd8=Sitebuilder&cd21=0&cd9=Sitebuilder&cd23=&cd24=Fargo%20Post%202%20American%20Legion%20Baseball&cd25=1598&cd91=1598&cd26=ND&cd12=0&cd1=production&cd2=baseball&cd34=&cd3=&cd14=16DFE4AA-29C3-4F16-A57F-2EA46BAEF12B&cd13=https%3A%2F%2Fwww.post2baseball.com%2F&cd90=&z=650793310

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.post2baseball.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 16:08:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.post2baseball.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 899838500042702 Show response
connect.facebook.net/signals/config/ 308 KB
88 KB 143ms
142ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/899838500042702?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a270890a571f3a15ecd35351623b36410477e53c37889da44f495a1bb57335e7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Hh8Nad42kkvnThTWwcAkEwjaWLzQyJGLHCshV4iT5WhVKNc6oUcOgg1Inw+sXhIlNJo+ljPZ2tl5Vz9eEbTqfg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 30 Mar 2022 16:08:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 rules-p-56Ph9bjA0FOcE.js Show response
rules.quantcount.com/ 3 KB
2 KB 65ms
20ms Script
application/javascript 2600:9000:206f:4600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-56Ph9bjA0FOcE.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9e19925e5abd40097ceacd7154d945d9c48d496427771658e93d76a221cbc069

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 15:59:39 GMT
content-encoding: gzip
age: 709
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Fri, 06 Apr 2018 15:32:33 GMT
server: AmazonS3
etag: W/"e5729eaa9e1ced528521a8b31cf5af49"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: UKX9CHW8oE9gi65T6TyEsm4zGLoJ-tLmA-B52-GbBJnt63vvjfiL6Q==

GET
H3 200 didna_util_v3120.min.js.gz Show response
storage.googleapis.com/didna-files/utility/ 131 KB
35 KB 46ms
20ms Script
text/javascript 2a00:1450:4001:801::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/didna-files/utility/didna_util_v3120.min.js.gz
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/sports_engine/sitebuilder/didna_config.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 007f73ba9534e82182d6318dd0164ad724f1fbd034d75f478c5a782fb52086e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 15:33:26 GMT
content-encoding: gzip
age: 2129
x-guploader-uploadid: ADPycdtSKDif390u4p8KAZVs5o0a-CL1pupHBvZN9hatnX5tk9PJZRcgoXBSEPgI64Anwg94HkPvustIa-FknIlKgQ2GtgVcVQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35723
x-goog-meta-
last-modified: Thu, 24 Sep 2020 13:05:27 GMT
server: UploadServer
etag: "d5a9cf6ab52999a22607ca4a4d61bd45"
vary: Accept-Encoding
x-goog-hash: crc32c=EVMiag==, md5=1anParUpmaImB8pKTWG9RQ==
x-goog-generation: 1600952727748375
cache-control: max-age=86400
x-goog-stored-content-length: 35723
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 31 Mar 2022 15:33:26 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 27ms
26ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2142360097&t=event&_s=1&dl=https%3A%2F%2Fwww.post2baseball.com%2F&ul=en-us&de=UTF-8&dt=Fargo%20Post%202%20American%20Legion%20Baseball&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Sitebuilder&ea=AdSlot&el=AdSlot.Loaded&ev=2&_u=aAnAAEABAAAAAC~&jid=1773829285&gjid=339041007&cid=865354860.1648656537&tid=UA-821370-1&_gid=2018027046.1648656537&_r=1&_slc=1&z=157938023

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.post2baseball.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 16:08:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.post2baseball.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 83ms
25ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-821370-88&cid=865354860.1648656537&jid=1258774640&gjid=1617861046&_gid=2018027046.1648656537&_u=YAjAAEAAAAAAAC~&z=1693475486

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.post2baseball.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 30 Mar 2022 16:08:56 GMT
content-type: text/plain
access-control-allow-origin: https://www.post2baseball.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sportsengine-logo-color-white.svg
s3.amazonaws.com/sportngin-snap-production/ui_themes/assets/latest/images/ 6 KB
2 KB 125ms
123ms Image
image/svg+xml 52.216.22.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sportngin-snap-production/ui_themes/assets/latest/images/sportsengine-logo-color-white.svg
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/sportngin-snap-production/ui_themes/ngin-bar/latest/main-v2.css?20190108
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.22.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a70dc055a304df8fe52a0adb6828e147dabd89e3177cfa428a25f738394cdb7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/sportngin-snap-production/ui_themes/ngin-bar/latest/main-v2.css?20190108
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Mar 2022 18:24:55 GMT
Server: AmazonS3
x-amz-request-id: Q1K9387EP6CF4KZ4
ETag: "acc551dd4b73c82dafdd850570462cec"
Content-Type: image/svg+xml
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 1909
x-amz-id-2: 27bZFVg4PHizIfCLww4KYx8CnYFF6IkefmLug4Xy1KrCVzVV5WEP/iLSTdSNeoC7U+lxzVeqgbI=

GET
H/1.1 200
OK OpenSans-Regular.woff
s3.amazonaws.com/sportngin-snap-production/ui_themes/assets/latest/fonts/ 62 KB
63 KB 123ms
121ms Font
font/woff 52.216.22.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/sportngin-snap-production/ui_themes/assets/latest/fonts/OpenSans-Regular.woff
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/sportngin-snap-production/ui_themes/ngin/latest/ngin-bar.css?20190108
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.22.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b

Request headers

Referer: https://s3.amazonaws.com/sportngin-snap-production/ui_themes/ngin/latest/ngin-bar.css?20190108
Origin: https://www.post2baseball.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:57 GMT
Last-Modified: Mon, 28 Mar 2022 18:24:31 GMT
Server: AmazonS3
x-amz-request-id: Q1KDYY7D1R8KX0BH
ETag: "ac327c4db6284ef64ebe872b6308f5da"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 63712
x-amz-id-2: cTiu5bj3LSpbJbMSGFZYMcebbBi6DxtLcm5JpAoRwlkJ+o3OgT0AozQUyIGpjy7Jdy3bkDQOpCk=

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=6035083&c3=120100&ns__t=1648656536746&ns_c=UTF-8&cv=3.5&c8=Fargo%20Post%202%20American%20Legion%20Baseball&c7=https%3A%2F%2Fwww.post2baseball.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=6035083&c3=120100&ns__t=1648656536746&ns_c=UTF-8&cv=3.5&c8=Fargo%20Post%202%20American%20Legion%20Baseball&c7=https%3A%2F%2Fwww.post2baseball.com%2F&c9=

0
224 B

248ms
242ms

Image
text/plain

99.86.7.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=6035083&c3=120100&ns__t=1648656536746&ns_c=UTF-8&cv=3.5&c8=Fargo%20Post%202%20American%20Legion%20Baseball&c7=https%3A%2F%2Fwww.post2baseball.com%2F&c9=
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Server: 99.86.7.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-79.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: Qo4FOpnzXjf3TPgRsFyxuoqORfOAzsNzXiAMpcBBVpmvMs1vKDNmdw==
x-cache: Miss from cloudfront

Redirect headers

date: Wed, 30 Mar 2022 16:08:56 GMT
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=6035083&c3=120100&ns__t=1648656536746&ns_c=UTF-8&cv=3.5&c8=Fargo%20Post%202%20American%20Legion%20Baseball&c7=https%3A%2F%2Fwww.post2baseball.com%2F&c9=
content-length: 218
x-amz-cf-id: nqXdwlM6K5XpTsipCzna-Kt6IgPkqy9TkG6zI1w1450QAGSqtxCPjg==

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 118 KB
8 KB 365ms
292ms Script
application/javascript 151.101.12.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_fargo_post2_old&dnt=false&domain=www.post2baseball.com&lang=en&screen_name=fargo_post2&suppress_response_codes=true&t=1831840&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3cb237ac219115e53105b8614aa7f5da228939110d09f82f2fb8770d64da3d5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
fastly-original-body-size: 8036
age: 0
x-cache: MISS
content-disposition: attachment; filename=jsonp.jsonp
content-length: 8036
x-xss-protection: 0
x-served-by: cache-fra19125-FRA
x-response-time: 254
access-control-allow-origin: https://platform.twitter.com
last-modified: Wed, 30 Mar 2022 16:08:56 GMT
x-timer: S1648656536.095342,VS0,VE256
x-frame-options: SAMEORIGIN
date: Wed, 30 Mar 2022 16:08:56 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
via: 1.1 varnish
cache-control: must-revalidate, max-age=300
x-connection-hash: 964013711ece2a365ade66c1e687f8f9d5c239652b91e001af7a8d734f58b0c4
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Mar 2022 16:13:56 GMT

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 116 KB
8 KB 424ms
352ms Script
application/javascript 151.101.12.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i1_profile_Post2Dugout_old&dnt=false&domain=www.post2baseball.com&lang=en&screen_name=Post2Dugout&suppress_response_codes=true&t=1831840&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9c1231ab76187538185d18dd783f95273bc98ad2628d1fa7ea33f37cdef8ffd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
content-disposition: attachment; filename=jsonp.jsonp
content-length: 7934
x-xss-protection: 0
x-served-by: cache-fra19125-FRA
x-response-time: 311
access-control-allow-origin: https://platform.twitter.com
last-modified: Wed, 30 Mar 2022 16:08:56 GMT
x-timer: S1648656536.095566,VS0,VE313
x-frame-options: SAMEORIGIN
date: Wed, 30 Mar 2022 16:08:56 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
via: 1.1 varnish
cache-control: must-revalidate, max-age=300
x-connection-hash: 52decf6b1832cea3bab425e206671db46aae334cbd28fb8ea36a7bbc70f110ee
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Mar 2022 16:13:56 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 33ms
33ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-821370-1&cid=865354860.1648656537&jid=1773829285&gjid=339041007&_gid=2018027046.1648656537&_u=aAnAAEABAAAAAC~&z=1320901990

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.post2baseball.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 30 Mar 2022 16:08:56 GMT
content-type: text/plain
access-control-allow-origin: https://www.post2baseball.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 356ms
55ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-821370-88&cid=865354860.1648656537&jid=1258774640&_u=YAjAAEAAAAAAAC~&z=1660728012

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 359ms
57ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-821370-88&cid=865354860.1648656537&jid=1258774640&_u=YAjAAEAAAAAAAC~&z=1660728012

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 363ms
61ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-821370-1&cid=865354860.1648656537&jid=1773829285&_u=aAnAAEABAAAAAC~&z=887119580

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 354ms
57ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-821370-1&cid=865354860.1648656537&jid=1773829285&_u=aAnAAEABAAAAAC~&z=887119580

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 didna_prebid.js.gz Show response
storage.googleapis.com/didna_hb/prebid/ 331 KB
104 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:801::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/didna_hb/prebid/didna_prebid.js.gz
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-files/utility/didna_util_v3120.min.js.gz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: cb23a578a888ff383ba230006154f852c45e550e880e333730ef7e6bfd6c9899

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 15:10:28 GMT
content-encoding: gzip
age: 3508
x-guploader-uploadid: ADPycdtXP5C5krI7MrdkaTcBRfcU-oPx-yaIOcWdmr2wsZKEoga3qpzixS6Nz4nNH_pSvUYZDPEMv6IIZl8SktopIlY
x-goog-storage-class: MULTI_REGIONAL
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105982
x-goog-meta-
last-modified: Fri, 05 Mar 2021 20:42:13 GMT
server: UploadServer
etag: "3f6a29c05a83f4cb3d56df7cf3e850cb"
vary: Accept-Encoding
x-goog-hash: crc32c=ocyuGA==, md5=P2opwFqD9Ms9Vt988+hQyw==
x-goog-generation: 1614976933656790
cache-control: max-age=172800
x-goog-stored-content-length: 105982
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 01 Apr 2022 15:10:28 GMT

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/MbZTQS496EB4Sd27ILU4rbHXnJ8/gpt_and_prebid/ 256 KB
45 KB 62ms
20ms Script
text/javascript 151.101.1.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/MbZTQS496EB4Sd27ILU4rbHXnJ8/gpt_and_prebid/config.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-files/utility/didna_util_v3120.min.js.gz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de54b755d56707390c3dac89eb83a5db23b4be2bf97aed43e2a112ded92b9e84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:56 GMT
Content-Encoding: gzip
Fastly-Original-Body-Size: 45373
Age: 2285
X-Cache: HIT
Connection: keep-alive
Content-Length: 45373
x-amz-id-2: jhdj/FTymCHShJy+Fv3OgVUIIshulcBUD9J+drHvVkMANVadPGUVvs1w9SMHq73oLk5nayqDW6w=
X-Served-By: cache-hhn4037-HHN
Last-Modified: Wed, 30 Mar 2022 15:13:21 GMT
Server: AmazonS3
X-Timer: S1648656536.131852,VS0,VE0
ETag: "8b9b3b6c4b2ac5d4fdc6f69b837fa76c"
x-amz-request-id: JT4KEGQ5BGGFSG2B
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 68

GET
H2 200 didna_trackers.html Show response
storage.didna.io/ Frame 39D4 3 KB
3 KB 79ms
19ms Document
text/html 35.227.239.69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.didna.io/didna_trackers.html
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-files/utility/didna_util_v3120.min.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.239.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 69.239.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e042f7b9638fdd28d660eb5a9552b5192f96a1131c0e28c3f63666c9b9deebfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 2864
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-length: 2867
content-type: text/html
date: Wed, 30 Mar 2022 15:21:12 GMT
etag: "13d9c4d6c276bc3cb0b5afd7ff642b8d"
expires: Wed, 30 Mar 2022 16:21:12 GMT
last-modified: Sun, 14 Jun 2020 19:10:59 GMT
server: UploadServer
x-goog-generation: 1592161859249348
x-goog-hash: crc32c=+vRTlQ== md5=E9nE1sJ2vDywta/X/2QrjQ==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2867
x-guploader-uploadid: ADPycdvYJotSI19pQTwnBMiR0AYLNngNP6Fdmr4HeBwA7XRYZbTPbr39rLDYvCEWh64ej5RadCyHTCBS-YXG90zkres

GET
H2 200 pixel;r=29689090;labels=title.Home;source=gtm;rf=0;a=p-56Ph9bjA0FOcE;url=https%3A%2F%2Fwww.post2baseball.com%2F;uht=2;fpan=1;fpa=P0-1599867034-1648656536842;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-2022031...
pixel.quantserve.com/ 35 B
372 B 24ms
23ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=29689090;labels=title.Home;source=gtm;rf=0;a=p-56Ph9bjA0FOcE;url=https%3A%2F%2Fwww.post2baseball.com%2F;uht=2;fpan=1;fpa=P0-1599867034-1648656536842;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=post2baseball.com;je=0;sr=1600x1200x24;dst=0;et=1648656536841;tzo=0;ogl=title.Home%2Ctype.website%2Cdescription.%2Curl.http%3A%2F%2Fwww%252Epost2baseball%252Ecom%2Fpage%2Fshow%2F272274-welcome%2Csite_name.%20Fargo%20Post%202%20American%20Legion%20Baseball%2Cimage.https%3A%2F%2Fcdn2%252Esportngin%252Ecom%2Fattachments%2Flogo_graphic%2F9175%2F9373%2FIMG_20170627_20170

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 16:08:56 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 container.html Show response
008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E3AA 6 KB
3 KB 49ms
19ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js?cb=31065885

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Mar 2022 16:08:55 GMT
expires: Thu, 30 Mar 2023 16:08:55 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 57ms
20ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=899838500042702&ev=PageView&dl=https%3A%2F%2Fwww.post2baseball.com%2F&rl=&if=false&ts=1648656536937&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1648656536935.370297458&it=1648656536654&coo=false&exp=p1&rqm=GET

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 30 Mar 2022 16:08:56 GMT

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/ 192 KB
62 KB 16ms
16ms Script
application/javascript 151.101.1.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/MbZTQS496EB4Sd27ILU4rbHXnJ8/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 217b9e539bd55ad03f86545c4afc436c1d61f04aa131a4679181a3d30bde9480

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:56 GMT
Content-Encoding: gzip
Fastly-Original-Body-Size: 62535
Age: 37
X-Cache: HIT
Connection: keep-alive
Content-Length: 62535
x-amz-id-2: Yk686UX3tf+sfw6s00j+izfI0JrqyGDELTeuED0o6vdJRolZ5EiShW+T+zVfuBcB3LCtNA9qHNs=
X-Served-By: cache-hhn4037-HHN
Last-Modified: Tue, 29 Mar 2022 15:47:05 GMT
Server: AmazonS3
X-Timer: S1648656536.244437,VS0,VE0
ETag: "52d00808545427ec106d5efaf477f68a"
x-amz-request-id: 9PNTNSCKC5Z77DFH
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 165

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 109ms
38ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.post2baseball.com%2F&domain=www.post2baseball.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.post2baseball.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.post2baseball.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 30 Mar 2022 16:08:55 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1560
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.post2baseball.com%2F&domain=www.post2baseball.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=Gw5hZnw3NWhVTGxTNzZwRkRCUGFFTnB1RCtTMU00bnZnTUVZRUY3Q2tZNVJRdjNGT0dsVWVsU09QeURUZGdYMm5xZkkrakJGamRBTVBGWTdSYVdCWDFtM1VLRm5VZENCdks1bnpRRmRLT2lMM3ltTW8rLzdBSlR0RWNtb1...

339 B
609 B

76ms
26ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Gw5hZnw3NWhVTGxTNzZwRkRCUGFFTnB1RCtTMU00bnZnTUVZRUY3Q2tZNVJRdjNGT0dsVWVsU09QeURUZGdYMm5xZkkrakJGamRBTVBGWTdSYVdCWDFtM1VLRm5VZENCdks1bnpRRmRLT2lMM3ltTW8rLzdBSlR0RWNtb1lmVHh5K3MyQ0YwT0NYS3hvU2pCNGpCRTlCeHNsT3IzVW5EdzQ3STg3SHZKajVBeG1xNmlIME51T01FRzNsQnZrVloxVkhFNDFqTkZOR0RYUGNpSWxMTHNkc0xIQ3FHKzNWUWpFdUI1aFQvTEgrQ3lUTkNiNmE3SjBtRE5xWFVRRzdZOW1vemlwfA&cppv=2

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f2b40f432dbaf1c1dfecdca678eec2b4dae4c4e0fe24bc49b031cdd758993513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 16:08:56 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2854
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 30 Mar 2022 16:08:55 GMT
location: https://mug.criteo.com/sid?cpp=Gw5hZnw3NWhVTGxTNzZwRkRCUGFFTnB1RCtTMU00bnZnTUVZRUY3Q2tZNVJRdjNGT0dsVWVsU09QeURUZGdYMm5xZkkrakJGamRBTVBGWTdSYVdCWDFtM1VLRm5VZENCdks1bnpRRmRLT2lMM3ltTW8rLzdBSlR0RWNtb1lmVHh5K3MyQ0YwT0NYS3hvU2pCNGpCRTlCeHNsT3IzVW5EdzQ3STg3SHZKajVBeG1xNmlIME51T01FRzNsQnZrVloxVkhFNDFqTkZOR0RYUGNpSWxMTHNkc0xIQ3FHKzNWUWpFdUI1aFQvTEgrQ3lUTkNiNmE3SjBtRE5xWFVRRzdZOW1vemlwfA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.post2baseball.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1706
content-length: 509
expires: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 315 B
1 KB 104ms
22ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21618&site_id=293386&zone_id=1474214&size_id=2&alt_size_ids=1%2C43%2C44%2C55%2C117&eid_pubcid.org=99583d4d-594b-454a-a01b-4252035c0969%5E1&rf=https%3A%2F%2Fwww.post2baseball.com%2F&tk_flint=pbjs_lite_v4.25.0&x_source.tid=6ff8b038-e08d-4609-96b5-f774e7308d61&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.08531266027001894
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e6db06e627db90c1eb45204ef89fcabfc4e948e34e35bffac08ded8156e790ca

Request headers

Referer: https://www.post2baseball.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 30 Mar 2022 16:08:56 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.post2baseball.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 315
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 315 B
1 KB 104ms
22ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21618&site_id=293386&zone_id=1474214&size_id=2&alt_size_ids=1%2C43%2C44%2C55%2C117&eid_pubcid.org=99583d4d-594b-454a-a01b-4252035c0969%5E1&rf=https%3A%2F%2Fwww.post2baseball.com%2F&tk_flint=pbjs_lite_v4.25.0&x_source.tid=6ff8b038-e08d-4609-96b5-f774e7308d61&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.15250431124738295
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b3956c2b8197db082bee6326f58fbc11f76f37174d5809f3ceee9553f0b1e8fb

Request headers

Referer: https://www.post2baseball.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 30 Mar 2022 16:08:56 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.post2baseball.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 315
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 311 B
1 KB 104ms
23ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21618&site_id=293388&zone_id=1474220&size_id=2&alt_size_ids=1%2C43%2C44%2C55%2C117&eid_pubcid.org=99583d4d-594b-454a-a01b-4252035c0969%5E1&rf=https%3A%2F%2Fwww.post2baseball.com%2F&tk_flint=pbjs_lite_v4.25.0&x_source.tid=6ff8b038-e08d-4609-96b5-f774e7308d61&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.6452918760119912
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1ce0407eeefe4c4f0cf3d2c5ef545b30d7a4f96fa7d236aac18bb7e9396d4e80

Request headers

Referer: https://www.post2baseball.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 30 Mar 2022 16:08:56 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.post2baseball.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 311
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 311 B
1 KB 136ms
55ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21618&site_id=293388&zone_id=1474220&size_id=2&alt_size_ids=1%2C43%2C44%2C55%2C117&eid_pubcid.org=99583d4d-594b-454a-a01b-4252035c0969%5E1&rf=https%3A%2F%2Fwww.post2baseball.com%2F&tk_flint=pbjs_lite_v4.25.0&x_source.tid=6ff8b038-e08d-4609-96b5-f774e7308d61&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.4611647074161609
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8bbc5a8459aa37192f36e7b6284a54c3e8f1fe50cfd3c19f3df2217b94790800

Request headers

Referer: https://www.post2baseball.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 30 Mar 2022 16:08:56 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.post2baseball.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 311
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 311 B
1 KB 102ms
22ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21618&site_id=293388&zone_id=1474220&size_id=2&alt_size_ids=1%2C43%2C44%2C55%2C117&eid_pubcid.org=99583d4d-594b-454a-a01b-4252035c0969%5E1&rf=https%3A%2F%2Fwww.post2baseball.com%2F&tk_flint=pbjs_lite_v4.25.0&x_source.tid=6ff8b038-e08d-4609-96b5-f774e7308d61&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.3415475507808472
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b2443f0371e8cc678a764f68ddc98eae9bb3eec119d48165db018a2adce355dd

