urlscan.io logo urlscan.io
SecurityTrails logo

www.gmflmidland.org Open in urlscan Pro
2a02:26f0:dc::213:c51b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gmflmidland.org/
Effective URL: http://www.gmflmidland.org/
Submission: On March 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 56 IPs in 10 countries across 48 domains to perform 185 HTTP transactions. The main IP is 2a02:26f0:dc::213:c51b, located in Vienna, Austria and belongs to AKAMAI-ASN1, NL. The main domain is www.gmflmidland.org.
This is the only time www.gmflmidland.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.209.131.242 14618 (AMAZON-AES)
26 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
19 52.216.41.0 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.32.121.72 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 13.32.121.17 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 35.227.239.69 15169 (GOOGLE)
3 2620:116:800d... 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.1.11 44788 (ASN-CRITE...)
2 2602:803:c003... 26667 (RUBICONPR...)
1 18.196.141.24 16509 (AMAZON-02)
1 3 185.89.211.116 29990 (ASN-APPNEX)
1 104.154.142.214 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
11 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.18.13.14 13335 (CLOUDFLAR...)
2 2 3.75.62.37 16509 (AMAZON-02)
6 11 2606:4700::68... 13335 (CLOUDFLAR...)
2 5 69.173.144.165 ()
1 2600:1901:0:7... 15169 (GOOGLE)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 185.64.189.115 62713 (AS-PUBMATIC)
1 1 185.64.189.110 62713 (AS-PUBMATIC)
1 188.65.124.66 ()
1 2 2001:678:cb4:... 56396 (AMOBEE)
3 10 142.251.208.130 15169 (GOOGLE)
1 1 185.29.134.244 30419 (MEDIAMATH...)
1 1 2600:9000:236... 16509 (AMAZON-02)
2 3 51.75.86.98 16276 (OVH)
3 3 213.19.147.45 26120 (RHYTHMONE)
1 34.98.64.218 396982 (GOOGLE-CL...)
2 2 185.80.39.216 27381 (CASALE-MEDIA)
1 1 34.240.188.129 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 34.240.23.125 16509 (AMAZON-02)
1 54.73.101.116 ()
1 2 2.19.44.80 ()
2 2 142.250.185.198 ()
2 2 84.200.5.215 ()
1 167.233.13.224 ()
1 2606:4700::68... ()
2 104.109.78.125 ()
1 23.35.236.188 ()
1 67.202.105.21 ()
2 3 52.95.126.138 ()
4 4 69.173.144.139 ()
1 2620:1ec:21::14 ()
2 3 52.46.143.56 ()
1 1 2a05:d018:d29... ()
1 15.197.193.217 ()
185 56
1    3.209.131.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-131-242.compute-1.amazonaws.com
gmflmidland.org
26    2a02:26f0:dc::213:c51b (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
www.gmflmidland.org
1    2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2a02:26f0:6c00::210:ba3b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.leagueathletics.com
19    52.216.41.0 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
4    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    13.32.121.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net
b.scorecardresearch.com
3    2a00:1450:4001:82b::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
3    13.32.121.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net
sb.scorecardresearch.com
4    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
10    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    35.227.239.69 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 69.239.227.35.bc.googleusercontent.com
storage.didna.io
3    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    2600:9000:223c:1a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    18.196.141.24 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-141-24.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
3    185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    104.154.142.214 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 214.142.154.104.bc.googleusercontent.com
lockerdome.com
2    2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
11    2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
19913099f1504574a15349449b422489.safeframe.googlesyndication.com
1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com
9    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2606:4700::6812:ddb (United States)

ASN13335 (CLOUDFLARENET, US)
tags.expo9.exponential.com
3    2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
11    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
1    104.18.13.14 (None, )

ASN13335 (CLOUDFLARENET, US)
a4.tribalfusion.com
2    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
11    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
5    69.173.144.165 (None, )

ASN- ()
pixel.rubiconproject.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
12    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    188.65.124.66 (None, )

ASN- ()
public-prod-dspcookiematching.dmxleo.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
10    142.251.208.130 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s42-in-f2.1e100.net
cm.g.doubleclick.net
1    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2600:9000:2362:200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
3    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
3    213.19.147.45 (Castricum, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
1    34.240.188.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-188-129.eu-west-1.compute.amazonaws.com
aa.agkn.com
1    2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    34.240.23.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-23-125.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    54.73.101.116 (None, )

ASN- ()
beacon.krxd.net
2    2.19.44.80 (None, )

ASN- ()
www.awin1.com
2    142.250.185.198 (None, )

ASN- ()
ad.doubleclick.net
2    84.200.5.215 (None, )

ASN- ()
www.telefonica-partner.de
www.lead-alliance.net
1    167.233.13.224 (None, )

ASN- ()
partner.o2online.de
1    2606:4700::6812:7e05 (None, )

ASN- ()
www.conrad.de
2    104.109.78.125 (None, )

ASN- ()
eus.rubiconproject.com
1    23.35.236.188 (None, )

ASN- ()
acdn.adnxs.com
1    67.202.105.21 (None, )

ASN- ()
ssc-cms.33across.com
3    52.95.126.138 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
4    69.173.144.139 (None, )

ASN- ()
token.rubiconproject.com
1    2620:1ec:21::14 (None, )

ASN- ()
px.ads.linkedin.com
3    52.46.143.56 (None, )

ASN- ()
s.amazon-adsystem.com
1    2a05:d018:d29:3602:5605:49d6:f1da:885d (None, )

ASN- ()
pr-bh.ybp.yahoo.com
1    15.197.193.217 (None, )

ASN- ()
match.adsrvr.org
Apex Domain
Subdomains		 Transfer
27 gmflmidland.org
gmflmidland.org
www.gmflmidland.org
311 KB
23 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 741
a4.tribalfusion.com — Cisco Umbrella Rank: 27902
s.tribalfusion.com — Cisco Umbrella Rank: 1813
19 KB
23 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
19913099f1504574a15349449b422489.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 140
1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com
99 KB
23 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 202
ad.doubleclick.net
312 KB
19 amazonaws.com
s3.amazonaws.com
584 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 27714
ad4m.at — Cisco Umbrella Rank: 9563
assets.ad4m.at — Cisco Umbrella Rank: 36511
820 KB
13 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 450
pixel.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
15 KB
8 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 306
fonts.googleapis.com — Cisco Umbrella Rank: 36
storage.googleapis.com — Cisco Umbrella Rank: 398
221 KB
6 amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
4 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 73
2 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
acdn.adnxs.com
20 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 378
mug.criteo.com — Cisco Umbrella Rank: 2719
1 KB
4 scorecardresearch.com
b.scorecardresearch.com — Cisco Umbrella Rank: 4960
sb.scorecardresearch.com — Cisco Umbrella Rank: 152
5 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 712
824 B
3 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 725
simage2.pubmatic.com — Cisco Umbrella Rank: 668
1 KB
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 265
pr-bh.ybp.yahoo.com
1 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 183
124 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 980
pixel.quantserve.com — Cisco Umbrella Rank: 779
cms.quantserve.com — Cisco Umbrella Rank: 654
10 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6149
adservice.google.de — Cisco Umbrella Rank: 8947
1 KB
3 leagueathletics.com
www.leagueathletics.com — Cisco Umbrella Rank: 44384
25 KB
2 awin1.com
www.awin1.com
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 198
2 KB
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531
2 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 510
2 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 755
r.turn.com — Cisco Umbrella Rank: 3104
869 B
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 98313
static-de.ad4mat.net — Cisco Umbrella Rank: 125900
4 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
20 KB
1 adsrvr.org
match.adsrvr.org
265 B
1 linkedin.com
px.ads.linkedin.com
672 B
1 conrad.de
www.conrad.de
1 KB
1 o2online.de
partner.o2online.de
1 KB
1 lead-alliance.net
www.lead-alliance.net
435 B
1 telefonica-partner.de
www.telefonica-partner.de
261 B
1 krxd.net
beacon.krxd.net
338 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 481
477 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 422
304 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 957
576 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 701
442 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 459
861 B
1 dmxleo.com
public-prod-dspcookiematching.dmxleo.com
123 B
1 exponential.com
tags.expo9.exponential.com — Cisco Umbrella Rank: 10970
14 KB
1 lockerdome.com
lockerdome.com — Cisco Umbrella Rank: 11632
338 B
1 33across.com
ssc.33across.com Failed
ssc-cms.33across.com
1 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 948
161 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 924
632 B
1 didna.io
storage.didna.io — Cisco Umbrella Rank: 124716
3 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
52 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 693
6 KB
185 48
Domain Requested by
26 www.gmflmidland.org www.gmflmidland.org
19 a.tribalfusion.com 4 redirects tags.expo9.exponential.com
www.gmflmidland.org
a.tribalfusion.com
19 s3.amazonaws.com www.gmflmidland.org
11 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com
www.googletagservices.com
10 cm.g.doubleclick.net 3 redirects 1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com
10 securepubads.g.doubleclick.net storage.googleapis.com
securepubads.g.doubleclick.net
www.gmflmidland.org
www.googletagservices.com
9 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com
6 assets.ad4m.at as.ad4m.at
5 pixel.rubiconproject.com 2 redirects a.tribalfusion.com
4 token.rubiconproject.com 4 redirects
4 ad4m.at as.ad4m.at
ad4m.at
4 as.ad4m.at 1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
4 www.google.com www.gmflmidland.org
tpc.googlesyndication.com
1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com
4 fonts.googleapis.com www.gmflmidland.org
3 s.amazon-adsystem.com 2 redirects
3 aax-eu.amazon-adsystem.com 2 redirects
3 onetag-sys.com 2 redirects www.gmflmidland.org
3 s.tribalfusion.com 2 redirects a.tribalfusion.com
3 www.googletagservices.com securepubads.g.doubleclick.net
a.tribalfusion.com
1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com
3 ib.adnxs.com 1 redirects storage.googleapis.com
acdn.adnxs.com
3 sb.scorecardresearch.com www.gmflmidland.org
storage.didna.io
3 storage.googleapis.com www.gmflmidland.org
storage.googleapis.com
3 www.leagueathletics.com www.gmflmidland.org
2 eus.rubiconproject.com storage.googleapis.com
eus.rubiconproject.com
2 ad.doubleclick.net 2 redirects
2 www.awin1.com 1 redirects as.ad4m.at
2 dpm.demdex.net 2 redirects
2 dsum-sec.casalemedia.com 2 redirects
2 sync.1rx.io 2 redirects
2 image6.pubmatic.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 fastlane.rubiconproject.com storage.googleapis.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 www.google-analytics.com www.gmflmidland.org
www.google-analytics.com
1 match.adsrvr.org
1 pr-bh.ybp.yahoo.com 1 redirects
1 px.ads.linkedin.com
1 ssc-cms.33across.com storage.googleapis.com
1 acdn.adnxs.com storage.googleapis.com
1 www.conrad.de as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 beacon.krxd.net a.tribalfusion.com
1 static-de.ad4mat.net as.ad4m.at
1 aa.agkn.com 1 redirects
1 us-u.openx.net a.tribalfusion.com
1 sync.targeting.unrulymedia.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 sync.mathtag.com 1 redirects
1 cms.quantserve.com 1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com
1 r.turn.com www.gmflmidland.org
1 ad.turn.com 1 redirects
1 public-prod-dspcookiematching.dmxleo.com a.tribalfusion.com
1 simage2.pubmatic.com 1 redirects
1 prod-rtb.ad4mat.net www.gmflmidland.org
1 a4.tribalfusion.com www.gmflmidland.org
1 tags.expo9.exponential.com securepubads.g.doubleclick.net
1 19913099f1504574a15349449b422489.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 lockerdome.com storage.googleapis.com
1 btlr.sharethrough.com storage.googleapis.com
1 pixel.quantserve.com storage.didna.io
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com storage.didna.io
1 storage.didna.io storage.googleapis.com
1 www.google.de www.gmflmidland.org
1 b.scorecardresearch.com www.gmflmidland.org
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com www.gmflmidland.org
1 ajax.googleapis.com www.gmflmidland.org
1 code.jquery.com www.gmflmidland.org
1 gmflmidland.org 1 redirects
0 ssc.33across.com Failed storage.googleapis.com
185 77
Subject Issuer Validity Valid
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2022-12-06 -
2023-12-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-12-30 -
2024-01-28		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
storage.didna.io
GTS CA 1D4		 2023-02-03 -
2023-05-04		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
quantserve.com
R3		 2023-02-13 -
2023-05-14		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.lockerdome.com
Go Daddy Secure Certificate Authority - G2		 2022-09-27 -
2023-10-29		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-07-03 -
2023-07-03		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-02-11 -
2023-05-12		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
www.awin1.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-18 -
2023-04-19		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh

This page contains 26 frames:

Primary Page: http://www.gmflmidland.org/
Frame ID: 445897A2CA8BEF6689B9929EC6254C4E
Requests: 81 HTTP requests in this frame

Frame: https://storage.didna.io/didna_trackers.html
Frame ID: 1B68835E4BD4EDCC2B11C482E7DABDB7
Requests: 6 HTTP requests in this frame

Frame: https://19913099f1504574a15349449b422489.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DF5D392DE1ABE0F3D5322B4D78080471
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunKoT3kZUirAFz9AIlhz2C57G_IMIKOeMQY3kOp3_6k3ZsoEwtA8PEg8eVRIr6H9QegkQxcC2U73wy3M-pwZy1nWoQqnPjoxpm47Wf6k6mP1chbHYy687kYyO9fV5ZuJdFta97EqdxioDDIza_xtbZWzUOTh101XYoqSHpDJCLGiotHCa3uHQP3_GcuV2jptRzUeu2TYTDZhzpM_X9RlpRfqNpI5g3wzKhjThPkXqDk2iLVxdJhw-s91BFRsQYyJk_AMhIY5j1LtFVaT25bC3aqSJjYzkmWnnXjBSvUWiL_p2bXWINfAR1Is-r5V53KAU9C8p7Y5O1d7hitb_zOgK8Lqes7HlJa7c-aXE91c5bdAIjpaEyvg&sai=AMfl-YQxtNbhUM1DsKnS5FTFmR3nMbx7nBrOyr2uqNeLgvXr8z6wKzMlr4wzcJb8i4DSJ7l8rGWaYQYPbBL1JYlxKjByN8_8RBN4kjGYtIZV3WMBkWspiHVqtlkP9obRUAhKE0R5rs31KExiLkxt9w0&sig=Cg0ArKJSzLjCD6mAgFvDEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: FB2ECF74E7E471AFB2D5C90D0EA78327
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 90BF086823E717FEFBED75DFC695B24A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3FB2EBE3D1A42BBEEE6070DEF4AB4268
Requests: 2 HTTP requests in this frame

Frame: https://1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 78AD167B9BFF4EE9AF9D273323D321F1
Requests: 1 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=akmU0hWUY0TtQ2nUYmPU7t1Enp3Eji5TYRmEBDYb78WHf0mPvZcnV7sptrK5TY85tay3P7ZanrbZb0V7PYsUV0VbonaZbT3UYRTFvBUA3TQa3QQsZbrSdby0djtT6vp2GB5XrBJVmqv2A39R67K3tvMXHvZbpdZav4PMP5Gr7TsJdUcb8RAFvWdn3TUj52bEmVTjmTTn6QaMHQGbZbPbIoSW7iUVb52Fy4mWqOOQQyM8EGtGrtt87RKQ&mediaDataID=6347136&mediaName=frame.html
Frame ID: 994FC1528251E71604D48736CA77E243
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=almU0hWrbY5bEnUaMrVEMcSTZbZdRsjIQFAvRW3dWGQT2FqvmtamXaeO3WvZaSV7Zc2m3FmtAsTWQ80r7aYFJ90qeNRUMHUU34TtBXorjxQrZbNYTFp5TJh5Tr3oT7IYFU9UdnRoAnCpVnnmHrJ2av95dIp3AfZbmFYZbXsnQYsF2XG7nnEvU5Un2TrjGUPYYQabXScroQHftYdZbtVmUu3cBU0UZbDVmm546ZbetFEFMRisyWBxOFdK0r&mediaDataID=8039566&mediaName=frame.html
Frame ID: C15B0FF4EA5737510D682D436DC713BE
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aAmU0hTFfHUAv5RTn3SsBqSt7uYd7rW63p2cM4XFvIVmuu4A3dPmMG3dQyXHUCpdIm3mYS5sj9VsBdWsj8RAYnUWnWUr725bTtUqQvWqnlQEBKScJZaQUmsPHMiWcbU4binodiy0auu4dvZdPcBZc26nKmdItUdj8XUnbYFYfXaiMRrJGWUrSWWnXnUfvQrrt1EMp5afc2qU3mEZbDXbUfWHMXoArans7wU8PGyBiextmFpWmRVE&mediaDataID=6546596&mediaName=frame.html
Frame ID: 417BA0CF0865A078D951602292E8E2A0
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aBmU0hTtQ4orJnPFBtXavr3T7d5Er3naFIYbf8UWJSoAMDnVnroWfF2qQ85day3AjEpbMZcXGfS1sZb20VfnnEb33bnVVFjZbUAf1REYQPGrMQdUw1HBsWmny4s3UXbZbJTP6m2PUhRmjB4WQO1trCptaO36QR4GQ9TVQcWsMePP3oUtFVWrJP2FioUa3sWqJcSTvKScjARbZasRWQdVGb52F6xode0XEepxC2AmDTFumJynLpwdH&mediaDataID=6719746&mediaName=frame.html
Frame ID: BE3DF655DDDC10C68A77833EA382007B
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aCmVCG5bEnUqrsVaFaPEnZaQVfZcQFqoSWYiWGYT4UTmod6MXauy2tbDPsfZd263EmdZaNVHJ7Xbfd1FQf0qaMRrUZcUbrYVtUUorYqRUJNXaMy5EUi5aQ3mqjH1rBgTHnToPbBmGnopWYF5EUe5HeN5PrEnrvEXsfWXGZbT1VZbnnTbQ2bQWVUjEUAvTPTb1ScQMPWUx0dJxV6YN4sUUYFnIUAau5mn8Q67E4WZbOXWBAnVuv36Ayw8Pcp82ZbUb7Y67ORXZa&mediaDataID=5578346&mediaName=frame.html
Frame ID: B735FC31B9C352E587C75E577A5FFF79
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aDmU0hUAv3REMYQcrmPdYyYtBrVmrw3cvUXFnIT6Xn2PYgPmjF2HZbp1d3DptIn36U13cr6TcJaUsreRAUoUtY4UFJ03bEpUqbsTTrlPqvFSGQKQriqRWv9UVv54r6nmHur0qmm4trESGfZa5PMFmt6nVWB6YUUdYbBe0qqtPbQZbUFBXTtMWnbjpQrJtXaFr3Tjh4T3PoEJHYbb8TWMXoAfBpGM5otfJw7qkyoQtvAvMtGRZahR&mediaDataID=5436426&mediaName=frame.html
Frame ID: 494BA228795372D438EF15B9A9A010A7
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aEmU0horJoRUjr1T3r5TFj2aU5nTJCXrjfUWBSmP3KpGruoWvG3TZbj2HiM3PjEprnG0VnPYcF5XVnxnEf43FY5VrFEWAv4REj4ScnMPWjr1dvtVPMw3Gn00UQDTAim4mB8R6bJ4H3qXW3AmHem3mvT3sM7UVraWVbfRAFuWd33UbM15beuVTUnVaBdPqBZaQVfZbPFExPWU9WGUT5U6xodqO0qqV2WbZds9ZaDOreZcTdXHnayUyM&mediaDataID=6530936&mediaName=frame.html
Frame ID: 8570CC83EE30129DDC7D034C20B09E03
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aFmU0hUqrmTTQcSEQIQG3LRrIrPWU8WG354U2mmtAq0qyn2trAQVrA5AUEmtZaOVWFf0rnaYUYgXqytRrYZbUF3PVHM3mrJoRUMn1Evy4qja4q73mqjLXrbcWH7XmmfLncjmmHnK5T3g5tiN46ZbEpb3J0GvQXVv50s7wnEvT5U32VUnFUAUTQEQ2PsnOPWUyYtBtVPYn4cr0XFMIU6iw2PZbeR67l2dZbOMouZdP8Mxv6B8pPSBJP&mediaDataID=7665496&mediaName=frame.html
Frame ID: 9C6DE44274B57C7AF874AEA01462116A
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aGmU0hREMXScUtQW7N0tBnT6Qn3GJ4XFrDT6Pn4Av9R6fI2H3m0HBZamWAn3mU03sveVsQdWcMhPAZbuUtU3Ub7S3UeoWqrnTTB6STMFRsfCPbusRtQaVsYP2FyxmWqrXTav4dMZaSVbH2mUHpHiNVHfc0bvbXbbg0TisRrJHWUYSVdJ2orbxQrvrXEvn4qUj2aY3maBK1b7cUWZbSnPfBpG7wmHri3qZb7wRJnNFXZdWrbOmhWqfe&mediaDataID=6807466&mediaName=frame.html
Frame ID: 9669DB146BB049E3EFF4BD13ACA8659B
Requests: 2 HTTP requests in this frame

Frame: https://1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 07058204ADCB775EAEFBA605F54D8F7D
Requests: 10 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1htyjd1xr5qeapentmpz60q2xb5tcyhty1gx79bpg4d927rnw67jhmnae1zxz7hjthrzf78fe39xwwskc7zcebc4hndjjdc6d9ar74r9q61gm2wn84vxep9atp0830313skd771bzkjdta2dr6jw4vxt6ad4h4gypzfar9smrjcsqr0yze2apcg4n00tm37ant4b7jhx05t7m4y6zn1p77pdtth93nsh5c2bkjdvpxjxvhqq00fgwrkcf9qq7raj24y6whvh4swd2vwakz8t44892d5s945dfy66q9ksgpdnp38sby6szsehhthhzjxc56dk10424p3kex116s2nmqqntke0g0fsw24q3w54kfrsyy0j5bpp25s432gt9hb3g7mmdbafbv8fz2yymj4zj9q57j5syj8zfbssg7tq1s7ccq1s7ghqpqqjm40pv4n77aex52m6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbIhond3_Y-b7AcXd7_UP0MOwwA2Q4YGEXLaoworwAsCNtwEQASAAYJWKnoKwB4IBF2NhLXB1Yi04MjcyNzg2OTk3NjEyNTY4yAEJqQIPm8x7O-ixPuACAKgDAaoEjwJP0Cv8LrVjrBokdlGo3KFZ6hzRw5flhNmuuum6XIUsTZ9FcYbbILdFkWGuwp4GuecKLf28Y54-lrsx5RIjEbHoSWmOclXg5cI1c10I-TSB3svrT-SBy3PLefKgQnNol-d6RbcSS0fapIpW_7QAfAFPdRTy67NGiprJtaRNc05-1ZFEc9aozEidURoATRmgHWhXdB120PTrzQz08rayIazZoyBpOlLzGpUPBB6u0Bu28SXCa0vjfLfMTqjvdj9tJUN8HhzhtPPE6nmtXAqY749sVPxYA11FvysxUehG7H-xo_WzLO4pfDGTokyq1hqBSU9j6aS0dEfuDJmJ6HnU--dFL1HEXdgGTBjatudKS1WZ4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2zyaSZLoaDzW2mtWLJC1nNeyIy6w%26client%3Dca-pub-8272786997612568%26adurl%3D
Frame ID: 77E94A59372977709BC7104E6950609D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E0F04ABE435064E7FB6DDFE180AC641C
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 7679B93D5F1E91B7F451AA23BD4A357D
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=3ea213648c37644f8268ff6520ffa643%2F7937108062669416689&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677712797518&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k89tmp6k36n1qrr92bamaxkex19v7c5dxwh8gvhxt7fespf82zt71fn6rpc740d1ws347fceea5v9zg4bpaxaz9vx40dchb4epyw5a830t358a5mqpsy7njch4531hyn0dz8y4d9q8jf4yvp9maqw2fgt6qhq26m6b6bcxkty4qdt9jsdft0w9dnz7mc2jwa4bd7fp48darshkzc7m7v9epzcsrz0asjtps1pnev3kxc6qs4bh2y8f18qdnc01qsnzz5e9fzfpvvanzb6rzq3ja%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbIhond3_Y-b7AcXd7_UP0MOwwA2Q4YGEXLaoworwAsCNtwEQASAAYJWKnoKwB4IBF2NhLXB1Yi04MjcyNzg2OTk3NjEyNTY4yAEJqQIPm8x7O-ixPuACAKgDAaoEjwJP0Cv8LrVjrBokdlGo3KFZ6hzRw5flhNmuuum6XIUsTZ9FcYbbILdFkWGuwp4GuecKLf28Y54-lrsx5RIjEbHoSWmOclXg5cI1c10I-TSB3svrT-SBy3PLefKgQnNol-d6RbcSS0fapIpW_7QAfAFPdRTy67NGiprJtaRNc05-1ZFEc9aozEidURoATRmgHWhXdB120PTrzQz08rayIazZoyBpOlLzGpUPBB6u0Bu28SXCa0vjfLfMTqjvdj9tJUN8HhzhtPPE6nmtXAqY749sVPxYA11FvysxUehG7H-xo_WzLO4pfDGTokyq1hqBSU9j6aS0dEfuDJmJ6HnU--dFL1HEXdgGTBjatudKS1WZ4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2zyaSZLoaDzW2mtWLJC1nNeyIy6w%2526client%253Dca-pub-8272786997612568%2526adurl%253D&y=1&s=&z=0
Frame ID: EF3522A2F80C1402BE3DBD01BEABFC2D
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 94B08B6BD807ED2040122C892A785C35
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C144C08565B42FE7059827F813B3A42A
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cQGneY9Z4r6BaCaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: F0AC2B86B890E683E92FBA163F4C3DFD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0E58BB39A0A87F49EC29C681B73420E9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BCB63BEF567F996E787387D48C2F112D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Greater Midland Football League

Page URL History Show full URLs

  1. http://gmflmidland.org/ HTTP 301
    http://www.gmflmidland.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

185
Requests

60 %
HTTPS

49 %
IPv6

48
Domains

77
Subdomains

56
IPs

10
Countries

2668 kB
Transfer

5155 kB
Size

34
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gmflmidland.org/ HTTP 301
    http://www.gmflmidland.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 73
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwww.gmflmidland.org%2F&domain=www.gmflmidland.org&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=ctJ9HXxyQklnelV4ejRCNllzem5jdkd0US9pUTFHNmFIYmtNUWhEeGdsVVpSUk5iRi9ibkNXbmxuYVpTQ25Ga0JoR0ZpYlYybkc4QVA2dDNDdWMxazkrTlhkQVdUcXFUNFF5ekk2ODVESzJTNkVEQlZRZERSazBCQmdINEJ4TEhaVG8wZ2hxSGRKU0hiUTVjT0VnZzdJVVdKVnVZKy9wYkJoV0gxOWEzd0dXN1ZDZGNhKzVicS9scEFZM05yUU9qd3JwVG5icE93S2p3M1VjbVRQaHA4TjQrblpObjJBank2L1JUNVo1WjFqN0IvY3NqRTRJRFRWUzVRN0JYSEVIeWlsSHJTfA&cppv=2
Request Chain 118
  • https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662249692265348&_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662249692265348&_origin=1&redir=true&verify=true HTTP 302
  • https://a.tribalfusion.com/i.match?p=b17&u=y-7LbDKtZE2uhFxVeqan1cu4qtJ6GtRr4-~A HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b17&u=y-7LbDKtZE2uhFxVeqan1cu4qtJ6GtRr4-~A
Request Chain 119
  • https://a.tribalfusion.com/i.match?p=b10&u=18072662249692265348&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b10&u=18072662249692265348&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662249692353077&expires=180
Request Chain 130
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662249692265348%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662249692265348%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D&rdf=1 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662249692265348&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_UID%7D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b11&u=11AA7A7C-0CF6-4AC7-8351-B8CBA6A685A1
Request Chain 131
  • https://a.tribalfusion.com/i.match?p=b24&u=18072662249692265348&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b24&u=18072662249692265348&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662249692379025
Request Chain 133
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGPWVzVtrYPitTVQ8vxJgf4&google_cver=1&google_push=Aa02lx-I9oY0WyNngkyMQW2udnvPRb8yI4AsRa9v8uPlo2q_ldJf2V2EcAw6Q5sUYJoyQTfGl5_-l0tAlJSzu7ni0ZfznWU3uMQemw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzk2MzI1NjM4NTY0NjE3MjU1NQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGPWVzVtrYPitTVQ8vxJgf4&google_cver=1
Request Chain 135
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBi5KAQdLMEp-GRHDR008L0&google_cver=1&google_push=Aa02lx_-viYVE1b8FUTZFqyU6C3JGc0G1rO0NentPJUG23VVROSAZ25XCn-o3rQgTe2D25vXkQiJo2MNxMWS9IZH4v7OfQG5dNFk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_-viYVE1b8FUTZFqyU6C3JGc0G1rO0NentPJUG23VVROSAZ25XCn-o3rQgTe2D25vXkQiJo2MNxMWS9IZH4v7OfQG5dNFk
Request Chain 136
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPasP0Pi81bLYiuzJZXO_tg&google_cver=1&google_push=Aa02lx-5Cw5F_sWOUTCmYhZP0FixZCYwzEwMnRrKkp-8pnweVIIr5r7n36Ednqii7wgeZDKp0nCqdJoti0dm5yyvNL6sqIKE3xZcKQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx-5Cw5F_sWOUTCmYhZP0FixZCYwzEwMnRrKkp-8pnweVIIr5r7n36Ednqii7wgeZDKp0nCqdJoti0dm5yyvNL6sqIKE3xZcKQ
Request Chain 137
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFqGq4EB3kJVwZutXkSDc14&google_cver=1&google_push=Aa02lx_KcxjjDaofEYsheXjTg9AtM6-FDf7YTsNWGZjWtv7r0nZB7mCVq2FD2pnTxBTFkdtKgHt6Ox9ZUlJWsAEPJYLhKgoef_wO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_KcxjjDaofEYsheXjTg9AtM6-FDf7YTsNWGZjWtv7r0nZB7mCVq2FD2pnTxBTFkdtKgHt6Ox9ZUlJWsAEPJYLhKgoef_wO
Request Chain 138
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEOLelXf0Oyqjzj2bvfIVkfE&google_cver=1&google_push=Aa02lx_4D-DyrIP1Q1B1oJxMgXX3aw1X_lNi_YwEUUiOPiMEH_BUwjZPXAP5LksBVXZP2v-pQlffrZwEFCYtbqlrK5EE9Q5ZdUKMVg HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx_4D-DyrIP1Q1B1oJxMgXX3aw1X_lNi_YwEUUiOPiMEH_BUwjZPXAP5LksBVXZP2v-pQlffrZwEFCYtbqlrK5EE9Q5ZdUKMVg&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1677712797413 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d1369838-ba92-42d6-810a-968aa3c173ae-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx_4D-DyrIP1Q1B1oJxMgXX3aw1X_lNi_YwEUUiOPiMEH_BUwjZPXAP5LksBVXZP2v-pQlffrZwEFCYtbqlrK5EE9Q5ZdUKMVg%26google_hm%3DA9E2mDi6kkLWgQqWiqPBc64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_4D-DyrIP1Q1B1oJxMgXX3aw1X_lNi_YwEUUiOPiMEH_BUwjZPXAP5LksBVXZP2v-pQlffrZwEFCYtbqlrK5EE9Q5ZdUKMVg&google_hm=A9E2mDi6kkLWgQqWiqPBc64
Request Chain 139
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFqGq4EB3kJVwZutXkSDc14&google_cver=1&google_push=Aa02lx92U6wllitJCwpaE0ofGtlRF08fd7CKY1DmnUxgq7QPjrBaTC8c35DT4Hz4RCjuUxq7g0RIFyy9KZBAABSfZrP_OK8Ov0xctQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx92U6wllitJCwpaE0ofGtlRF08fd7CKY1DmnUxgq7QPjrBaTC8c35DT4Hz4RCjuUxq7g0RIFyy9KZBAABSfZrP_OK8Ov0xctQ HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 144
  • https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662249692265348&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&cm_dsp_id=131&external_user_id=18072662249692265348&C=1 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b20&u=Y--dnalqEzSo.XIhOnrHcAAA
Request Chain 145
  • https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662249692265348 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b23&u=220033204442004022020
Request Chain 150
  • https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662249692265348&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662249692265348&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b13&u=80208892439739300010112766904287312891
Request Chain 151
  • https://a.tribalfusion.com/i.match?p=b22&u=18072662249692265348&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662249692414575
Request Chain 159
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117683V1226132702M%26subid%3Dviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJuu35rvu_0CFRDjuwgdf0sNcg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117683V1226132702M%26subid%3Dviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117683V1226132702M&subid=viewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117683V1226132702M&subid=viewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023030200195882265735791X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023030200195882265735791X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117683&partnerid=12218
Request Chain 162
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1677712797_94ededb2-b887-11ed-b0d0-22643fc428fe&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 172
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 176
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Ybj7MuIsRpqGEggfm4KmBA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Ybj7MuIsRpqGEggfm4KmBA
Request Chain 177
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEQAVOIY-J-9LLB
Request Chain 178
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTVjNDJlNzBmMGMyOWRjMWM5ZjIyYzVmMWE0N2EzZjYyMzA3YTIxMQ
Request Chain 179
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=gjfAxeJoScK11ddbJn4FoQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=gjfAxeJoScK11ddbJn4FoQ
Request Chain 180
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/mh7094LYI1t7pYzngvQftg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nd6EiXtE2oILZBKkt65tzL0aFeK7yHnNoSld_w--~A
Request Chain 181
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIK7wHNDWrYhaVZIPsJcUbg&google_cver=1
Request Chain 182
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVRQVZPSVktSi05TExC

185 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.gmflmidland.org/
Redirect Chain
  • http://gmflmidland.org/
  • http://www.gmflmidland.org/
70 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0c473916b74fde6396a00220a1f1d07f46d9c21a7659577d371dc418f707fff5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17515
Content-Type
text/html
Date
Wed, 01 Mar 2023 23:19:51 GMT
Expires
Wed, 01 Mar 2023 23:18:50 GMT
Pragma
no-cache
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
X-Powered-By
ASP.NET

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
169
Content-Type
text/html
Date
Wed, 01 Mar 2023 23:19:50 GMT
Location
http://www.gmflmidland.org/
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
widgets_headlines.css
www.gmflmidland.org/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.gmflmidland.org/css/widgets_headlines.css
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
6acbed2b6e9b426a12a97ad036e3fba8908b49a4bf660a9926bb522f2a137cf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:04 GMT
Server
Microsoft-IIS/8.5
ETag
"05ac7758440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3273
Expires
Thu, 02 Mar 2023 23:19:51 GMT
jquery-ui.css
code.jquery.com/ui/1.10.3/themes/smoothness/ 		31 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.10.3/themes/smoothness/jquery-ui.css
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
9c286c1a80773a8c752ffc323aec348776f86ab242a4e58636b87f376e0853b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:51 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-7d2e"
vary
Accept-Encoding
x-hw
1677712791.dop106.fr8.t,1677712791.cds154.fr8.hn,1677712791.cds265.fr8.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
6050
jquery-1.10.2.min.js
www.gmflmidland.org/js/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.gmflmidland.org/js/jquery-1.10.2.min.js
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86364
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32825
Expires
Thu, 02 Mar 2023 23:19:15 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/ 		223 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 14:38:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
31286
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
60529
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Thu, 29 Feb 2024 14:38:25 GMT
jquery.timepicker_old.min.js
www.gmflmidland.org/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.gmflmidland.org/js/jquery.timepicker_old.min.js
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f39a1948afb2eb2458272cb7307bea21a52f15482c6fa2284f9d5c1a36615481

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86360
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2940
Expires
Thu, 02 Mar 2023 23:19:12 GMT
bootstrap23.min.js
www.gmflmidland.org/js/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.gmflmidland.org/js/bootstrap23.min.js
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
bbe9769868e99862bf9858149dc98c70529d3228ef57e277a1d94325948d52ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7468
Expires
Thu, 02 Mar 2023 23:19:52 GMT
jquery.cookie.js
www.gmflmidland.org/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.gmflmidland.org/js/jquery.cookie.js
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
05133ea0cca7437d914451446b248c01060c2e903ebfe12ecf797466c92afe97

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86371
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1043
Expires
Thu, 02 Mar 2023 23:19:23 GMT
jquery.bxslider.js
www.gmflmidland.org/js/bxSlider/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.gmflmidland.org/js/bxSlider/jquery.bxslider.js
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
54b5c9cb0cff8303395c302978135685c6ed659650dd9ef4840f09be6204a4b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12072
Expires
Thu, 02 Mar 2023 23:19:52 GMT
colpick.js
www.gmflmidland.org/js/colpick-jQuery-Color-Picker-master/js/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.gmflmidland.org/js/colpick-jQuery-Color-Picker-master/js/colpick.js
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f901ac542e87b0b218a642541e69729ef1631113e42ea97a2bdc9353db122492

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4928
Expires
Thu, 02 Mar 2023 23:19:52 GMT
jquery.bootstrap-growl.min.js
www.gmflmidland.org/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.gmflmidland.org/js/jquery.bootstrap-growl.min.js
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
95639f6cb9f5fed47d630e6ba881faf6c69a9e04a7b25067c24d377eb6393855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
626
Expires
Thu, 02 Mar 2023 23:19:52 GMT
moment.js
www.gmflmidland.org/js/ 		91 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.gmflmidland.org/js/moment.js
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c971da8733003f78cd8a2f8436a7c8bdda056e97411ab2c13f6dabec82c2828a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21494
Expires
Thu, 02 Mar 2023 23:19:52 GMT
jquery.masonry.min.js
www.gmflmidland.org/Tools/Masonary/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.gmflmidland.org/Tools/Masonary/jquery.masonry.min.js
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f707c589d82154ee8ea0d326ad8fb8034d29f5eaaba12f8482f319685bcae0a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:12 GMT
Server
Microsoft-IIS/8.5
ETag
"0e8c7a8440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2163
Expires
Thu, 02 Mar 2023 23:19:52 GMT
modernizr-transitions.js
www.gmflmidland.org/Tools/Masonary/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.gmflmidland.org/Tools/Masonary/js/modernizr-transitions.js
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c2d59c9a36c921c829c0e35100664f0d206be63dfc84db080415afec064d41b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:12 GMT
Server
Microsoft-IIS/8.5
ETag
"0e8c7a8440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86387
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1068
Expires
Thu, 02 Mar 2023 23:19:39 GMT
galleria.classic.css
www.leagueathletics.com/js/galleria/themes/classic/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.leagueathletics.com/js/galleria/themes/classic/galleria.classic.css
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:6c00::210:ba3b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c4ce12cec6a6ff918e2437b098249eb9369a1df752faa170efa848b934a129c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=3378
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1118
Expires
Thu, 02 Mar 2023 00:16:09 GMT
galleria-1.2.9.min.js
www.leagueathletics.com/js/galleria/ 		75 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.leagueathletics.com/js/galleria/galleria-1.2.9.min.js
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:6c00::210:ba3b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
aa30473a739f955f6cb4108f5908f36067309348be0513ea7357ab6544181946

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=26826
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22678
Expires
Thu, 02 Mar 2023 06:46:57 GMT
galleria.classic.min.js
www.leagueathletics.com/js/galleria/themes/classic/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.leagueathletics.com/js/galleria/themes/classic/galleria.classic.min.js
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:6c00::210:ba3b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
788953ee1092fdd88b00161fdd4ce05c9c728caa6bbe5ca1982b0022824a09a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=23928
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
643
Expires
Thu, 02 Mar 2023 05:58:39 GMT
oswald-font.css
s3.amazonaws.com/la-web-assets/public/images/fonts/ 		469 B
883 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/la-web-assets/public/images/fonts/oswald-font.css
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.41.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d5d08de1aede7f8889a719f4ad492a0ff19ffa068d8f6b9c3d477464b302f172

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:52 GMT
Last-Modified
Wed, 15 Mar 2017 21:43:51 GMT
Server
AmazonS3
x-amz-request-id
30CN89E95XYNGZJG
ETag
"94658a8866d7b71298c387c5acb54515"
x-amz-meta-cb-modifiedtime
Tue, 26 Jul 2016 21:24:10 GMT
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
469
x-amz-id-2
NqkEQNEazCgKIZWDg0M2FmyTQiCRyiEZLmVnFJoCK/K3uaNWDxmGEX2tjoPDFunPZozh/2wsZnk=
jquery.marquee.min.css
www.gmflmidland.org/js/jquery.marquee/css/ 		320 B
627 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.gmflmidland.org/js/jquery.marquee/css/jquery.marquee.min.css
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
693b7c07f50088c0bd777e72d17f1cd9126fe735b35be4a29176f52b63eca186