Request headers

Referer: https://www.post2baseball.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 30 Mar 2022 16:08:56 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.post2baseball.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 311
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 315 B
1 KB 136ms
56ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21618&site_id=293386&zone_id=1474214&size_id=2&alt_size_ids=1%2C43%2C44%2C55%2C117&eid_pubcid.org=99583d4d-594b-454a-a01b-4252035c0969%5E1&rf=https%3A%2F%2Fwww.post2baseball.com%2F&tk_flint=pbjs_lite_v4.25.0&x_source.tid=6ff8b038-e08d-4609-96b5-f774e7308d61&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.09836926698312842
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: adb51473179a53e7025a56e2866e0693be03744cfdfb627cd9f8741037d74a3b

Request headers

Referer: https://www.post2baseball.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 30 Mar 2022 16:08:56 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.post2baseball.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 315
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
118 B 115ms
23ms XHR
text/plain 3.64.152.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.152.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-152-215.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.post2baseball.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.post2baseball.com
date: Wed, 30 Mar 2022 16:08:56 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
117 B 424ms
334ms XHR
text/plain 3.64.152.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.152.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-152-215.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.post2baseball.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.post2baseball.com
date: Wed, 30 Mar 2022 16:08:56 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
117 B 176ms
86ms XHR
text/plain 3.64.152.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.152.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-152-215.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.post2baseball.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.post2baseball.com
date: Wed, 30 Mar 2022 16:08:56 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
158 B 481ms
119ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=cQGneY9Z4r6BaCaKlId8sQ
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 329f0b02e875794b373e79a17cdf8bb64041317a7b09103d49fe4075fd5af978

Request headers

Referer: https://www.post2baseball.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.post2baseball.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
158 B 474ms
113ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dfIcbi9Z4r6ykxaKkGJozW
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 2c799de32442e1c0b0d9784144a0920280ffabde5cea2a633ab9808794195e2f

Request headers

Referer: https://www.post2baseball.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.post2baseball.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 65 B
324 B 472ms
111ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dr8UfG9Z4r6ykxaKkGJozW
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 19e8ed7b3010edddfb885551f4f248a5d0f5afb6b45481b8a7d1adfe4627bfe7

Request headers

Referer: https://www.post2baseball.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.post2baseball.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET ADTECH;v=2;cmd=bid;cors=yes;alias=2327c46ed30ab51;misc=1648656537036;
adserver-us.adtech.advertising.com/pubapi/3.0/11833.1/5213944/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=2480098b7dc6814;misc=1648656537036;
adserver-us.adtech.advertising.com/pubapi/3.0/11833.1/5213946/0/0/ 0
0

POST
H/1.1 200
OK prebid Show response
lockerdome.com/ladbid/ 11 B
341 B 682ms
168ms XHR
application/json 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/ladbid/prebid
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.post2baseball.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.post2baseball.com
Date: Wed, 30 Mar 2022 16:08:56 GMT
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 31
Content-Type: application/json; charset=utf-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
836 B 76ms
24ms XHR
application/json 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

f79fa70ddb6e51192937bed0c8f91a337d956cf2c4ab3c64bfa7ef152824772e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.post2baseball.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 30 Mar 2022 16:08:56 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d81c1446-2930-4c7a-addf-7901d3e7bc97
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.post2baseball.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame 39D4 24 KB
10 KB 22ms
21ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storage.didna.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 06 Apr 2022 16:08:56 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 39D4 1 KB
1 KB 20ms
20ms Script
application/javascript 99.86.7.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-79.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storage.didna.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 02:29:19 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 49234
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: lYmWhErt1Iew9mo_kwlwqKbiJZJX3EtIKAuG6O7NOmzQ8DRz1AeyWg==

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3B7D 624 B
838 B 85ms
38ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjhk7vGATAB&v=APEucNUzU4b3VYFM4v8tF57CATxlajCHJSwxNhuWLExkBasrODvj4iF5oYffSOQtu5-CXIkk7RHTHFZ6ppA_oTdXVa4AtZk5bwGQ3xVQJwrKhwrDlLqsMBGSpVjKJPk3FFTeTCUM8qRt7RSwlxYYweknP8idvF8mnSf8xztUABus94Zo3RQ0uHU

Requested by

Host: 008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com
URL: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Mar 2022 16:08:56 GMT
expires: Wed, 30 Mar 2022 16:08:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E3AA 14 KB
11 KB 105ms
61ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DxTlQVMi1mYfAgZT64svDuOqKYjF3KM6rjk9AdHsm3eYUgQAbkZ0S3JN5HPs3p9HUfU514Tj7qr83VTJwyxxBuCzbmCKeRWZlACEZMwJQldRBL7kfVcWBQ6NjO77fhcFctxGjFgn1bdws6azCko_viUvHeWQ&cry=1&dbm_d=AKAmf-D3qZXpw4-CZJaIRwHe91T8TKMPXoCg6EUvOEfxFd_FAkKElJpJEkADrQMbwQAc6eQShVvHtk4f6UnnlsLPu96rZdZx-t9tHZ8mAZuUnIgjgEr3hXnUVTb0s_zB9-VGkCSUx7RZbjavuMqBxcy8gheslSjd8rJNu1yg1LEPhR24NF0jiYKgyvzoKzk5R9mh-huOPgOo_PBUAI27J7spIPcqq5KY_lpvCCiB-XlWwpyBwSZqS31pvj9Z_vS_8jOfUNXWgUAUe_KssX1u7xrBSz-rNbZIj9DSe_HJ5zC7xx2o1Gkxv1fM2D6uGvXKPRecUvwP4IIIYMJUIJLJnZvzKw8RHEStVOOvIJD2pVmK3YTvRnxOBbdREaMOn4W_j156eS0JUTBlbGFkw8zHC8-kL4BdsJd9PJSdUnIMiLRo6uiOy7NANxQlXi_88265RYtBYnLX7adkyHHfTz8x2rlONN0j7JSLLMLZLKkaTgav8XI2uYfKswDa_C-uAlMhiAJxKAtyCalBf8M-a3wrjTX7Lp9r1J-QeiyQMSZCPRsrjg4RUdwehtNFs5WY73HZ2ufSpSOMRm3y17F4SNrfnbYo1CksrZ1AbDCVPEVWV76i7wkGiCOo_8Oh37pQO99eMxKqTSlBn_7YToc-As1ZMxXNnH_VLOxdDWFqFDmiPNIUGiGXjADu78GkLKo3rYxqHYmw0YZl1fj-P9WDH3cXb73mlvV1TfOc1mYR1kg8q9xCYr8xM9PxH7kB1IPn4hX6bfqofnQUe3RAIDbRKPrguYYScJ5P9XwE1tCSbJ87Y4Rk3suDSFv-Yxzp9oxPjfl3mStMt7yX3nNI6FY0QQn_HvRlmAIiASTiDWE5H5LuFr2hJlyKlSuOI4IDWzPfxE9-YlvE3lLKBFkAi7Nh9h4G5xePVaq6z3H1TEsr3c1i6i5MPmYoD4UqUCp06zaKfJrGk-0pa0ZAPgQPivq0vfEOeAx0R_Tvz_HfuzcskW_LPlj988a3QNUF35p_ZP9G553NB-pmy75j6uDq1FROhtpjNkimtQI2_Ut-uoKNjmXLPFCObo_UVJDwJfLk-lbYfgA8sD1M0GbF9ztuXmnIV-Q8cPg9kme9De6ASX_z0e8EH-uZEFYt6wNJWrocEdsUMzUxHXYnElffz01kCwTJ5BQhVMdxXL1-MAcOcfLSQoDYe2_4rJTcdFKTyG11smg3ab2xF54phkbb8XHTQw7afT0bPYEJXPdz8u4rPvLjPCmMs3wxkT5RDUTSW7S1DneeeLdR0e5vsE9XK4tmUhgkYXsH6147oMr_lVZRcrAA4bIjnQ8DdZMLdfZgd-fBSusHBOY9gI5WwOO-vsCdGJzehiAVHGtfh2DXjwfPiKzL4wvRVOgHGtUeZOOGXuVL_9hGP3edc7wy6AiuvmD5WY6OqVQjXELu9IclleE1pzLcAgfUux-fc_F6NfuOsBpHLBNa619xmCdNCf5N5IVFvRA3dh8eq_vp3yaTp_IljLod0F_5q90tEVmJ-b9AI7I7lns3q5VpcCvrcZJKcTe7QXp_Z9hoecXeV_9V3wwSeFIvaMhz7d-Qimlg5cRSVFIiNRoko8_HgzJdjdMM2j3vZtB-OB7VXpyUd9_ojJA4s4CEygHWZz3xEPw-Zv4T4UKj0ZVoebyGT7ppzyD6tKTjaWv6xuJRskbNuLkDYDUbV7r4ep333YBa8NAT2BjB8HCC8sINCyMKgtEESscOu2hIfvhKWdphrs_7_6j3M_oOYTrNdlL8w_priU0xyjI4no5PeqIr6Nhc2pEh86GDb9mrnWMV-LNZmHWoxKsy77Mzr3yM4bwkqPqxb3cTijbHmDKarb2Xj5DhXxzFhIDH9Vl6c1j066xunXjdYh1zR-AGZW3iP2jvgltvrcaXdIDGtmFXwirj3Gx_ThL56PN0qsegjCLkIzXG1ARC3srLG5vrRN_AJuU6slUVWtVSKXFIDPoicyRGZF9Yb_P4ga8YVeCIi6IA8NKuVWxpc2Qkmqo_yXPDTrxbLXVdU1L0D2l8-tB5hvTmniRbBIfJyXUa6IJnsKCe-o8tbV2jSmaKIABnhnIInM0Ezqm651oFavrPm4rEyGE_WZCjaJ0xDHol6qGT_IGbJewaqbl82fNyTXmteSazMmut0UP8Zw0aLWjZdcbiuLtWxNhyaKsWZKDsE_hQ-1_zO9rxMnZ5RtAue8zaEJH13l4UUFrMQjknUzaH6SmPjpauVj3iC0Xbn0u8lXNrTEvzV8qWmtyaqguEYqfVT14-gVSLkh099W1WdOTJu8tKFxkCYBuTQ3cgnBKvNjw3hzGow9XgGFbsR9edh9oAUVXJewWYMF4MRQQlvYf4F0LBZRkX38LPO05cknKdR5OUebEVe7JLc6r8p7qk0MbUa31FgHXf2GgqjK_oQKaMvvIX9kBTC5K8WBoufAjjYT45zE4ccsd_SvT3tU6QvFd3Hgd2X4sgQVbR7eiuQm15tcGAZl2ijSCU2wSbumsIK3eKNmhu1qiprQp9hMo5XhR8NWCrx91yRpdWHrsKo8D1t4xCIz4UrkpgQp2hp4vSri0RI8C7DtuC9Kp4ca6cRelbi1cq8iwmGOfKxJ3OzsNlu5Vcd0acfGAgJZPJ4vn3asOhAhBhvWv9nPOXsretG2W-scQO_CP0xJcHUbp5Ohv2hsnoJg1MMb3zb6dJpl29ZHneRVXeSwqyzWwyST-g5pj7lmwN9H1Ry4QR_lEKcwTHgNJtYQ2z_xs6m9Xtlph4oyu2l_WzsR0IErPlgD4Xq9wlqxmQRzoKZOOZJEPf7uujb3qcunnFBZSoLvb-1X18vhW-aiUQGv03STuUQG-oyZIaczWlc6i2ZP9UIWTkCjnebmEXpquPgAi_bKBp2L6mYkaKKOxzKV9hRqjJvlPNB-IdJmY3YqiDYa1lrguFFJSqQz9v95Kcoe1b3CvHxCj3zZndRxwQvEW5ffIVnyjqa2fH04D9zK-jvgwEed71kp1hrpFokWP_AGAAjbEAXKFzQqf6x7yWBkOixBLB3Ix_k8TJFq_Fz8rYPDglVGTXdxMfSnuyXOcAVG_TsfThJTP6u_Ms5JgjqmwNa1JjRNDgeNEIPHeG8ziornJ6W_5L-GW2HgJ9W2i_NLGbkdbPNp77d6Zse2CNllKlKy802ZdsWsY7DfaQro6-SWfgVegRWCrxuU9rFkYzf-5DAWuh8jtrB4BpJSLy84GBethMWWBm-ygC6-DChECst3CgChGR9Q5xjI0&cid=CAASJ-RoU_O00b-lbsAVitk1100dUskNLUd2AVdEbtUfNSDhh-ssE1LbtQ&rfl=1%2Chttps%253A%252F%252Fwww.post2baseball.com%252F%240

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

898370d09678ecce86ce8bf495e2a1d178e203e2934d49ddd1fba541c66d5f08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 16:08:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10717
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E3AA 42 B
494 B 144ms
53ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CWOe2tpjuitl85fhpr59fcXlrxYxYER2P_1IL-bRew8Z0QhZwB-b7qVuRBlzegjUtuJ_leRt1uIlpwg_aiwtkQZ9lm-o4mTRL2Y3XpaPw3Y7wTymU

Requested by

Host: 008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com
URL: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/ Frame E3AA 2 KB
1 KB 86ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/window_focus_fy2019.js

Requested by

Host: 008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com
URL: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:05:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Apr 2022 16:05:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E3AA 119 KB
37 KB 99ms
40ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com
URL: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96a8e0be24180feea7bb576beda59048a96bdbf1528f0fe3c487ee6888e07782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648494235360460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 30 Mar 2022 16:08:56 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/ Frame E3AA 15 KB
7 KB 81ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com
URL: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:02:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Apr 2022 16:02:55 GMT

GET
H2 204 b
sb.scorecardresearch.com/ Frame 39D4 0
334 B 32ms
30ms Image
text/plain 99.86.7.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=27875916&ns__t=1648656537107&ns_c=UTF-8&ns_if=1&cv=3.5&c8=diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield&c7=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html&c9=https%3A%2F%2Fwww.post2baseball.com%2F
Requested by: Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-79.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storage.didna.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: w4dj7wNcYFL3Wz9r650A6zvJVHlcrmaRQ58y_8zEw-mO52PzxS93-Q==
x-cache: Miss from cloudfront

GET
H2 200 rules-p-WnvyhEGJaE9Xh.js Show response
rules.quantcount.com/ Frame 39D4 2 B
354 B 21ms
20ms Script
application/javascript 2600:9000:206f:4600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-WnvyhEGJaE9Xh.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storage.didna.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:00:43 GMT
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
server: AmazonS3
age: 493
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-C1
content-length: 2
x-amz-cf-id: YwRFnTPMDFh53DlwxbghbvtWwuIdkXcVjeXfvyMJkRm0NIvxkGf08w==

GET
H2 200 1f52e.png
abs.twimg.com/emoji/v2/72x72/ Frame 7F69 961 B
1 KB 92ms
20ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f52e.png

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8EA5) /

Resource Hash

c95da39b306aa00d303f4420dc51c8f96de5789042dcd83203c5709557e8f0eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 25685170
x-ton-expected-size: 961
x-cache: HIT
content-length: 961
x-response-time: 9
surrogate-key: twitter-assets
last-modified: Wed, 11 Apr 2018 17:50:07 GMT
server: ECAcc (frc/8EA5)
etag: "tlwcqI1NOAxZ9WOe7we6/Q=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 626527868c475ede914192ef9cd8c6e5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 30 Mar 2023 16:08:56 GMT

GET
H2 200 1f4a5.png
abs.twimg.com/emoji/v2/72x72/ Frame 7F69 1 KB
1 KB 92ms
21ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4a5.png

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F13) /

Resource Hash

c64d226a7d1d5a7e4b5d9f4d485ee8261082044eb39b778b9d1e56b40c561632

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 22905402
x-ton-expected-size: 1030
x-cache: HIT
content-length: 1030
x-response-time: 10
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:23 GMT
server: ECAcc (frc/8F13)
etag: "r6zpcwheOICHkl/kLPlPzw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: f29eb5f85d9e1774567b9e04cea38bc3
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 30 Mar 2023 16:08:56 GMT

GET
H2 200 1f440.png
abs.twimg.com/emoji/v2/72x72/ Frame 7F69 1 KB
1 KB 95ms
25ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f440.png

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FDE) /

Resource Hash

487739c941203283fc25b1bac02b4b8f3d59672e3dec2154f575060206bbb86a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 25685634
x-ton-expected-size: 1024
x-cache: HIT
content-length: 1024
x-response-time: 10
surrogate-key: twitter-assets
last-modified: Wed, 11 Apr 2018 17:49:51 GMT
server: ECAcc (frc/8FDE)
etag: "Edk5xK45DjvtJuiq8MRwOQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 3614495fde870b07c1e68d0c9e5725bb
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 30 Mar 2023 16:08:56 GMT

GET
H2 200 26be.png
abs.twimg.com/emoji/v2/72x72/ Frame 7F69 1 KB
1 KB 95ms
25ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/26be.png

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F1C) /

Resource Hash

495f7b5da556b76a1d0dbf2c391a5e0b550b389b634ad97f7083601ce7f643d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 25332106
x-ton-expected-size: 1228
x-cache: HIT
content-length: 1228
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:32:05 GMT
server: ECAcc (frc/8F1C)
etag: "YeisGZgMJYUY6fI3HTpvvA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 38ab4babc089f4ad888331a5705743758fbaed316bcc2286c30b606977200c99
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 30 Mar 2023 16:08:56 GMT

GET
H2 200 1f44d.png
abs.twimg.com/emoji/v2/72x72/ Frame 7F69 778 B
941 B 96ms
26ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f44d.png

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E99) /

Resource Hash

42b43325b3edacba2a0e72b742bdc6fc5e4bc2ad38adca271fcc6d8353639887

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 20672202
x-ton-expected-size: 778
x-cache: HIT
content-length: 778
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:35 GMT
server: ECAcc (frc/8E99)
etag: "SjJ1D+Bk3fgU21Re7RHVfA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: b5bafb7579e21935da50d5ac85ee9e40903cda79cfd96fa9e7e6d37464d7c7f6
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 30 Mar 2023 16:08:56 GMT

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame 7F69 53 KB
12 KB 27ms
22ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:56 GMT
Content-Encoding: gzip
Age: 664749
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:36:21 GMT
Server: ECS (frb/6796)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 46ms
20ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:56 GMT
Content-Encoding: gzip
Age: 664749
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:36:21 GMT
Server: ECS (frb/6796)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3B7D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOFMLMe6nWf-FN24CVJ1_oc&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOFMLMe6nWf-FN24CVJ1_oc&google_cver=1&C=1

43 B
894 B

54ms
52ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOFMLMe6nWf-FN24CVJ1_oc&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjhk7vGATAB&v=APEucNUzU4b3VYFM4v8tF57CATxlajCHJSwxNhuWLExkBasrODvj4iF5oYffSOQtu5-CXIkk7RHTHFZ6ppA_oTdXVa4AtZk5bwGQ3xVQJwrKhwrDlLqsMBGSpVjKJPk3FFTeTCUM8qRt7RSwlxYYweknP8idvF8mnSf8xztUABus94Zo3RQ0uHU
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Mar 2022 16:08:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 30 Mar 2022 16:08:56 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 30 Mar 2022 16:08:56 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOFMLMe6nWf-FN24CVJ1_oc&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Wed, 30 Mar 2022 16:08:56 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3B7D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkSAmFZae6ih1.dSoPmPogAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOFMLMe6nWf-FN24CVJ1_oc&google_cver=1&google_hm=2

43 B
894 B

37ms
35ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOFMLMe6nWf-FN24CVJ1_oc&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjhk7vGATAB&v=APEucNUzU4b3VYFM4v8tF57CATxlajCHJSwxNhuWLExkBasrODvj4iF5oYffSOQtu5-CXIkk7RHTHFZ6ppA_oTdXVa4AtZk5bwGQ3xVQJwrKhwrDlLqsMBGSpVjKJPk3FFTeTCUM8qRt7RSwlxYYweknP8idvF8mnSf8xztUABus94Zo3RQ0uHU
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Mar 2022 16:08:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 30 Mar 2022 16:08:56 GMT

Redirect headers

pragma: no-cache
date: Wed, 30 Mar 2022 16:08:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOFMLMe6nWf-FN24CVJ1_oc&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3B7D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECXjfkSWbocSd-Ptd15oS9E&google_cver=1

43 B
1015 B

39ms
35ms

Image
image/gif

185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECXjfkSWbocSd-Ptd15oS9E&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjhk7vGATAB&v=APEucNUzU4b3VYFM4v8tF57CATxlajCHJSwxNhuWLExkBasrODvj4iF5oYffSOQtu5-CXIkk7RHTHFZ6ppA_oTdXVa4AtZk5bwGQ3xVQJwrKhwrDlLqsMBGSpVjKJPk3FFTeTCUM8qRt7RSwlxYYweknP8idvF8mnSf8xztUABus94Zo3RQ0uHU

Protocol

HTTP/1.1

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Mar 2022 16:08:56 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c08fd137-7874-4cc7-91d2-950f3b9d9064
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 30 Mar 2022 16:08:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECXjfkSWbocSd-Ptd15oS9E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B7D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQyNzMxNjU2MDE3MzE4MjIz

170 B
188 B

31ms
29ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQyNzMxNjU2MDE3MzE4MjIz

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 16:08:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 30 Mar 2022 16:08:56 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2481b257-1aa4-4f36-b613-d039ae78a6d1
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQyNzMxNjU2MDE3MzE4MjIz
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel;r=530832748;rf=0;a=p-WnvyhEGJaE9Xh;url=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html;ref=https%3A%2F%2Fwww.post2baseball.com%2F;uht=2;fpan=1;fpa=P0-1419850004-1648656537159;pbc=;ns=1;c...
pixel.quantserve.com/ Frame 39D4 35 B
210 B 22ms
22ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=530832748;rf=0;a=p-WnvyhEGJaE9Xh;url=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html;ref=https%3A%2F%2Fwww.post2baseball.com%2F;uht=2;fpan=1;fpa=P0-1419850004-1648656537159;pbc=;ns=1;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;d=storage.didna.io;je=0;sr=1600x1200x24;dst=0;et=1648656537159;tzo=0;ogl=locale.en_US%2Ctype.website%2Ctitle.diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield%2Cdescription.diDNA%20programmatic%20yield%20management%2Curl.https%3A%2F%2Fwww%252Edidna%252Eio%2F%2Csite_name.diDNA

Requested by

Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storage.didna.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 16:08:56 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E3AA 41 KB
15 KB 53ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DxTlQVMi1mYfAgZT64svDuOqKYjF3KM6rjk9AdHsm3eYUgQAbkZ0S3JN5HPs3p9HUfU514Tj7qr83VTJwyxxBuCzbmCKeRWZlACEZMwJQldRBL7kfVcWBQ6NjO77fhcFctxGjFgn1bdws6azCko_viUvHeWQ&cry=1&dbm_d=AKAmf-D3qZXpw4-CZJaIRwHe91T8TKMPXoCg6EUvOEfxFd_FAkKElJpJEkADrQMbwQAc6eQShVvHtk4f6UnnlsLPu96rZdZx-t9tHZ8mAZuUnIgjgEr3hXnUVTb0s_zB9-VGkCSUx7RZbjavuMqBxcy8gheslSjd8rJNu1yg1LEPhR24NF0jiYKgyvzoKzk5R9mh-huOPgOo_PBUAI27J7spIPcqq5KY_lpvCCiB-XlWwpyBwSZqS31pvj9Z_vS_8jOfUNXWgUAUe_KssX1u7xrBSz-rNbZIj9DSe_HJ5zC7xx2o1Gkxv1fM2D6uGvXKPRecUvwP4IIIYMJUIJLJnZvzKw8RHEStVOOvIJD2pVmK3YTvRnxOBbdREaMOn4W_j156eS0JUTBlbGFkw8zHC8-kL4BdsJd9PJSdUnIMiLRo6uiOy7NANxQlXi_88265RYtBYnLX7adkyHHfTz8x2rlONN0j7JSLLMLZLKkaTgav8XI2uYfKswDa_C-uAlMhiAJxKAtyCalBf8M-a3wrjTX7Lp9r1J-QeiyQMSZCPRsrjg4RUdwehtNFs5WY73HZ2ufSpSOMRm3y17F4SNrfnbYo1CksrZ1AbDCVPEVWV76i7wkGiCOo_8Oh37pQO99eMxKqTSlBn_7YToc-As1ZMxXNnH_VLOxdDWFqFDmiPNIUGiGXjADu78GkLKo3rYxqHYmw0YZl1fj-P9WDH3cXb73mlvV1TfOc1mYR1kg8q9xCYr8xM9PxH7kB1IPn4hX6bfqofnQUe3RAIDbRKPrguYYScJ5P9XwE1tCSbJ87Y4Rk3suDSFv-Yxzp9oxPjfl3mStMt7yX3nNI6FY0QQn_HvRlmAIiASTiDWE5H5LuFr2hJlyKlSuOI4IDWzPfxE9-YlvE3lLKBFkAi7Nh9h4G5xePVaq6z3H1TEsr3c1i6i5MPmYoD4UqUCp06zaKfJrGk-0pa0ZAPgQPivq0vfEOeAx0R_Tvz_HfuzcskW_LPlj988a3QNUF35p_ZP9G553NB-pmy75j6uDq1FROhtpjNkimtQI2_Ut-uoKNjmXLPFCObo_UVJDwJfLk-lbYfgA8sD1M0GbF9ztuXmnIV-Q8cPg9kme9De6ASX_z0e8EH-uZEFYt6wNJWrocEdsUMzUxHXYnElffz01kCwTJ5BQhVMdxXL1-MAcOcfLSQoDYe2_4rJTcdFKTyG11smg3ab2xF54phkbb8XHTQw7afT0bPYEJXPdz8u4rPvLjPCmMs3wxkT5RDUTSW7S1DneeeLdR0e5vsE9XK4tmUhgkYXsH6147oMr_lVZRcrAA4bIjnQ8DdZMLdfZgd-fBSusHBOY9gI5WwOO-vsCdGJzehiAVHGtfh2DXjwfPiKzL4wvRVOgHGtUeZOOGXuVL_9hGP3edc7wy6AiuvmD5WY6OqVQjXELu9IclleE1pzLcAgfUux-fc_F6NfuOsBpHLBNa619xmCdNCf5N5IVFvRA3dh8eq_vp3yaTp_IljLod0F_5q90tEVmJ-b9AI7I7lns3q5VpcCvrcZJKcTe7QXp_Z9hoecXeV_9V3wwSeFIvaMhz7d-Qimlg5cRSVFIiNRoko8_HgzJdjdMM2j3vZtB-OB7VXpyUd9_ojJA4s4CEygHWZz3xEPw-Zv4T4UKj0ZVoebyGT7ppzyD6tKTjaWv6xuJRskbNuLkDYDUbV7r4ep333YBa8NAT2BjB8HCC8sINCyMKgtEESscOu2hIfvhKWdphrs_7_6j3M_oOYTrNdlL8w_priU0xyjI4no5PeqIr6Nhc2pEh86GDb9mrnWMV-LNZmHWoxKsy77Mzr3yM4bwkqPqxb3cTijbHmDKarb2Xj5DhXxzFhIDH9Vl6c1j066xunXjdYh1zR-AGZW3iP2jvgltvrcaXdIDGtmFXwirj3Gx_ThL56PN0qsegjCLkIzXG1ARC3srLG5vrRN_AJuU6slUVWtVSKXFIDPoicyRGZF9Yb_P4ga8YVeCIi6IA8NKuVWxpc2Qkmqo_yXPDTrxbLXVdU1L0D2l8-tB5hvTmniRbBIfJyXUa6IJnsKCe-o8tbV2jSmaKIABnhnIInM0Ezqm651oFavrPm4rEyGE_WZCjaJ0xDHol6qGT_IGbJewaqbl82fNyTXmteSazMmut0UP8Zw0aLWjZdcbiuLtWxNhyaKsWZKDsE_hQ-1_zO9rxMnZ5RtAue8zaEJH13l4UUFrMQjknUzaH6SmPjpauVj3iC0Xbn0u8lXNrTEvzV8qWmtyaqguEYqfVT14-gVSLkh099W1WdOTJu8tKFxkCYBuTQ3cgnBKvNjw3hzGow9XgGFbsR9edh9oAUVXJewWYMF4MRQQlvYf4F0LBZRkX38LPO05cknKdR5OUebEVe7JLc6r8p7qk0MbUa31FgHXf2GgqjK_oQKaMvvIX9kBTC5K8WBoufAjjYT45zE4ccsd_SvT3tU6QvFd3Hgd2X4sgQVbR7eiuQm15tcGAZl2ijSCU2wSbumsIK3eKNmhu1qiprQp9hMo5XhR8NWCrx91yRpdWHrsKo8D1t4xCIz4UrkpgQp2hp4vSri0RI8C7DtuC9Kp4ca6cRelbi1cq8iwmGOfKxJ3OzsNlu5Vcd0acfGAgJZPJ4vn3asOhAhBhvWv9nPOXsretG2W-scQO_CP0xJcHUbp5Ohv2hsnoJg1MMb3zb6dJpl29ZHneRVXeSwqyzWwyST-g5pj7lmwN9H1Ry4QR_lEKcwTHgNJtYQ2z_xs6m9Xtlph4oyu2l_WzsR0IErPlgD4Xq9wlqxmQRzoKZOOZJEPf7uujb3qcunnFBZSoLvb-1X18vhW-aiUQGv03STuUQG-oyZIaczWlc6i2ZP9UIWTkCjnebmEXpquPgAi_bKBp2L6mYkaKKOxzKV9hRqjJvlPNB-IdJmY3YqiDYa1lrguFFJSqQz9v95Kcoe1b3CvHxCj3zZndRxwQvEW5ffIVnyjqa2fH04D9zK-jvgwEed71kp1hrpFokWP_AGAAjbEAXKFzQqf6x7yWBkOixBLB3Ix_k8TJFq_Fz8rYPDglVGTXdxMfSnuyXOcAVG_TsfThJTP6u_Ms5JgjqmwNa1JjRNDgeNEIPHeG8ziornJ6W_5L-GW2HgJ9W2i_NLGbkdbPNp77d6Zse2CNllKlKy802ZdsWsY7DfaQro6-SWfgVegRWCrxuU9rFkYzf-5DAWuh8jtrB4BpJSLy84GBethMWWBm-ygC6-DChECst3CgChGR9Q5xjI0&cid=CAASJ-RoU_O00b-lbsAVitk1100dUskNLUd2AVdEbtUfNSDhh-ssE1LbtQ&rfl=1%2Chttps%253A%252F%252Fwww.post2baseball.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 13:41:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8873
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Mar 2023 13:41:03 GMT

GET
H2 200 C0AiVPLc_normal.jpg
pbs.twimg.com/profile_images/1161122714289102849/ Frame 7F69 2 KB
2 KB 101ms
22ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1161122714289102849/C0AiVPLc_normal.jpg

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BD) /

Resource Hash

e8658c71acd58975d2a5151eece7caf2e90c1aa46070bbeeac4f3978a64ab2bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 243042
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=6
content-length: 2111
x-response-time: 119
surrogate-key: profile_images profile_images/bucket/3 profile_images/1161122714289102849
last-modified: Tue, 13 Aug 2019 03:48:02 GMT
server: ECS (frb/67BD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 17ebccc38051ff711b09564731bb83886f23aa8fd21dd4380d55e2d6373a6ac9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 5nAV8Ppp_normal.jpg
pbs.twimg.com/profile_images/1473483244750483457/ Frame 7F69 2 KB
2 KB 94ms
18ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1473483244750483457/5nAV8Ppp_normal.jpg

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/669F) /

Resource Hash

904e20d70e994abdb9e1a7517c4f9588ea2efbe83e6de4f5275d08c58524f153

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 512052
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 1883
x-response-time: 109
surrogate-key: profile_images profile_images/bucket/1 profile_images/1473483244750483457
last-modified: Wed, 22 Dec 2021 02:37:16 GMT
server: ECS (frb/669F)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: bdacca46e45a8f6591b8577294cadef08a56ab6bd1354e6a7d7e5cccdfcf03b9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 F5C_fYGf_normal.jpg
pbs.twimg.com/profile_images/1270196762465243136/ Frame 7F69 2 KB
2 KB 226ms
159ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1270196762465243136/F5C_fYGf_normal.jpg

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67AA) /

Resource Hash

78f90bb517e9515876f4dbb0e72053787bb5ab6a69836f108f3a08393665d38b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=143
content-length: 2187
x-response-time: 126
surrogate-key: profile_images profile_images/bucket/1 profile_images/1270196762465243136
last-modified: Tue, 09 Jun 2020 03:29:21 GMT
server: ECS (frb/67AA)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 068e3b0d7d5e09e46cd785248c897c234fcb6b4ab3aeccae80f48f7bf0ca87cc
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 nYsmmbPC_normal.jpg
pbs.twimg.com/profile_images/1311319745916960768/ Frame 7F69 2 KB
2 KB 83ms
18ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1311319745916960768/nYsmmbPC_normal.jpg

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6762) /

Resource Hash

652be7f9bcf98904a5e9edfa8b9f24b0a39f448696da90b42f6ff3b86fbdb053

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 160705
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 2187
x-response-time: 116
surrogate-key: profile_images profile_images/bucket/1 profile_images/1311319745916960768
last-modified: Wed, 30 Sep 2020 14:57:25 GMT
server: ECS (frb/6762)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b23a2cb9f9c8de6637ef03da44c98d9a70548884a1e7166ad289f5b94cba7789
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 7WBaPGIr_normal.jpg
pbs.twimg.com/profile_images/1495919703281356805/ Frame 7F69 2 KB
2 KB 84ms
19ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1495919703281356805/7WBaPGIr_normal.jpg

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F3) /

Resource Hash

de1181f41768ba586b56062bdbb4d88400edddf9c48cd78015069b76bc3758c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 242157
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 2263
x-response-time: 122
surrogate-key: profile_images profile_images/bucket/8 profile_images/1495919703281356805
last-modified: Tue, 22 Feb 2022 00:31:44 GMT
server: ECS (frb/67F3)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c6017854a93f74848302173340ba99a6b952d244aac4d836e261c42531cdeb6b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FOQ63naWYAEj76-
pbs.twimg.com/media/ Frame 7F69 79 KB
79 KB 283ms
260ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FOQ63naWYAEj76-?format=jpg&name=small

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6752) /

Resource Hash

6f7fd54429dba3d070fea672e03e2542eddc3d7586e903ca8f30358066b4043f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=241
content-length: 81025
x-response-time: 217
surrogate-key: media media/bucket/5 media/1505392902595305473
last-modified: Sun, 20 Mar 2022 03:54:51 GMT
server: ECS (frb/6752)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 93f9e60d8b8a5d3e2e3abe2db5a5cf820395f15ed23ff01e2d6e5502acc073df
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FNoAmVQWQAIGOIb
pbs.twimg.com/media/ Frame 7F69 15 KB
15 KB 320ms
319ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FNoAmVQWQAIGOIb?format=jpg&name=360x360

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6738) /

Resource Hash

1051fa055bd18a2a72d6662b306b32e85dff67683249a87a1252722f6faf49fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=302
content-length: 15506
x-response-time: 285
surrogate-key: media media/bucket/0 media/1502514084222222338
last-modified: Sat, 12 Mar 2022 05:15:27 GMT
server: ECS (frb/6738)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: bb019eab7fa53198d3c32af16b8472395ff267e5ce2b533dacb24c80a82bd5c2
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 AyWxD1JdYJ4wCYMz
pbs.twimg.com/ext_tw_video_thumb/1500495312405901313/pu/img/ Frame 7F69 22 KB
22 KB 395ms
395ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1500495312405901313/pu/img/AyWxD1JdYJ4wCYMz?format=jpg&name=360x360

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6776) /

Resource Hash

1bbd5928728b36785ccc90646419c0d60749f2492964c4ab1fd1a7bdc7bcb88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=378
content-length: 22785
x-response-time: 345
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/6 ext_tw_video_thumb/1500495312405901313
last-modified: Sun, 06 Mar 2022 15:33:34 GMT
server: ECS (frb/6776)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 762456e2b82ec16ba6ff381fe4e3816a4108949824763996f2ad89ee37e5e0b9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FM9lWXEXMAExsW9
pbs.twimg.com/media/ Frame 7F69 17 KB
17 KB 336ms
335ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FM9lWXEXMAExsW9?format=jpg&name=360x360

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F2) /

Resource Hash

7f0c9296239c800aa70a34bf34e25f9661dc723609175fcc38ed8ba507513a8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=308
content-length: 17676
x-response-time: 291
surrogate-key: media media/bucket/7 media/1499528635761504257
last-modified: Thu, 03 Mar 2022 23:32:21 GMT
server: ECS (frb/67F2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b900139388ddc5a3faf32900459b8e5bfd871282b8554b1d1009483e9dcedaf4
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame 8FEA 222 KB
61 KB 80ms
28ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 169110
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Mar 2023 17:10:26 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 8FEA 16 KB
7 KB 72ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 169110
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Mar 2023 17:10:26 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 8FEA 96 KB
29 KB 113ms
66ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 169110
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Mar 2023 17:10:26 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 8FEA 5 KB
2 KB 118ms
71ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 483814
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Fri, 25 Mar 2022 01:45:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 25 Mar 2023 01:45:22 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 8FEA 42 KB
13 KB 71ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 261881
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Sun, 27 Mar 2022 15:24:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 27 Mar 2023 15:24:15 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8FEA 5 KB
665 B 59ms
30ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600&lang=en

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

675dcd6b9174a58e7a075bdb8b16b49ab0268c38443341ede6f343f4ce92e481

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 15:47:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 30 Mar 2022 16:08:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Mar 2022 16:08:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8FEA 5 KB
665 B 58ms
29ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600&text=

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

675dcd6b9174a58e7a075bdb8b16b49ab0268c38443341ede6f343f4ce92e481

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 15:32:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 30 Mar 2022 16:08:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Mar 2022 16:08:56 GMT

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ 68 B
345 B 122ms
22ms Image
image/png 3.123.114.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_TWJaVFFTNDk2RUI0U2QyN0lMVTRyYkhYbko4LzIzNjA1NTgxNDA6NzI4eDkw&v=5&s=v31fvdpclk3&sb=-1&h=www.post2baseball.com&cb=7381932&d=eyJ3aCI6IlRXSmFWRkZUTkRrMlJVSTBVMlF5TjBsTVZUUnlZa2hZYmtvNEx6SXpOakExTlRneE5EQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjA1NTgxNDAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.114.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-114-98.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Mar 2022 16:08:56 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 2808499959370780586
s0.2mdn.net/simgad/ Frame 8FEA 350 KB
351 KB 69ms
21ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2808499959370780586

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e501b764154bb03349212dc9e9a116f851bf88206baefbe4790945975907c878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:45:41 GMT
x-content-type-options: nosniff
age: 4995
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 358693
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 11:56:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Mar 2023 14:45:41 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame 8FEA 42 B
63 B 71ms
42ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CPtQ4-zHQv0LJGRQFMh2st2hhh4WmdHD1mwMnNoZEyU0-mF35k3pv0dbHVE-xVPUwtdXNms0ReABdz3qARL06Bf4FKbXqM5CuwIVZ9FaLGAf1_-_MOiA-RPcTN-7wbXFLZZncyqOGgQ8FF0mvcLL93JqTT1A&dbm_d=AKAmf-BgQpO-GN28XfpR1idXgjCBaCB-lVsDlTkRUpxEBSxNLQmgNzzb2P-M383tQeR3htBU3N2RilWuzRV_aPYtQ-77vMqX4z7fLHwJY3L_Nqt12sccY6UK-ZSthl0fCA1LyJ2maMiWQIKAagcDP-6mK-ZBBV_phA9umpxJ09hVm2El8eRE4i6XZGoK5BIfBvUXuRDUV2x26Mkm4Xo1wAIWpxDwzbDkscsU9DuBowMFxYOU8MLvAVZLOpUWu7hzHDgkxTDT1p87YgWTGUTEr9dyAN4YkKWgBX4qdSeRJb3YgGD6cIhtLn2oWVIRAQqu0kJXVJouYm3z7DaT2TBSjzSTz3lMPWgU-oARLv0p34b8l0KnP828ueCFLiT8oqT33lwO9sJGDMw_GGf6pED6A1RyCvARM96TE46m2gTS4KF4hu7t0X1Nfhe90PLJta9DKv0JKOC7O5KawVgSb7UL17MkeA8Evj_Azw752t6NkKB2A_w2vYORSAfz7leZdbqkfFjDHSGgdxCLENGkPzenbaDLniR-8vLlPMoKZk8ftFyS8ZF0XTjQX7A-IRKGD7xSxAM42Y3oMKTSAXwcY0XQGryMTRR9iL9DM61TDZ5nXtIWiVezG5Vv9kvKS7g61HF6At5K2eafEaGVAAuJp56Pdt5I4ze-t_W9aWkUy6JJ2nTa5LcDXVIkcIP5uilRIoIhRuVm6c-hicAcmmHW9zBgwkP-DImhsEnQaY1l7ZtTBCW8-tcHuRI_cOwVupmNRnGziCjHYyQK0ThFfGKWCMFCpany8zD_m6LWT2dzoTFb_InIVp8mYiCDtETIhEKzFRjlWTGPf9MsVK9e5CFwAlCkNmoWll2xx221wRoFMrYcoY6-OaRaMiwVNKxlGsahiIYY40FVVX71LH_TaKuGcc-D01_bZNIYMPe6O7GvJJuXVCfgfch0SXciHNGO5d5CDozOMeR2NZPbHJ43qyMBaP_h08AQmw_nk4fHJXmCSXckpYU9nAusEYQPLVX5xQM7tm7bwj5JaJndUoUD98lhTca1S8dVfwq4aPJf3pWC3zulPg28ACO-164B_tPHOco4Dlx_o8jV9HHR8X87eo7YbYxTAGMZAdaE4r7pUgPYmXFlYv678d9uM3wBIaOhG8Ih0vE6WqNZMCu75zIl6PMKwYhRAn-f05wzcZZBIzGKOMskbunZTBtHPodCUAZv0xcfivs7kUdewK6V1nI3yuu3wZc-wP8C43plJ2yPT9ioVnA3gvcqW6d2VLWiwHdH9Z09ZgB2G99IXk-4VcIYWndomeaCemoCwZ_-NlQtNGEAMF5QwMnDIsyYNonD7r-W-TXbXI8YE28W8LNsPw05s3Kiq2onO-ZU1KvfoViih0vUcAudUk9j44Hn-OEvejjrHkJr6gAfVpPe3CnnP-JGBOlG4DpKM9_TYmxp4LTy1L5g8IQcAvUvZb7oEMi39mCkjDBJTyKu8aiOkgPJrFmE1PDV72xB7GMdPgNWgglUqv0XNWYRrgkqL8QFy_YsC5auIbzQnDt9T2dGrC2mPvNM0NKoLhBcp97IAf2SJh1nv9agXi8E4-xqhDO93DT7cAd2JdMLZhzLgRgfxlZ0DL8HIz_9kYrx8DV8kDdMhHw_Gdx9E0Mx_uaiATF2-P4r3icslaJxeRBlczmJkgB4xlLpniknCoIj630IGopXelmx3O8eU6OGPJ2TeAJL4BN9yOrKNg0m2_4p4QN2vcHPwqQtbQW648VHqxJbGEBzgQj2nXs3jqFpIdJSbd4EuQeNDxmLGRBRCQPy6Lp8Hd0J8CQ9RnFpcfTEZfll04rv4duABMh0pwW96UQQsZJNuBtsvtDX9H3-a8KB0G-yOx2yJnOxh0DbXSrHiwR6sZPMFkDsbRT8dox1KCkAAkUJU-8JenPmiqzolYUmVRbWeFLPRJ4ToYi8FWhux0xMKFQeTrnxurFixcdw9UbcvNvNKOdLQMdiAToQiyXz_5j1zNpjksVfroiiLZYEblfNDzMv0mvGTnMxkP3VKQSUXDUzzBTGk2YblVE4the73ICzt9CwVW2Z1C9-j0M8kcuwY_OeMI603-6CwW-DJjvOwwzNOP7Vi0X1V6Z66_fWQ5jk2LA22FGbjSW4pYjSC3WnHb3YlaES7m-sDJQXt75q1xZuJKf58zUQss_zXJHvcM9kK1YkTdt9TmhtwCRoTFMPmJSkpu8q5r9SKQnxxBeEKn3hN32buoVVQrjAO1BJViQd_i9NyX_dbUQaeZM-3TFg9XUww2bmPhw1aAo-bH5QBhqg--i7PGFXI-6KR3QBatUSTSlZIzKSW8cjIddmzQ56VsMpHkKORUUpqduzC7WiG7IJsHNBgaL6kX7wzojpg390GXtz6DPKSz-e9E7PMS90lrlBQ84G1oU-qz81uLE264dTiTGC3Y4IFWk4xvIaA80HXcW0ep7O4QGORPhlOFyu9MKI9QOY0ecXHwOlg2EwGPgfPUNJdKe1jDdpBKmyj12Z9WgjkUAetM-S_808z697JVEhi3cOHyTRdLJENhqHPqpKpoOuTi4uOAT6FGvhfJzBdmucrIxitmTT8uKdo3_p220VB4n0r7WbTmQ-lppNYMmn68xKTBqIqdw0731Lj_2gp3mcJ9qrgvnkyPEkglvtBN8U6_hSZ64Ec8SbDJXYaYB6LgFgA4J3k_yAgt355G94QDSfM3DCizZ7YhxOAawoWVBv_kJ24upJ-QxPQoeuDj8mphe8ZnLOismWPO7Fz_tKgPZ3AdGxjr5Kw-AWCQyL7-RRnkFTauKdWXIQKs6it-AHZd7RvnK6ZpDG_bcTDEsCtDgn8tHuQnDmK6nPNQsEAWp1Cz_f9ltw_Stymw65nvhW10M-63W6-XecM-TqL3CLaHA4M5VZ117_Y9EHOTjdEQ5HZO41VI4Imn-W5lheL2O68w9xN2ftqQIx8fhIB5JZ2ZlUHepV1AAmTxDdJusmtsOMEjfliwkHw7grfaMBVofBmjqPZOIB4ocNjT_d74M0lkqyexMBlVE6rgTgJ-59g_nTA6WNGeW3c_tXTiS3eFjQkmom5iYUp5gxorqejcvubPdnM8o7bFIA6vuwC13T-yv3hi3k4cZge6j4RfIZZq1pKD7KKAOBQ3_yXtNvKWHUAn7s0utASIKmCJFEJh5HsCNcDj6xDJvmdy23LRe9rN79N-g1W5I&cid=CAASJ-RoKowSAvN3MLZxH2AjgSeA2qSzgyAQUq4Ul_6gRWKYqj2bFB-ElA