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=86358
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
241
Expires
Thu, 02 Mar 2023 23:19:09 GMT
jquery.timepicker.css
www.gmflmidland.org/css/ 		1 KB
769 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.gmflmidland.org/css/jquery.timepicker.css
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
59db6bffa1696646aa3b14eda83dae911e3b92441dc86befa0610063381e00d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:04 GMT
Server
Microsoft-IIS/8.5
ETag
"05ac7758440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=86361
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
383
Expires
Thu, 02 Mar 2023 23:19:12 GMT
datepicker.css
www.gmflmidland.org/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.gmflmidland.org/css/datepicker.css
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
38e74de19544de03795e264abcaa31b90e48631fc3c6aa262ee055d0c271f2b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:04 GMT
Server
Microsoft-IIS/8.5
ETag
"05ac7758440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
992
Expires
Thu, 02 Mar 2023 23:19:51 GMT
bootstrap23.min.css
www.gmflmidland.org/css/ 		104 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.gmflmidland.org/css/bootstrap23.min.css
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f835e3c49aa6e6421f1728761cecb75dea22f603dbc03ad4bf3930be33afd477

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:04 GMT
Server
Microsoft-IIS/8.5
ETag
"05ac7758440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17070
Expires
Thu, 02 Mar 2023 23:19:51 GMT
font-awesome.min.css
www.gmflmidland.org/css/font-awesome-4.3.0/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.gmflmidland.org/css/font-awesome-4.3.0/css/font-awesome.min.css
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:04 GMT
Server
Microsoft-IIS/8.5
ETag
"05ac7758440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=86362
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5442
Expires
Thu, 02 Mar 2023 23:19:13 GMT
jquery.bxslider.css
www.gmflmidland.org/js/bxSlider/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.gmflmidland.org/js/bxSlider/jquery.bxslider.css
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
82efd9f2736985bd4fa8f0d50182a682d4debde20a6e2225faf6fcd4bf70d7e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1156
Expires
Thu, 02 Mar 2023 23:19:51 GMT
colpick.css
www.gmflmidland.org/js/colpick-jQuery-Color-Picker-master/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.gmflmidland.org/js/colpick-jQuery-Color-Picker-master/css/colpick.css
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b0d42285977d9297d0cdcd54162e45333e82d7cdfea48f362dde9baab6d8ad85

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=86374
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1988
Expires
Thu, 02 Mar 2023 23:19:25 GMT
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Open+Sans:400,300,700
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ed8bc35837fb39ca688180ed7acb31ef58de4c939131bd37d44d933c61bc229c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Wed, 01 Mar 2023 23:19:51 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Wed, 01 Mar 2023 23:19:51 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Oswald:400,300,700
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6bb1ab8474e44124d6d91e58bb435f8a70d8176a9b54de52519fdcb439da80c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Wed, 01 Mar 2023 22:26:28 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Wed, 01 Mar 2023 23:19:51 GMT
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Roboto:400,300,700
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a9fded2f535cb3b67bcc739113c2dc6244a03b5e16e4eb93797011bb567ec857
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Wed, 01 Mar 2023 23:19:51 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Wed, 01 Mar 2023 23:19:51 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Exo:300,400,700|Titillium+Web:400,300,700
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4e222ceed7ac22a645ec5c840430489b5be14ca9adca99f141940dc87a0f4ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Wed, 01 Mar 2023 23:19:51 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Wed, 01 Mar 2023 23:19:51 GMT
Basestyles.css
www.gmflmidland.org/Framework/ 		84 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.gmflmidland.org/Framework/Basestyles.css?v=944
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
230a35a73af726cb64e849df226cabe69ecc7617b1ae89b1d25800efd6c28cb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:06 GMT
Server
Microsoft-IIS/8.5
ETag
"087f8768440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=86341
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15558
Expires
Thu, 02 Mar 2023 23:18:52 GMT
19229_Custom.css
s3.amazonaws.com/files.leagueathletics.com/Text/CSS/ 		26 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/files.leagueathletics.com/Text/CSS/19229_Custom.css
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.41.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6b0727bc02e90ef9c744013d7e4d9b30f76eed705ce7d6424444142a8e770051

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:52 GMT
x-amz-version-id
WSNi_bm4F7owLfVx5TjbHQTALQ.AkW0.
Last-Modified
Tue, 01 Sep 2020 16:20:17 GMT
Server
AmazonS3
x-amz-request-id
30CJ4YZ74W2KDPHQ
ETag
"e5766b1cf706b2298fb96334a59e2e85"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
27096
x-amz-id-2
Zv9L2/5gNO/543r0lgglb/QltTOG1BmPpyrPRxnRUrXC/gRgEwkl4X/xWOqAvtOCwnR1yj4qg1g=
noborderradii.css
www.gmflmidland.org/css/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.gmflmidland.org/css/noborderradii.css
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b40f25ebb08d9413bc7818da0981c567eb1bc1b12bb0a75d3aa02e5d7bbcd008

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:04 GMT
Server
Microsoft-IIS/8.5
ETag
"05ac7758440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1335
Expires
Thu, 02 Mar 2023 23:19:51 GMT
animate.css
www.gmflmidland.org/css/ 		67 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.gmflmidland.org/css/animate.css
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0f3ffa7f0b928b893a75953b1b233b2bf8dc84f94851a6d24225a59d862c270b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:04 GMT
Server
Microsoft-IIS/8.5
ETag
"05ac7758440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=86399
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4097
Expires
Thu, 02 Mar 2023 23:19:50 GMT
la_adminbar_logo_co.png
s3.amazonaws.com/la-web-assets/public/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/la-web-assets/public/images/la_adminbar_logo_co.png
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.41.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7cc228ef7147fdd34fc7196fafce61135f5f4f2ceb4715538efb579555911f44

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:53 GMT
Last-Modified
Wed, 15 Mar 2017 22:15:26 GMT
Server
AmazonS3
x-amz-request-id
C4QPZKVSCK8NJ9C8
ETag
"3556d683cca26fe1f9359e92391dca98"
x-amz-meta-cb-modifiedtime
Tue, 26 Jul 2016 20:49:25 GMT
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1405
x-amz-id-2
ick7F2CIy2mddX+0L/J50uahsuCHNyGeO+b4jHuwruZTZ+ONGq83Uj8kz7kpG2Ui4ePMQ0spjsA=
19229_banner.jpg
s3.amazonaws.com/files.leagueathletics.com/Images/Logos/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/files.leagueathletics.com/Images/Logos/19229_banner.jpg
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.41.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2651f01d201d941117d92367065d8127926c8a8f317bc61140806ff9f31bf627

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:53 GMT
x-amz-version-id
null
Last-Modified
Thu, 26 May 2016 16:44:16 GMT
Server
AmazonS3
x-amz-request-id
C4QHF5WHAT9BM5P1
ETag
"c85834efb9bbcc8a6b9b90130923082f"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
13794
x-amz-id-2
r3ID/XI6KBNUkaJXwCAs0u9oEakPH2DtUfKDfBDn9xFlAV2MAvgBR8k1M6W0tPQgST+bSLgKiPc=
GMFL%20Registration%20Front%20Page%202023.jpg
s3.amazonaws.com/files.leagueathletics.com/Images/Club/19229/ 		265 KB
266 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/files.leagueathletics.com/Images/Club/19229/GMFL%20Registration%20Front%20Page%202023.jpg
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.41.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
80819d092f80806eeb17a304ecbdd1f906eeae808bc75a75f6cc9b0ead198999

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:53 GMT
x-amz-version-id
_9AsrdY1ogatc_LeJsPJjPV0c95oWB4b
Last-Modified
Tue, 10 Jan 2023 18:42:21 GMT
Server
AmazonS3
x-amz-request-id
C4QYG544JGANSA07
ETag
"e916d367fcddbe88926b30820068c108"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
271437
x-amz-id-2
rc31wMv4v1WoUwulXfyrL9Vy1n8zFtbyeSyhNlf+U9+9nxd6NLId9xhfCQeXcmQ6iUUq63M5iOs=
GMFL%20Camp%20Front%20Page%202023.jpg
s3.amazonaws.com/files.leagueathletics.com/Images/Club/19229/ 		200 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/files.leagueathletics.com/Images/Club/19229/GMFL%20Camp%20Front%20Page%202023.jpg
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.41.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
588373a6f0a147cbfbd2cb152edca41d4e34111b04206d5b39f1de7d8bd4693b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:53 GMT
x-amz-version-id
Yhswg2_K7s9EgLYpIN9..6oieQ8kt2xM
Last-Modified
Tue, 10 Jan 2023 18:47:39 GMT
Server
AmazonS3
x-amz-request-id
C4QGMQ69WPDKE26H
ETag
"936e7851e69313a91a694c7e6a1f1183"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
205254
x-amz-id-2
cCRWYQwO5kcz4IXR01QaaIO2txSen7su7zj/5hu+tNg1FAuK+Ja6dti2fyQPz/tO4DE9JEHvono=
logospacer.png
s3.amazonaws.com/la-web-assets/public/images/ 		973 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/la-web-assets/public/images/logospacer.png
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.41.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
1e61cc282c6e0bd93d7be936baff900956dac6014a951ed83eb40cb37e90eaf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:53 GMT
Last-Modified
Wed, 15 Mar 2017 22:15:49 GMT
Server
AmazonS3
x-amz-request-id
C4QG0Y2DCBJB20YH
ETag
"221e73e3d9b6b5c8f7813db0e698788a"
x-amz-meta-cb-modifiedtime
Tue, 26 Jul 2016 20:49:07 GMT
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
973
x-amz-id-2
0HMSb6gdIWs9h+8mAdhnVPT5Fb91uYTTYnKdlT+5uDDXSa9MBmIcIh+ThR2LL1bip5mHkbGlLwk=
play.gif
s3.amazonaws.com/la-web-assets/public/images/buttons/ 		776 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/la-web-assets/public/images/buttons/play.gif
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.41.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e6622513a0ddf2e6a2c08bb8bcbb93175a090bee61226df03f8b1a17b1390969

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:53 GMT
Last-Modified
Wed, 15 Mar 2017 21:46:26 GMT
Server
AmazonS3
x-amz-request-id
C4QPGQCS1GZ39T3P
ETag
"4b48b245769c2b2825a5d82537390b60"
x-amz-meta-cb-modifiedtime
Tue, 26 Jul 2016 21:05:12 GMT
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
776
x-amz-id-2
CXraaBCxKFrwkdHwIkYhO25yc+H9+fTCUrA73jzhyi09JksEXhOJgIs9uVN3LnTIjYHQx7gTfrw=
stop.gif
s3.amazonaws.com/la-web-assets/public/images/buttons/ 		789 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/la-web-assets/public/images/buttons/stop.gif
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.41.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
3878bb6398bb458a5623218facc58d4c987a00f469a1b30fc9a0a09848c48cd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:53 GMT
Last-Modified
Wed, 15 Mar 2017 21:46:35 GMT
Server
AmazonS3
x-amz-request-id
C4QY4JYJ6XAFSRPV
ETag
"cb4c47163cf64d73ca638c4659fc2980"
x-amz-meta-cb-modifiedtime
Tue, 26 Jul 2016 21:05:04 GMT
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
789
x-amz-id-2
hH77bhUX8LgHh24bDdp12b0Yh82HdJdAkhWXY84G3F1J8ZjhkT50RmTjcglPvDYuboaRQar8kho=
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
H2
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 01 Mar 2023 22:14:50 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
3902
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 02 Mar 2023 00:14:50 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
gtm.js
www.googletagmanager.com/ 		136 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KJZ5RQN
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4e5fe22cba6da8755bd4b65b3bdd864a2739fe40f9dea9d469431c1453dcdc45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53033
x-xss-protection
0
last-modified
Wed, 01 Mar 2023 21:39:38 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 01 Mar 2023 23:19:52 GMT
fontawesome-webfont.woff2
www.gmflmidland.org/css/font-awesome-4.3.0/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://www.gmflmidland.org/css/font-awesome-4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/css/font-awesome-4.3.0/css/font-awesome.min.css
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer
http://www.gmflmidland.org/css/font-awesome-4.3.0/css/font-awesome.min.css
Origin
http://www.gmflmidland.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:52 GMT
Last-Modified
Tue, 14 Feb 2023 14:56:04 GMT
Server
Microsoft-IIS/8.5
ETag
"05ac7758440d91:0"
X-Powered-By
ASP.NET
Content-Type
application/font-woff2
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
56780
Expires
Wed, 08 Mar 2023 23:19:52 GMT
glass.png
s3.amazonaws.com/la-web-assets/public/images/nav/ 		949 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/la-web-assets/public/images/nav/glass.png
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.41.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
3046b8b6c4c88b2c34bc56b1463be5281f653195848a78925d12eb66a428694f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:53 GMT
Last-Modified
Wed, 15 Mar 2017 21:24:09 GMT
Server
AmazonS3
x-amz-request-id
C4QQYD3WK74ZA4QF
ETag
"a4c2c5a08f2245aa54d00ac8da7906b5"
x-amz-meta-cb-modifiedtime
Tue, 26 Jul 2016 21:31:56 GMT
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
949
x-amz-id-2
uSvP4jFSvQDOA0FidzBA9iRaCAya7UF47xbtYVEzp4eyFsXwjgOD5MggjrTXv/gtVmVnCt/ldOs=
glass50.png
s3.amazonaws.com/la-web-assets/public/images/widgets/ 		970 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/la-web-assets/public/images/widgets/glass50.png
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.41.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b225d2881d8f76c5380c6f65b184c72e3169d3a2a8a3987419ef72a13b4e30dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:53 GMT
Last-Modified
Wed, 15 Mar 2017 20:27:30 GMT
Server
AmazonS3
x-amz-request-id
C4QWERNER2AD1GT1
ETag
"2f9b156fdd05f7ab7f4b65122ea2c6b5"
x-amz-meta-cb-modifiedtime
Tue, 26 Jul 2016 21:54:18 GMT
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
970
x-amz-id-2
xYcvTN2XIWfganDjTc+Q9+vts7pUTYwX0HeriJcRofLKae6oDGmqTAdXDSLvUL7ONLfjGMXsrNY=
18543_logo.png
www.gmflmidland.org/2e5ca83d-a7fd-45d1-95f7-8735947a7429/Images/SponsorLogos/19229/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.gmflmidland.org/2e5ca83d-a7fd-45d1-95f7-8735947a7429/Images/SponsorLogos/19229/18543_logo.png
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0b9aa969c54944ac71514ae380a5d212d4de8b92ec6171dc23d50e79acc03670

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:53 GMT
Last-Modified
Sat, 03 Jun 2017 19:15:35 GMT
Server
Microsoft-IIS/8.5
ETag
"80e5c5c69ddcd21:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2591995
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36657
Expires
Fri, 31 Mar 2023 23:19:48 GMT
18544_logo.jpg
s3.amazonaws.com/files.leagueathletics.com/Images/SponsorLogos/19229/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/files.leagueathletics.com/Images/SponsorLogos/19229/18544_logo.jpg
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.41.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2a8f2a9948ddd24474cdd027201a0a23cb38742e93608b578ac7aa31a98daf36

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:53 GMT
x-amz-version-id
cWwmJO_4C_6ygJ5CZXaP2pHVa7OMvKJx
Last-Modified
Mon, 11 Sep 2017 17:18:15 GMT
Server
AmazonS3
x-amz-request-id
C4QJYCKBX1PGDZYC
ETag
"9c7dbe294f2f6a45df5bf660fe3fe471"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
5907
x-amz-id-2
SEXAIm03ef+w1YRfsQiZuA/Ni39m6zSuGmPEp1O0fCc9Sq3pMRi2aQ4+VOuhggIPgva/waWOfTs=
18545_logo.jpg
s3.amazonaws.com/files.leagueathletics.com/Images/SponsorLogos/19229/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/files.leagueathletics.com/Images/SponsorLogos/19229/18545_logo.jpg
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.41.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
21666feac6784d79f2d73f614342b6b422fbedb16a225f4535a65fe9022234e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:53 GMT
x-amz-version-id
null
Last-Modified
Fri, 07 Nov 2014 17:15:59 GMT
Server
AmazonS3
x-amz-request-id
C4QY8KR5K3EWKTW2
ETag
"574f0d8fedea7fbccad381369dc28098"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
19352
x-amz-id-2
k0eNTCOuIfbin2wfVT8V758JPmcPLrNcxTy8yx5uBEJ4oeDFXRO1/85aQPzKwObu8PYPH4dRIxk=
18899_logo.gif
s3.amazonaws.com/files.leagueathletics.com/Images/SponsorLogos/19229/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/files.leagueathletics.com/Images/SponsorLogos/19229/18899_logo.gif
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.41.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8653bc4ed9b2bb3d1c49b7b025acde462448472aa2262679bb15cadb38a40223

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:53 GMT
x-amz-version-id
null
Last-Modified
Thu, 11 Dec 2014 18:16:56 GMT
Server
AmazonS3
x-amz-request-id
C4QSF5KNAHRVTSV5
ETag
"5da79702a3163674dac32879ab617ce1"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
7983
x-amz-id-2
dP3WQp3AJwatnW11KkUAvIOBYhXhOnUl9lCEg/JDcVDXdFXPmaFghQDsxzk8AaS2ZViHXOIQxRg=
33769_logo.jpg
s3.amazonaws.com/files.leagueathletics.com/Images/SponsorLogos/19229/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/files.leagueathletics.com/Images/SponsorLogos/19229/33769_logo.jpg
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.41.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
803c97dfec60844a664eac3cdac01b78a8cfaf1fe5d9397abbb877eb32d46c92

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:53 GMT
x-amz-version-id
Q8YC.3CEwPFdYsBvYDltGFtAWGIFTQqP
Last-Modified
Tue, 19 Sep 2017 15:09:59 GMT
Server
AmazonS3
x-amz-request-id
C4QGF53E7J6E8JPG
ETag
"c9f940707b4f1dbfcfd17c322c9fb808"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
6731
x-amz-id-2
BSmt1gKmoGGIO66VV4Wpg8j1q9bSy80lelYmMbTxV/mWz26pNl9pL6ct5E1j9p5YP3dKvNzl9cE=
36387_logo.jpg
s3.amazonaws.com/files.leagueathletics.com/Images/SponsorLogos/19229/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/files.leagueathletics.com/Images/SponsorLogos/19229/36387_logo.jpg
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.41.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
a2c496986afbd33dbe977503e2a19c3c73f01df0dc070c750bdd2f578d22d732

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:54 GMT
x-amz-version-id
QdG9bwBmqzuQFHlxa3WHXnQqDKT8zN0g
Last-Modified
Fri, 07 Sep 2018 19:51:33 GMT
Server
AmazonS3
x-amz-request-id
QFC43FGXYEXZAKFT
ETag
"86e2b23496c2899d1415a96061000d49"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
10313
x-amz-id-2
+VXX1Il5rl72aq/LAKt01ZtU+T74ZS9kwQNPhAhprTcZKIXHEvCkHka8lGA6kkn9RHn1KooT190=
41256_logo.jpg
s3.amazonaws.com/files.leagueathletics.com/Images/SponsorLogos/19229/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/files.leagueathletics.com/Images/SponsorLogos/19229/41256_logo.jpg
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.41.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ec63e0be53d0be7e8b96a662caf415b5b50836b457194b77c8b0f099e41cbe29

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:54 GMT
x-amz-version-id
FCw6FJRfEMUI_xkMmPfM8CxpjI.zo6C.
Last-Modified
Thu, 18 Mar 2021 21:10:07 GMT
Server
AmazonS3
x-amz-request-id
QFC4A1065WGZKMXY
ETag
"bff138aefdecd2a1f955c6182cc98dcc"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
7933
x-amz-id-2
3kLKNJoquB7/DIogqEBfOKgZpiWS2XGa+rzBDg5C6X0ScFO+8eTYrCcz0BGeZ6mtHLZW55dP5mA=
17942_logo.png
www.gmflmidland.org/2e5ca83d-a7fd-45d1-95f7-8735947a7429/Images/SponsorLogos/19229/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.gmflmidland.org/2e5ca83d-a7fd-45d1-95f7-8735947a7429/Images/SponsorLogos/19229/17942_logo.png
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
818c732be9bce8bc6fbaef3ca7a9d37545af46a019bac55405360bb39592e209

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:53 GMT
Last-Modified
Sat, 03 Jun 2017 19:15:35 GMT
Server
Microsoft-IIS/8.5
ETag
"80e5c5c69ddcd21:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10065
Expires
Fri, 31 Mar 2023 23:19:53 GMT
18128_logo.png
www.gmflmidland.org/2e5ca83d-a7fd-45d1-95f7-8735947a7429/Images/SponsorLogos/19229/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.gmflmidland.org/2e5ca83d-a7fd-45d1-95f7-8735947a7429/Images/SponsorLogos/19229/18128_logo.png
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
083481ff72ea6369ca3275d522ec10a1a89f409e6749a40bb4761ac6fb6f6c99