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8FEA 0
0 58ms
55ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CneuTmIBEYoj0BaSYrASyn6FQjpy0p2jxoYqywg_6ndyg1AEQASDpoLUeYJWqoIKwB6ABqMHiqijIAQapArYd1Ntaq7I-qAMBqgTqAU_QMl6aimWfABBZ_BExdUnKyNxE8tdBA1_QFdsE_0u_SU-EUsRNq0hOqU1R-apdryRvBYnyo4u4NF1cp3kM4hQEzBf8dBPHcwPqJAaHHfIehD_J2W3XTH4kOHgZbSf5KbqJYO2KyuhFyOHbdCOUlPB0PPvgHK4S0GWnjt7aq4ew-30ojmpNm-qkWQ_wex1SNkn8NmFkoe1iBuQwjL8LixwQxCv85HKsGpyJTu51SWWLqFArtedP9-2khVawFyxcklfjyFP_8KjHvFAmD3NxYfNmDXjkI5W9Wv-qTEkNwKHeFYQhnaug988uy8AEoLzxt_ED4AQDiAWprI6TPJIFBggDEAIYAZIFBggbEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AHqPmyigOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHChCSljgY-p6TwgHSCAkIiOGAEBABGB2ACgPICwGwE6Dmjw7IE-W9j98D0BMA2BMKiBQC2BQB0BUBgBcBshceChwIABIUcHViLTgyNzI3ODY5OTc2MTI1NjgY7c8P&sigh=gcV3siW9jsY&uach_m=[UACH]&cid=CAQSPgCNIrLMm20r6v-tZ3pXn3IMGhIEnHcif2I2QoT6fI5b0woS1dN8XWhjp5AtTz_UiwSAEK2zPGplHXr0v9iQ&template_id=509&vt=10
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8FEA 0
0 31ms
28ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSK4TgbBBN0G13ZU50CHsZa-7To4SqPWyDIMeyiPzpbsbACYdEwccoxw6R31O6Qs-D9XHfUVoBmP-2gHApSETMLANRr3g
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8FEA 2 KB
2 KB 21ms
19ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 09:41:38 GMT
x-content-type-options: nosniff
server: cafe
age: 23238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 31 Mar 2022 09:41:38 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8FEA 295 B
319 B 22ms
19ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 22551
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 31 Mar 2022 09:53:05 GMT

GET
H/1.1 200
OK joawi09wjq7m Show response
hal9000.redintelligence.net/zone/ Frame E3AA 11 KB
4 KB 82ms
23ms Script
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/joawi09wjq7m?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUM3Nl4BEYpqjNcjk3wPpj56wAuvSwaFp_fTe9MUP8C4QASDpoLUeYJWqoIKwB8gBCakCth3U21qrsj6oAwGqBO8BT9D8I8uK2QLPEjpvkq3Zh6Zii-ws80DY15gq5uhpqh2kW0T2GEUYrmH1zOirjDqQ6cbQPpEDcs22_wbWeLuH0Mbb7386O_mamOtr9DKM_qepWpOnOfWP_AireWx2gIdsG1dNx5T7TchWBUy8gAM1WqOWM1XGy9AMwtvtB36JFDWh_JPaS9scvXKkqHQexpOaVHbdnGhsi7uVu9zXMlNeEHUpXWm45IsDwZefCE7SGseP72-kntptb18TPetYnyg2Pj71GcX1VixVf8B_B-O4OM3JmQ3TMzJ1EKDh-2-d-qy6FY2-j6ZLFAk8us79B2zABL6O6uT5A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoU_O00b-lbsAVitk1100dUskNLUd2AVdEbtUfNSDhh-ssE1LbtQ%26sig%3DAOD64_2SMqSG2_bmcHaAq4f96dH94E2jRg%26client%3Dca-pub-8272786997612568%26dbm_c%3DAKAmf-Aq0ApVL1grlPbbDa8fEcHUrPf19a2yEAmCSp_q1Peiwu3meSbJ-QIOiIazCWYJgS0xVuDG4iWYcLwWNxyDEtb7Czq8INbSdEjkhdgoZnHzBL4gMbIH3uQlWihHufXKa_mGXNh5y-A2f7dZS-rLJHW2pUiVjg%26cry%3D1%26dbm_d%3DAKAmf-Ao32euOb5F9EDKZ6V2g4KRruoK9q3C9iMhlC3B6KGNnANJ53bFNoCj7MtyuBSbSYrGidVXbXBDnXK9ri-XUKjMSjxZDG6UDwEUgmfo2n96BtRufiuWBn_xvQzOagJoXoz0gZn0IQyA2YE1a_dzXmSNS_H9Zml2hmXcK343oK5rzpZr_L5wNQ-HDjB1_JKPNraOHyrWuIZntuLBEP8g74lGjOK6-z1Aj4jzvJKukapzQ4xjCIG33fKTFEb5EKyFiUG7S2q81AbMJpfCX8vYrKAS-JIjadsexBX2_0XN0uA2SXpaYmzrgAa6mlEOvE1KEX8UfBYZvWAXivnY0Tl3luHWyqIgIiee6xsgMmnRWqPvjSxDBVwyMa85n5XcrFVzEu9-UxjL2xhkzTPqU4Nt_nQkOMUbACUAPVTDUh-wettudTA8dpegSiY4wj1cyCWkFThCt_ulnleNJJmV0bLBVegfUQGCSA%26adurl%3D
Requested by: Host: 008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com
URL: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: adbfbd073ce574d3bd4b0f5e4fe5ee7ed0f4566273295ee68fdc425a15749d07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:56 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3951
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 7F69 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 7F69 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 7F69 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 7F69 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 7F69 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 7F69 607 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 8FEA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4215ab5ce77f9da4c8eaef538637c6bf35b29b9904d58cf032c1a0b35c1bd7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 84ms
27ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 30 Mar 2022 16:08:55 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1115
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ Frame 8FEA 44 KB
44 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.post2baseball.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 62629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Mar 2023 22:45:07 GMT

GET
H2 200 1f52e.png
abs.twimg.com/emoji/v2/72x72/ Frame C0DC 961 B
1 KB 23ms
19ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f52e.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8EA5) /

Resource Hash

c95da39b306aa00d303f4420dc51c8f96de5789042dcd83203c5709557e8f0eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 25685170
x-ton-expected-size: 961
x-cache: HIT
content-length: 961
x-response-time: 9
surrogate-key: twitter-assets
last-modified: Wed, 11 Apr 2018 17:50:07 GMT
server: ECAcc (frc/8EA5)
etag: "tlwcqI1NOAxZ9WOe7we6/Q=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 626527868c475ede914192ef9cd8c6e5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 30 Mar 2023 16:08:56 GMT

GET
H2 200 1f4a5.png
abs.twimg.com/emoji/v2/72x72/ Frame C0DC 1 KB
1 KB 19ms
18ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4a5.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F13) /

Resource Hash

c64d226a7d1d5a7e4b5d9f4d485ee8261082044eb39b778b9d1e56b40c561632

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 22905402
x-ton-expected-size: 1030
x-cache: HIT
content-length: 1030
x-response-time: 10
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:23 GMT
server: ECAcc (frc/8F13)
etag: "r6zpcwheOICHkl/kLPlPzw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: f29eb5f85d9e1774567b9e04cea38bc3
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 30 Mar 2023 16:08:56 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9CE5 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 8788
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Mar 2022 13:42:28 GMT
expires: Thu, 30 Mar 2023 13:42:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal900021.redintelligence.net/ Frame E3AA
Redirect Chain

https://hal900021.redintelligence.net/request.php?zone=joawi09wjq7m&nw=20&renderingType=javascript&namespace=bbac6438b1&subid=&uid=cdd92fc103f42c33&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900021.redintelligence.net/request.php?zone=joawi09wjq7m&nw=20&renderingType=javascript&namespace=bbac6438b1&subid=&uid=cdd92fc103f42c33&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

3 KB
2 KB

134ms
90ms

Script
application/x-javascript

144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request.php?zone=joawi09wjq7m&nw=20&renderingType=javascript&namespace=bbac6438b1&subid=&uid=cdd92fc103f42c33&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUM3Nl4BEYpqjNcjk3wPpj56wAuvSwaFp_fTe9MUP8C4QASDpoLUeYJWqoIKwB8gBCakCth3U21qrsj6oAwGqBO8BT9D8I8uK2QLPEjpvkq3Zh6Zii-ws80DY15gq5uhpqh2kW0T2GEUYrmH1zOirjDqQ6cbQPpEDcs22_wbWeLuH0Mbb7386O_mamOtr9DKM_qepWpOnOfWP_AireWx2gIdsG1dNx5T7TchWBUy8gAM1WqOWM1XGy9AMwtvtB36JFDWh_JPaS9scvXKkqHQexpOaVHbdnGhsi7uVu9zXMlNeEHUpXWm45IsDwZefCE7SGseP72-kntptb18TPetYnyg2Pj71GcX1VixVf8B_B-O4OM3JmQ3TMzJ1EKDh-2-d-qy6FY2-j6ZLFAk8us79B2zABL6O6uT5A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoU_O00b-lbsAVitk1100dUskNLUd2AVdEbtUfNSDhh-ssE1LbtQ%26sig%3DAOD64_2SMqSG2_bmcHaAq4f96dH94E2jRg%26client%3Dca-pub-8272786997612568%26dbm_c%3DAKAmf-Aq0ApVL1grlPbbDa8fEcHUrPf19a2yEAmCSp_q1Peiwu3meSbJ-QIOiIazCWYJgS0xVuDG4iWYcLwWNxyDEtb7Czq8INbSdEjkhdgoZnHzBL4gMbIH3uQlWihHufXKa_mGXNh5y-A2f7dZS-rLJHW2pUiVjg%26cry%3D1%26dbm_d%3DAKAmf-Ao32euOb5F9EDKZ6V2g4KRruoK9q3C9iMhlC3B6KGNnANJ53bFNoCj7MtyuBSbSYrGidVXbXBDnXK9ri-XUKjMSjxZDG6UDwEUgmfo2n96BtRufiuWBn_xvQzOagJoXoz0gZn0IQyA2YE1a_dzXmSNS_H9Zml2hmXcK343oK5rzpZr_L5wNQ-HDjB1_JKPNraOHyrWuIZntuLBEP8g74lGjOK6-z1Aj4jzvJKukapzQ4xjCIG33fKTFEb5EKyFiUG7S2q81AbMJpfCX8vYrKAS-JIjadsexBX2_0XN0uA2SXpaYmzrgAa6mlEOvE1KEX8UfBYZvWAXivnY0Tl3luHWyqIgIiee6xsgMmnRWqPvjSxDBVwyMa85n5XcrFVzEu9-UxjL2xhkzTPqU4Nt_nQkOMUbACUAPVTDUh-wettudTA8dpegSiY4wj1cyCWkFThCt_ulnleNJJmV0bLBVegfUQGCSA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.post2baseball.com%2F&ancestorOrigins=https%3A%2F%2Fwww.post2baseball.com&random=8199279156038&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com
URL: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 6a55bf1257a090b4010cfbe331afbcd219f5899b074c79f079ed7661addfe46c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Mar 2022 16:08:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 24721000174882704444540011914021
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1106
Expires: Wed, 30 Mar 2022 17:08:56 +0200

Redirect headers

Pragma: no-cache
Date: Wed, 30 Mar 2022 16:08:56 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=joawi09wjq7m&nw=20&renderingType=javascript&namespace=bbac6438b1&subid=&uid=cdd92fc103f42c33&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUM3Nl4BEYpqjNcjk3wPpj56wAuvSwaFp_fTe9MUP8C4QASDpoLUeYJWqoIKwB8gBCakCth3U21qrsj6oAwGqBO8BT9D8I8uK2QLPEjpvkq3Zh6Zii-ws80DY15gq5uhpqh2kW0T2GEUYrmH1zOirjDqQ6cbQPpEDcs22_wbWeLuH0Mbb7386O_mamOtr9DKM_qepWpOnOfWP_AireWx2gIdsG1dNx5T7TchWBUy8gAM1WqOWM1XGy9AMwtvtB36JFDWh_JPaS9scvXKkqHQexpOaVHbdnGhsi7uVu9zXMlNeEHUpXWm45IsDwZefCE7SGseP72-kntptb18TPetYnyg2Pj71GcX1VixVf8B_B-O4OM3JmQ3TMzJ1EKDh-2-d-qy6FY2-j6ZLFAk8us79B2zABL6O6uT5A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoU_O00b-lbsAVitk1100dUskNLUd2AVdEbtUfNSDhh-ssE1LbtQ%26sig%3DAOD64_2SMqSG2_bmcHaAq4f96dH94E2jRg%26client%3Dca-pub-8272786997612568%26dbm_c%3DAKAmf-Aq0ApVL1grlPbbDa8fEcHUrPf19a2yEAmCSp_q1Peiwu3meSbJ-QIOiIazCWYJgS0xVuDG4iWYcLwWNxyDEtb7Czq8INbSdEjkhdgoZnHzBL4gMbIH3uQlWihHufXKa_mGXNh5y-A2f7dZS-rLJHW2pUiVjg%26cry%3D1%26dbm_d%3DAKAmf-Ao32euOb5F9EDKZ6V2g4KRruoK9q3C9iMhlC3B6KGNnANJ53bFNoCj7MtyuBSbSYrGidVXbXBDnXK9ri-XUKjMSjxZDG6UDwEUgmfo2n96BtRufiuWBn_xvQzOagJoXoz0gZn0IQyA2YE1a_dzXmSNS_H9Zml2hmXcK343oK5rzpZr_L5wNQ-HDjB1_JKPNraOHyrWuIZntuLBEP8g74lGjOK6-z1Aj4jzvJKukapzQ4xjCIG33fKTFEb5EKyFiUG7S2q81AbMJpfCX8vYrKAS-JIjadsexBX2_0XN0uA2SXpaYmzrgAa6mlEOvE1KEX8UfBYZvWAXivnY0Tl3luHWyqIgIiee6xsgMmnRWqPvjSxDBVwyMa85n5XcrFVzEu9-UxjL2xhkzTPqU4Nt_nQkOMUbACUAPVTDUh-wettudTA8dpegSiY4wj1cyCWkFThCt_ulnleNJJmV0bLBVegfUQGCSA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.post2baseball.com%2F&ancestorOrigins=https%3A%2F%2Fwww.post2baseball.com&random=8199279156038&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Wed, 30 Mar 2022 17:08:56 +0200

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame C0DC 53 KB
12 KB 19ms
18ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:56 GMT
Content-Encoding: gzip
Age: 664749
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:36:21 GMT
Server: ECS (frb/6796)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 19ms
19ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:56 GMT
Content-Encoding: gzip
Age: 664749
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:36:21 GMT
Server: ECS (frb/6796)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 8FEA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

64ms
64ms

Image
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H3
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Redirect headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 41ms
19ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=899838500042702&ev=Microdata&dl=https%3A%2F%2Fwww.post2baseball.com%2F&rl=&if=false&ts=1648656537484&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20Fargo%20Post%202%20American%20Legion%20Baseball%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Home%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aurl%22%3A%22http%3A%2F%2Fwww.post2baseball.com%2Fpage%2Fshow%2F272274-welcome%22%2C%22og%3Asite_name%22%3A%22%20Fargo%20Post%202%20American%20Legion%20Baseball%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn2.sportngin.com%2Fattachments%2Flogo_graphic%2F9175%2F9373%2FIMG_20170627_201701_medium.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1648656536935.370297458&it=1648656536654&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 30 Mar 2022 16:08:56 GMT

GET
H2 200 F5C_fYGf_normal.jpg
pbs.twimg.com/profile_images/1270196762465243136/ Frame C0DC 2 KB
2 KB 19ms
18ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1270196762465243136/F5C_fYGf_normal.jpg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67AA) /

Resource Hash

78f90bb517e9515876f4dbb0e72053787bb5ab6a69836f108f3a08393665d38b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 0
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 2187
x-response-time: 126
surrogate-key: profile_images profile_images/bucket/1 profile_images/1270196762465243136
last-modified: Tue, 09 Jun 2020 03:29:21 GMT
server: ECS (frb/67AA)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 068e3b0d7d5e09e46cd785248c897c234fcb6b4ab3aeccae80f48f7bf0ca87cc
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 5nAV8Ppp_normal.jpg
pbs.twimg.com/profile_images/1473483244750483457/ Frame C0DC 2 KB
2 KB 19ms
17ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1473483244750483457/5nAV8Ppp_normal.jpg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/669F) /

Resource Hash

904e20d70e994abdb9e1a7517c4f9588ea2efbe83e6de4f5275d08c58524f153

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 512052
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 1883
x-response-time: 109
surrogate-key: profile_images profile_images/bucket/1 profile_images/1473483244750483457
last-modified: Wed, 22 Dec 2021 02:37:16 GMT
server: ECS (frb/669F)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: bdacca46e45a8f6591b8577294cadef08a56ab6bd1354e6a7d7e5cccdfcf03b9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1f52e.png
abs.twimg.com/emoji/v2/72x72/ Frame C0DC 961 B
1 KB 20ms
18ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f52e.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8EA5) /

Resource Hash

c95da39b306aa00d303f4420dc51c8f96de5789042dcd83203c5709557e8f0eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 25685170
x-ton-expected-size: 961
x-cache: HIT
content-length: 961
x-response-time: 9
surrogate-key: twitter-assets
last-modified: Wed, 11 Apr 2018 17:50:07 GMT
server: ECAcc (frc/8EA5)
etag: "tlwcqI1NOAxZ9WOe7we6/Q=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 626527868c475ede914192ef9cd8c6e5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 30 Mar 2023 16:08:56 GMT

GET
H2 200 nYsmmbPC_normal.jpg
pbs.twimg.com/profile_images/1311319745916960768/ Frame C0DC 2 KB
2 KB 23ms
20ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1311319745916960768/nYsmmbPC_normal.jpg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6762) /

Resource Hash

652be7f9bcf98904a5e9edfa8b9f24b0a39f448696da90b42f6ff3b86fbdb053

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 160705
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 2187
x-response-time: 116
surrogate-key: profile_images profile_images/bucket/1 profile_images/1311319745916960768
last-modified: Wed, 30 Sep 2020 14:57:25 GMT
server: ECS (frb/6762)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b23a2cb9f9c8de6637ef03da44c98d9a70548884a1e7166ad289f5b94cba7789
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1f4a5.png
abs.twimg.com/emoji/v2/72x72/ Frame C0DC 1 KB
1 KB 20ms
17ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4a5.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F13) /

Resource Hash

c64d226a7d1d5a7e4b5d9f4d485ee8261082044eb39b778b9d1e56b40c561632

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 22905402
x-ton-expected-size: 1030
x-cache: HIT
content-length: 1030
x-response-time: 10
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:23 GMT
server: ECAcc (frc/8F13)
etag: "r6zpcwheOICHkl/kLPlPzw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: f29eb5f85d9e1774567b9e04cea38bc3
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 30 Mar 2023 16:08:56 GMT

GET
H2 200 FOQ63naWYAEj76-
pbs.twimg.com/media/ Frame C0DC 79 KB
79 KB 24ms
22ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FOQ63naWYAEj76-?format=jpg&name=small

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6752) /

Resource Hash

6f7fd54429dba3d070fea672e03e2542eddc3d7586e903ca8f30358066b4043f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=5
content-length: 81025
x-response-time: 217
surrogate-key: media media/bucket/5 media/1505392902595305473
last-modified: Sun, 20 Mar 2022 03:54:51 GMT
server: ECS (frb/6752)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 93f9e60d8b8a5d3e2e3abe2db5a5cf820395f15ed23ff01e2d6e5502acc073df
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FNoAmVQWQAIGOIb
pbs.twimg.com/media/ Frame C0DC 15 KB
15 KB 78ms
76ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FNoAmVQWQAIGOIb?format=jpg&name=360x360

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6738) /

Resource Hash

1051fa055bd18a2a72d6662b306b32e85dff67683249a87a1252722f6faf49fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=58
content-length: 15506
x-response-time: 285
surrogate-key: media media/bucket/0 media/1502514084222222338
last-modified: Sat, 12 Mar 2022 05:15:27 GMT
server: ECS (frb/6738)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: bb019eab7fa53198d3c32af16b8472395ff267e5ce2b533dacb24c80a82bd5c2
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 ZsCsneNi_normal.jpg
pbs.twimg.com/profile_images/1502373939451994114/ Frame C0DC 2 KB
2 KB 21ms
19ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1502373939451994114/ZsCsneNi_normal.jpg

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C2) /

Resource Hash

45286e6d575a00e87e4fbe57e36792202b0dbcac181c7a0aa5c96b352f8485bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 406879
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 2035
x-response-time: 121
surrogate-key: profile_images profile_images/bucket/0 profile_images/1502373939451994114
last-modified: Fri, 11 Mar 2022 19:58:34 GMT
server: ECS (frb/67C2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e55d5a2c780f5dc3f1b224c37ebab486ab7ea428f4232d3ed9ebb582b5b55966
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 MuGW4cO3_normal.jpg
pbs.twimg.com/profile_images/998988113140592640/ Frame C0DC 2 KB
2 KB 21ms
19ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/998988113140592640/MuGW4cO3_normal.jpg