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:53 GMT
Last-Modified
Sat, 03 Jun 2017 19:15:35 GMT
Server
Microsoft-IIS/8.5
ETag
"80e5c5c69ddcd21:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48709
Expires
Fri, 31 Mar 2023 23:19:53 GMT
footer_mark.png
s3.amazonaws.com/la-web-assets/public/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/la-web-assets/public/images/footer_mark.png
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/Framework/Basestyles.css?v=944
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.41.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0c79154d62b41f9ff8b5df1755ffc6189be8aead29bf110238845e9c364d0065

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:54 GMT
Last-Modified
Wed, 15 Mar 2017 22:14:35 GMT
Server
AmazonS3
x-amz-request-id
QFC3P7TDGGPQBMVN
ETag
"5f05352616d17a27434564f2b68237a4"
x-amz-meta-cb-modifiedtime
Tue, 26 Jul 2016 20:50:10 GMT
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2386
x-amz-id-2
dhhVH0Sj833JmuH+CIr+0GxeeBaijZgzwr4Gb94TmwQksquJmV4uLCiObMAs7kcBGPaQ3NFqle4=
collect
www.google-analytics.com/j/ 		4 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1101341500&t=pageview&_s=1&dl=http%3A%2F%2Fwww.gmflmidland.org%2F&ul=en-us&de=UTF-8&dt=Greater%20Midland%20Football%20League&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1307946267&gjid=1641716954&cid=1419361296.1677712793&tid=UA-2070627-2&_gid=191185689.1677712793&_r=1&_slc=1&z=1976577443
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.gmflmidland.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.gmflmidland.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-2070627-2&cid=1419361296.1677712793&jid=1307946267&gjid=1641716954&_gid=191185689.1677712793&_u=IEBAAEAAAAAAACAAI~&z=1563018977
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.gmflmidland.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 01 Mar 2023 23:19:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.gmflmidland.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
beacon.js
b.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://b.scorecardresearch.com/beacon.js
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 01:05:31 GMT
Content-Encoding
gzip
Via
1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P1
Age
80496
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 28 Jun 2022 13:19:23 GMT
Server
AmazonS3
ETag
W/"eaf85c1c6758e84acfe134efd70e9373"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
X-Amz-Cf-Id
goODAONegHG5IXwfbtorR9V5WTGxbGLPw5QL6uxZawRZJq9zgAMPFQ==
prebid_config.js
storage.googleapis.com/didna_hb/sports_engine/leagueathletics/ 		16 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/didna_hb/sports_engine/leagueathletics/prebid_config.js
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c3395e338134840aa5558b073c466c171803c8150cb6d12af1970126cfed5326

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:52 GMT
age
0
x-guploader-uploadid
ADPycdsPFQUaOlSDjVnZSyZ0pfaEHlG-lXsAqZpHx1JVod4UjLKoxfHBb3er_BkfYLpoLsVhbC2NN4uU8iqOQMc_8tcj
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16795
last-modified
Wed, 07 Dec 2022 20:45:03 GMT
server
UploadServer
etag
"7ec0101ccc3a535f1609caa77555004e"
x-goog-generation
1670445903223335
x-goog-hash
crc32c=zikADQ==, md5=fsAQHMw6U18WCcqndVUATg==
content-type
text/javascript
cache-control
no-cache
x-goog-stored-content-length
16795
accept-ranges
bytes
expires
Thu, 29 Feb 2024 23:19:52 GMT
b
sb.scorecardresearch.com/ 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=6035083&c3=120300&cs_ucfr=0&cs_it=b3&cv=3.8.0.210223&ns__t=1677712792708&ns_c=UTF-8&c7=http%3A%2F%2Fwww.gmflmidland.org%2F&c8=Greater%20Midland%20Football%20League&c9=
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:52 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
y0VAdCNqNxAZIa-j7qNthzE60FJbH9UPnvr9eknpq1IQaSSaSzzruA==
x-cache
Miss from cloudfront
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-2070627-2&cid=1419361296.1677712793&jid=1307946267&_u=IEBAAEAAAAAAACAAI~&z=1915518109
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-2070627-2&cid=1419361296.1677712793&jid=1307946267&_u=IEBAAEAAAAAAACAAI~&z=1915518109
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
didna_util_v3120.min.js.gz
storage.googleapis.com/didna-files/utility/ 		131 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/didna-files/utility/didna_util_v3120.min.js.gz
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/sports_engine/leagueathletics/prebid_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
007f73ba9534e82182d6318dd0164ad724f1fbd034d75f478c5a782fb52086e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:18:12 GMT
content-encoding
gzip
age
100
x-guploader-uploadid
ADPycdv9yDG_zo3-lW2JRUX_DaAgtgLhxR4v7MpgqtoDjUfOuXAbiFrrVcYhJ0Jlk7eBaVUAjzf0kKPIFis4xw_qW6DZhsvENdAM
x-goog-storage-class
MULTI_REGIONAL
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35723
x-goog-meta-
last-modified
Thu, 24 Sep 2020 13:05:27 GMT
server
UploadServer
etag
"d5a9cf6ab52999a22607ca4a4d61bd45"
vary
Accept-Encoding
x-goog-generation
1600952727748375
x-goog-hash
crc32c=EVMiag==, md5=1anParUpmaImB8pKTWG9RQ==
content-type
text/javascript
cache-control
max-age=86400
x-goog-stored-content-length
35723
accept-ranges
bytes
expires
Thu, 02 Mar 2023 23:18:12 GMT
didna_prebid.js.gz
storage.googleapis.com/didna_hb/prebid/ 		331 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/didna_hb/prebid/didna_prebid.js.gz
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-files/utility/didna_util_v3120.min.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
cb23a578a888ff383ba230006154f852c45e550e880e333730ef7e6bfd6c9899

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 22:38:06 GMT
content-encoding
gzip
age
2506
x-guploader-uploadid
ADPycdt3pKs9RQ01T_w5lhsibTmQ_HsvV2iKCu-Mqhocq8L069kArn-WZetYeO4RbVE88grWnB0NpW0-BTiDhhvpG3WHvA
x-goog-storage-class
MULTI_REGIONAL
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105982
x-goog-meta-
last-modified
Fri, 05 Mar 2021 20:42:13 GMT
server
UploadServer
etag
"3f6a29c05a83f4cb3d56df7cf3e850cb"
vary
Accept-Encoding
x-goog-generation
1614976933656790
x-goog-hash
crc32c=ocyuGA==, md5=P2opwFqD9Ms9Vt988+hQyw==
content-type
text/javascript
cache-control
max-age=172800
x-goog-stored-content-length
105982
accept-ranges
bytes
expires
Fri, 03 Mar 2023 22:38:06 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-files/utility/didna_util_v3120.min.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a46f3d4637bbdad664528bc04057e834902a5edcec42c5640d50105798399a4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26900
x-xss-protection
0
server
sffe
etag
"1498 / 642 of 1000 / last-modified: 1677711908"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 01 Mar 2023 23:19:52 GMT
didna_trackers.html
storage.didna.io/ Frame 1B68 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.didna.io/didna_trackers.html
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-files/utility/didna_util_v3120.min.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.239.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.239.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e042f7b9638fdd28d660eb5a9552b5192f96a1131c0e28c3f63666c9b9deebfe

Request headers

Referer
http://www.gmflmidland.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2373
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-length
2867
content-type
text/html
date
Wed, 01 Mar 2023 22:40:19 GMT
etag
"13d9c4d6c276bc3cb0b5afd7ff642b8d"
expires
Wed, 01 Mar 2023 23:40:19 GMT
last-modified
Sun, 14 Jun 2020 19:10:59 GMT
server
UploadServer
x-goog-generation
1592161859249348
x-goog-hash
crc32c=+vRTlQ== md5=E9nE1sJ2vDywta/X/2QrjQ==
x-goog-metageneration
2
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2867
x-guploader-uploadid
ADPycduv6btLtiq6YBKBmOr72FqiausgmtqaPLst_elGQJI8vCLL3MRN_8EyIfTqSiQhuE_e4vUVg7Mdm02XGGNnVSCQgg
quant.js
secure.quantserve.com/ Frame 1B68 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
79b87df922384438d3c4a7e6f3b2ebaef856e7b2ddc5f15e279dc7167c33553c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://storage.didna.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:53 GMT
content-encoding
gzip
etag
"liYNKlRv1+e+pwbkZBrDjQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 08 Mar 2023 23:19:53 GMT
beacon.js
sb.scorecardresearch.com/ Frame 1B68 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://storage.didna.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 00:58:17 GMT
content-encoding
gzip
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
80496
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
T6--NLPw5iz4VfD7s2ZI_I8uZnsaAs0axV3W2Xn9ysqP0BBhAh3_Og==
b
sb.scorecardresearch.com/ Frame 1B68 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=27875916&cs_it=b3&cv=3.8.0.210223&ns__t=1677712793002&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html&c8=diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield&c9=http%3A%2F%2Fwww.gmflmidland.org%2F
Requested by
Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://storage.didna.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:53 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
n8O0VD1j_Fh9FgjMT___i4ccGbQMwT768QXxD95dWshLP8iQ6vvgFA==
x-cache
Miss from cloudfront
pubads_impl_2023022301.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f13c6b3026bf5f9437ea17554965e56be1b5ab25b5cf6f3de7415b5b8bd2f60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 21:45:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5679
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132695
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 09:36:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 29 Feb 2024 21:45:14 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		41 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.gmflmidland.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
879a34c9f2f689108d2640dc7c722f9177aee56e3d3a00393a48eba4fab906c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
x-xss-protection
0
expires
Wed, 01 Mar 2023 23:19:53 GMT
rules-p-WnvyhEGJaE9Xh.js
rules.quantcount.com/ Frame 1B68 		160 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-WnvyhEGJaE9Xh.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:1a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7fd21b6e0980aada740143417f0af047b4c0e30d5e2d353ca62f14feb2c7459

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://storage.didna.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:11:50 GMT
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
3479
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:48:13 GMT
server
AmazonS3
etag
"be75d26a2b1c32b2802b4df92f1949d9"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
VHlTf_SMDbm4lTvsLV_8tEwiea__Q3MAbIWdd9m6HWdvXA4h7N-YYA==
pixel;r=833611664;rf=0;a=p-WnvyhEGJaE9Xh;url=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html;ref=http%3A%2F%2Fwww.gmflmidland.org%2F;uht=2;fpan=1;fpa=P0-665802653-1677712793086;pbc=;ns=1;ce=1;...
pixel.quantserve.com/ Frame 1B68 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=833611664;rf=0;a=p-WnvyhEGJaE9Xh;url=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html;ref=http%3A%2F%2Fwww.gmflmidland.org%2F;uht=2;fpan=1;fpa=P0-665802653-1677712793086;pbc=;ns=1;ce=1;qjs=1;qv=463953fd-20230224153512;cm=;gdpr=0;d=storage.didna.io;dst=0;et=1677712793160;tzo=0;ogl=locale.en_US%2Ctype.website%2Ctitle.diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield%2Cdescription.diDNA%20programmatic%20yield%20management%2Curl.https%3A%2F%2Fwww%252Edidna%252Eio%2F%2Csite_name.diDNA;ses=8873150c-acf0-4bda-9a22-12afa674c76b
Requested by
Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://storage.didna.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwww.gmflmidland.org%2F&domain=www.gmflmidland.org&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://www.gmflmidland.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
http://www.gmflmidland.org
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 01 Mar 2023 23:19:53 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
473226
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwww.gmflmidland.org%2F&domain=www.gmflmidland.org&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=ctJ9HXxyQklnelV4ejRCNllzem5jdkd0US9pUTFHNmFIYmtNUWhEeGdsVVpSUk5iRi9ibkNXbmxuYVpTQ25Ga0JoR0ZpYlYybkc4QVA2dDNDdWMxazkrTlhkQVdUcXFUNFF5ekk2ODVESzJTNkVEQlZRZERSazBCQmdINE...
348 B
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ctJ9HXxyQklnelV4ejRCNllzem5jdkd0US9pUTFHNmFIYmtNUWhEeGdsVVpSUk5iRi9ibkNXbmxuYVpTQ25Ga0JoR0ZpYlYybkc4QVA2dDNDdWMxazkrTlhkQVdUcXFUNFF5ekk2ODVESzJTNkVEQlZRZERSazBCQmdINEJ4TEhaVG8wZ2hxSGRKU0hiUTVjT0VnZzdJVVdKVnVZKy9wYkJoV0gxOWEzd0dXN1ZDZGNhKzVicS9scEFZM05yUU9qd3JwVG5icE93S2p3M1VjbVRQaHA4TjQrblpObjJBank2L1JUNVo1WjFqN0IvY3NqRTRJRFRWUzVRN0JYSEVIeWlsSHJTfA&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1b4759c7fbbd78a59ab78925df9aaba26e3a8cea04882a3d050d5f693da1a2c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:52 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
684176
expires
0

Redirect headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=ctJ9HXxyQklnelV4ejRCNllzem5jdkd0US9pUTFHNmFIYmtNUWhEeGdsVVpSUk5iRi9ibkNXbmxuYVpTQ25Ga0JoR0ZpYlYybkc4QVA2dDNDdWMxazkrTlhkQVdUcXFUNFF5ekk2ODVESzJTNkVEQlZRZERSazBCQmdINEJ4TEhaVG8wZ2hxSGRKU0hiUTVjT0VnZzdJVVdKVnVZKy9wYkJoV0gxOWEzd0dXN1ZDZGNhKzVicS9scEFZM05yUU9qd3JwVG5icE93S2p3M1VjbVRQaHA4TjQrblpObjJBank2L1JUNVo1WjFqN0IvY3NqRTRJRFRWUzVRN0JYSEVIeWlsSHJTfA&cppv=2
access-control-allow-origin
http://www.gmflmidland.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
489547
content-length
0
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21618&site_id=293386&zone_id=1474214&size_id=2&alt_size_ids=55&eid_pubcid.org=f1b17254-0cba-4e79-b831-238c15af78a4%5E1&rf=http%3A%2F%2Fwww.gmflmidland.org%2F&tk_flint=pbjs_lite_v4.25.0&x_source.tid=0ef2332a-c209-4510-9c77-44c35fc9c1f6&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.30594142171305627
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/prebid/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e620ded44e6e8c8cea3dcc7e8053126664f728f70899aee68b2a5a441e82dd11

Request headers

Referer
http://www.gmflmidland.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://www.gmflmidland.org
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
260
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
822 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21618&site_id=293386&zone_id=1474214&size_id=2&alt_size_ids=55&eid_pubcid.org=f1b17254-0cba-4e79-b831-238c15af78a4%5E1&rf=http%3A%2F%2Fwww.gmflmidland.org%2F&tk_flint=pbjs_lite_v4.25.0&x_source.tid=0ef2332a-c209-4510-9c77-44c35fc9c1f6&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.47099217353561684
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/prebid/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
26a114e1a13946bf1055528bad26a2eb9c9760f47a2f82fd8581ff8aae3bea9d

Request headers

Referer
http://www.gmflmidland.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://www.gmflmidland.org
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
260
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/prebid/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.141.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-141-24.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gmflmidland.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://www.gmflmidland.org
date
Wed, 01 Mar 2023 23:19:53 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		53 B
856 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/prebid/didna_prebid.js.gz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.gmflmidland.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Mar 2023 23:19:53 GMT
AN-X-Request-Uuid
a138586d-d610-4478-a203-b6888c54d5b4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://www.gmflmidland.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.57.5; 37.58.57.5; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ssc.33across.com/api/v1/ 		0
0
prebid
lockerdome.com/ladbid/ 		11 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/ladbid/prebid
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/prebid/didna_prebid.js.gz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
http://www.gmflmidland.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
http://www.gmflmidland.org
Date
Wed, 01 Mar 2023 23:19:53 GMT
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Content-Encoding
gzip
Content-Length
31
Content-Type
application/json; charset=utf-8
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ctJ9HXxyQklnelV4ejRCNllzem5jdkd0US9pUTFHNmFIYmtNUWhEeGdsVVpSUk5iRi9ibkNXbmxuYVpTQ25Ga0JoR0ZpYlYybkc4QVA2dDNDdWMxazkrTlhkQVdUcXFUNFF5ekk2ODVESzJTNkVEQlZRZERSazBCQmdINEJ4TEhaVG8wZ2hxSGRKU0hiUTVjT0VnZzdJVVdKVnVZKy9wYkJoV0gxOWEzd0dXN1ZDZGNhKzVicS9scEFZM05yUU9qd3JwVG5icE93S2p3M1VjbVRQaHA4TjQrblpObjJBank2L1JUNVo1WjFqN0IvY3NqRTRJRFRWUzVRN0JYSEVIeWlsSHJTfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 01 Mar 2023 23:19:53 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
217567
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.gmflmidland.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gmflmidland.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2455821884384530&correlator=2716381630722747&eid=31072563&output=ldjh&gdfp_req=1&vrg=2023022301&ptt=17&impl=fifs&iu_parts=5727661%2CDesktop%2Cleagueathletics%2CSticky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90&ifi=1&adks=2709129966&sfv=1-0-40&prev_scp=auid%3DdivSticky-01%26tfPassback%3Dfalse%26inView%3Dtrue&eri=1&sc=0&cookie_enabled=1&abxe=1&dt=1677712795398&lmt=1677712795&dlt=1677712791471&idt=1633&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fwww.gmflmidland.org%2F&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=1419361296.1677712793&ga_sid=1677712795&ga_hid=1101341500&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ba35f9ab19aed204ce337c47fe6a43a7caf1fd66c387a989f577e482909db3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10144
x-xss-protection
0
google-lineitem-id
6234957325
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138422716869
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.gmflmidland.org
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023022301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0659500121d5d7f42922be68f4d7b88df11a04c341460aa7c41e4d40981e3f3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11278
x-xss-protection
0
container.html
19913099f1504574a15349449b422489.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DF5D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://19913099f1504574a15349449b422489.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.gmflmidland.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Mar 2023 23:19:55 GMT
expires
Thu, 29 Feb 2024 23:19:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 01 Mar 2023 23:19:55 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FB2E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunKoT3kZUirAFz9AIlhz2C57G_IMIKOeMQY3kOp3_6k3ZsoEwtA8PEg8eVRIr6H9QegkQxcC2U73wy3M-pwZy1nWoQqnPjoxpm47Wf6k6mP1chbHYy687kYyO9fV5ZuJdFta97EqdxioDDIza_xtbZWzUOTh101XYoqSHpDJCLGiotHCa3uHQP3_GcuV2jptRzUeu2TYTDZhzpM_X9RlpRfqNpI5g3wzKhjThPkXqDk2iLVxdJhw-s91BFRsQYyJk_AMhIY5j1LtFVaT25bC3aqSJjYzkmWnnXjBSvUWiL_p2bXWINfAR1Is-r5V53KAU9C8p7Y5O1d7hitb_zOgK8Lqes7HlJa7c-aXE91c5bdAIjpaEyvg&sai=AMfl-YQxtNbhUM1DsKnS5FTFmR3nMbx7nBrOyr2uqNeLgvXr8z6wKzMlr4wzcJb8i4DSJ7l8rGWaYQYPbBL1JYlxKjByN8_8RBN4kjGYtIZV3WMBkWspiHVqtlkP9obRUAhKE0R5rs31KExiLkxt9w0&sig=Cg0ArKJSzLjCD6mAgFvDEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 01 Mar 2023 23:19:55 GMT
tags.js
tags.expo9.exponential.com/tags/SportsNgincom/ROS/ Frame FB2E 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.expo9.exponential.com/tags/SportsNgincom/ROS/tags.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
HTTP/1.1
Server
2606:4700::6812:ddb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd7158ef42785000c01392658cb59d4b4618dd9e50d96bc539f8ff1467927636