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6724) /

Resource Hash

f3bc1ce421d9351c51d3f511aedaa2c4bfd8293d9bd17c126f1b5b2f5a6a0f99

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 47218
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 2111
x-response-time: 122
surrogate-key: profile_images profile_images/bucket/5 profile_images/998988113140592640
last-modified: Tue, 22 May 2018 18:03:01 GMT
server: ECS (frb/6724)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 784eb065b2278ae9c8b63f1c6924e7b3841ae6ebca212be7a7f784b23ce42814
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 YxR0eec4_normal.png
pbs.twimg.com/profile_images/1428179695045054470/ Frame C0DC 6 KB
6 KB 30ms
28ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1428179695045054470/YxR0eec4_normal.png

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6794) /

Resource Hash

f34ab05d647a9204a59a7502c821d4486855a902e74c489f7f7f4673be891b69

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 318376
x-cache: MISS
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=10
content-length: 5987
x-response-time: 126
surrogate-key: profile_images profile_images/bucket/7 profile_images/1428179695045054470
last-modified: Thu, 19 Aug 2021 02:17:08 GMT
server: ECS (frb/6794)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 050b0d7e57d270d695863c3f937f61e74f2f49148499f5d949a5b47ae3b71e8e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 v-M-rXBe_normal.jpg
pbs.twimg.com/profile_images/1485052664509607939/ Frame C0DC 2 KB
2 KB 154ms
152ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1485052664509607939/v-M-rXBe_normal.jpg

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/673A) /

Resource Hash

78db364b2f6570b486368c48799d5544d83b7ece3add2a08e0237b877092358f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=135
content-length: 2187
x-response-time: 117
surrogate-key: profile_images profile_images/bucket/5 profile_images/1485052664509607939
last-modified: Sun, 23 Jan 2022 00:50:00 GMT
server: ECS (frb/673A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8158bb7a961c47befef06f20dfce06b8fd85e627cefdaa40a0a432ab56c35630
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FN0sSPNX0AQkgBd
pbs.twimg.com/media/ Frame C0DC 102 KB
102 KB 259ms
258ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FN0sSPNX0AQkgBd?format=jpg&name=small

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6739) /

Resource Hash

2358df9136898a168b0083bf61e0e6726724aec63f4ff5aa95dbef6ffce0ed36

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=241
content-length: 103983
x-response-time: 220
surrogate-key: media media/bucket/8 media/1503406542443499524
last-modified: Mon, 14 Mar 2022 16:21:46 GMT
server: ECS (frb/6739)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5298cdbae5bee35063720cf1ae9126f3203ac9499fc4642184c4f1e9642007d6
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Yh5CvwqQwe-SW2KR
pbs.twimg.com/ext_tw_video_thumb/1503191363810078720/pu/img/ Frame C0DC 14 KB
14 KB 359ms
358ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1503191363810078720/pu/img/Yh5CvwqQwe-SW2KR?format=jpg&name=360x360

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6724) /

Resource Hash

76b535ca656ef4154e81ed155529172028686042168bc92a6a5f72793d971daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:57 GMT
x-content-type-options: nosniff
age: 2
x-cache: MISS
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=340
content-length: 14534
x-response-time: 319
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/7 ext_tw_video_thumb/1503191363810078720
last-modified: Mon, 14 Mar 2022 02:06:43 GMT
server: ECS (frb/6724)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 035c5e14858ac9626aafbe79dac2a9c0255022624a540e384c2cd305dc917762
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FNsf5g3UcAMhVca
pbs.twimg.com/media/ Frame C0DC 13 KB
13 KB 220ms
219ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FNsf5g3UcAMhVca?format=jpg&name=360x360

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E2) /

Resource Hash

b8e050c7571cd6cd92f14a60c05158b7a1f1bf39a51083bb085ed548197bb47f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:56 GMT
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=190
content-length: 13405
x-response-time: 167
surrogate-key: media media/bucket/8 media/1502829973593157635
last-modified: Sun, 13 Mar 2022 02:10:41 GMT
server: ECS (frb/67E2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f054779ef48c178e95cad5da8a283310a7ff8b05da24efea9ae0cf685d7a998c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
DATA 200
OK truncated
/ Frame C0DC 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame C0DC 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame C0DC 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame C0DC 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame C0DC 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame C0DC 607 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 XFpjqGQyXlGhrIMtqUZEtOx9ZrcGJnYAFO97-LZexEg.js Show response
pagead2.googlesyndication.com/bg/ Frame 9CE5 35 KB
13 KB 57ms
19ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XFpjqGQyXlGhrIMtqUZEtOx9ZrcGJnYAFO97-LZexEg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c5a63a864325e51a1ac832da94644b4ec7d66b70626760014ef7bf8b65ec448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 13:50:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13744
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Mar 2023 13:50:01 GMT

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 6E66
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=24721000174882704444540011914021&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=24721000174882704444540011914021&actionid=981741&produktid=&dt_url=

0
627 B

143ms
83ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=24721000174882704444540011914021&actionid=981741&produktid=&dt_url=

Requested by

Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=joawi09wjq7m&nw=20&renderingType=javascript&namespace=bbac6438b1&subid=&uid=cdd92fc103f42c33&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUM3Nl4BEYpqjNcjk3wPpj56wAuvSwaFp_fTe9MUP8C4QASDpoLUeYJWqoIKwB8gBCakCth3U21qrsj6oAwGqBO8BT9D8I8uK2QLPEjpvkq3Zh6Zii-ws80DY15gq5uhpqh2kW0T2GEUYrmH1zOirjDqQ6cbQPpEDcs22_wbWeLuH0Mbb7386O_mamOtr9DKM_qepWpOnOfWP_AireWx2gIdsG1dNx5T7TchWBUy8gAM1WqOWM1XGy9AMwtvtB36JFDWh_JPaS9scvXKkqHQexpOaVHbdnGhsi7uVu9zXMlNeEHUpXWm45IsDwZefCE7SGseP72-kntptb18TPetYnyg2Pj71GcX1VixVf8B_B-O4OM3JmQ3TMzJ1EKDh-2-d-qy6FY2-j6ZLFAk8us79B2zABL6O6uT5A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoU_O00b-lbsAVitk1100dUskNLUd2AVdEbtUfNSDhh-ssE1LbtQ%26sig%3DAOD64_2SMqSG2_bmcHaAq4f96dH94E2jRg%26client%3Dca-pub-8272786997612568%26dbm_c%3DAKAmf-Aq0ApVL1grlPbbDa8fEcHUrPf19a2yEAmCSp_q1Peiwu3meSbJ-QIOiIazCWYJgS0xVuDG4iWYcLwWNxyDEtb7Czq8INbSdEjkhdgoZnHzBL4gMbIH3uQlWihHufXKa_mGXNh5y-A2f7dZS-rLJHW2pUiVjg%26cry%3D1%26dbm_d%3DAKAmf-Ao32euOb5F9EDKZ6V2g4KRruoK9q3C9iMhlC3B6KGNnANJ53bFNoCj7MtyuBSbSYrGidVXbXBDnXK9ri-XUKjMSjxZDG6UDwEUgmfo2n96BtRufiuWBn_xvQzOagJoXoz0gZn0IQyA2YE1a_dzXmSNS_H9Zml2hmXcK343oK5rzpZr_L5wNQ-HDjB1_JKPNraOHyrWuIZntuLBEP8g74lGjOK6-z1Aj4jzvJKukapzQ4xjCIG33fKTFEb5EKyFiUG7S2q81AbMJpfCX8vYrKAS-JIjadsexBX2_0XN0uA2SXpaYmzrgAa6mlEOvE1KEX8UfBYZvWAXivnY0Tl3luHWyqIgIiee6xsgMmnRWqPvjSxDBVwyMa85n5XcrFVzEu9-UxjL2xhkzTPqU4Nt_nQkOMUbACUAPVTDUh-wettudTA8dpegSiY4wj1cyCWkFThCt_ulnleNJJmV0bLBVegfUQGCSA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.post2baseball.com%2F&ancestorOrigins=https%3A%2F%2Fwww.post2baseball.com&random=8199279156038&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 Hamburg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 30 Mar 2022 16:08:56 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 30 Mar 2022 06:08:56 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Wed, 30 Mar 2022 16:08:57 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=24721000174882704444540011914021&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: 5413AFA5:BF7A_91EFC182:01BB_62448098_15A6304E:F724

GET
H2

200

/
www.parship.de/wplp/htlp/de/ Frame 5D22
Redirect Chain

https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=24721000174882704444540011914021&pv=1
https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ
https://www.parship.de/wplp/htlp/de/?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1648656537.5712300.b415651c-b043-11ec-8eb3-00155def0803ID

0
0

87ms
43ms

Document
text/html

2606:4700::6813:b979
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.de/wplp/htlp/de/?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1648656537.5712300.b415651c-b043-11ec-8eb3-00155def0803ID

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; frame-src https:; object-src 'none'; worker-src 'self'; img-src 'self' data: http: https: https://.instana.io; upgrade-insecure-requests; default-src 'self'; connect-src 'self' https://.google-analytics.com/ https://.facebook.com https://.ioam.de https://.taboola.com https://translate.googleapis.com https://.doubleclick.net https://.instana.io wss://mpsnare.iesnare.com https://.usercentrics.eu https://api.personio.de/recruiting/applicant https://bat.bing.com/actionp/ ; font-src data: 'self' https://maxcdn.bootstrapcdn.com/font-awesome/ https://www.sovendus.com/banner-responsive/ ; script-src https: 'report-sample' 'unsafe-inline' 'unsafe-eval' data: 'self' https://.custhelp.com https://.ioam.de https://.instana.io; style-src 'self' 'unsafe-inline' https://www.parship.com https://www.sovendus.com https://.custhelp.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com/font-awesome/ https://partnerboerse.parship.de https://translate.googleapis.com https://*.adyen.com ; frame-ancestors https://www.gmx.at https://www.gmx.ch https://www.gmx.net https://web.de https://www.meinestadt.de http://www.meinestadt.de https://www.zeit.de https://home.1und1.de http://blog.parship.nl 'self'; report-uri /ls/
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.gmx.at https://www.gmx.ch https://www.gmx.net https://web.de https://www.meinestadt.de http://www.meinestadt.de https://www.zeit.de https://home.1und1.de http://blog.parship.nl
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 10
cache-control: private, no-cache, no-store, proxy-revalidate, no-transform
cdn-cache-control: max-age=10, stale-if-error=432000
cf-cache-status: HIT
cf-ray: 6f421b5e1d76929c-FRA
content-encoding: gzip
content-length: 325
content-security-policy: base-uri 'self'; frame-src https:; object-src 'none'; worker-src 'self'; img-src 'self' data: http: https: https://*.instana.io; upgrade-insecure-requests; default-src 'self'; connect-src 'self' https://*.google-analytics.com/ https://*.facebook.com https://*.ioam.de https://*.taboola.com https://translate.googleapis.com https://*.doubleclick.net https://*.instana.io wss://mpsnare.iesnare.com https://*.usercentrics.eu https://api.personio.de/recruiting/applicant https://bat.bing.com/actionp/ ; font-src data: 'self' https://maxcdn.bootstrapcdn.com/font-awesome/ https://www.sovendus.com/banner-responsive/ ; script-src https: 'report-sample' 'unsafe-inline' 'unsafe-eval' data: 'self' https://*.custhelp.com https://*.ioam.de https://*.instana.io; style-src 'self' 'unsafe-inline' https://www.parship.com https://www.sovendus.com https://*.custhelp.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com/font-awesome/ https://partnerboerse.parship.de https://translate.googleapis.com https://*.adyen.com ; frame-ancestors https://www.gmx.at https://www.gmx.ch https://www.gmx.net https://web.de https://www.meinestadt.de http://www.meinestadt.de https://www.zeit.de https://home.1und1.de http://blog.parship.nl 'self'; report-uri /ls/
content-security-policy-report-only: base-uri 'self'; frame-src https:; object-src 'none'; worker-src 'self'; default-src 'self'; img-src 'self' data: http: https: https://*.instana.io; connect-src 'self' https://*.google-analytics.com/ https://*.facebook.com https://*.ioam.de https://*.taboola.com https://translate.googleapis.com https://*.doubleclick.net https://*.instana.io wss://mpsnare.iesnare.com https://*.usercentrics.eu https://api.personio.de/recruiting/applicant https://bat.bing.com/actionp/ ; font-src data: 'self' https://maxcdn.bootstrapcdn.com/font-awesome/ https://www.sovendus.com/banner-responsive/ ; script-src https: 'report-sample' 'unsafe-inline' 'unsafe-eval' data: 'self' https://*.custhelp.com https://*.ioam.de https://*.instana.io; style-src 'self' 'unsafe-inline' https://www.parship.com https://www.sovendus.com https://*.custhelp.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com/font-awesome/ https://partnerboerse.parship.de https://translate.googleapis.com https://*.adyen.com ; frame-ancestors 'self' https://www.gmx.at https://www.gmx.ch https://www.gmx.net https://web.de https://www.meinestadt.de http://www.meinestadt.de https://www.zeit.de https://home.1und1.de http://blog.parship.nl; report-uri /ls/?reportOnly=true
content-type: text/html; charset=utf-8
date: Wed, 30 Mar 2022 16:08:57 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 28 Feb 2022 14:30:12 GMT
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://www.gmx.at https://www.gmx.ch https://www.gmx.net https://web.de https://www.meinestadt.de http://www.meinestadt.de https://www.zeit.de https://home.1und1.de http://blog.parship.nl
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-origin: *
content-type: text/html; charset=UTF-8
date: Wed, 30 Mar 2022 16:08:57 GMT
location: https://www.parship.de/wplp/htlp/de/?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1648656537.5712300.b415651c-b043-11ec-8eb3-00155def0803ID
p3p: policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server: nginx
server-id: 13
x-robots-tag: noindex, nofollow

GET
H3

200

activityi;dc_pre=CIu5-Jmc7vYCFcfMGwodqQQKhA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2737928645739.8975 Show response
8019191.fls.doubleclick.net/ Frame D30F
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2737928645739.8975?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CIu5-Jmc7vYCFcfMGwodqQQKhA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2737928645739.8975?

392 B
348 B

66ms
38ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CIu5-Jmc7vYCFcfMGwodqQQKhA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2737928645739.8975?

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

7de3ec82a4eeda0632635da71a02f74ccf8f31b66f0b609a8d921bf73a47a520

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 325
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Mar 2022 16:08:57 GMT
expires: Wed, 30 Mar 2022 16:08:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Mar 2022 16:08:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CIu5-Jmc7vYCFcfMGwodqQQKhA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2737928645739.8975?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900021.redintelligence.net/ Frame F099 7 KB
2 KB 66ms
22ms Document
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request_content.php?s=24721000174882704444540011914021&a=7d427c8b
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=joawi09wjq7m&nw=20&renderingType=javascript&namespace=bbac6438b1&subid=&uid=cdd92fc103f42c33&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUM3Nl4BEYpqjNcjk3wPpj56wAuvSwaFp_fTe9MUP8C4QASDpoLUeYJWqoIKwB8gBCakCth3U21qrsj6oAwGqBO8BT9D8I8uK2QLPEjpvkq3Zh6Zii-ws80DY15gq5uhpqh2kW0T2GEUYrmH1zOirjDqQ6cbQPpEDcs22_wbWeLuH0Mbb7386O_mamOtr9DKM_qepWpOnOfWP_AireWx2gIdsG1dNx5T7TchWBUy8gAM1WqOWM1XGy9AMwtvtB36JFDWh_JPaS9scvXKkqHQexpOaVHbdnGhsi7uVu9zXMlNeEHUpXWm45IsDwZefCE7SGseP72-kntptb18TPetYnyg2Pj71GcX1VixVf8B_B-O4OM3JmQ3TMzJ1EKDh-2-d-qy6FY2-j6ZLFAk8us79B2zABL6O6uT5A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoU_O00b-lbsAVitk1100dUskNLUd2AVdEbtUfNSDhh-ssE1LbtQ%26sig%3DAOD64_2SMqSG2_bmcHaAq4f96dH94E2jRg%26client%3Dca-pub-8272786997612568%26dbm_c%3DAKAmf-Aq0ApVL1grlPbbDa8fEcHUrPf19a2yEAmCSp_q1Peiwu3meSbJ-QIOiIazCWYJgS0xVuDG4iWYcLwWNxyDEtb7Czq8INbSdEjkhdgoZnHzBL4gMbIH3uQlWihHufXKa_mGXNh5y-A2f7dZS-rLJHW2pUiVjg%26cry%3D1%26dbm_d%3DAKAmf-Ao32euOb5F9EDKZ6V2g4KRruoK9q3C9iMhlC3B6KGNnANJ53bFNoCj7MtyuBSbSYrGidVXbXBDnXK9ri-XUKjMSjxZDG6UDwEUgmfo2n96BtRufiuWBn_xvQzOagJoXoz0gZn0IQyA2YE1a_dzXmSNS_H9Zml2hmXcK343oK5rzpZr_L5wNQ-HDjB1_JKPNraOHyrWuIZntuLBEP8g74lGjOK6-z1Aj4jzvJKukapzQ4xjCIG33fKTFEb5EKyFiUG7S2q81AbMJpfCX8vYrKAS-JIjadsexBX2_0XN0uA2SXpaYmzrgAa6mlEOvE1KEX8UfBYZvWAXivnY0Tl3luHWyqIgIiee6xsgMmnRWqPvjSxDBVwyMa85n5XcrFVzEu9-UxjL2xhkzTPqU4Nt_nQkOMUbACUAPVTDUh-wettudTA8dpegSiY4wj1cyCWkFThCt_ulnleNJJmV0bLBVegfUQGCSA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.post2baseball.com%2F&ancestorOrigins=https%3A%2F%2Fwww.post2baseball.com&random=8199279156038&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 3f057a1b71e8ce4990ae6e8ff64b7306038339bcf35ba1649365ce6032bcc60b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2107
Content-Type: text/html; charset=utf-8
Date: Wed, 30 Mar 2022 16:08:56 GMT
Expires: Wed, 30 Mar 2022 17:08:56 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame E3AA
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=24721000174882704444540011914021
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=24721000174882704444540011914021
https://ad-server.eu/wm/pb/native.png

68 B
312 B

199ms
39ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: 008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com
URL: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:14:23 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Wed, 30 Mar 2022 16:08:57 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 5413AFA5:BF7A_91EFC182:01BB_62448099_15A63062:F724
X-IPLB-Instance: 40027
Strict-Transport-Security: max-age=15768000
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame E3AA 43 B
702 B 103ms
36ms Image
image/gif 23.205.253.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=24721000174882704444540011914021&pv=1

Requested by

Host: 008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com
URL: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.253.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-253-64.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Mar 2022 16:08:56 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
DATA 200
OK truncated
/ Frame E3AA 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46f68eff88b3552e170dc5d87c0bce4ac35fc4d5c81e564691b2b4563b14f0cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 57ms
29ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.post2baseball.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js?cb=31065885

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Mar 2022 16:08:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 57ms
29ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.post2baseball.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js?cb=31065885

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Mar 2022 16:08:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 57 KB
14 KB 677ms
676ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1149010867101363&correlator=2336203085083410&eid=31065842%2C31065885%2C31063247&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fif&iu_parts=5727661%2CDesktop%2Cfundraising%2Chomepage&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90&ifi=3&adks=2380289105&sfv=1-0-38&ecs=20220330&ris=1&rcs=1&fsapi=false&prev_scp=pos%3D1%26tile%3D1%26tfPassback%3Dfalse%26inView%3Dtrue&eri=1&cust_params=zone%3Dhomepage%26siteid%3D1609%26pagenodetags%3D272274%26sport%3Dbaseball-softball%26controller%3Dpage%26pntn%3Dhome%26pub%3Dwww.post2baseball.com%26path%3D%252F&sc=1&cookie=ID%3D7890b78557715ca5-2217c7a369cd0059%3AT%3D1648656535%3AS%3DALNI_MYyKZp1UY0E0zmNttZcTkVyK9eOXw&abxe=1&dt=1648656537751&lmt=1648656537&dlt=1648656534562&idt=1981&biw=1600&bih=1200&adxs=315&adys=492&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.post2baseball.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=970x90&msz=970x90&fws=4&ohw=970&ga_vid=865354860.1648656537&ga_sid=1648656537&ga_hid=2142360097&ga_fc=true&btvi=0&nvt=1

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

daeaed49a53701e7167271bd11c1e6e693d75f9f156a7e8195ad2f5ee57b2acd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14029
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.post2baseball.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame F6ED
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
635 B

18ms
18ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674D) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Accept-Language: de-DE,de;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://www.post2baseball.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 664750
Cache-Control: public, max-age=315360000
Content-Length: 80
Content-Type: text/html; charset=utf-8
Date: Wed, 30 Mar 2022 16:08:57 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Wed, 16 Feb 2022 18:46:17 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/674D)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ

Redirect headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Wed, 30 Mar 2022 16:08:57 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Wed, 30 Mar 2022 16:08:57 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
status: 302 Found
strict-transport-security: max-age=631138519
x-connection-hash: f759e7ad41c4a7c62ebd262ca8e07f6fdc0d7744c30d889ba346ab58328ff537
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 118
x-transaction: 50a5d0e623214281
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame F099 1 KB
419 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=24721000174882704444540011914021&a=7d427c8b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 14:16:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 30 Mar 2022 16:08:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Mar 2022 16:08:57 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame F099 9 KB
9 KB 70ms
24ms Image
image/png 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_627x627.jpg
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=24721000174882704444540011914021&a=7d427c8b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: bb5a54ac4d8693b77ce6112dfd9dbf99bfe25be82e2078517705c0a36340fcfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:57 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9342
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame F099 10 KB
10 KB 69ms
23ms Image
image/png 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-627x627.jpg
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=24721000174882704444540011914021&a=7d427c8b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 30cddf3b884d696dc1b25fc89ea625a7f79479c0d9d8c177b2b84accf3f731ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:57 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9734
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame F099 7 KB
7 KB 183ms
136ms Image
image/png 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/51649/creativesup/PS_Herbstkampagne2019_Inga1_OnlineMarketing_Display_Yahoo_627x627.jpg
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=24721000174882704444540011914021&a=7d427c8b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 10e62967e117040f79a0d1d3b4e26b551b64ba8d51d752dd2306468ecad95e1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:57 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 7364
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 dc_pre=CIu5-Jmc7vYCFcfMGwodqQQKhA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2737928645739.8975
adservice.google.com/ddm/fls/z/ Frame D30F 42 B
63 B 56ms
56ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIu5-Jmc7vYCFcfMGwodqQQKhA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2737928645739.8975