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:56 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
P3P
CP="NOI DEVo TAIa OUR BUS"
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
14158
X-Function
151
Last-Modified
Fri, 17 Feb 2023 18:05:21 GMT
Server
cloudflare
X-Reuse-Index
1
ETag
13319129765085067188
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600, private
CF-RAY
7a1520adaccb368a-FRA
Expires
Thu, 02 Mar 2023 00:19:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FB2E 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677501794595172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 01 Mar 2023 23:19:55 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 90BF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.gmflmidland.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3835
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Mar 2023 22:16:00 GMT
expires
Thu, 29 Feb 2024 22:16:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3FB2 		783 B
969 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a7b604623b04027e066c34312038a8e3c1d6eee74428303dc80114db8ff3cb1d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-p--gJy-NQEYIwMIX0zsWjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.gmflmidland.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-p--gJy-NQEYIwMIX0zsWjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Mar 2023 23:19:55 GMT
expires
Wed, 01 Mar 2023 23:19:55 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
B0h6yWoM4A2thohR-97yuNcdUnoq8bXKVyp7ELIWWXY.js
pagead2.googlesyndication.com/bg/ Frame 90BF 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/B0h6yWoM4A2thohR-97yuNcdUnoq8bXKVyp7ELIWWXY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07487ac96a0ce00dad868851fbdef2b8d71d527a2af1b5ca572a7b10b2165976
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 03:17:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
72169
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14392
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Feb 2024 03:17:06 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3FB2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023022301&jk=2455821884384530&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 90BF 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?v3VnoQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
displayAd.js
a.tribalfusion.com/ Frame FB2E 		677 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/displayAd.js?dver=0.9&th=7997709702
Requested by
Host: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/SportsNgincom/ROS/tags.js
Protocol
HTTP/1.1
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b69d9430cd3089f0667284080c99a3c1b95f566cec6a92594c64fb375cf61d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:56 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
P3P
CP="NOI DEVo TAIa OUR BUS"
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
327
X-Function
153
Last-Modified
Fri, 17 Feb 2023 18:04:49 GMT
Server
cloudflare
X-Reuse-Index
7
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private
CF-RAY
7a1520b1aa603659-FRA
Expires
Tue, 30 May 2023 23:19:56 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023022301&jk=2455821884384530&bg=!q6ilqPzNAAbK-VRH6vk7ADkAdvg8WvBkOzRqdvSbP1k-dHq6RzXgjOulI588CC9W4BUkFNRuVTDWDSYL9k1pJgklmCgxVdIORPYCAAAAT1IAAAACaAEHmQKdcOZXF9KQRU5UYyl9icxTXuBSYsc8CZLOerBEF9LvBBUTSGev19AjOzczIkJAKBPQNwiWruVUMyEYGOVwRHho3QNBgxyhA1tCI7tSRoCslKJtqIBdy-P_CiklFIBDeIWqy0z9s8nUEKHn8l0xJ6HBWRnfXbAwIvaJpxDEZkBiYG_tsZq36_ScqvKJ4QEnbm4yKWm9M0Qx16qvLw5lQTyafqrgq_I-u2fE4zt7x4g4FigDMuh3cxWWpMEkeL41TH3OkiMIDSfWvavd_NTH4Eu1p-yXxWcKC1LN8piI2fYR0ZjlnI4J8LQvR-c_SUh6h_Mzue1l4gK-zDjbRsPmkSUDNSFWTJ4fv0wQomGrWPyP_zWXuHfUMPBoo25Bd4BgIH2vHf70k_5QnbLbdndM-5iGkgpVEKUiGq5PC5OuqQZaFo-mJY4Byo1hRVnq1z862JwgWpXlGWd3NJEMkHwdcLeI1dGPyKNiw1cC0W6twwlGP6pHWUo2x1QxqcSoZo2rT8q_0rIX8Ai4tg1NGndy7glGDpYUFsCtPlhTg7PNLnkpurgtOcGyzMUn3BtxGwTeYzW_FwD1UhwAwvIuZqDVAjHAk34s9Y-CNz0G4oE9FUMrP5Dh1zeNM0_lyzH6jvi9LbCHjRLcXYWxhmE59ifFRMVHlO0S-QXgta0oSqnzYJrYKgOy6-OX_kEK8IEG1jAz32Tt5iaumB3u3vgJSQTdJljqzg7QM3QtP4DvP-Wcrv-tWRWNdcFf_vtJcS3gg3xoUghGD4cSpyf_W90fg_9mngulKD9afU-HiEjI-jhsVgik8riuD_5BDTB_C5SkYmXkp9ghvdanyijZ86Aq_pteErlmD48chhtzacY9BPOXnhJpFUYk8QBDh1o36Wz0JX7Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
18544_logo.jpg
s3.amazonaws.com/files.leagueathletics.com/Images/SponsorLogos/19229/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/files.leagueathletics.com/Images/SponsorLogos/19229/18544_logo.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.41.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2a8f2a9948ddd24474cdd027201a0a23cb38742e93608b578ac7aa31a98daf36

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:57 GMT
x-amz-version-id
cWwmJO_4C_6ygJ5CZXaP2pHVa7OMvKJx
Last-Modified
Mon, 11 Sep 2017 17:18:15 GMT
Server
AmazonS3
x-amz-request-id
2J7K8R2PPQVHYMSQ
ETag
"9c7dbe294f2f6a45df5bf660fe3fe471"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
5907
x-amz-id-2
5GbaURB3/mtcQQbxwQSL/O9N2S8TqkSq29Xu1+Q/km7CauqCD2Nz/5JrU/XFRUasegSF5YwgvUE=
j.ad
a.tribalfusion.com/ Frame FB2E 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7997709702&tagKey=1258583474&site=sportsngincom&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=http%3A%2F%2Fwww.gmflmidland.org%2F&f=1&p=12720793&tKey=aImneMWEraPaJHRsjIQrat4qMWRTMuNv&a=1&adContainerId=richmedia_2&rnd=12719051
Requested by
Host: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/SportsNgincom/ROS/tags.js
Protocol
HTTP/1.1
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2fbb1002ced7e36b77d14df4c7944474aa2da639af6474d77f35dd8a8a50a84

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:56 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
P3P
CP="NOI DEVo TAIa OUR BUS"
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
2424
Pragma
no-cache
X-Function
101
Server
cloudflare
X-Reuse-Index
8
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private, no-cache, no-store, proxy-revalidate
CF-RAY
7a1520b2db653659-FRA
Expires
0
gpt.js
www.googletagservices.com/tag/js/ Frame FB2E 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7997709702&tagKey=1258583474&site=sportsngincom&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=http%3A%2F%2Fwww.gmflmidland.org%2F&f=1&p=12720793&tKey=aImneMWEraPaJHRsjIQrat4qMWRTMuNv&a=1&adContainerId=richmedia_2&rnd=12719051
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a46f3d4637bbdad664528bc04057e834902a5edcec42c5640d50105798399a4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26900
x-xss-protection
0
server
sffe
etag
"1498 / 692 of 1000 / last-modified: 1677711908"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 01 Mar 2023 23:19:56 GMT
ipg
a4.tribalfusion.com/ Frame FB2E 		43 B
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4.tribalfusion.com/ipg?ip6=2a00:c98:2030:a004:1::6&kv=%7B%22ord%22%3A%20108061304%2C%20%22clientID%22%3A%20565943%7D
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:57 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a1520b44e262c53-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pubads_impl_2023022301.js
securepubads.g.doubleclick.net/gpt/ Frame FB2E 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f13c6b3026bf5f9437ea17554965e56be1b5ab25b5cf6f3de7415b5b8bd2f60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 21:45:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5682
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132695
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 09:36:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 29 Feb 2024 21:45:14 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame FB2E 		41 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.gmflmidland.org
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
879a34c9f2f689108d2640dc7c722f9177aee56e3d3a00393a48eba4fab906c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
x-xss-protection
0
expires
Wed, 01 Mar 2023 23:19:56 GMT
integrator.js
adservice.google.de/adsid/ Frame FB2E 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.gmflmidland.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame FB2E 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gmflmidland.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame FB2E 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1385177460343065&correlator=4428633655768211&eid=31072700&output=ldjh&gdfp_req=1&vrg=2023022301&ptt=17&impl=fif&iu_parts=5727661%2CDesktop%2CTribalFusion_Passback_SNN_ROS_728x90_ATF&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=4234887178&sfv=1-0-40&eri=2&sc=0&cookie=ID%3D4db8893e8e129b19%3AT%3D1677712795%3AS%3DALNI_MbEQuPe7SI0nlWJEDnCoV0tNiBGLQ&gpic=UID%3D00000bbd852ddeda%3AT%3D1677712795%3ART%3D1677712795%3AS%3DALNI_MaM0ZpLU_vx5FC4vWaoEfEn0bjszw&abxe=1&dt=1677712796984&lmt=1677712796&dlt=1677712795707&idt=1250&adxs=436&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=hw8scfmpijwm&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&nhd=1&url=http%3A%2F%2Fwww.gmflmidland.org%2F&ref=http%3A%2F%2Fwww.gmflmidland.org%2F&top=http%3A%2F%2Fwww.gmflmidland.org%2F&frm=23&vis=1&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1419361296.1677712793&ga_sid=1677712797&ga_hid=1139493420&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d04e9b5d07f00d0bd0c3ab5b2c19af228f762ae96c06790a97741ab9e89aa76d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12199
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.gmflmidland.org
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 78AD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.gmflmidland.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Mar 2023 23:19:57 GMT
expires
Thu, 29 Feb 2024 23:19:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
p.media
a.tribalfusion.com/ Frame 994F 		211 B
1019 B 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=akmU0hWUY0TtQ2nUYmPU7t1Enp3Eji5TYRmEBDYb78WHf0mPvZcnV7sptrK5TY85tay3P7ZanrbZb0V7PYsUV0VbonaZbT3UYRTFvBUA3TQa3QQsZbrSdby0djtT6vp2GB5XrBJVmqv2A39R67K3tvMXHvZbpdZav4PMP5Gr7TsJdUcb8RAFvWdn3TUj52bEmVTjmTTn6QaMHQGbZbPbIoSW7iUVb52Fy4mWqOOQQyM8EGtGrtt87RKQ&mediaDataID=6347136&mediaName=frame.html
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcff8a94843e3638585da61a244cb3a2fa5d8829502f4f0b848618ff4a8a7cac

Request headers

Referer
http://www.gmflmidland.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7a1520b53d7d3659-FRA
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Mar 2023 23:19:57 GMT
Expires
0
P3P
CP="NOI DEVo TAIa OUR BUS"
Pragma
no-cache
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Function
102
X-Reuse-Index
9
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
a.tribalfusion.com/ Frame C15B 		307 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=almU0hWrbY5bEnUaMrVEMcSTZbZdRsjIQFAvRW3dWGQT2FqvmtamXaeO3WvZaSV7Zc2m3FmtAsTWQ80r7aYFJ90qeNRUMHUU34TtBXorjxQrZbNYTFp5TJh5Tr3oT7IYFU9UdnRoAnCpVnnmHrJ2av95dIp3AfZbmFYZbXsnQYsF2XG7nnEvU5Un2TrjGUPYYQabXScroQHftYdZbtVmUu3cBU0UZbDVmm546ZbetFEFMRisyWBxOFdK0r&mediaDataID=8039566&mediaName=frame.html
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa190244c5a634834644a5145237cfe16b092cb94e6c097fb3a6fbe513a9510d

Request headers

Referer
http://www.gmflmidland.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7a1520b54cc29b98-FRA
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Mar 2023 23:19:57 GMT
Expires
0
P3P
CP="NOI DEVo TAIa OUR BUS"
Pragma
no-cache
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Function
102
X-Reuse-Index
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
a.tribalfusion.com/ Frame 417B 		379 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=aAmU0hTFfHUAv5RTn3SsBqSt7uYd7rW63p2cM4XFvIVmuu4A3dPmMG3dQyXHUCpdIm3mYS5sj9VsBdWsj8RAYnUWnWUr725bTtUqQvWqnlQEBKScJZaQUmsPHMiWcbU4binodiy0auu4dvZdPcBZc26nKmdItUdj8XUnbYFYfXaiMRrJGWUrSWWnXnUfvQrrt1EMp5afc2qU3mEZbDXbUfWHMXoArans7wU8PGyBiextmFpWmRVE&mediaDataID=6546596&mediaName=frame.html
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d754a8e34872b7057bbdb0d85c961d9561accd81e0c67c755bf6924ba1f64b32

Request headers

Referer
http://www.gmflmidland.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7a1520b54eba3a9d-FRA
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Mar 2023 23:19:57 GMT
Expires
0
P3P
CP="NOI DEVo TAIa OUR BUS"
Pragma
no-cache
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Function
102
X-Reuse-Index
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
a.tribalfusion.com/ Frame BE3D 		445 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=aBmU0hTtQ4orJnPFBtXavr3T7d5Er3naFIYbf8UWJSoAMDnVnroWfF2qQ85day3AjEpbMZcXGfS1sZb20VfnnEb33bnVVFjZbUAf1REYQPGrMQdUw1HBsWmny4s3UXbZbJTP6m2PUhRmjB4WQO1trCptaO36QR4GQ9TVQcWsMePP3oUtFVWrJP2FioUa3sWqJcSTvKScjARbZasRWQdVGb52F6xode0XEepxC2AmDTFumJynLpwdH&mediaDataID=6719746&mediaName=frame.html
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
171130e203f1a925368e002facdd8ffaa1e8bfb9d78244a00facf51e49a523b0

Request headers

Referer
http://www.gmflmidland.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7a1520b54e9c9a2d-FRA
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Mar 2023 23:19:57 GMT
Expires
0
P3P
CP="NOI DEVo TAIa OUR BUS"
Pragma
no-cache
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Function
102
X-Reuse-Index
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
a.tribalfusion.com/ Frame B735 		262 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=aCmVCG5bEnUqrsVaFaPEnZaQVfZcQFqoSWYiWGYT4UTmod6MXauy2tbDPsfZd263EmdZaNVHJ7Xbfd1FQf0qaMRrUZcUbrYVtUUorYqRUJNXaMy5EUi5aQ3mqjH1rBgTHnToPbBmGnopWYF5EUe5HeN5PrEnrvEXsfWXGZbT1VZbnnTbQ2bQWVUjEUAvTPTb1ScQMPWUx0dJxV6YN4sUUYFnIUAau5mn8Q67E4WZbOXWBAnVuv36Ayw8Pcp82ZbUb7Y67ORXZa&mediaDataID=5578346&mediaName=frame.html
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1986b8026f48b0396b823b483b519f8fc5a1f219d66b8ccc16e99be407eb7dc

Request headers

Referer
http://www.gmflmidland.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7a1520b5487d3605-FRA
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Mar 2023 23:19:57 GMT
Expires
0
P3P
CP="NOI DEVo TAIa OUR BUS"
Pragma
no-cache
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Function
102
X-Reuse-Index
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
a.tribalfusion.com/ Frame 494B 		322 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=aDmU0hUAv3REMYQcrmPdYyYtBrVmrw3cvUXFnIT6Xn2PYgPmjF2HZbp1d3DptIn36U13cr6TcJaUsreRAUoUtY4UFJ03bEpUqbsTTrlPqvFSGQKQriqRWv9UVv54r6nmHur0qmm4trESGfZa5PMFmt6nVWB6YUUdYbBe0qqtPbQZbUFBXTtMWnbjpQrJtXaFr3Tjh4T3PoEJHYbb8TWMXoAfBpGM5otfJw7qkyoQtvAvMtGRZahR&mediaDataID=5436426&mediaName=frame.html
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac54bbade01ac04016af5318ed8c00d29997ff8f1ff2abbe1bfddf47fb33211c

Request headers

Referer
http://www.gmflmidland.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7a1520b55cad6940-FRA
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Mar 2023 23:19:57 GMT
Expires
0
P3P
CP="NOI DEVo TAIa OUR BUS"
Pragma
no-cache
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Function
102
X-Reuse-Index
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
a.tribalfusion.com/ Frame 8570 		273 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=aEmU0horJoRUjr1T3r5TFj2aU5nTJCXrjfUWBSmP3KpGruoWvG3TZbj2HiM3PjEprnG0VnPYcF5XVnxnEf43FY5VrFEWAv4REj4ScnMPWjr1dvtVPMw3Gn00UQDTAim4mB8R6bJ4H3qXW3AmHem3mvT3sM7UVraWVbfRAFuWd33UbM15beuVTUnVaBdPqBZaQVfZbPFExPWU9WGUT5U6xodqO0qqV2WbZds9ZaDOreZcTdXHnayUyM&mediaDataID=6530936&mediaName=frame.html
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
647c8dedd816589570eeeb2d230c8a6c06437fdc01a56a350b936eab78b43223

Request headers

Referer
http://www.gmflmidland.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7a1520b65e733659-FRA
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Mar 2023 23:19:57 GMT
Expires
0
P3P
CP="NOI DEVo TAIa OUR BUS"
Pragma
no-cache
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Function
102
X-Reuse-Index
10
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
a.tribalfusion.com/ Frame 9C6D 		199 B
1009 B 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=aFmU0hUqrmTTQcSEQIQG3LRrIrPWU8WG354U2mmtAq0qyn2trAQVrA5AUEmtZaOVWFf0rnaYUYgXqytRrYZbUF3PVHM3mrJoRUMn1Evy4qja4q73mqjLXrbcWH7XmmfLncjmmHnK5T3g5tiN46ZbEpb3J0GvQXVv50s7wnEvT5U32VUnFUAUTQEQ2PsnOPWUyYtBtVPYn4cr0XFMIU6iw2PZbeR67l2dZbOMouZdP8Mxv6B8pPSBJP&mediaDataID=7665496&mediaName=frame.html
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34f504882775812288325d75383466fa28af656dc8529f57cefe4c899465ff17

Request headers

Referer
http://www.gmflmidland.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7a1520b68d726940-FRA
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Mar 2023 23:19:57 GMT
Expires
0
P3P
CP="NOI DEVo TAIa OUR BUS"
Pragma
no-cache
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Function
102
X-Reuse-Index
13
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
a.tribalfusion.com/ Frame 9669 		300 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=aGmU0hREMXScUtQW7N0tBnT6Qn3GJ4XFrDT6Pn4Av9R6fI2H3m0HBZamWAn3mU03sveVsQdWcMhPAZbuUtU3Ub7S3UeoWqrnTTB6STMFRsfCPbusRtQaVsYP2FyxmWqrXTav4dMZaSVbH2mUHpHiNVHfc0bvbXbbg0TisRrJHWUYSVdJ2orbxQrvrXEvn4qUj2aY3maBK1b7cUWZbSnPfBpG7wmHri3qZb7wRJnNFXZdWrbOmhWqfe&mediaDataID=6807466&mediaName=frame.html
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
HTTP/1.1
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b71fde3c435f4803d82b66f8878313b93911b533252432a00ecb3d51d05ae18d

Request headers

Referer
http://www.gmflmidland.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7a1520b70fee9a2d-FRA
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Mar 2023 23:19:57 GMT
Expires
0
P3P
CP="NOI DEVo TAIa OUR BUS"
Pragma
no-cache
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Function
102
X-Reuse-Index
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
view
securepubads.g.doubleclick.net/pcs/ Frame FB2E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTs6GsdPoRXypy-KQVJHgayxRP-25r6buRyGNtErTVg4rmL4isqJ56avXRmneQpSAow0BUxeZM0Q_47UixmVu84S4RkI9JzLEBNI5wGp60PyOC_bxgQFb9U4tORdGB_uK34epnfzQ2XjUHggESS1mec0KOOmRA1fWGQft4yTv1K1547tsmFFlGzllkJuI3ixe-1k_rddg2M08H6t-sOHbMzcsbIx7HEHysx6OTp8XPj3sjq59OtMez-c761AEqbPLBNjtq-nqdUiAaSn0J9RUl59cGhtFsl-QDXA0u7-RV7tFb8Hau9odzVnPVlqcpMwSIFRtdsmA_Rcixk09LQsOFzH0dozNfRxCGoA&sai=AMfl-YSl9biaCwQWfqns2c7tTJBKHVLHhj_5kplzLV9Lccl4nvNoiCoDlD6zmUJZb7JQcAb0Ni33Qa3nf0zpjp40OS2hIQ176rXlj9TwfeXTiyJh4lm3_2jI46a8o4LtZEDgzfjFhum220M8ib0AGzw&sig=Cg0ArKJSzEoKlxSL9ccKEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 01 Mar 2023 23:19:57 GMT
truncated
/ Frame FB2E 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4347d5f32ca791c1aa813595733d7a3a417c5af3ffa215be33d52a320733729f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
i.match
s.tribalfusion.com/z/ Frame 994F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662249692265348&_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662249692265348&_origin=1&redir=true&verify=true
  • https://a.tribalfusion.com/i.match?p=b17&u=y-7LbDKtZE2uhFxVeqan1cu4qtJ6GtRr4-~A
  • https://s.tribalfusion.com/z/i.match?p=b17&u=y-7LbDKtZE2uhFxVeqan1cu4qtJ6GtRr4-~A
43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b17&u=y-7LbDKtZE2uhFxVeqan1cu4qtJ6GtRr4-~A
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=akmU0hWUY0TtQ2nUYmPU7t1Enp3Eji5TYRmEBDYb78WHf0mPvZcnV7sptrK5TY85tay3P7ZanrbZb0V7PYsUV0VbonaZbT3UYRTFvBUA3TQa3QQsZbrSdby0djtT6vp2GB5XrBJVmqv2A39R67K3tvMXHvZbpdZav4PMP5Gr7TsJdUcb8RAFvWdn3TUj52bEmVTjmTTn6QaMHQGbZbPbIoSW7iUVb52Fy4mWqOOQQyM8EGtGrtt87RKQ&mediaDataID=6347136&mediaName=frame.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:57 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a1520b83fec3734-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:57 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
563
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b17&u=y-7LbDKtZE2uhFxVeqan1cu4qtJ6GtRr4-~A
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a1520b70e983734-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 494B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b10&u=18072662249692265348&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
  • https://s.tribalfusion.com/z/i.match?p=b10&u=18072662249692265348&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
  • https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662249692353077&expires=180
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662249692353077&expires=180
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aDmU0hUAv3REMYQcrmPdYyYtBrVmrw3cvUXFnIT6Xn2PYgPmjF2HZbp1d3DptIn36U13cr6TcJaUsreRAUoUtY4UFJ03bEpUqbsTTrlPqvFSGQKQriqRWv9UVv54r6nmHur0qmm4trESGfZa5PMFmt6nVWB6YUUdYbBe0qqtPbQZbUFBXTtMWnbjpQrJtXaFr3Tjh4T3PoEJHYbb8TWMXoAfBpGM5otfJw7qkyoQtvAvMtGRZahR&mediaDataID=5436426&mediaName=frame.html
Protocol
HTTP/1.1
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:57 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
436
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662249692353077&expires=180
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a1520b82fe13734-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
container.html
1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0705 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.gmflmidland.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Mar 2023 23:19:57 GMT
expires
Thu, 29 Feb 2024 23:19:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 0705 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C5TEnnd3_Y-b7AcXd7_UP0MOwwA2Q4YGEXLaoworwAsCNtwEQASAAYJWKnoKwB4IBF2NhLXB1Yi04MjcyNzg2OTk3NjEyNTY4yAEJqQIPm8x7O-ixPuACAKgDAaoEjAJP0Cv8LrVjrBokdlGo3KFZ6hzRw5flhNmuuum6XIUsTZ9FcYbbILdFkWGuwp4GuecKLf28Y54-lrsx5RIjEbHoSWmOclXg5cI1c10I-TSB3svrT-SBy3PLefKgQnNol-d6RbcSS0fapIpW_7QAfAFPdRTy67NGiprJtaRNc05-1ZFEc9aozEidURoATRmgHWhXdB120PTrzQz08rayIazZoyBpOlLzGpUPBB6u0Bu28SXCa0vjfLfMTqjvdj9tJUN8HhzhtPPE6nmtXAqY749sVPxYA11FvysxUehG7H-xo_WzLO4pfHORg959L53Bgcgrf3795rXXGJMk4lfMJmeHZsM8ycYqVM0GKaeC4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04MjcyNzg2OTk3NjEyNTY4GO3PDw&sigh=RYkUeB-xxfw&uach_m=[UACH]&cid=CAQSOwDUE5ymeCnZ9zL_AjXNae7OybwvoVDaWGbq1RE6Fal5a43tVWv2_hUn33Moustq_jCNOh7FlpH6dnr0GAE
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 0705 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1grb8tg4df4w5fp4d626b8bcs37h9mvc23tn4v0fvxsxrad5kqsg7wnyjnf6r2mcgr8hbr13k1xyqrc3pe1s167gy0ht9k0gfa7462vck4cgcskg6gm0h8nt72pksamaq6hcbw85n26dn8er745gkaaw25cdebeg7f54csbsxgbwwsmderx20zxxsdytb1z9b2ter81xj1nhsbsgpyfw6n6hqgqz3mfg6h3mhgypx7s0067tpwxcr9qbvm0bw7a4msv58r8r7aj7912gdn3x3rra5armrvazjckvc90n0j0ssj1c4hsv8cegfcza210j1qztk3gv5rtp0196a5gr9mf3brapwyj1jakesa4mw94tavw6gtkhhbehegaq1qas6xckhcnr3rg6zc0&b=Y__dnQAAfeYIu-7FAAwh0Nii107OkpLHIHCt_A
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 01 Mar 2023 23:19:57 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 77E9 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1htyjd1xr5qeapentmpz60q2xb5tcyhty1gx79bpg4d927rnw67jhmnae1zxz7hjthrzf78fe39xwwskc7zcebc4hndjjdc6d9ar74r9q61gm2wn84vxep9atp0830313skd771bzkjdta2dr6jw4vxt6ad4h4gypzfar9smrjcsqr0yze2apcg4n00tm37ant4b7jhx05t7m4y6zn1p77pdtth93nsh5c2bkjdvpxjxvhqq00fgwrkcf9qq7raj24y6whvh4swd2vwakz8t44892d5s945dfy66q9ksgpdnp38sby6szsehhthhzjxc56dk10424p3kex116s2nmqqntke0g0fsw24q3w54kfrsyy0j5bpp25s432gt9hb3g7mmdbafbv8fz2yymj4zj9q57j5syj8zfbssg7tq1s7ccq1s7ghqpqqjm40pv4n77aex52m6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbIhond3_Y-b7AcXd7_UP0MOwwA2Q4YGEXLaoworwAsCNtwEQASAAYJWKnoKwB4IBF2NhLXB1Yi04MjcyNzg2OTk3NjEyNTY4yAEJqQIPm8x7O-ixPuACAKgDAaoEjwJP0Cv8LrVjrBokdlGo3KFZ6hzRw5flhNmuuum6XIUsTZ9FcYbbILdFkWGuwp4GuecKLf28Y54-lrsx5RIjEbHoSWmOclXg5cI1c10I-TSB3svrT-SBy3PLefKgQnNol-d6RbcSS0fapIpW_7QAfAFPdRTy67NGiprJtaRNc05-1ZFEc9aozEidURoATRmgHWhXdB120PTrzQz08rayIazZoyBpOlLzGpUPBB6u0Bu28SXCa0vjfLfMTqjvdj9tJUN8HhzhtPPE6nmtXAqY749sVPxYA11FvysxUehG7H-xo_WzLO4pfDGTokyq1hqBSU9j6aS0dEfuDJmJ6HnU--dFL1HEXdgGTBjatudKS1WZ4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2zyaSZLoaDzW2mtWLJC1nNeyIy6w%26client%3Dca-pub-8272786997612568%26adurl%3D
Requested by
Host: 1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com
URL: https://1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d2f12b025a45ef5bbd1a33ab871e4f081f1a4fad78b9810118f52c273814b36
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a1520b749a8bb9d-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 01 Mar 2023 23:19:57 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 0705 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com
URL: https://1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 21:45:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
5680
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Mar 2023 21:45:17 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E0F0 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com
URL: https://1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
41864
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 01 Mar 2023 11:42:13 GMT
etag
48472445140208031
expires
Thu, 02 Mar 2023 11:42:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 0705 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com
URL: https://1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 19:26:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
14017
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5959907985313552934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Mar 2023 19:26:20 GMT
l
www.google.com/ads/measurement/ Frame 0705 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgHZgUSXHiEFmIwNthHo3HETdqqT88q8pIDR8TPuA4d3qZSwBK5_m4hbRkweJ_ymutBj-Sq1xJKnAGlAC2fpDknBfc1w
Requested by
Host: 1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com
URL: https://1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0705 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com
URL: https://1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 05:11:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
583686
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 23 Feb 2024 05:11:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0705 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com
URL: https://1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677501794595172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 01 Mar 2023 23:19:57 GMT
i.match
a.tribalfusion.com/ Frame BE3D
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726622496...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726622496...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662249692265348&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_U...
  • https://a.tribalfusion.com/i.match?p=b11&u=11AA7A7C-0CF6-4AC7-8351-B8CBA6A685A1
43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b11&u=11AA7A7C-0CF6-4AC7-8351-B8CBA6A685A1
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aBmU0hTtQ4orJnPFBtXavr3T7d5Er3naFIYbf8UWJSoAMDnVnroWfF2qQ85day3AjEpbMZcXGfS1sZb20VfnnEb33bnVVFjZbUAf1REYQPGrMQdUw1HBsWmny4s3UXbZbJTP6m2PUhRmjB4WQO1trCptaO36QR4GQ9TVQcWsMePP3oUtFVWrJP2FioUa3sWqJcSTvKScjARbZasRWQdVGb52F6xode0XEepxC2AmDTFumJynLpwdH&mediaDataID=6719746&mediaName=frame.html
Protocol
H3
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:57 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a1520b8891568fb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://a.tribalfusion.com/i.match?p=b11&u=11AA7A7C-0CF6-4AC7-8351-B8CBA6A685A1
date
Wed, 01 Mar 2023 23:19:56 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame C15B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b24&u=18072662249692265348&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24
  • https://s.tribalfusion.com/z/i.match?p=b24&u=18072662249692265348&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662249692379025
0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662249692379025
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=almU0hWrbY5bEnUaMrVEMcSTZbZdRsjIQFAvRW3dWGQT2FqvmtamXaeO3WvZaSV7Zc2m3FmtAsTWQ80r7aYFJ90qeNRUMHUU34TtBXorjxQrZbNYTFp5TJh5Tr3oT7IYFU9UdnRoAnCpVnnmHrJ2av95dIp3AfZbmFYZbXsnQYsF2XG7nnEvU5Un2TrjGUPYYQabXScroQHftYdZbtVmUu3cBU0UZbDVmm546ZbetFEFMRisyWBxOFdK0r&mediaDataID=8039566&mediaName=frame.html
Protocol
H2
Server
188.65.124.66 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-dm-lb-name
ingress-nginx-nginx-in-cluster-q8zmw
date
Wed, 01 Mar 2023 23:19:57 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:57 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
14
content-type
text/html
location
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662249692379025
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a1520b878413734-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/ Frame 0705 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36d5d35eb3e0a7669efbec9ae042b88ccd865adf7c2885859f9b4ca92faa0f2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame E0F0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGPWVzVtrYPitTVQ8vxJgf4&google_cver=1&google_push=Aa02lx-I9oY0WyNngkyMQW2udnvPRb8yI4AsRa9v8uPlo2q_ldJf2V2EcAw6Q5sUYJoyQTfGl5_-l0tAlJSzu7ni0ZfznWU3uMQemw
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzk2MzI1NjM4NTY0NjE3MjU1NQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGPWVzVtrYPitTVQ8vxJgf4&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGPWVzVtrYPitTVQ8vxJgf4&google_cver=1
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 01 Mar 2023 23:19:56 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGPWVzVtrYPitTVQ8vxJgf4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame E0F0 		35 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECEGMp4llGwQApExpeT-LpQ&google_cver=1&google_push=Aa02lx84dgj-R1HDNg3H0Wz0WK0Pv6fqQNyK0Ng93Z3NnxaTSeiAXxQiGb6JnLQCMYvZzaMyTm9S7ot-qP-yZT_lq6tyzQ0iXOlR
Requested by
Host: 1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com
URL: https://1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:57 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E0F0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBi5KAQdLMEp-GRHDR008L0&google_cver=1&google_push=Aa02lx_-viYVE1b8FUTZFqyU6C3JGc0G1rO0NentPJUG23VVROSAZ25XCn-o3rQgTe2D25vXkQiJo2MNxMWS9IZH...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_-viYVE1b8FUTZFqyU6C3JGc0G1rO0NentPJUG23VVROSAZ25XCn-o3rQgTe2D25vXkQiJo2MNxMWS9IZH4v7OfQG5dNFk
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_-viYVE1b8FUTZFqyU6C3JGc0G1rO0NentPJUG23VVROSAZ25XCn-o3rQgTe2D25vXkQiJo2MNxMWS9IZH4v7OfQG5dNFk
Requested by
Host: 1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com
URL: https://1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
142.251.208.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 01 Mar 2023 23:19:57 GMT
Server
MT3 530 4e92630 master cdg-pixel-x26 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_-viYVE1b8FUTZFqyU6C3JGc0G1rO0NentPJUG23VVROSAZ25XCn-o3rQgTe2D25vXkQiJo2MNxMWS9IZH4v7OfQG5dNFk
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 01 Mar 2023 23:19:56 GMT
pixel
cm.g.doubleclick.net/ Frame E0F0
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPasP0Pi81bLYiuzJZXO_tg&google_cver=1&google_push=Aa02lx-5Cw5F_sWOUTCmYhZP0FixZCYwzEwMnRrKkp-8pnweVIIr5r7n36Ednqii7wgeZDKp0nCqdJoti0dm5yyv...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx-5Cw5F_sWOUTCmYhZP0FixZCYwzEwMnRrKkp-8pnweVIIr5r7n36Ednqii7wgeZDKp0nCqdJoti0dm5yyvNL6sqIKE3xZcKQ
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx-5Cw5F_sWOUTCmYhZP0FixZCYwzEwMnRrKkp-8pnweVIIr5r7n36Ednqii7wgeZDKp0nCqdJoti0dm5yyvNL6sqIKE3xZcKQ
Requested by
Host: 1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com
URL: https://1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
142.251.208.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 01 Mar 2023 23:19:57 GMT
via
1.1 cb8e2cd001e8928a49dc551941d5c7da.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
LHR50-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx-5Cw5F_sWOUTCmYhZP0FixZCYwzEwMnRrKkp-8pnweVIIr5r7n36Ednqii7wgeZDKp0nCqdJoti0dm5yyvNL6sqIKE3xZcKQ
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
kPhqPOpr3y2gcHqmGxUUbin9wizVrFNFBs1UuTJZdiV-jZ0kY3eCvw==
pixel
cm.g.doubleclick.net/ Frame E0F0
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFqGq4EB3kJVwZutXkSDc14&google_cver=1&google_push=Aa02lx_KcxjjDaofEYsheXjTg9AtM6-FDf7YTsNWGZjWtv7r0nZB7mCVq2FD2pnTxBTFkdtKgHt6Ox9ZUlJW...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_KcxjjDaofEYsheXjTg9AtM6-FDf7YTsNWGZjWtv7r0nZB7mCVq2FD2pnTxBTFkdtKgHt6Ox9ZUlJWsAEPJYLhKgoef_wO
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_KcxjjDaofEYsheXjTg9AtM6-FDf7YTsNWGZjWtv7r0nZB7mCVq2FD2pnTxBTFkdtKgHt6Ox9ZUlJWsAEPJYLhKgoef_wO
Requested by
Host: 1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com
URL: https://1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
142.251.208.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_KcxjjDaofEYsheXjTg9AtM6-FDf7YTsNWGZjWtv7r0nZB7mCVq2FD2pnTxBTFkdtKgHt6Ox9ZUlJWsAEPJYLhKgoef_wO
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame E0F0
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEO...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx_4D-DyrIP1Q1B1oJxMgXX3aw1X_lNi_YwEUUiOPiMEH_BUwjZPXAP5LksBVXZP2v-pQlffrZwEFCYtbqlrK5EE9Q5ZdUKMVg&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-d1369838-ba92-42d6-810a-968aa3c173ae-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx_4D-DyrIP1Q1B1oJxMg...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_4D-DyrIP1Q1B1oJxMgXX3aw1X_lNi_YwEUUiOPiMEH_BUwjZPXAP5LksBVXZP2v-pQlffrZwEFCYtbqlrK5EE9Q5ZdUKMVg&google_hm=A9E2mDi6kkLWgQqWiqPBc64
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_4D-DyrIP1Q1B1oJxMgXX3aw1X_lNi_YwEUUiOPiMEH_BUwjZPXAP5LksBVXZP2v-pQlffrZwEFCYtbqlrK5EE9Q5ZdUKMVg&google_hm=A9E2mDi6kkLWgQqWiqPBc64
Requested by
Host: 1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com
URL: https://1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
142.251.208.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_4D-DyrIP1Q1B1oJxMgXX3aw1X_lNi_YwEUUiOPiMEH_BUwjZPXAP5LksBVXZP2v-pQlffrZwEFCYtbqlrK5EE9Q5ZdUKMVg&google_hm=A9E2mDi6kkLWgQqWiqPBc64
date
Wed, 01 Mar 2023 23:19:57 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXd1369838ba9242d6810a968aa3c173ae003
content-type
text/html
/
onetag-sys.com/match/ Frame E0F0
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFqGq4EB3kJVwZutXkSDc14&google_cver=1&google_push=Aa02lx92U6wllitJCwpaE0ofGtlRF08fd7CKY1DmnUxgq7QPjrBaTC8c35DT4Hz4RCjuUxq7g0RIFyy9KZB...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx92U6wllitJCwpaE0ofGtlRF08fd7CKY1DmnUxgq7QPjrBaTC8c35DT4Hz4RCjuUxq7g0RIFyy9KZBAABSfZrP_OK8Ov0xctQ
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: www.gmflmidland.org
URL: http://www.gmflmidland.org/
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame E0F0 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ly2C8mbn_-U9HjZUWEQvlRsHLYCHXO7AqxmiD-W2dcCuIOf1ZdI9GkswKA2PpauHfRpiolcw
Requested by
Host: 1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com
URL: https://1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:57 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame 77E9 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1htyjd1xr5qeapentmpz60q2xb5tcyhty1gx79bpg4d927rnw67jhmnae1zxz7hjthrzf78fe39xwwskc7zcebc4hndjjdc6d9ar74r9q61gm2wn84vxep9atp0830313skd771bzkjdta2dr6jw4vxt6ad4h4gypzfar9smrjcsqr0yze2apcg4n00tm37ant4b7jhx05t7m4y6zn1p77pdtth93nsh5c2bkjdvpxjxvhqq00fgwrkcf9qq7raj24y6whvh4swd2vwakz8t44892d5s945dfy66q9ksgpdnp38sby6szsehhthhzjxc56dk10424p3kex116s2nmqqntke0g0fsw24q3w54kfrsyy0j5bpp25s432gt9hb3g7mmdbafbv8fz2yymj4zj9q57j5syj8zfbssg7tq1s7ccq1s7ghqpqqjm40pv4n77aex52m6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbIhond3_Y-b7AcXd7_UP0MOwwA2Q4YGEXLaoworwAsCNtwEQASAAYJWKnoKwB4IBF2NhLXB1Yi04MjcyNzg2OTk3NjEyNTY4yAEJqQIPm8x7O-ixPuACAKgDAaoEjwJP0Cv8LrVjrBokdlGo3KFZ6hzRw5flhNmuuum6XIUsTZ9FcYbbILdFkWGuwp4GuecKLf28Y54-lrsx5RIjEbHoSWmOclXg5cI1c10I-TSB3svrT-SBy3PLefKgQnNol-d6RbcSS0fapIpW_7QAfAFPdRTy67NGiprJtaRNc05-1ZFEc9aozEidURoATRmgHWhXdB120PTrzQz08rayIazZoyBpOlLzGpUPBB6u0Bu28SXCa0vjfLfMTqjvdj9tJUN8HhzhtPPE6nmtXAqY749sVPxYA11FvysxUehG7H-xo_WzLO4pfDGTokyq1hqBSU9j6aS0dEfuDJmJ6HnU--dFL1HEXdgGTBjatudKS1WZ4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2zyaSZLoaDzW2mtWLJC1nNeyIy6w%26client%3Dca-pub-8272786997612568%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1htyjd1xr5qeapentmpz60q2xb5tcyhty1gx79bpg4d927rnw67jhmnae1zxz7hjthrzf78fe39xwwskc7zcebc4hndjjdc6d9ar74r9q61gm2wn84vxep9atp0830313skd771bzkjdta2dr6jw4vxt6ad4h4gypzfar9smrjcsqr0yze2apcg4n00tm37ant4b7jhx05t7m4y6zn1p77pdtth93nsh5c2bkjdvpxjxvhqq00fgwrkcf9qq7raj24y6whvh4swd2vwakz8t44892d5s945dfy66q9ksgpdnp38sby6szsehhthhzjxc56dk10424p3kex116s2nmqqntke0g0fsw24q3w54kfrsyy0j5bpp25s432gt9hb3g7mmdbafbv8fz2yymj4zj9q57j5syj8zfbssg7tq1s7ccq1s7ghqpqqjm40pv4n77aex52m6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbIhond3_Y-b7AcXd7_UP0MOwwA2Q4YGEXLaoworwAsCNtwEQASAAYJWKnoKwB4IBF2NhLXB1Yi04MjcyNzg2OTk3NjEyNTY4yAEJqQIPm8x7O-ixPuACAKgDAaoEjwJP0Cv8LrVjrBokdlGo3KFZ6hzRw5flhNmuuum6XIUsTZ9FcYbbILdFkWGuwp4GuecKLf28Y54-lrsx5RIjEbHoSWmOclXg5cI1c10I-TSB3svrT-SBy3PLefKgQnNol-d6RbcSS0fapIpW_7QAfAFPdRTy67NGiprJtaRNc05-1ZFEc9aozEidURoATRmgHWhXdB120PTrzQz08rayIazZoyBpOlLzGpUPBB6u0Bu28SXCa0vjfLfMTqjvdj9tJUN8HhzhtPPE6nmtXAqY749sVPxYA11FvysxUehG7H-xo_WzLO4pfDGTokyq1hqBSU9j6aS0dEfuDJmJ6HnU--dFL1HEXdgGTBjatudKS1WZ4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2zyaSZLoaDzW2mtWLJC1nNeyIy6w%26client%3Dca-pub-8272786997612568%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1677666448
age
45986
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 10:28:06 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1677666486645030
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56qijwbn0wxDFFNvQnoHMi6pWmQny7ESzJy%2FmsKyC6XLZJb7lNWa%2BCbsvK%2FtD2x6XdiA4Fnlhsg67ht95KqSD%2BgxcQxtToHx%2FlVaEBf2nzWhfJk20GgKSRB9n%2F0Y296Ic5CE4rut6M8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7a1520b789d9bb9d-FRA
expires
Thu, 02 Mar 2023 00:19:57 GMT
r62eglto.js
ad4m.at/ Frame 77E9 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1htyjd1xr5qeapentmpz60q2xb5tcyhty1gx79bpg4d927rnw67jhmnae1zxz7hjthrzf78fe39xwwskc7zcebc4hndjjdc6d9ar74r9q61gm2wn84vxep9atp0830313skd771bzkjdta2dr6jw4vxt6ad4h4gypzfar9smrjcsqr0yze2apcg4n00tm37ant4b7jhx05t7m4y6zn1p77pdtth93nsh5c2bkjdvpxjxvhqq00fgwrkcf9qq7raj24y6whvh4swd2vwakz8t44892d5s945dfy66q9ksgpdnp38sby6szsehhthhzjxc56dk10424p3kex116s2nmqqntke0g0fsw24q3w54kfrsyy0j5bpp25s432gt9hb3g7mmdbafbv8fz2yymj4zj9q57j5syj8zfbssg7tq1s7ccq1s7ghqpqqjm40pv4n77aex52m6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbIhond3_Y-b7AcXd7_UP0MOwwA2Q4YGEXLaoworwAsCNtwEQASAAYJWKnoKwB4IBF2NhLXB1Yi04MjcyNzg2OTk3NjEyNTY4yAEJqQIPm8x7O-ixPuACAKgDAaoEjwJP0Cv8LrVjrBokdlGo3KFZ6hzRw5flhNmuuum6XIUsTZ9FcYbbILdFkWGuwp4GuecKLf28Y54-lrsx5RIjEbHoSWmOclXg5cI1c10I-TSB3svrT-SBy3PLefKgQnNol-d6RbcSS0fapIpW_7QAfAFPdRTy67NGiprJtaRNc05-1ZFEc9aozEidURoATRmgHWhXdB120PTrzQz08rayIazZoyBpOlLzGpUPBB6u0Bu28SXCa0vjfLfMTqjvdj9tJUN8HhzhtPPE6nmtXAqY749sVPxYA11FvysxUehG7H-xo_WzLO4pfDGTokyq1hqBSU9j6aS0dEfuDJmJ6HnU--dFL1HEXdgGTBjatudKS1WZ4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2zyaSZLoaDzW2mtWLJC1nNeyIy6w%26client%3Dca-pub-8272786997612568%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Jan 2023 15:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2968
etag
W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCDZLUiQ0U04HYW%2FZxkilxKflJPAwNG5BbPljShfJm7e9Bzk%2B1G4dL4HKftED7e5XhYy%2BlmMolk0UqLJ%2BVklBDxlq4fJOz3C4VrqrQOYTtt0rhfLcB2drNHLlFuTxuF976SBs%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7a1520b789dabb9d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 27 Feb 2023 22:45:45 GMT
cm
us-u.openx.net/w/1.0/ Frame 417B 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aAmU0hTFfHUAv5RTn3SsBqSt7uYd7rW63p2cM4XFvIVmuu4A3dPmMG3dQyXHUCpdIm3mYS5sj9VsBdWsj8RAYnUWnWUr725bTtUqQvWqnlQEBKScJZaQUmsPHMiWcbU4binodiy0auu4dvZdPcBZc26nKmdItUdj8XUnbYFYfXaiMRrJGWUrSWWnXnUfvQrrt1EMp5afc2qU3mEZbDXbUfWHMXoArans7wU8PGyBiextmFpWmRVE&mediaDataID=6546596&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:57 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
i.match
a.tribalfusion.com/ Frame 8570
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662249692265348&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&cm_dsp_id=131&external_user_id=18072662249692265348&C=1
  • https://a.tribalfusion.com/i.match?p=b20&u=Y--dnalqEzSo.XIhOnrHcAAA
43 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b20&u=Y--dnalqEzSo.XIhOnrHcAAA
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aEmU0horJoRUjr1T3r5TFj2aU5nTJCXrjfUWBSmP3KpGruoWvG3TZbj2HiM3PjEprnG0VnPYcF5XVnxnEf43FY5VrFEWAv4REj4ScnMPWjr1dvtVPMw3Gn00UQDTAim4mB8R6bJ4H3qXW3AmHem3mvT3sM7UVraWVbfRAFuWd33UbM15beuVTUnVaBdPqBZaQVfZbPFExPWU9WGUT5U6xodqO0qqV2WbZds9ZaDOreZcTdXHnayUyM&mediaDataID=6530936&mediaName=frame.html
Protocol
H3
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:57 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a1520b8791268fb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 01 Mar 2023 23:19:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://a.tribalfusion.com/i.match?p=b20&u=Y--dnalqEzSo.XIhOnrHcAAA
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
i.match
a.tribalfusion.com/ Frame 9C6D
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662249692265348
  • https://a.tribalfusion.com/i.match?p=b23&u=220033204442004022020
43 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b23&u=220033204442004022020
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aFmU0hUqrmTTQcSEQIQG3LRrIrPWU8WG354U2mmtAq0qyn2trAQVrA5AUEmtZaOVWFf0rnaYUYgXqytRrYZbUF3PVHM3mrJoRUMn1Evy4qja4q73mqjLXrbcWH7XmmfLncjmmHnK5T3g5tiN46ZbEpb3J0GvQXVv50s7wnEvT5U32VUnFUAUTQEQ2PsnOPWUyYtBtVPYn4cr0XFMIU6iw2PZbeR67l2dZbOMouZdP8Mxv6B8pPSBJP&mediaDataID=7665496&mediaName=frame.html
Protocol
H3
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:57 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a1520b9198368fb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:57 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://a.tribalfusion.com/i.match?p=b23&u=220033204442004022020
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 77E9 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1747
x-guploader-uploadid
ADPycds4_fkNWsUn9dqbK6vvrl69R7e2yptmTdP7xpUchNj65TN_2MLwN7wim7e5PV-VpnLQR6Er5SZaeY4xOYgj7O9fMJM4tduP
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qysRLh2mHF1OnREMHQQ8WAEKM%2FygEFGJAyRUyBUhaMPa63Y%2FjRYkLOmZ3d4Xet6j5xXOptTMPKuGl7Xug1CWYQMtNJD6NMwkU0yBsTaM3SxrXTrWeM2ob2gb6JuFiWi0X4U7IYwy48Vk7fRFeuH9hGCn"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7a1520b7fd44364d-FRA
expires
Wed, 01 Mar 2023 23:07:01 GMT
frame.html
ad4m.at/ Frame 7679 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2246069
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7a1520b7e9c7694b-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 01 Mar 2023 23:19:57 GMT
expires
Thu, 19 Jan 2023 19:22:47 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7tw3vPsGufIaum4IAErF4Z8dJZJGmEfQykmTx7E3XAJEQBumO4kCboJZKNg%2B%2Bt5ThXWnikaSmLGJCMPi01%2B%2Ff2spymoBG9XvWZslz2HHgIf1o4VQzH%2FSqRxL4N%2Bb1ztpoFud9E%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rs
ad4m.at/ Frame 77E9 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
722280e81c0ddd7f21f5594306ac368d15d888709ec94333e01b5686d3c6e2fb