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CIu5-Jmc7vYCFcfMGwodqQQKhA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2737928645739.8975?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 16:08:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CE5 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwO7kmIBEYq6QFoau3wOGo7OgCgAAAAA4AeAEAg&bg=!GxilGFzNAAbzJazn0yU7ACkAdvg8WsmdguWxbt8qEaT0sXdSWhDlI8VczE_0madHt3nL3sYaY_PPkAIAAAEuUgAAAAJoAQeZAzglK5ZmBCO34Ve893T7HMoYj1k-IoQQw4_KFmDTYF0IXr7OwKRTt1WdohmkqSh1ZTAi2B7E50wEwpmAgmp-ZuJEqdsYvivWZON-jPK0u_flfxBBZ4Z0jhhi-wllgrx7tsGDZewhf4cT9l1cYhe9rs54sB5rap8YhaU8L9z807IMKEu00QuXt-b2XDyzEae8duyWlNlmOHw2LGSTmv-5pOisTMyfx7G3Vx7qj1MjKdv9Ki9UAOZ_na2TRShor_Eqo_z5rAeBJ6AsTi6R68CJlFZDeU52vXQA7KLcObQ1E96OrL3akzDd2_Ma188jnyYSJBwrV80to3BsQ-Pakht0PhZj0Rd4F9-j6Ivy-Qa0-8tc0Y3OBMxloTt3tSQSUKblFl85aeILv44KCGe2zYOpk69AeqmpLrTpzBtrVazXzDq8YsY7VR54XMLmIpXZKOlY6K3QPIbBr1Id5Snv5HCRYO3YHtywIUOuE26gSsy3GxQ8eImIRyUcXJEdpk4mfVE6P6xlKIE39wCAHhgiNyoFw08QvylivKFcoVIAMGvstvEDry5FVN0wsEL5d3ByWD_kg3lZaqYc4NhBtdJMH2aMiJHUr1mIiIytqQyn7n2uMuO6dTbZ2A1RGglIjzmmPRAMAvO-zK6f3efgKrNB7NiYkb3XAk68Citj7WxRptaRDMPUBdhqFvK8s3Ehtnl-CaDBF9TmUcFz0Eykkw0QsxOjk-jv7BmBnEcWiKcH70fo9zRXNB773-tnsWjAqWqJ2NbRr2VCJBAVdbtLgTz3MR3mxeDAUmx9f65oLfBmZlbAY3M2ofgAula1wmxFmn7QUU_Pk0dSlSSxTXx_pDbntTomQdYxT_ediD11hwXUYAIU7x9MgQ5VimvQNdFErokUQ9cVluA3QCpG9GMl70Jg2gEgn16bYH1-t-zOaAHS5pm4BPmUGz8MZbsKA-Qb7Sqeu-P-e8qzvlctVn2OCZkm57bnfqlzvmSktvOIaPQAycrqJoYYJ6r1lsStWuoTlXDd05fIlEIHrrqOnkeecEEG00D4OP4OGyts2BdipdTx9g6VHs-aDDh4Vk8O3SK0MYS2-GbSk_L8eWxAQbZ7BA

Requested by

Host: 008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com
URL: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 16:08:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900021.redintelligence.net/ Frame F099 0
150 B 70ms
24ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/viewability?s=24721000174882704444540011914021&a=e830aa85&vb=m
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=24721000174882704444540011914021&a=7d427c8b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/request_content.php?s=24721000174882704444540011914021&a=7d427c8b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:57 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H2 201 /
www.parship.de/ls/ Frame E3AA 0
264 B 142ms
101ms Other
text/plain 2606:4700::6813:b979
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.de/ls/

Requested by

Host: 008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com
URL: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; frame-src https:; object-src 'none'; worker-src 'self'; img-src 'self' data: http: https: https://.instana.io; upgrade-insecure-requests; default-src 'self'; connect-src 'self' https://.google-analytics.com/ https://.facebook.com https://.ioam.de https://.taboola.com https://translate.googleapis.com https://.doubleclick.net https://.instana.io wss://mpsnare.iesnare.com https://.usercentrics.eu https://api.personio.de/recruiting/applicant https://bat.bing.com/actionp/ ; font-src data: 'self' https://maxcdn.bootstrapcdn.com/font-awesome/ ; script-src https: 'report-sample' 'unsafe-inline' 'unsafe-eval' data: 'self' https://.custhelp.com https://.ioam.de https://.instana.io; style-src 'self' 'unsafe-inline' https://www.parship.com https://.custhelp.com https://fonts.googleapis.com https://partnerboerse.parship.de https://translate.googleapis.com https://maxcdn.bootstrapcdn.com/font-awesome/ ; media-src 'self' data: https://mpsnare.iesnare.com; prefetch-src 'self'; frame-ancestors 'self' https://community.parship.de https://community.parship.at https://community.parship.ch https://community.elitepartner.de https://community.elitepartner.at https://community.elitepartner.ch ; report-uri /ls/
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 30 Mar 2022 16:08:57 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
x-xss-protection: 1; mode=block
content-security-policy: base-uri 'self'; frame-src https:; object-src 'none'; worker-src 'self'; img-src 'self' data: http: https: https://*.instana.io; upgrade-insecure-requests; default-src 'self'; connect-src 'self' https://*.google-analytics.com/ https://*.facebook.com https://*.ioam.de https://*.taboola.com https://translate.googleapis.com https://*.doubleclick.net https://*.instana.io wss://mpsnare.iesnare.com https://*.usercentrics.eu https://api.personio.de/recruiting/applicant https://bat.bing.com/actionp/ ; font-src data: 'self' https://maxcdn.bootstrapcdn.com/font-awesome/ ; script-src https: 'report-sample' 'unsafe-inline' 'unsafe-eval' data: 'self' https://*.custhelp.com https://*.ioam.de https://*.instana.io; style-src 'self' 'unsafe-inline' https://www.parship.com https://*.custhelp.com https://fonts.googleapis.com https://partnerboerse.parship.de https://translate.googleapis.com https://maxcdn.bootstrapcdn.com/font-awesome/ ; media-src 'self' data: https://mpsnare.iesnare.com; prefetch-src 'self'; frame-ancestors 'self' https://community.parship.de https://community.parship.at https://community.parship.ch https://community.elitepartner.de https://community.elitepartner.at https://community.elitepartner.ch ; report-uri /ls/
server-timing: intid;desc=7c64c21e5dbf4b47
cf-ray: 6f421b5fdfaf9a33-FRA
content-security-policy-report-only: base-uri 'self'; frame-src https:; object-src 'none'; worker-src 'self'; default-src 'self'; img-src 'self' data: http: https: https://*.instana.io; connect-src 'self' https://*.google-analytics.com/ https://*.facebook.com https://*.ioam.de https://*.taboola.com https://translate.googleapis.com https://*.doubleclick.net https://*.instana.io wss://mpsnare.iesnare.com https://*.usercentrics.eu https://api.personio.de/recruiting/applicant https://bat.bing.com/actionp/ ; font-src data: 'self' https://maxcdn.bootstrapcdn.com/font-awesome/ ; script-src https: 'report-sample' 'unsafe-inline' 'unsafe-eval' data: 'self' https://*.custhelp.com https://*.ioam.de https://*.instana.io; style-src 'self' 'unsafe-inline' https://www.parship.com https://*.custhelp.com https://fonts.googleapis.com https://partnerboerse.parship.de https://translate.googleapis.com https://maxcdn.bootstrapcdn.com/font-awesome/ ; media-src 'self' data: https://mpsnare.iesnare.com; prefetch-src 'self'; frame-ancestors 'self' https://community.parship.de https://community.parship.at https://community.parship.ch https://community.elitepartner.de https://community.elitepartner.at https://community.elitepartner.ch ; report-uri /ls/?reportOnly=true
content-length: 0
x-content-type-options: nosniff

POST
H2 201 /
www.parship.de/ls/ Frame E3AA 0
2 KB 112ms
71ms Other
text/plain 2606:4700::6813:b979
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.de/ls/?reportOnly=true

Requested by

Host: 008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com
URL: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; frame-src https:; object-src 'none'; worker-src 'self'; img-src 'self' data: http: https: https://.instana.io; upgrade-insecure-requests; default-src 'self'; connect-src 'self' https://.google-analytics.com/ https://.facebook.com https://.ioam.de https://.taboola.com https://translate.googleapis.com https://.doubleclick.net https://.instana.io wss://mpsnare.iesnare.com https://.usercentrics.eu https://api.personio.de/recruiting/applicant https://bat.bing.com/actionp/ ; font-src data: 'self' https://maxcdn.bootstrapcdn.com/font-awesome/ ; script-src https: 'report-sample' 'unsafe-inline' 'unsafe-eval' data: 'self' https://.custhelp.com https://.ioam.de https://.instana.io; style-src 'self' 'unsafe-inline' https://www.parship.com https://.custhelp.com https://fonts.googleapis.com https://partnerboerse.parship.de https://translate.googleapis.com https://maxcdn.bootstrapcdn.com/font-awesome/ ; media-src 'self' data: https://mpsnare.iesnare.com; prefetch-src 'self'; frame-ancestors 'self' https://community.parship.de https://community.parship.at https://community.parship.ch https://community.elitepartner.de https://community.elitepartner.at https://community.elitepartner.ch ; report-uri /ls/
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 30 Mar 2022 16:08:57 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
x-xss-protection: 1; mode=block
content-security-policy: base-uri 'self'; frame-src https:; object-src 'none'; worker-src 'self'; img-src 'self' data: http: https: https://*.instana.io; upgrade-insecure-requests; default-src 'self'; connect-src 'self' https://*.google-analytics.com/ https://*.facebook.com https://*.ioam.de https://*.taboola.com https://translate.googleapis.com https://*.doubleclick.net https://*.instana.io wss://mpsnare.iesnare.com https://*.usercentrics.eu https://api.personio.de/recruiting/applicant https://bat.bing.com/actionp/ ; font-src data: 'self' https://maxcdn.bootstrapcdn.com/font-awesome/ ; script-src https: 'report-sample' 'unsafe-inline' 'unsafe-eval' data: 'self' https://*.custhelp.com https://*.ioam.de https://*.instana.io; style-src 'self' 'unsafe-inline' https://www.parship.com https://*.custhelp.com https://fonts.googleapis.com https://partnerboerse.parship.de https://translate.googleapis.com https://maxcdn.bootstrapcdn.com/font-awesome/ ; media-src 'self' data: https://mpsnare.iesnare.com; prefetch-src 'self'; frame-ancestors 'self' https://community.parship.de https://community.parship.at https://community.parship.ch https://community.elitepartner.de https://community.elitepartner.at https://community.elitepartner.ch ; report-uri /ls/
server-timing: intid;desc=54b5df1013e54cfb
cf-ray: 6f421b5fdfb09a33-FRA
content-security-policy-report-only: base-uri 'self'; frame-src https:; object-src 'none'; worker-src 'self'; default-src 'self'; img-src 'self' data: http: https: https://*.instana.io; connect-src 'self' https://*.google-analytics.com/ https://*.facebook.com https://*.ioam.de https://*.taboola.com https://translate.googleapis.com https://*.doubleclick.net https://*.instana.io wss://mpsnare.iesnare.com https://*.usercentrics.eu https://api.personio.de/recruiting/applicant https://bat.bing.com/actionp/ ; font-src data: 'self' https://maxcdn.bootstrapcdn.com/font-awesome/ ; script-src https: 'report-sample' 'unsafe-inline' 'unsafe-eval' data: 'self' https://*.custhelp.com https://*.ioam.de https://*.instana.io; style-src 'self' 'unsafe-inline' https://www.parship.com https://*.custhelp.com https://fonts.googleapis.com https://partnerboerse.parship.de https://translate.googleapis.com https://maxcdn.bootstrapcdn.com/font-awesome/ ; media-src 'self' data: https://mpsnare.iesnare.com; prefetch-src 'self'; frame-ancestors 'self' https://community.parship.de https://community.parship.at https://community.parship.ch https://community.elitepartner.de https://community.elitepartner.at https://community.elitepartner.ch ; report-uri /ls/?reportOnly=true
content-length: 0
x-content-type-options: nosniff

GET
H2 200 nr-1215.min.js Show response
js-agent.newrelic.com/ 36 KB
14 KB 70ms
21ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1215.min.js
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: mrZZlI3m.d3cabi4HqLBBkr4pQ2c77UF
content-encoding: gzip
etag: "615035bb6557b191e767e19087efabaf"
fastly-original-body-size: 36751
x-amz-request-id: QFKCVYMWVXV57D81
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 13666
x-amz-id-2: Zx9EJjHbeOVSwdQX05/YP5tgHTZJlS3z5H4UdevVIbf3+UWHovoR+hmvoOT3GJ+BVIsZ+ZhoLxg=
x-served-by: cache-hhn4068-HHN
last-modified: Mon, 24 Jan 2022 22:13:53 GMT
server: AmazonS3
x-timer: S1648656538.598537,VS0,VE0
date: Wed, 30 Mar 2022 16:08:57 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 8902

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 61ms
35ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022032106&st=env

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cdf81dddc7b67dc094503c96bd3c39c1389e295c900f31219009f08216cd6f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Mar 2022 16:08:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10483
x-xss-protection: 0

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 64ms
35ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-821370-1&cid=865354860.1648656537&jid=1498434108&gjid=1665339616&_gid=1151264558.1648656538&_u=aCnAiEABBAAAAG~&z=1767684262

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.post2baseball.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 30 Mar 2022 16:08:57 GMT
content-type: text/plain
access-control-allow-origin: https://www.post2baseball.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TMK6MGB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 251
date: Wed, 30 Mar 2022 16:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 30 Mar 2022 18:04:46 GMT

GET
H3 200 didna-pixel-se.js Show response
storage.googleapis.com/didna-files/ 27 KB
27 KB 128ms
128ms Script
text/javascript 2a00:1450:4001:801::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/didna-files/didna-pixel-se.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TMK6MGB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 79fd5cc9032d23501648bb8b5dbf2649d17b8ba22f8b43652766004bf4bd6816

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:57 GMT
age: 0
x-guploader-uploadid: ADPycdvAuURLxE21Qdn026qO7GoBZzFm6qrJt65S8_yxQxPpOJs89gFyi1WtFFn6pvR_k78c4KU-zVQ-uHR1OOeV4dEnvbXlNQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28002
x-goog-meta-
last-modified: Wed, 06 Jan 2021 17:38:17 GMT
server: UploadServer
etag: "c4bcac4835338203fd3c356ba38122e0"
x-goog-hash: crc32c=yVosSg==, md5=xLysSDUzggP9PDVro4Ei4A==
x-goog-generation: 1609954697238604
cache-control: no-cache
x-goog-stored-content-length: 28002
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 30 Mar 2023 16:08:57 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
19ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2142360097&t=pageview&_s=1&dl=https%3A%2F%2Fwww.post2baseball.com%2F&ul=en-us&de=UTF-8&dt=Fargo%20Post%202%20American%20Legion%20Baseball&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCnAiEABBAAAAC~&jid=1498434108&gjid=1665339616&cid=865354860.1648656537&tid=UA-821370-1&_gid=1151264558.1648656538&cd6=Ngin&cd5=0&cd7=1&cd8=%20Fargo%20Post%202%20American%20Legion%20Baseball&cd9=Fargo%20Post%202&cd10=1598&cd11=Fargo%20Post%202%20American%20Legion%20Baseball&cd1=cms&cd2=baseball-softball&cd4=ND&cd3=1609&cd14=production&cd13=&gtm=2wg3n1TMK6MGB&cd16=0&cd17=1459&cd20=baseball&cm1=1&cd15=865354860.1648656537&z=447025053

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Mar 2022 16:53:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83732
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js?cb=31065885

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 30 Mar 2022 16:08:57 GMT

GET
H/1.1 200
OK 7b8dc0b815 Show response
bam-cell.nr-data.net/1/ 49 B
715 B 651ms
591ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/7b8dc0b815?a=16731&v=1215.1253ab8&to=IQkMERZcXApQQRZAAAUDTRYMXEc%3D&rst=4759&ck=1&ref=https://www.post2baseball.com/&ap=23&be=1029&fe=4659&dc=2416&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1648656533636,%22n%22:0,%22f%22:444,%22dn%22:445,%22dne%22:465,%22c%22:465,%22s%22:570,%22ce%22:785,%22rq%22:785,%22rp%22:918,%22rpe%22:1025,%22dl%22:926,%22di%22:2415,%22ds%22:2415,%22de%22:2429,%22dc%22:4659,%22l%22:4659,%22le%22:4685%7D,%22navigation%22:%7B%7D%7D&fp=2266&fcp=2266&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1215.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:08:58 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6f421b60af8b90c1-FRA

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7340 13 KB
5 KB 27ms
26ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 34
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Mar 2022 16:08:23 GMT
expires: Thu, 30 Mar 2023 16:08:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BD14 783 B
533 B 36ms
35ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2be5558a40480716e17535d285a662d9de3c8fced6b400f7534d6082fe1d3e97

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tH480CsT6lt6bKGGevuuNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-tH480CsT6lt6bKGGevuuNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 30 Mar 2022 16:08:57 GMT
expires: Wed, 30 Mar 2022 16:08:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame 8D2B 222 KB
61 KB 67ms
28ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 169111
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Mar 2023 17:10:26 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 8D2B 16 KB
6 KB 91ms
53ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 169111
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Mar 2023 17:10:26 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 8D2B 96 KB
29 KB 99ms
61ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 169111
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Mar 2023 17:10:26 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 8D2B 5 KB
2 KB 98ms
61ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 483815
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Fri, 25 Mar 2022 01:45:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 25 Mar 2023 01:45:22 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 8D2B 42 KB
13 KB 59ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 261882
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Sun, 27 Mar 2022 15:24:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 27 Mar 2023 15:24:15 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8D2B 5 KB
665 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600&lang=en

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

675dcd6b9174a58e7a075bdb8b16b49ab0268c38443341ede6f343f4ce92e481

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 16:04:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 30 Mar 2022 16:08:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Mar 2022 16:08:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8D2B 5 KB
665 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600&text=

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

675dcd6b9174a58e7a075bdb8b16b49ab0268c38443341ede6f343f4ce92e481

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 14:24:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 30 Mar 2022 16:08:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Mar 2022 16:08:57 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8D2B 2 KB
2 KB 20ms
20ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 09:41:38 GMT
x-content-type-options: nosniff
server: cafe
age: 23239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 31 Mar 2022 09:41:38 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8D2B 295 B
319 B 21ms
20ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 22552
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 31 Mar 2022 09:53:05 GMT

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ 68 B
345 B 24ms
22ms Image
image/png 3.123.114.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_TWJaVFFTNDk2RUI0U2QyN0lMVTRyYkhYbko4LzIzNjA1NTgxNDA6NzI4eDkw&v=5&s=v31fvdpcmrp&sb=-1&h=www.post2baseball.com&cb=1685465&d=eyJ3aCI6IlRXSmFWRkZUTkRrMlJVSTBVMlF5TjBsTVZUUnlZa2hZYmtvNEx6SXpOakExTlRneE5EQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjA1NTgxNDAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.114.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-114-98.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Mar 2022 16:08:57 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 253368523785755980
s0.2mdn.net/simgad/ Frame 8D2B 445 KB
445 KB 50ms
22ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/253368523785755980