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 01 Mar 2023 23:19:57 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=14v2gU2tgt%2BdztUoJ5eGmx2Ek07fzO6WNvz%2FAF3ha9Jz09p7HmSKRUPOv9%2FkwAXoUp5%2FCEWK%2ByrjMjKBYeYpCmGQ0xw3uCwAMd%2Fn5P4W6CZDGfXIfX6BWgNasrUEInPFe0riCNY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7a1520b86df73a86-FRA
x-backend-server
aa-reachservice-group-europe-west1-rv5g
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a1520b83dc93a86-FRA
content-length
24
content-type
text/plain
date
Wed, 01 Mar 2023 23:19:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgTHrnjr2IBozgUS1cGOdB6iP7rPg%2FGj1UiwxCl2KslGusGBn94ubKyOKLY3Q9esE%2FdOAJA5HSu8aO98hwczKiPxLWeZmAHnSEcY42rOysI68ijyLw%2F4ExyaF8CW5j9OejSy8MM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-rv5g
i.match
a.tribalfusion.com/ Frame B735
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662249692265348&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662249692265348&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D
  • https://a.tribalfusion.com/i.match?p=b13&u=80208892439739300010112766904287312891
43 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b13&u=80208892439739300010112766904287312891
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aCmVCG5bEnUqrsVaFaPEnZaQVfZcQFqoSWYiWGYT4UTmod6MXauy2tbDPsfZd263EmdZaNVHJ7Xbfd1FQf0qaMRrUZcUbrYVtUUorYqRUJNXaMy5EUi5aQ3mqjH1rBgTHnToPbBmGnopWYF5EUe5HeN5PrEnrvEXsfWXGZbT1VZbnnTbQ2bQWVUjEUAvTPTb1ScQMPWUx0dJxV6YN4sUUYFnIUAau5mn8Q67E4WZbOXWBAnVuv36Ayw8Pcp82ZbUb7Y67ORXZa&mediaDataID=5578346&mediaName=frame.html
Protocol
H3
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:57 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a1520b9ca1d68fb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS
dcs-prod-irl1-1-v046-09eff2095.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
HG0fVnG7SEE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://a.tribalfusion.com/i.match?p=b13&u=80208892439739300010112766904287312891
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
usermatch.gif
beacon.krxd.net/ Frame 9669
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b22&u=18072662249692265348&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24
  • https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662249692414575
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662249692414575
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aGmU0hREMXScUtQW7N0tBnT6Qn3GJ4XFrDT6Pn4Av9R6fI2H3m0HBZamWAn3mU03sveVsQdWcMhPAZbuUtU3Ub7S3UeoWqrnTTB6STMFRsfCPbusRtQaVsYP2FyxmWqrXTav4dMZaSVbH2mUHpHiNVHfc0bvbXbbg0TisRrJHWUYSVdJ2orbxQrvrXEvn4qUj2aY3maBK1b7cUWZbSnPfBpG7wmHri3qZb7wRJnNFXZdWrbOmhWqfe&mediaDataID=6807466&mediaName=frame.html
Protocol
H2
Server
54.73.101.116 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-served-by
beacon-n005-dub-prod.krxd.net
date
Wed, 01 Mar 2023 23:19:58 GMT
cache-control
private, no-cache, no-store
x-request-time
D=45 t=1677712798
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:57 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
39
content-type
text/html
location
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662249692414575
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a1520b858153734-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
rar
as.ad4m.at/ad/ Frame EF35 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=117569%2C13957%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=3ea213648c37644f8268ff6520ffa643%2F7937108062669416689&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677712797518&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k89tmp6k36n1qrr92bamaxkex19v7c5dxwh8gvhxt7fespf82zt71fn6rpc740d1ws347fceea5v9zg4bpaxaz9vx40dchb4epyw5a830t358a5mqpsy7njch4531hyn0dz8y4d9q8jf4yvp9maqw2fgt6qhq26m6b6bcxkty4qdt9jsdft0w9dnz7mc2jwa4bd7fp48darshkzc7m7v9epzcsrz0asjtps1pnev3kxc6qs4bh2y8f18qdnc01qsnzz5e9fzfpvvanzb6rzq3ja%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbIhond3_Y-b7AcXd7_UP0MOwwA2Q4YGEXLaoworwAsCNtwEQASAAYJWKnoKwB4IBF2NhLXB1Yi04MjcyNzg2OTk3NjEyNTY4yAEJqQIPm8x7O-ixPuACAKgDAaoEjwJP0Cv8LrVjrBokdlGo3KFZ6hzRw5flhNmuuum6XIUsTZ9FcYbbILdFkWGuwp4GuecKLf28Y54-lrsx5RIjEbHoSWmOclXg5cI1c10I-TSB3svrT-SBy3PLefKgQnNol-d6RbcSS0fapIpW_7QAfAFPdRTy67NGiprJtaRNc05-1ZFEc9aozEidURoATRmgHWhXdB120PTrzQz08rayIazZoyBpOlLzGpUPBB6u0Bu28SXCa0vjfLfMTqjvdj9tJUN8HhzhtPPE6nmtXAqY749sVPxYA11FvysxUehG7H-xo_WzLO4pfDGTokyq1hqBSU9j6aS0dEfuDJmJ6HnU--dFL1HEXdgGTBjatudKS1WZ4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2zyaSZLoaDzW2mtWLJC1nNeyIy6w%2526client%253Dca-pub-8272786997612568%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec0e3f25210ce28047c540fc16a6d812be1fb1627540dbbc9de2c16177baa209
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1htyjd1xr5qeapentmpz60q2xb5tcyhty1gx79bpg4d927rnw67jhmnae1zxz7hjthrzf78fe39xwwskc7zcebc4hndjjdc6d9ar74r9q61gm2wn84vxep9atp0830313skd771bzkjdta2dr6jw4vxt6ad4h4gypzfar9smrjcsqr0yze2apcg4n00tm37ant4b7jhx05t7m4y6zn1p77pdtth93nsh5c2bkjdvpxjxvhqq00fgwrkcf9qq7raj24y6whvh4swd2vwakz8t44892d5s945dfy66q9ksgpdnp38sby6szsehhthhzjxc56dk10424p3kex116s2nmqqntke0g0fsw24q3w54kfrsyy0j5bpp25s432gt9hb3g7mmdbafbv8fz2yymj4zj9q57j5syj8zfbssg7tq1s7ccq1s7ghqpqqjm40pv4n77aex52m6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbIhond3_Y-b7AcXd7_UP0MOwwA2Q4YGEXLaoworwAsCNtwEQASAAYJWKnoKwB4IBF2NhLXB1Yi04MjcyNzg2OTk3NjEyNTY4yAEJqQIPm8x7O-ixPuACAKgDAaoEjwJP0Cv8LrVjrBokdlGo3KFZ6hzRw5flhNmuuum6XIUsTZ9FcYbbILdFkWGuwp4GuecKLf28Y54-lrsx5RIjEbHoSWmOclXg5cI1c10I-TSB3svrT-SBy3PLefKgQnNol-d6RbcSS0fapIpW_7QAfAFPdRTy67NGiprJtaRNc05-1ZFEc9aozEidURoATRmgHWhXdB120PTrzQz08rayIazZoyBpOlLzGpUPBB6u0Bu28SXCa0vjfLfMTqjvdj9tJUN8HhzhtPPE6nmtXAqY749sVPxYA11FvysxUehG7H-xo_WzLO4pfDGTokyq1hqBSU9j6aS0dEfuDJmJ6HnU--dFL1HEXdgGTBjatudKS1WZ4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2zyaSZLoaDzW2mtWLJC1nNeyIy6w%26client%3Dca-pub-8272786997612568%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a1520b8ba7b694b-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 01 Mar 2023 23:19:57 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame EF35 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=3ea213648c37644f8268ff6520ffa643%2F7937108062669416689&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677712797518&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k89tmp6k36n1qrr92bamaxkex19v7c5dxwh8gvhxt7fespf82zt71fn6rpc740d1ws347fceea5v9zg4bpaxaz9vx40dchb4epyw5a830t358a5mqpsy7njch4531hyn0dz8y4d9q8jf4yvp9maqw2fgt6qhq26m6b6bcxkty4qdt9jsdft0w9dnz7mc2jwa4bd7fp48darshkzc7m7v9epzcsrz0asjtps1pnev3kxc6qs4bh2y8f18qdnc01qsnzz5e9fzfpvvanzb6rzq3ja%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbIhond3_Y-b7AcXd7_UP0MOwwA2Q4YGEXLaoworwAsCNtwEQASAAYJWKnoKwB4IBF2NhLXB1Yi04MjcyNzg2OTk3NjEyNTY4yAEJqQIPm8x7O-ixPuACAKgDAaoEjwJP0Cv8LrVjrBokdlGo3KFZ6hzRw5flhNmuuum6XIUsTZ9FcYbbILdFkWGuwp4GuecKLf28Y54-lrsx5RIjEbHoSWmOclXg5cI1c10I-TSB3svrT-SBy3PLefKgQnNol-d6RbcSS0fapIpW_7QAfAFPdRTy67NGiprJtaRNc05-1ZFEc9aozEidURoATRmgHWhXdB120PTrzQz08rayIazZoyBpOlLzGpUPBB6u0Bu28SXCa0vjfLfMTqjvdj9tJUN8HhzhtPPE6nmtXAqY749sVPxYA11FvysxUehG7H-xo_WzLO4pfDGTokyq1hqBSU9j6aS0dEfuDJmJ6HnU--dFL1HEXdgGTBjatudKS1WZ4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2zyaSZLoaDzW2mtWLJC1nNeyIy6w%2526client%253Dca-pub-8272786997612568%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=117569%2C13957%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=3ea213648c37644f8268ff6520ffa643%2F7937108062669416689&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677712797518&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k89tmp6k36n1qrr92bamaxkex19v7c5dxwh8gvhxt7fespf82zt71fn6rpc740d1ws347fceea5v9zg4bpaxaz9vx40dchb4epyw5a830t358a5mqpsy7njch4531hyn0dz8y4d9q8jf4yvp9maqw2fgt6qhq26m6b6bcxkty4qdt9jsdft0w9dnz7mc2jwa4bd7fp48darshkzc7m7v9epzcsrz0asjtps1pnev3kxc6qs4bh2y8f18qdnc01qsnzz5e9fzfpvvanzb6rzq3ja%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbIhond3_Y-b7AcXd7_UP0MOwwA2Q4YGEXLaoworwAsCNtwEQASAAYJWKnoKwB4IBF2NhLXB1Yi04MjcyNzg2OTk3NjEyNTY4yAEJqQIPm8x7O-ixPuACAKgDAaoEjwJP0Cv8LrVjrBokdlGo3KFZ6hzRw5flhNmuuum6XIUsTZ9FcYbbILdFkWGuwp4GuecKLf28Y54-lrsx5RIjEbHoSWmOclXg5cI1c10I-TSB3svrT-SBy3PLefKgQnNol-d6RbcSS0fapIpW_7QAfAFPdRTy67NGiprJtaRNc05-1ZFEc9aozEidURoATRmgHWhXdB120PTrzQz08rayIazZoyBpOlLzGpUPBB6u0Bu28SXCa0vjfLfMTqjvdj9tJUN8HhzhtPPE6nmtXAqY749sVPxYA11FvysxUehG7H-xo_WzLO4pfDGTokyq1hqBSU9j6aS0dEfuDJmJ6HnU--dFL1HEXdgGTBjatudKS1WZ4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2zyaSZLoaDzW2mtWLJC1nNeyIy6w%2526client%253Dca-pub-8272786997612568%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1677666448
age
45986
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 10:28:06 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1677666486645030
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zay%2Bf56huWS6e5igNbFLKki2vnV3ZbXyKHeT0KTBOLW8jpcJ%2BltfK4mNN4OVqXhGAs%2BoBnoUP506c3NcsrUMcNc9phi7rnK0kjcFdcDim9tWoWVx7hDJR%2BKI0avPWaRD6FUTbcS%2FAos%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7a1520b91af7694b-FRA
expires
Thu, 02 Mar 2023 00:19:57 GMT
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame EF35 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=3ea213648c37644f8268ff6520ffa643%2F7937108062669416689&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677712797518&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k89tmp6k36n1qrr92bamaxkex19v7c5dxwh8gvhxt7fespf82zt71fn6rpc740d1ws347fceea5v9zg4bpaxaz9vx40dchb4epyw5a830t358a5mqpsy7njch4531hyn0dz8y4d9q8jf4yvp9maqw2fgt6qhq26m6b6bcxkty4qdt9jsdft0w9dnz7mc2jwa4bd7fp48darshkzc7m7v9epzcsrz0asjtps1pnev3kxc6qs4bh2y8f18qdnc01qsnzz5e9fzfpvvanzb6rzq3ja%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbIhond3_Y-b7AcXd7_UP0MOwwA2Q4YGEXLaoworwAsCNtwEQASAAYJWKnoKwB4IBF2NhLXB1Yi04MjcyNzg2OTk3NjEyNTY4yAEJqQIPm8x7O-ixPuACAKgDAaoEjwJP0Cv8LrVjrBokdlGo3KFZ6hzRw5flhNmuuum6XIUsTZ9FcYbbILdFkWGuwp4GuecKLf28Y54-lrsx5RIjEbHoSWmOclXg5cI1c10I-TSB3svrT-SBy3PLefKgQnNol-d6RbcSS0fapIpW_7QAfAFPdRTy67NGiprJtaRNc05-1ZFEc9aozEidURoATRmgHWhXdB120PTrzQz08rayIazZoyBpOlLzGpUPBB6u0Bu28SXCa0vjfLfMTqjvdj9tJUN8HhzhtPPE6nmtXAqY749sVPxYA11FvysxUehG7H-xo_WzLO4pfDGTokyq1hqBSU9j6aS0dEfuDJmJ6HnU--dFL1HEXdgGTBjatudKS1WZ4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2zyaSZLoaDzW2mtWLJC1nNeyIy6w%2526client%253Dca-pub-8272786997612568%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2149370
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ULB5r1jtc%2B4YUpEMdURzmnIEdbNxm69yGToyH08tvBRgQNMBwPODGrpZNg%2FGoooTijroJjpCJVLURmU0sh%2FRnTaOWB3clZphGvVuUlvOeCawP79fon9IfbZp1E%2Bmhsp5ohx0X6P%2BOgPGuRv"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a1520b91b15bb9d-FRA
expires
Thu, 02 Mar 2023 23:19:57 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame EF35 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=3ea213648c37644f8268ff6520ffa643%2F7937108062669416689&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677712797518&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k89tmp6k36n1qrr92bamaxkex19v7c5dxwh8gvhxt7fespf82zt71fn6rpc740d1ws347fceea5v9zg4bpaxaz9vx40dchb4epyw5a830t358a5mqpsy7njch4531hyn0dz8y4d9q8jf4yvp9maqw2fgt6qhq26m6b6bcxkty4qdt9jsdft0w9dnz7mc2jwa4bd7fp48darshkzc7m7v9epzcsrz0asjtps1pnev3kxc6qs4bh2y8f18qdnc01qsnzz5e9fzfpvvanzb6rzq3ja%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbIhond3_Y-b7AcXd7_UP0MOwwA2Q4YGEXLaoworwAsCNtwEQASAAYJWKnoKwB4IBF2NhLXB1Yi04MjcyNzg2OTk3NjEyNTY4yAEJqQIPm8x7O-ixPuACAKgDAaoEjwJP0Cv8LrVjrBokdlGo3KFZ6hzRw5flhNmuuum6XIUsTZ9FcYbbILdFkWGuwp4GuecKLf28Y54-lrsx5RIjEbHoSWmOclXg5cI1c10I-TSB3svrT-SBy3PLefKgQnNol-d6RbcSS0fapIpW_7QAfAFPdRTy67NGiprJtaRNc05-1ZFEc9aozEidURoATRmgHWhXdB120PTrzQz08rayIazZoyBpOlLzGpUPBB6u0Bu28SXCa0vjfLfMTqjvdj9tJUN8HhzhtPPE6nmtXAqY749sVPxYA11FvysxUehG7H-xo_WzLO4pfDGTokyq1hqBSU9j6aS0dEfuDJmJ6HnU--dFL1HEXdgGTBjatudKS1WZ4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2zyaSZLoaDzW2mtWLJC1nNeyIy6w%2526client%253Dca-pub-8272786997612568%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2660053
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=atoUJV4HG5lAL6amE2B%2Fqv7FCenmSQWs9GdFQMDdXWgDAfki18p7BIkceO0ivjuoED7bv%2BHvuJTsxl0gfSEl7ga4bjt%2FbakHpNfnoDKUxXmUyQknaMh%2FqWQP%2BM2DwOu6HzXTnVE4ERdWb%2BdU"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a1520b91b1abb9d-FRA
expires
Thu, 02 Mar 2023 23:19:57 GMT
cshow.php
www.awin1.com/ Frame EF35 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=3ea213648c37644f8268ff6520ffa643%2F7937108062669416689&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677712797518&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k89tmp6k36n1qrr92bamaxkex19v7c5dxwh8gvhxt7fespf82zt71fn6rpc740d1ws347fceea5v9zg4bpaxaz9vx40dchb4epyw5a830t358a5mqpsy7njch4531hyn0dz8y4d9q8jf4yvp9maqw2fgt6qhq26m6b6bcxkty4qdt9jsdft0w9dnz7mc2jwa4bd7fp48darshkzc7m7v9epzcsrz0asjtps1pnev3kxc6qs4bh2y8f18qdnc01qsnzz5e9fzfpvvanzb6rzq3ja%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbIhond3_Y-b7AcXd7_UP0MOwwA2Q4YGEXLaoworwAsCNtwEQASAAYJWKnoKwB4IBF2NhLXB1Yi04MjcyNzg2OTk3NjEyNTY4yAEJqQIPm8x7O-ixPuACAKgDAaoEjwJP0Cv8LrVjrBokdlGo3KFZ6hzRw5flhNmuuum6XIUsTZ9FcYbbILdFkWGuwp4GuecKLf28Y54-lrsx5RIjEbHoSWmOclXg5cI1c10I-TSB3svrT-SBy3PLefKgQnNol-d6RbcSS0fapIpW_7QAfAFPdRTy67NGiprJtaRNc05-1ZFEc9aozEidURoATRmgHWhXdB120PTrzQz08rayIazZoyBpOlLzGpUPBB6u0Bu28SXCa0vjfLfMTqjvdj9tJUN8HhzhtPPE6nmtXAqY749sVPxYA11FvysxUehG7H-xo_WzLO4pfDGTokyq1hqBSU9j6aS0dEfuDJmJ6HnU--dFL1HEXdgGTBjatudKS1WZ4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2zyaSZLoaDzW2mtWLJC1nNeyIy6w%2526client%253Dca-pub-8272786997612568%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.44.80 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Mar 2023 23:19:57 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame EF35 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=3ea213648c37644f8268ff6520ffa643%2F7937108062669416689&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677712797518&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k89tmp6k36n1qrr92bamaxkex19v7c5dxwh8gvhxt7fespf82zt71fn6rpc740d1ws347fceea5v9zg4bpaxaz9vx40dchb4epyw5a830t358a5mqpsy7njch4531hyn0dz8y4d9q8jf4yvp9maqw2fgt6qhq26m6b6bcxkty4qdt9jsdft0w9dnz7mc2jwa4bd7fp48darshkzc7m7v9epzcsrz0asjtps1pnev3kxc6qs4bh2y8f18qdnc01qsnzz5e9fzfpvvanzb6rzq3ja%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbIhond3_Y-b7AcXd7_UP0MOwwA2Q4YGEXLaoworwAsCNtwEQASAAYJWKnoKwB4IBF2NhLXB1Yi04MjcyNzg2OTk3NjEyNTY4yAEJqQIPm8x7O-ixPuACAKgDAaoEjwJP0Cv8LrVjrBokdlGo3KFZ6hzRw5flhNmuuum6XIUsTZ9FcYbbILdFkWGuwp4GuecKLf28Y54-lrsx5RIjEbHoSWmOclXg5cI1c10I-TSB3svrT-SBy3PLefKgQnNol-d6RbcSS0fapIpW_7QAfAFPdRTy67NGiprJtaRNc05-1ZFEc9aozEidURoATRmgHWhXdB120PTrzQz08rayIazZoyBpOlLzGpUPBB6u0Bu28SXCa0vjfLfMTqjvdj9tJUN8HhzhtPPE6nmtXAqY749sVPxYA11FvysxUehG7H-xo_WzLO4pfDGTokyq1hqBSU9j6aS0dEfuDJmJ6HnU--dFL1HEXdgGTBjatudKS1WZ4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2zyaSZLoaDzW2mtWLJC1nNeyIy6w%2526client%253Dca-pub-8272786997612568%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccc415761dc5487c6d953e1ff0de4904b7bca42512371811d84e712253628f97