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

821364dc322731eae3330bc0b7b828f27d027fe5e6b7308311c8954710efa52a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:44:04 GMT
x-content-type-options: nosniff
age: 5093
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 455526
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 12:01:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Mar 2023 14:44:04 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame 8D2B 42 B
63 B 43ms
42ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AvFMXVc1tomlSUc1OwQDxaWEVz5b3P-38BJhjxaIKiOOptiTD5a4Jide4FSXm1O4H43IEUgviEmInilk4NrkL0H28RRXmQU00o0thABVHO5WtlqJrQw0wfFOSzCIyiSs2PpblPYcI4eRcAqjNi38zPz03Weg&dbm_d=AKAmf-De0pkKZOI6cefC8hL_i1mF3AfJX8JR6o0wt0Z1dlKtpIy08VHGHKmJp-I4N4icx82XL2Tjk8RkWNenzKDpnqpM8xlhj-GHdkbkxl1JmlDKEk34p35HinEqfdRUnmWrHq7FxwfKzCnZOEJCEKhtYvle6ZPV_0vFXLtk0KlRdqM3zz9yBv2dTKWSLNwrn0hFj6c0Sf68CFAjHQo76E79BMLqSYjq92qAdUceR7p08VevGUm4Mjw8MpQqjvAZCb8YZx-e4YJ28AOvaRXWwJO-Tb9AxKi8Q0nkth_7L0UJpp91XRuWE-IIhpHciSFMGiMyshylyVPq80Bg1wNkdssUpAwbzbskx4iFb5Tfl_vWvlyVTU4fh-g4NKup6kEcERB-sg-DId6H4PlJClWJhMo9XpRXNd6gIc2iPes6b2Sfdl5KeXmgBweckPM4aECuzdTwZahTyg9VoiF_F3zMZYHgYd_TjpOUaeYxspIKS8GCICIRipLYosp-kfI7jc3KtFy0EpPMWjUGkcsuySk-ILp5cAcYmlU-oOSBMnv-ItQgY4wDRonivxtRjLzPOmFCxSq3tDc2rsilvWzdDdo-bCnM8yKbeyioyp9XeWQ1p9tD3bwy55uz_Jk-AaTA1xztvZQ2lJXwqje6X4u-_8W0LCrYkATwCTBnMUKBgXs2lDeRYHEUnk-I8tImmDC_5BlRtutupQyIjNoY4XjIGVXqBmsLvKXrtIwpHJO3h4NCT5xMVavGsSzJ2pGF3shROQaB-LanOK34h0SD3wbdYFy5IqVrlOmPlj654_-SyQj5YXxzYOtyomEj9uj3RXsA7IqiA8PMXBnnw83UItZhPwHIKA36wZ3DexQJsuyOmTeSxIs4YYW4smOZeW4OVkOUItW3CGBlAIJ3rHf7bnfGaQly6xdnDx-Pk9U8y4Y6cRY-_pQ7rX9YitlJzU5bbK1dpfyhK0XtxOCLTNEGEwKFg0TgT5ZBiAKo1kwaxBB7OGK0aQ6dtbnFocBaJJoYRZmHv4AiPRfpjLaCM_vSAQMt_rYZLDoHEOrmLu_sNvAWXjTbt3G_CwdrI5Lobu4IFAxLjWOgXocJbdoSf8kUMFkZcaYnmms3MmhYCrrduoO2q9pMUBCL_sMl-PoReVmvakOTOCpcjyqmmrvKGB6GxWXgphMxRBV_sk8U7M5XiqiI-DGgoyIWADQ3PfuqskGhTXCZC8efRtII68EZ6OD9MdR8UTBvcKBgcIo8MEFnOhQ0iEqMRhs4YRJOlcixIrJnV9JMiO8FClg7fh3tS-MJeLiEqxPx_I5jFUgCg2QWiA8C223kNAehr2RdxmmreiWMb7MCF03DHl9s1t2krnsaThG5FJHuqbz0STAlmPkXxg3DRjEqV3hITHQID9tRJ5VeK1Tiozpc3uKz7RXCz2rBFYb2SNXOIxgfN9y_I-dALl3jUWfCQqYtbCcSPnVlBQSjtvYc3I7Kh2zrJBCjM7i6BX3C-w7WhL50oage97ES-ZdDsanRrn0iYIuGkeZvOdYITrrxijdcwDel0-UzfMXcNLNW9NhWRICwPWMLIr5aFA9KfIWwrI8Xkd1v3aVWDUei8AOnqAuAqg2zDU7BUlXcp6LPZRQ6Fcq0LQvqGRkbQvrapZ7vajYsPFdK3r7u5wzhCndid8CsE7U8-4yRJnNE4b8rh57EYZ24cxrWSuqM_KtEMgZ-iupt3MF5iLMnuidBllgz6_mV61FpqJrJnCmILk9jEuXf4u-kIEki2FUjETSpUrXz-S9RIdzwW-NJA-tLxYVBRBs2m7jocm1psGZsKRNE7FyxH6TSa8VQtY1e_qMESqQvx0YdwVSC0gyvUSg6p_BrM37WgrXjfXC0zgfhAI_gIDISFIu57ChtSr1JrkaoHZDDwuNiIA0OMuUMhizMivMykl4BQXAaOeKYju7kMCGWwoTNqthayN2hOFuNc-X6iM57ejdZu9oVmpPGh74SodIv3cb4CcQXwtFCGerXGLmWw3uDq1afra8cwm0dPQfHCIeGjkqe53MG6vNUo_Nz3-6zKHgGsDmVheGe_DF7gSL95kotwXUjFoXZBvdygOnDBANN0CWDbf1n5jS1HbAXWVqk8J5oL0wLq4nz5fOq7wmOZCE25_GnhIwf1Lhz_vE1cpDI3IuN9yRG-zo5rVNXXRwyhjOtWu8LRSmYTZiTqs4E4xpq0NB_CzvXObefumN5JNWyRoQLEa2SV8EnzfRB0jXA3__uPLuTHGV3dv1eLbC3DB_-VLwYMpq42SXIitf6pfKU8vG6YCOhc9ZEMplqDTMq5eaDhQ5Scxg3zRJ3ggO6BU6YoHYfWbgwz-b97nSCW_zxD5S603i0oRoTLoZqh7s33H_sF8vEX7zJjra03xF62AUuyaN6uVFX9DCq187pHznl8fW-1RCU_LRTidh6GqaVp-I-Yj1iuWof2Vs51rM_yAeC8CaD2azJcF0Uw2HXvdbPCg22sBmpNZ05GFUNEGuJvMSLjAayy5geRYxVx5ZIRdgOhqalXNHs4j4H9WEypjoqaTAYCUnVmMVoJ0XNvrY2b6lZ6pRNo9Ws4Wf_X9jyk0xGM7co3XFKyPh9Pt4oHnfTYNngFEAf1VbTVvgbn0oPl0t1BVqbD668KExVg3Jn29zfvdkSJtp4qvbKtOhzoSUtjuxWO0cE8Ny69ikNh0uyeFO4VTY5este58KbckcBDTNXmI8LCWwAqaLntaJd5cCjSnAWHa0oSlbdZtijufp72YsDJ7zEHPbzO1FBipqUdqF0p-wILD050x6ZTxwWBFeVlJx-6wEaXR0QbcOBq7agj24TAFezxVVRelDt7NHda1XaD8-5MBb2Z6dithrYv6YYqUTRduOFSU1q0OThGXQZfU1w9fjBp-EvajV1bEGX_qBUQ7KhKZzVRqykknjSqKNpHZRFXYySlW51ms1j20YmDJoiOpa03_ZpjjcjfQkK1uWvUtrqiD8SiKlortOJpBIDeurY6lrbkJ-bTXh4C47zL31VgmHv8lR7u23Mk8vhrfQC2DM6ngjLXQsrSDPM5_9fdpMKfYfYlJxzM3w8qq6iIAyIZwpDH1AuqQgO6xob4fPBTW3AecxG1_ECAU2SUW2bdg3Sudw0rYh8lgwJPBlyOljD74J43M-s-LWt2lu6QL7b07KnYjd37iGFJLjPj7BLI4cb_6E0RIlRcq0&cid=CAASJORohcao0P9Wjkgrz4i5t58cp1zJl_myVkqoZT8o1_O_mi0VYQ

Requested by

Host: www.post2baseball.com
URL: https://www.post2baseball.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 16:08:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8D2B 0
0 61ms
60ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CCuEmmYBEYqPiApX33gPN25uoD46ctKdoqaCKssIP-p3coNQBEAEg6aC1HmCVqqCCsAegAajB4qooyAEGqQK2HdTbWquyPqgDAaoE6gFP0NwPTZap9HrkwAA0KB8bXqwfx4BtMCo9kwbRfkYPw4W_HRfyXN2zVkVujedDsNeqRWsLVfPbQe5eu5zLPirb6uOeVrnN4piXXMs6_EhA-NzhKAne1DuPdhoS1msWlDqswqd0NfBGgt7WzZ-Hbg7DwinruKIlCs0U6MY1va2wIVQR-PvqfgoiXrIIE4xNVU0UTYwP2zo7yqhjJ1xjQ2nfSWBsZ7hsz33TaLZMWqpffDiiiMkGluwJbBkLqIJY2jZ-Q8I3mJXuZwKAM3Ku5uG5WNiE1zRI_s09BUMPv_XOt-sCo-cPQeTX_GLABKC88bfxA-AEA4gFqayOkzySBQYIAxACGAGSBQYIGxABGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB6j5sooDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwoQkpY4GJKbk8IB0ggJCIDhgBAQARgdgAoDyAsBsBOg5o8OyBPlvY_fA9ATANgTCogUAtgUAdAVAYAXAbIXHgocCAASFHB1Yi04MjcyNzg2OTk3NjEyNTY4GO3PDw&sigh=C1e9tIYjeUg&uach_m=[UACH]&cid=CAQSOwCNIrLMnTcNQ6b9FJ0rHt_dTObjJpa3D04dKFCqhI38sUb1QCOOHri2A3b8W4KFrtEIw6hb225ZqWBq&template_id=509&vt=10
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8D2B 0
0 28ms
27ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRoniuQxDh6ueF0NVz7yAf2DpU6Fy3ghQsy4PC5GT1YPZrZ-di7etvs0lOn22I40kkzdt8xRh_NugES_aBaaEewbUO78A
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 60ms
59ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-821370-1&cid=865354860.1648656537&jid=1498434108&_u=aCnAiEABBAAAAG~&z=51736594

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 16:08:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 84ms
56ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-821370-1&cid=865354860.1648656537&jid=1498434108&_u=aCnAiEABBAAAAG~&z=51736594

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 16:08:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8D2B 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d172930433bd09b2fa09705b2299dd2cf8e975f358fa41405b3c2e0fe5eae56d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ Frame 8D2B 44 KB
44 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.post2baseball.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 62630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Mar 2023 22:45:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BD14 0
0 83ms
83ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022032106&jk=1149010867101363&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 200 XFpjqGQyXlGhrIMtqUZEtOx9ZrcGJnYAFO97-LZexEg.js Show response
pagead2.googlesyndication.com/bg/ Frame 7340 35 KB
13 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XFpjqGQyXlGhrIMtqUZEtOx9ZrcGJnYAFO97-LZexEg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c5a63a864325e51a1ac832da94644b4ec7d66b70626760014ef7bf8b65ec448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 13:50:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13744
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Mar 2023 13:50:01 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7340 0
9 B 19ms
19ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?v39mDg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022032106&jk=1149010867101363&bg=!eXqlej7NAAbzJazn0yU7ACkAdvg8WsV_AtuYpgLPA5j-jJnV2Z6nYwm0-kUTUMmeaBWOqO7yblBTwAIAAAEkUgAAAARoAQcKADyNZrNMm7UzUXMvHsjK8Jx4H2n2-VPkP9ANCFxDfhHk8tYR7AtnL3GdOoS1fCu5xxkh8Be5uH6Vi_OZBAaZAtcFE4TKVI2LtnfMXGSy_1XMxI28IVAkzD9f74vnuOaVsxvYSaBfBLAP1q6_HJtKGkNknlAHYkDp4u2dB1T1sG1vXCabm9MaMS_L8T23vX4V3eKZPZLHOL9qw9v0-LDBOJ3hKniSJbuwSSuNexOM-q7X7_lV2JixSEcsMoUydEK5zJ9f8xinMnNdVptfxPyoAJ_T5DzvRqfDk5yjn_zSYV_PU1f655eVm8d0Hveo9k1u_fXBRPGTMloopmhZm2WAS6ZH7ugippRdKSuG3XYZdDwR2sypANEB3dxXJBNOHZ1i9q026jBb-6hvfdyscPj4UuLtn-LIIlSR5bUSUcYw-Ys1mhvfRpiBETBe9Zr4t5ndklorPXZJdwdVleNA-Ruuvu_j5Fkp3f_YuyMfLFCVHvk--hU0enzYT4cHERjOa741wboGe0aIKhAOSyXapRet3rvYUTgUgtiOjhWBx2PTmUmeMuzVPT4L1r5Lux7wjSuyMbzntYDvkNlMWQWhwhF5NwmrRYcQ5dgbzi2fEVtiqeAXgdO7rl-spkOX74A6Crrg7eS6593DlBk5Ng9iTF8tq0As-7OrR9YD9RaON6usOm_zjxo7kQkuBXYQi3mCA_qZMwWRTgYLMwHq-oEp-D3KNLydBPNpgBCXXhfpJnlA2m5y3NpH4g2wdxcr0XTZzi6pHNn-63UAPVwQTLE3GWSl4QJny39XGLnIhag6gB7nOdKyBMMYlLI2k8-M3k0KyAZKcWsRHOLI7tBXdbbxTYmlchJEfeFpLOEd7XJExMP-__3AZzjt4NPNnBi-m2yz4JEyeAnCyzrQVahCBeGycMR_ryZZMCNKquQpCyZY1WWLrGpw8JR1h9E-SZwQUiZRJjHu6zXoK12xibDYqZQehop2df0kcyC6U4q4W_m0e2NvEeQ4mLkJsxxYa80dHjcbJZBgFCIIKUoVdHPKm7kDMSI7GyFSfxVm9MQ0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 16:08:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8D2B 42 B
64 B 58ms
58ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKA4If4sIm3R8Kbyu4BAWNkf7BVD67-rykposY-HhkH3JJX7uOS1H6h3sT05WuHOBOXASRJGuNT1oc3CN_YfSz-HWBdBTDarFR4FRV8Au-wGqY5pwDbg&sai=AMfl-YSc4BOAZcQE2ogw4bFv_ASm5FqwZg3HmlzOW11wNedhhWZsPA16jFB-5LQV43IPcmMcDtpTJ4P-90ou6AWJbdti1OaneBbst80BqiAosgiHmATbpydRzw6KVmU&sig=Cg0ArKJSzHsHIjvH464xEAE&cid=CAASJORohcao0P9Wjkgrz4i5t58cp1zJl_myVkqoZT8o1_O_mi0VYQ&id=ampim&o=436,492&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=231&tls=1231&g=100&h=100&tt=1231&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2380289105

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 16:08:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 7A38 0
0 1367ms
121ms Document
text/plain 67.202.105.23
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cQGneY9Z4r6BaCaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/prebid/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-105.static.steadfastdns.net
Software: 33XP002 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:09:01 GMT
server: 33XP002
x-33x-status: 2000208

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 4D36 0
0 1367ms
121ms Document
text/plain 67.202.105.23
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dfIcbi9Z4r6ykxaKkGJozW&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/prebid/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-105.static.steadfastdns.net
Software: 33XP005 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:09:01 GMT
server: 33XP005
x-33x-status: 2000208

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 9860 281 B
554 B 98ms
29ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/prebid/didna_prebid.js.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 30 Mar 2022 16:09:00 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame AB7E 0
0 1366ms
122ms Document
text/plain 67.202.105.23
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dr8UfG9Z4r6ykxaKkGJozW&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/prebid/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-105.static.steadfastdns.net
Software: 33XP001 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:09:00 GMT
server: 33XP001
x-33x-status: 2000208

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2A7E 52 KB
17 KB 88ms
18ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/prebid/didna_prebid.js.gz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.post2baseball.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 38087
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 30 Mar 2022 16:09:00 GMT
ETag: W/"623de86a-cf34"
Expires: Tue, 29 Mar 2022 10:17:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 201035, 755906
X-Served-By: cache-lga21922-LGA, cache-hhn4075-HHN
X-Timer: S1648656540.171966,VS0,VE0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2A7E 0
742 B 177ms
176ms Script
text/html 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Mar 2022 16:09:00 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b9125268-4ea4-4824-9e85-6e8b8222986a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9860 32 KB
10 KB 31ms
31ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 89958f065628db4a86bd171b1a41f5cf6de047238562b523d524438748453933

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 16:09:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=60801
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9540
Expires: Thu, 31 Mar 2022 09:02:21 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 9860
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1DRJ8Z4-I-9IL

0
707 B

287ms
218ms

Image
text/plain

2620:1ec:22::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1DRJ8Z4-I-9IL
Protocol: H2
Server: 2620:1ec:22::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:08:59 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 55D55039258742968A48D84EE904BD82 Ref B: VIEEDGE2020 Ref C: 2022-03-30T16:09:00Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXbccN1oCyjODNQ5wjJwQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1DRJ8Z4-I-9IL
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 9860 0
0 73ms
27ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9860
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=unnT8fJVRc2r9bwAOhXWVA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=unnT8fJVRc2r9bwAOhXWVA

43 B
556 B

117ms
116ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=unnT8fJVRc2r9bwAOhXWVA

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Mar 2022 16:09:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 5TFHY5Z5197DPJS5YGDW
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=unnT8fJVRc2r9bwAOhXWVA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9860
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjkxODRkYjNlN2MzZjZkMjAzMjg1ZDI3YjM0NGI4YmExNGIxMWYzNA

170 B
188 B

27ms
27ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjkxODRkYjNlN2MzZjZkMjAzMjg1ZDI3YjM0NGI4YmExNGIxMWYzNA

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 16:09:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjkxODRkYjNlN2MzZjZkMjAzMjg1ZDI3YjM0NGI4YmExNGIxMWYzNA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 9860
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=BvJTm9TgR3-9ZsERZr_uPA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=BvJTm9TgR3-9ZsERZr_uPA

43 B
556 B

64ms
64ms

Image
image/gif

52.95.115.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=BvJTm9TgR3-9ZsERZr_uPA

Protocol

HTTP/1.1

Server

52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Mar 2022 16:09:00 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 1E9V5738RW7Z6HA7R50P
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=BvJTm9TgR3-9ZsERZr_uPA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9860
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFEUko4WjQtSS05SUw=

170 B
188 B

48ms
47ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFEUko4WjQtSS05SUw=

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 16:09:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFEUko4WjQtSS05SUw=
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 9860
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFLYvf7UxJSedERHCbGfl8Y&google_cver=1

0
239 B

80ms
20ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFLYvf7UxJSedERHCbGfl8Y&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 30 Mar 2022 16:09:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFLYvf7UxJSedERHCbGfl8Y&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 9860
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1DRJ8Z4-I-9IL&sigv=1&esig=2~36b402cc802c055335c3a57f717baad556ba2542

0
194 B

55ms
18ms

Image
text/plain

2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1DRJ8Z4-I-9IL&sigv=1&esig=2~36b402cc802c055335c3a57f717baad556ba2542

Protocol

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 16:09:00 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1DRJ8Z4-I-9IL&sigv=1&esig=2~36b402cc802c055335c3a57f717baad556ba2542
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H2 202 events Show response
jssdks.mparticle.com/v3/JS/us1-a493512c2a9ecb4b8ed2a4a2dd3702b6/ 42 B
171 B 26ms
26ms Fetch
application/json 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v3/JS/us1-a493512c2a9ecb4b8ed2a4a2dd3702b6/events
Requested by: Host: www.post2baseball.com
URL: https://www.post2baseball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 65977efaf84c06a1b86765e5477475daf0806ff7c4ae02f4c55c684beacd6f56

Request headers

Accept: text/plain;charset=UTF-8
Referer: https://www.post2baseball.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 30 Mar 2022 16:09:00 GMT
content-encoding: gzip
server: Kestrel
x-timer: S1648656541.618164,VS0,VE2
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-served-by: cache-hhn4083-HHN
vary: Accept-Encoding
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 varnish
x-cache-hits: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2A7E 0
742 B 31ms
30ms Script
text/html 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Mar 2022 16:09:01 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c0de88bf-364e-4581-92f6-1b2aaa225c39
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11833.1/5213944/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=2327c46ed30ab51;misc=1648656537036;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11833.1/5213946/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=2480098b7dc6814;misc=1648656537036;

Verdicts & Comments Add Verdict or Comment

390 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paypal.com/	1970-01-21 04:14:24	Name: ts Value: vreXpYrS%3D1743350935%26vteXpYrS%3D1648658335%26vr%3Ddb964efd17f0ad006626ea2afef244ab%26vt%3Ddb964efd17f0ad006626ea2afef244aa%26vtyp%3Dnew
.paypal.com/	1970-01-21 04:14:24	Name: ts_c Value: vr%3Ddb964efd17f0ad006626ea2afef244ab%26vt%3Ddb964efd17f0ad006626ea2afef244aa
www.post2baseball.com/	1969-12-31 23:59:59	Name: _ngin_session Value: a3hvZVZCa0FqcWp5cW1yZDdzMHh0Y0cxRXFDS1JBSHFrcXhhNEl6d0hPd3FINGhxYVQwV2VZZEk0eWJwd1ZWQnVsODRtOFFpZGE0ZjBXMlhHeUp5RVplT3pHSzVCamxMN0diUmdPQjVZVVNyQ2k3bFVDVEdVa0RYVGdHNjh1dzExcEJ4REhSaWliT25CZWhHbFladlNsZEZZOXhIT2RvMzZMcFE5RmprZDU5Lzg4VDh4NXVjR29FSjNVaTNVZDlYUDM2TzA0VWo4aUlPZHl3ZmZTaHp2UT09LS1lSDZTTE1GUkl2VkFybXNFbjZCRVFBPT0%3D--72b14751f1bdc62e9d327019ad37359aaca72961
.post2baseball.com/	1970-01-20 10:43:12	Name: mprtcl-v4_FB89A2A0 Value: {'gs':{'ie':1\|'dt':'us1-a493512c2a9ecb4b8ed2a4a2dd3702b6'\|'cgid':'45deeca5-2416-45da-bceb-12db2ea401e2'\|'das':'4ef4aacf-c4d0-442c-b992-45b4128642f8'\|'csm':'WyItNzEwNjQzNjExOTk0NjQyNzA4NSJd'\|'sid':'16DFE4AA-29C3-4F16-A57F-2EA46BAEF12B'\|'les':1648656536080\|'ssd':1648656536078}\|'l':false\|'-7106436119946427085':{'fst':1648656536319\|'csd':'eyI0MSI6MTY0ODY1NjUzNjMyMX0='\|'ua':'eyJhZ2UiOm51bGwsImRvYiI6bnVsbCwiZ2VuZGVyIjpudWxsfQ=='}\|'cu':'-7106436119946427085'}
.post2baseball.com/	1970-01-20 19:28:48	Name: _ga Value: GA1.2.865354860.1648656537
.post2baseball.com/	1970-01-20 01:59:02	Name: _gid Value: GA1.2.2018027046.1648656537
www.post2baseball.com/	1970-01-20 19:28:48	Name: _ga Value: GA1.1.865354860.1648656537
www.post2baseball.com/	1970-01-20 01:59:02	Name: _gid Value: GA1.1.2018027046.1648656537
www.post2baseball.com/	1970-01-20 01:57:36	Name: _gat_mpgaTracker1 Value: 1
.post2baseball.com/	1970-01-20 01:57:36	Name: _gat_clientTracker Value: 1
.doubleclick.net/	1970-01-20 11:19:12	Name: IDE Value: AHWqTUnUe7tmi86zVjXp3oIAG0Tb9D40bV4ElKXEPvIq7jwbvijC8iwWSadGtK11I7I
.scorecardresearch.com/	1970-01-20 19:14:24	Name: UID Value: 191f5c9c1ce32b3a5da53dd1648656536
.quantserve.com/	1970-01-20 11:27:50	Name: mc Value: 62448098-18faf-55561-ac0e4
.post2baseball.com/	1970-01-20 11:22:05	Name: __qca Value: P0-1599867034-1648656536842
.post2baseball.com/	1970-01-20 04:07:12	Name: _fbp Value: fb.1.1648656536935.370297458
www.post2baseball.com/	1970-01-20 02:40:48	Name: _pbjs_userid_consent_data Value: 3524755945110770
.post2baseball.com/	1970-01-20 10:43:12	Name: _pubcid Value: 99583d4d-594b-454a-a01b-4252035c0969
.rubiconproject.com/	1970-01-20 10:43:12	Name: khaos Value: L1DRJ8Z4-I-9IL
.rubiconproject.com/	1970-01-20 10:43:12	Name: audit Value: 1\|hLZGFuTafB1AyaKIuP978ubASkO6QPb7E03ikE5KqM12XwTgci4QkkqFQWIHk56BiKlhKuI+2RhwqgxJEfnZV3KY++jymV4/vS0K5DUoncURTCJ2VrxKIA==
.adnxs.com/	1970-01-20 04:07:12	Name: uuid2 Value: 142731656017318223
.casalemedia.com/	1970-01-20 04:07:12	Name: CMPS Value: 3186
.adnxs.com/	1970-01-20 04:07:12	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU^Fzuz2!@wnfH8K6pQK`!5=E<*L5?%KB.yK9/6)<[W6F3KiXLvQ)4iF]D@JE?ZYj/E<%nugO%v4VB%nlHK)]`tD
.casalemedia.com/	1970-01-20 10:43:12	Name: CMID Value: YkSAmFZae6ih1.dSoPmPogAA
.casalemedia.com/	1970-01-20 04:07:12	Name: CMPRO Value: 1192
.casalemedia.com/	1970-01-20 01:59:02	Name: CMST Value: YkSAmGJEgJgA
.redintelligence.net/	1970-01-20 04:07:12	Name: 8lcfmzhxc8d6_uid Value: 3f68f1a70ce86244
.casalemedia.com/	1970-01-20 10:43:12	Name: CMRUM3 Value: 2d624480982760CAESEOFMLMe6nWf-FN24CVJ1_oc
www.post2baseball.com/	1970-01-20 11:19:12	Name: cto_bidid Value: UyNszV83VjhBS25lN3pRdkhZRlh4QyUyQjVJOWVzSlZ0SVREbkhyN1N6YTh1YU0lMkZpdXZtUDFZVDJYTWRHMWJjU1MxT2IzVUtFblhva0dpS1o4MlRHdVVFa0hqY0ElM0QlM0Q
www.post2baseball.com/	1970-01-20 11:19:12	Name: cto_bundle Value: 5sSNS19kZEswU2N2NFFITmp1b3BDMlJCbm5PY0tpYVVIVHdzJTJGbWdJeVJPNDQ2aDhBTFBXbFVQZVIzem5Gc3VRM3pYTEVYYmNmZGpjSWtqUUs3d3JrQms5YkJJeDU1TEpTNXVFOEM5czExZEgySXg1SUczc002TTNQNm9tdjJTVk5KWVhN
.doubleclick.net/	1970-01-20 01:57:40	Name: DSID Value: NO_DATA
.awin1.com/	1970-01-20 01:59:02	Name: awpv11524 Value: 296283\|1648656536\|b3f184d0-b043-11ec-92ce-2262d451ce16
.awin1.com/	1970-01-20 02:00:29	Name: awpv22610 Value: 296283\|1648656536\|b3f1abe0-b043-11ec-92ce-2262d451ce16
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 408799:2874697
trf.greatviews.de/	1969-12-31 23:59:59	Name: ads_si Value: a%3A3%3A%7Bs%3A2%3A%22si%22%3Bs%3A36%3A%22b415663e-b043-11ec-8eb3-00155def0803%22%3Bs%3A3%3A%22sit%22%3Bi%3A1648742937%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
trf.greatviews.de/	1970-01-20 19:28:48	Name: cjcookie Value: a%3A2%3A%7Bs%3A2%3A%22id%22%3Bs%3A38%3A%22cjb41581b4-b043-11ec-8eb3-00155def0803%22%3Bs%3A6%3A%22expire%22%3Bi%3A1711728537%3B%7D
trf.greatviews.de/	1970-01-20 06:16:48	Name: mcookie Value: a%3A3%3A%7Bs%3A4%3A%22m316%22%3Bs%3A36%3A%22b41565d0-b043-11ec-8eb3-00155def0803%22%3Bs%3A11%3A%22click_12771%22%3Bs%3A57%3A%221648656537%25%255712300%25%25b415651c-b043-11ec-8eb3-00155def0803%22%3Bs%3A6%3A%22expire%22%3Bi%3A1664208537%3B%7D
trf.greatviews.de/	1970-01-20 02:07:41	Name: ads_pu Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A1649261337%3B%7D
trf.greatviews.de/	1969-12-31 23:59:59	Name: ads_ps Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: co52efmcrwt25hjdpxx4gtkr
pb.media01.eu/	1970-01-20 19:30:18	Name: DTU Value: 627F6A7A50AB42B1012B4019B9E9EAF3
.www.parship.de/	1970-01-20 01:57:38	Name: __cf_bm Value: qAzIIjK1wRrnxxV263fhO0DOH44.vlh0dRKsKNHjA7Y-1648656537-0-Ae6WKUqgdA9XHGNT1+rilAvg7a8xZ1/G3Qkc9Ag3MBCtl7JWKQtXNscYngZUrk6B7fORET0Wdh7pjDR2YUQe5pA=
.post2baseball.com/	1970-01-20 19:28:48	Name: _rollupGA Value: GA1.2.865354860.1648656537
.post2baseball.com/	1970-01-20 01:59:02	Name: _rollupGA_gid Value: GA1.2.1151264558.1648656538
.post2baseball.com/	1970-01-20 01:57:36	Name: _dc_gtm_UA-821370-1 Value: 1
.post2baseball.com/	1970-01-20 11:19:12	Name: __gads Value: ID=7890b78557715ca5:T=1648656535:S=ALNI_MYBgmFBtZJ6dquarbF_KevoZ9FVNQ
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 9d9938d3ce3ed81a
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 19:29:30	Name: bcookie Value: "v=2&6a00a779-5569-4c4c-8320-c38fe71cf5ed"
.linkedin.com/	1970-01-20 19:27:44	Name: li_gc Value: MTswOzE2NDg2NTY1NDA7MjswMjGi/VjQNS2xdzqViD4+TsHp7mjKFk2oUk5IqP2GoEZurQ==
.linkedin.com/	1970-01-20 01:59:02	Name: lidc Value: "b=OGST00:s=O:r=O:a=O:p=O:g=2689:u=1:x=1:i=1648656540:t=1648742940:v=2:sig=AQEi9PBZL5cYDtB7QZ1zFVOTDpHd0nSo"
.amazon-adsystem.com/	1970-01-21 21:49:55	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 06:24:00	Name: ad-id Value: A3xNYmXsxUrilhIW6UCaaVk

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.inlinemanual.com/embed/player.cacb2d9a339b3500c03525980ca2a24c.js Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
javascript	error	URL: https://www.post2baseball.com/ Message: Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11833.1/5213944/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=2327c46ed30ab51;misc=1648656537036;' from origin 'https://www.post2baseball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11833.1/5213944/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=2327c46ed30ab51;misc=1648656537036; Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.post2baseball.com/ Message: Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11833.1/5213946/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=2480098b7dc6814;misc=1648656537036;' from origin 'https://www.post2baseball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11833.1/5213946/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=2480098b7dc6814;misc=1648656537036; Message: Failed to load resource: net::ERR_FAILED
security	error	Message: Refused to frame 'https://www.parship.de/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' https://www.gmx.at https://www.gmx.ch https://www.gmx.net https://web.de https://www.meinestadt.de http://www.meinestadt.de https://www.zeit.de https://home.1und1.de http://blog.parship.nl".
security	error	Message: [Report Only] Refused to frame 'https://www.parship.de/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' https://www.gmx.at https://www.gmx.ch https://www.gmx.net https://web.de https://www.meinestadt.de http://www.meinestadt.de https://www.zeit.de https://home.1und1.de http://blog.parship.nl".
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

008897f264e4f888ec693297d0ad4951.safeframe.googlesyndication.com
8019191.fls.doubleclick.net
aax-eu.amazon-adsystem.com
abs.twimg.com
acdn.adnxs.com
ad-server.eu
ads.yahoo.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
bam-cell.nr-data.net
btlr.sharethrough.com
cdn.ampproject.org
cdn.inlinemanual.com
cdn.syndication.twimg.com
cdn1.sportngin.com
cdn2.sportngin.com
cdn3.sportngin.com
cdn4.sportngin.com
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
cookiesync.mparticle.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900021.redintelligence.net
ib.adnxs.com
id.rlcdn.com
identity.mparticle.com
inlinemanual.com
js-agent.newrelic.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
lockerdome.com
medialead.de
mug.criteo.com
ngin-bar.sportngin.com
pagead2.googlesyndication.com
pb.media01.eu
pbs.twimg.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
post2baseball.com
protected-by.clarium.io
pv.medialead.de
px.ads.linkedin.com
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
s3.amazonaws.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssc-cms.33across.com
ssc.33across.com
stats.g.doubleclick.net
storage.didna.io
storage.googleapis.com
syndication.twitter.com
token.rubiconproject.com
tpc.googlesyndication.com
trf.greatviews.de
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.parship.de
www.paypal.com
www.paypalobjects.com
www.post2baseball.com
adserver-us.adtech.advertising.com
104.154.142.214
104.244.42.72
116.202.48.214
142.250.184.198
142.250.185.130
142.250.185.226
144.76.238.55
145.239.193.130
151.101.1.108
151.101.1.194
151.101.12.159
151.101.2.137
151.101.65.21
162.247.243.147
178.250.2.146
185.33.220.100
192.229.221.25
23.205.235.133
23.205.253.64
23.35.236.247
2600:9000:2057:4a00:17:ff67:4580:93a1
2600:9000:2057:7a00:17:ff67:4580:93a1
2600:9000:206f:4600:6:44e3:f8c0:93a1
2600:9000:224a:6c00:17:ff67:4580:93a1
2600:9000:2251:7e00:7:2cb3:cd40:93a1
2602:803:c004:200::140
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:8173:898f:63b3:95c3:79d2
2606:2800:234:59:254c:406:2366:268c
2606:4700::6813:b979
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:1ec:22::14
2a00:1288:80:807::1
2a00:1450:4001:801::2010
2a00:1450:4001:802::2001
2a00:1450:4001:803::2001
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2006
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9d
2a02:2638::1c
2a02:6ea0:c700::1
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::645
2a04:4e42:600::645
2a04:4e42::645
3.123.114.98
3.64.152.215
34.149.20.76
35.190.13.22
35.227.239.69
35.244.174.68
52.216.22.21
52.46.130.91
52.95.115.196
54.208.212.1
54.76.176.197
67.202.105.23
69.173.144.139
69.173.144.165
85.239.105.10
88.198.250.30
94.23.99.218
99.86.7.79
007f73ba9534e82182d6318dd0164ad724f1fbd034d75f478c5a782fb52086e6
0484085b10d87f5c1786e48f76dccf9fc442a6ffabcccb6558b9692877171471
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2
0627a2a2c6a03f476f123756e01358c2f9be05bc8f227ce1116d7aa07abedb62
076dce4465180be1c967735596bfe0b50016160abe708db7dff71a0f1ad7306e
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1051fa055bd18a2a72d6662b306b32e85dff67683249a87a1252722f6faf49fc
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10e62967e117040f79a0d1d3b4e26b551b64ba8d51d752dd2306468ecad95e1d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
139df69c40bf7ab2f2cc690390c9ac18755f7d37558cd972790df60be2d3655a
167db66a2e1448614d572b5bb0b94ab9493e2e6c9dcdb97d7bb711e07ad01e6c
1818c502c185828aa93a7baa58ec7836bf36a4d968164c8ea9d01f5d680af79a
18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
19e8ed7b3010edddfb885551f4f248a5d0f5afb6b45481b8a7d1adfe4627bfe7
1bbd5928728b36785ccc90646419c0d60749f2492964c4ab1fd1a7bdc7bcb88b
1ce0407eeefe4c4f0cf3d2c5ef545b30d7a4f96fa7d236aac18bb7e9396d4e80
20c1fd17d1447f6b4e763adbb5ddf11fb771a68587b40b2c449ee24423799f31
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
217b9e539bd55ad03f86545c4afc436c1d61f04aa131a4679181a3d30bde9480
2358df9136898a168b0083bf61e0e6726724aec63f4ff5aa95dbef6ffce0ed36
2456a021a8575b4a112f1956318b905b4f9363bc7fa6e56fa1b103ca34e1db62
2851984c6847228569755458bcd54c3c3ea545fc9bd8ff1f0307915a8a35af5a
29f96c5f13c30f1083555ae77b4bfc9f2242fe90f431a820aec33d928d51dab2
2be5558a40480716e17535d285a662d9de3c8fced6b400f7534d6082fe1d3e97
2c799de32442e1c0b0d9784144a0920280ffabde5cea2a633ab9808794195e2f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
30cddf3b884d696dc1b25fc89ea625a7f79479c0d9d8c177b2b84accf3f731ca
30ecb55821b6901e1cd228a4b59a6f640c079e679848272af56c5021dc5aa216
329f0b02e875794b373e79a17cdf8bb64041317a7b09103d49fe4075fd5af978
33a91bd6d378215fcd413c279aa88d48bda6c8b2ef7695892777c87de37de256
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3cb237ac219115e53105b8614aa7f5da228939110d09f82f2fb8770d64da3d5a
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
3e4bd7a7b4cb3ffd4ea31bda0b08027c3fb62456d1a449cf8111fe0fbe0ecba6
3e8e5b1e31f76a49877c009bfa9cfb53b5ad926e5bff5449b8be13108c2c6e92
3f057a1b71e8ce4990ae6e8ff64b7306038339bcf35ba1649365ce6032bcc60b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41fe42a0e40f8fd09d15b1f112973a8a19844de0237e12eacccb6f513bbfb82d
42b43325b3edacba2a0e72b742bdc6fc5e4bc2ad38adca271fcc6d8353639887
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
45286e6d575a00e87e4fbe57e36792202b0dbcac181c7a0aa5c96b352f8485bf
4655288bb36144adf90da3846bdefb707596ed7856d5c30744ddf532556a34a7
46f68eff88b3552e170dc5d87c0bce4ac35fc4d5c81e564691b2b4563b14f0cb
487739c941203283fc25b1bac02b4b8f3d59672e3dec2154f575060206bbb86a
48c9a4d4aa290a866126159687441006eb39adf48ae31e1910aa0f21e0b21376
495f7b5da556b76a1d0dbf2c391a5e0b550b389b634ad97f7083601ce7f643d7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5894f0aa914fad6ac053e0a8affc79e6b293d7b31aed47055f641447ed586fb1
5c5a63a864325e51a1ac832da94644b4ec7d66b70626760014ef7bf8b65ec448
5cb3b13c89eb392d781de5afcdac1a254330bf92211de8490b84af067d9b912d
5cdf81dddc7b67dc094503c96bd3c39c1389e295c900f31219009f08216cd6f0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
639dd237e6350335b327090ce8d6646fae62ed3eb4e29c00d93500a8dd59e102
652be7f9bcf98904a5e9edfa8b9f24b0a39f448696da90b42f6ff3b86fbdb053
65977efaf84c06a1b86765e5477475daf0806ff7c4ae02f4c55c684beacd6f56
675dcd6b9174a58e7a075bdb8b16b49ab0268c38443341ede6f343f4ce92e481
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6a55bf1257a090b4010cfbe331afbcd219f5899b074c79f079ed7661addfe46c
6bbf3fd71f475c927313b0e2f84a6b28b16dd3109adb6cdf7f4ac75e0cce9fbe
6bf203511e34a886eb0c944b6179fd3feed9111344b68d2f9b548ce4793173bc
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
6cd35f67ac10adcf7948c9957995b2c16718a38be6e9073e202cbd1ad042c6d6
6d95fed0a1780cad39166f03d66f244fdd85815642e29961833265d59483c6a6
6ed73631c4766f5bee9fa7befec84527436b0769ec675ac63907a136c37cc31f
6f7fd54429dba3d070fea672e03e2542eddc3d7586e903ca8f30358066b4043f
71c91f812d6ccbdbaa76edd6575a0a6b586c3b36825c8d9a6bcc225cb01fb79c
7377d8a02a260237e0dbfad8640e90d51fec627e3511f255d583541eee557189
76b535ca656ef4154e81ed155529172028686042168bc92a6a5f72793d971daa
78db364b2f6570b486368c48799d5544d83b7ece3add2a08e0237b877092358f
78f90bb517e9515876f4dbb0e72053787bb5ab6a69836f108f3a08393665d38b
79fd5cc9032d23501648bb8b5dbf2649d17b8ba22f8b43652766004bf4bd6816
7c85da40fe4627203945a68181968dacfec7f4171b8c782da52fec5ca96873bf
7de3ec82a4eeda0632635da71a02f74ccf8f31b66f0b609a8d921bf73a47a520
7e1eedbb160bcfa5e821494f80f4b32d6ae3885c78ac64b623009a7a9c73974f
7f0c9296239c800aa70a34bf34e25f9661dc723609175fcc38ed8ba507513a8b
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8009a25c3edf0ec92e8c55776208b427dd373fa274163b035418eaaa30cbb689
821364dc322731eae3330bc0b7b828f27d027fe5e6b7308311c8954710efa52a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8437dd6dc2ff6919bf58f379d673870785ad2cd67a23e0109859aeb7beed337f
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85cceb200bf6c5e72d94ee2a159f4f9f5e4fe187b64792198737abdf5ba5d67b
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8875e0e5a0f6bfaf4d66fde0622a609e9fe7b599adaef3ad01d6d613574c69b1
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8958e7b9939ad41a98b5f7f622007d9c4a0f83768b9b52500991d9bb3fd18017
898370d09678ecce86ce8bf495e2a1d178e203e2934d49ddd1fba541c66d5f08
89958f065628db4a86bd171b1a41f5cf6de047238562b523d524438748453933
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8bbc5a8459aa37192f36e7b6284a54c3e8f1fe50cfd3c19f3df2217b94790800
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
904e20d70e994abdb9e1a7517c4f9588ea2efbe83e6de4f5275d08c58524f153
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
96a8e0be24180feea7bb576beda59048a96bdbf1528f0fe3c487ee6888e07782
9c1231ab76187538185d18dd783f95273bc98ad2628d1fa7ea33f37cdef8ffd0
9e19925e5abd40097ceacd7154d945d9c48d496427771658e93d76a221cbc069
9ea09c2bf7ae6123e3cddf3f1280d0d4f2816aeb8bd2b9b62da08fc5f985c5e3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0315120b66d5141c4d2e381fb5b33602ac16ae8a11d3f9b53073c04ed1e2082
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a26be85074d02f2601f951563662602fc236d93dd6a74a8e34cc193e0dbc72ed
a270890a571f3a15ecd35351623b36410477e53c37889da44f495a1bb57335e7
a2aa7c15e8c98a522281d7ddc905262df85748b446cb0746e3599742e1cde81a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a70dc055a304df8fe52a0adb6828e147dabd89e3177cfa428a25f738394cdb7f
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9287f91b897cbdd4715f9166db5069d26f1c454f6e547583f9e00dfed834e35
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
abe6f6d4300b686a452046c7744a3eafd6d249400e8993b1c69af492e50878ec
adb51473179a53e7025a56e2866e0693be03744cfdfb627cd9f8741037d74a3b
adbfbd073ce574d3bd4b0f5e4fe5ee7ed0f4566273295ee68fdc425a15749d07
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af55c4202cf919eafd0a4780d8f88decb0507e4fc24c1715af49896b4f47c2fb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2443f0371e8cc678a764f68ddc98eae9bb3eec119d48165db018a2adce355dd
b3956c2b8197db082bee6326f58fbc11f76f37174d5809f3ceee9553f0b1e8fb
b3f9eef591e70315cacf7e7ba47853097fd87f49f2b2da698376c9872b12d9b5
b47c58784a4482652b469c038e3de37b248e1a6fa7b39a546fb1a11d8a3e7196
b8e050c7571cd6cd92f14a60c05158b7a1f1bf39a51083bb085ed548197bb47f
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
bb5a54ac4d8693b77ce6112dfd9dbf99bfe25be82e2078517705c0a36340fcfb
c045fa37655cd5222b72999720e1caa0ced01e62b4b71a286df10259d442e994
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c64d226a7d1d5a7e4b5d9f4d485ee8261082044eb39b778b9d1e56b40c561632
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c6d525ed10ffdd03111f29cb2fa381c51e097e5da3691aedbc8cfaa7d7dd61a4
c7ff5dec5b89b77775951a47704a7bbed6ed5eef0b5e12981fec5f01842d0dd7
c95da39b306aa00d303f4420dc51c8f96de5789042dcd83203c5709557e8f0eb
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0
cb23a578a888ff383ba230006154f852c45e550e880e333730ef7e6bfd6c9899
cf549b33cb314e67d8f9f5ff1c533c8d19fbabe8078cedb8955abfd9af94224f
d14d732f8caf915919ff661157edc3456a85f408b7a3c5ee1e21357e7df07e1a
d172930433bd09b2fa09705b2299dd2cf8e975f358fa41405b3c2e0fe5eae56d
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367
d82b37a13080bf6d6ae35063aa789f6d9c9957224f12f767cd87121845a8a554
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
daeaed49a53701e7167271bd11c1e6e693d75f9f156a7e8195ad2f5ee57b2acd
dd8302d6cb76d7e66e00b08e9b4213e0b937fd3c50a9002b4c298d980a12a87e
dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c
de1181f41768ba586b56062bdbb4d88400edddf9c48cd78015069b76bc3758c6
de54b755d56707390c3dac89eb83a5db23b4be2bf97aed43e2a112ded92b9e84
e042f7b9638fdd28d660eb5a9552b5192f96a1131c0e28c3f63666c9b9deebfe
e1aa73fe50a4957f50bad80b0262cae0010d4c47807e56bbfd300ae9f228c5bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4215ab5ce77f9da4c8eaef538637c6bf35b29b9904d58cf032c1a0b35c1bd7e
e501b764154bb03349212dc9e9a116f851bf88206baefbe4790945975907c878
e6db06e627db90c1eb45204ef89fcabfc4e948e34e35bffac08ded8156e790ca
e73edd987009c1dd2e056890c08b795abd3d8b52879296f67ee5e92bf6b9b37c
e8658c71acd58975d2a5151eece7caf2e90c1aa46070bbeeac4f3978a64ab2bc
ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ed80cf883403dfeaf08daa47d162cb630bd7d6c22e693ef5b9c45a8cf6d9b689
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1dfcd3398944b875bbad4a743d5e624fa4639d43e78526e9224c6e7f5a16c6c
f2b40f432dbaf1c1dfecdca678eec2b4dae4c4e0fe24bc49b031cdd758993513
f332a03f201e9067f99a92dce5922b5606eafb2f00e4b03f676c417b50588125
f34ab05d647a9204a59a7502c821d4486855a902e74c489f7f7f4673be891b69
f3bc1ce421d9351c51d3f511aedaa2c4bfd8293d9bd17c126f1b5b2f5a6a0f99
f79fa70ddb6e51192937bed0c8f91a337d956cf2c4ab3c64bfa7ef152824772e
f7b9a61e6fc00f0df348cc69db0ef6f1def0525ad5a05a7fef69439e4c3dfaa7
f85229ccb1304b88cc44cf3cbeb5fba86f62b6a08b28e97b1a7a8c6f1be0e447

www.post2baseball.com Open in urlscan Pro 54.208.212.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

261 Requests

92 %HTTPS

49 %IPv6

49 Domains

81 Subdomains

69 IPs

7 Countries

7429 kBTransfer

14136 kBSize

52 Cookies

15 Outgoing links

Page URL History

Redirected requests

261 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.post2baseball.com Open in urlscan Pro
54.208.212.1 Public Scan

Screenshot
Live screenshot

Full Image

261
Requests

92 %
HTTPS

49 %
IPv6

49
Domains

81
Subdomains

69
IPs

7
Countries

7429 kB
Transfer

14136 kB
Size

52
Cookies

261 HTTP transactions
15 data transactions