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2432686
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54554
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1YJXszL%2FscvZ1cNjZQe%2F8YLFYqejcA%2B5I6ckmW7K3i%2FHrlQdd0jneJ7MYhhff4rJpewITVZLljDf3OmBb%2Fl1DYwGWHUy11p%2FTQ34Q8dIRv4SLpsIkA9gqHQQYpCfwDf%2BO0avajcn%2BZ6VkqF"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a1520b91b1bbb9d-FRA
expires
Thu, 02 Mar 2023 23:19:57 GMT
AC141A5CBB54977B2534F8C53AC3663BEDFA436FAE3ACD4988B6899C9BB97ACFAD4B76B4BA1B0B0E1691596C153E31B849811DF48CAC56F53701C63564F90B6A
assets.ad4m.at/product_image/ Frame EF35 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/AC141A5CBB54977B2534F8C53AC3663BEDFA436FAE3ACD4988B6899C9BB97ACFAD4B76B4BA1B0B0E1691596C153E31B849811DF48CAC56F53701C63564F90B6A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=3ea213648c37644f8268ff6520ffa643%2F7937108062669416689&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677712797518&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k89tmp6k36n1qrr92bamaxkex19v7c5dxwh8gvhxt7fespf82zt71fn6rpc740d1ws347fceea5v9zg4bpaxaz9vx40dchb4epyw5a830t358a5mqpsy7njch4531hyn0dz8y4d9q8jf4yvp9maqw2fgt6qhq26m6b6bcxkty4qdt9jsdft0w9dnz7mc2jwa4bd7fp48darshkzc7m7v9epzcsrz0asjtps1pnev3kxc6qs4bh2y8f18qdnc01qsnzz5e9fzfpvvanzb6rzq3ja%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbIhond3_Y-b7AcXd7_UP0MOwwA2Q4YGEXLaoworwAsCNtwEQASAAYJWKnoKwB4IBF2NhLXB1Yi04MjcyNzg2OTk3NjEyNTY4yAEJqQIPm8x7O-ixPuACAKgDAaoEjwJP0Cv8LrVjrBokdlGo3KFZ6hzRw5flhNmuuum6XIUsTZ9FcYbbILdFkWGuwp4GuecKLf28Y54-lrsx5RIjEbHoSWmOclXg5cI1c10I-TSB3svrT-SBy3PLefKgQnNol-d6RbcSS0fapIpW_7QAfAFPdRTy67NGiprJtaRNc05-1ZFEc9aozEidURoATRmgHWhXdB120PTrzQz08rayIazZoyBpOlLzGpUPBB6u0Bu28SXCa0vjfLfMTqjvdj9tJUN8HhzhtPPE6nmtXAqY749sVPxYA11FvysxUehG7H-xo_WzLO4pfDGTokyq1hqBSU9j6aS0dEfuDJmJ6HnU--dFL1HEXdgGTBjatudKS1WZ4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2zyaSZLoaDzW2mtWLJC1nNeyIy6w%2526client%253Dca-pub-8272786997612568%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e71afd53d34b1a32c15ee776f34aa51869e45820afcc130ee01477b7e9e275e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
331888
cf-polished
qual=85, origFmt=jpeg, origSize=156576
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34068
cf-bgj
imgq:85,h2pri
last-modified
Tue, 19 Oct 2021 12:48:35 GMT
server
cloudflare
etag
"451fa9b02ae7953b9311aefac697be7e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vWRA9c%2B0TsNs5ObFZfOqn6EeenicxygWh6%2FXm7757r8PwWwWyUqOUlo1RBzOTzjgefC0W%2BspoE%2Bvj1J7bAerPCEvFx2eN7cbyVX1MfA1EU4J7DLUcGPXs9jgmN0kdIrtg7bJHFdX85xDUHBh"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a1520b91b1cbb9d-FRA
expires
Thu, 02 Mar 2023 23:19:57 GMT
/
partner.o2online.de/a/ Frame EF35
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJuu35rvu_0CFRDjuwgdf0sNcg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117683V1226132702M&subid=viewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117683V1226132702M&subid=viewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023030200195882265735791X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023030200195882265735791X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023030200195882265735791X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117683&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=3ea213648c37644f8268ff6520ffa643%2F7937108062669416689&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677712797518&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k89tmp6k36n1qrr92bamaxkex19v7c5dxwh8gvhxt7fespf82zt71fn6rpc740d1ws347fceea5v9zg4bpaxaz9vx40dchb4epyw5a830t358a5mqpsy7njch4531hyn0dz8y4d9q8jf4yvp9maqw2fgt6qhq26m6b6bcxkty4qdt9jsdft0w9dnz7mc2jwa4bd7fp48darshkzc7m7v9epzcsrz0asjtps1pnev3kxc6qs4bh2y8f18qdnc01qsnzz5e9fzfpvvanzb6rzq3ja%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbIhond3_Y-b7AcXd7_UP0MOwwA2Q4YGEXLaoworwAsCNtwEQASAAYJWKnoKwB4IBF2NhLXB1Yi04MjcyNzg2OTk3NjEyNTY4yAEJqQIPm8x7O-ixPuACAKgDAaoEjwJP0Cv8LrVjrBokdlGo3KFZ6hzRw5flhNmuuum6XIUsTZ9FcYbbILdFkWGuwp4GuecKLf28Y54-lrsx5RIjEbHoSWmOclXg5cI1c10I-TSB3svrT-SBy3PLefKgQnNol-d6RbcSS0fapIpW_7QAfAFPdRTy67NGiprJtaRNc05-1ZFEc9aozEidURoATRmgHWhXdB120PTrzQz08rayIazZoyBpOlLzGpUPBB6u0Bu28SXCa0vjfLfMTqjvdj9tJUN8HhzhtPPE6nmtXAqY749sVPxYA11FvysxUehG7H-xo_WzLO4pfDGTokyq1hqBSU9j6aS0dEfuDJmJ6HnU--dFL1HEXdgGTBjatudKS1WZ4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2zyaSZLoaDzW2mtWLJC1nNeyIy6w%2526client%253Dca-pub-8272786997612568%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 -, , ASN (),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:58 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023030200195882265735791X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023030200195882265735791X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117683&partnerid=12218
date
Wed, 01 Mar 2023 23:19:58 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame EF35 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=3ea213648c37644f8268ff6520ffa643%2F7937108062669416689&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677712797518&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k89tmp6k36n1qrr92bamaxkex19v7c5dxwh8gvhxt7fespf82zt71fn6rpc740d1ws347fceea5v9zg4bpaxaz9vx40dchb4epyw5a830t358a5mqpsy7njch4531hyn0dz8y4d9q8jf4yvp9maqw2fgt6qhq26m6b6bcxkty4qdt9jsdft0w9dnz7mc2jwa4bd7fp48darshkzc7m7v9epzcsrz0asjtps1pnev3kxc6qs4bh2y8f18qdnc01qsnzz5e9fzfpvvanzb6rzq3ja%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbIhond3_Y-b7AcXd7_UP0MOwwA2Q4YGEXLaoworwAsCNtwEQASAAYJWKnoKwB4IBF2NhLXB1Yi04MjcyNzg2OTk3NjEyNTY4yAEJqQIPm8x7O-ixPuACAKgDAaoEjwJP0Cv8LrVjrBokdlGo3KFZ6hzRw5flhNmuuum6XIUsTZ9FcYbbILdFkWGuwp4GuecKLf28Y54-lrsx5RIjEbHoSWmOclXg5cI1c10I-TSB3svrT-SBy3PLefKgQnNol-d6RbcSS0fapIpW_7QAfAFPdRTy67NGiprJtaRNc05-1ZFEc9aozEidURoATRmgHWhXdB120PTrzQz08rayIazZoyBpOlLzGpUPBB6u0Bu28SXCa0vjfLfMTqjvdj9tJUN8HhzhtPPE6nmtXAqY749sVPxYA11FvysxUehG7H-xo_WzLO4pfDGTokyq1hqBSU9j6aS0dEfuDJmJ6HnU--dFL1HEXdgGTBjatudKS1WZ4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2zyaSZLoaDzW2mtWLJC1nNeyIy6w%2526client%253Dca-pub-8272786997612568%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
865706
cf-polished
origFmt=png, origSize=65187
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44710
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 14:45:52 GMT
server
cloudflare
etag
"99941d3864a6d6ef01023c96e0475815"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FPlmsqBCHziZcF0n4Iury2Pcm7%2BbltmKHGvNSgifXl98aZSbDDIMMn3oxtp6OaTv34tZYBok5g0%2F%2FSZVYDw%2BlDMQKInJYErav2YbffREspW4mrYm3xIjzK0eLsSyed%2F8Spy%2BjGYhDghPh96Z"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a1520b91b1ebb9d-FRA
expires
Thu, 02 Mar 2023 23:19:57 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame EF35 		298 KB
299 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=3ea213648c37644f8268ff6520ffa643%2F7937108062669416689&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677712797518&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k89tmp6k36n1qrr92bamaxkex19v7c5dxwh8gvhxt7fespf82zt71fn6rpc740d1ws347fceea5v9zg4bpaxaz9vx40dchb4epyw5a830t358a5mqpsy7njch4531hyn0dz8y4d9q8jf4yvp9maqw2fgt6qhq26m6b6bcxkty4qdt9jsdft0w9dnz7mc2jwa4bd7fp48darshkzc7m7v9epzcsrz0asjtps1pnev3kxc6qs4bh2y8f18qdnc01qsnzz5e9fzfpvvanzb6rzq3ja%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbIhond3_Y-b7AcXd7_UP0MOwwA2Q4YGEXLaoworwAsCNtwEQASAAYJWKnoKwB4IBF2NhLXB1Yi04MjcyNzg2OTk3NjEyNTY4yAEJqQIPm8x7O-ixPuACAKgDAaoEjwJP0Cv8LrVjrBokdlGo3KFZ6hzRw5flhNmuuum6XIUsTZ9FcYbbILdFkWGuwp4GuecKLf28Y54-lrsx5RIjEbHoSWmOclXg5cI1c10I-TSB3svrT-SBy3PLefKgQnNol-d6RbcSS0fapIpW_7QAfAFPdRTy67NGiprJtaRNc05-1ZFEc9aozEidURoATRmgHWhXdB120PTrzQz08rayIazZoyBpOlLzGpUPBB6u0Bu28SXCa0vjfLfMTqjvdj9tJUN8HhzhtPPE6nmtXAqY749sVPxYA11FvysxUehG7H-xo_WzLO4pfDGTokyq1hqBSU9j6aS0dEfuDJmJ6HnU--dFL1HEXdgGTBjatudKS1WZ4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2zyaSZLoaDzW2mtWLJC1nNeyIy6w%2526client%253Dca-pub-8272786997612568%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad9cfb9dfc4bbe75509f6268415c710c44474dc703b8705eacada2ac8acb2725

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2274507
cf-polished
origSize=342797, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
305593
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPet%2B9ZutyCb1nS3lJpfu9wmTjKLNSzJKyufIaUiuYe5ZbiiOdDxGAV0U%2BtrpoAv7WJmFdPu367E3nLZZorOd1ZeMCOXQY6KYjlCo096mrZowaH91WCZuWbDxor3wCu0SEf6iKV9rd78lz6M"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a1520b91b1fbb9d-FRA
expires
Thu, 02 Mar 2023 23:19:57 GMT
ztpv.php
www.conrad.de/ Frame EF35
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1677712797_94ededb2-b887-11ed-b0d0-22643fc428fe&insert=AW&&gdpr=0&gdpr_consent=
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1677712797_94ededb2-b887-11ed-b0d0-22643fc428fe&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=3ea213648c37644f8268ff6520ffa643%2F7937108062669416689&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1677712797518&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k89tmp6k36n1qrr92bamaxkex19v7c5dxwh8gvhxt7fespf82zt71fn6rpc740d1ws347fceea5v9zg4bpaxaz9vx40dchb4epyw5a830t358a5mqpsy7njch4531hyn0dz8y4d9q8jf4yvp9maqw2fgt6qhq26m6b6bcxkty4qdt9jsdft0w9dnz7mc2jwa4bd7fp48darshkzc7m7v9epzcsrz0asjtps1pnev3kxc6qs4bh2y8f18qdnc01qsnzz5e9fzfpvvanzb6rzq3ja%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbIhond3_Y-b7AcXd7_UP0MOwwA2Q4YGEXLaoworwAsCNtwEQASAAYJWKnoKwB4IBF2NhLXB1Yi04MjcyNzg2OTk3NjEyNTY4yAEJqQIPm8x7O-ixPuACAKgDAaoEjwJP0Cv8LrVjrBokdlGo3KFZ6hzRw5flhNmuuum6XIUsTZ9FcYbbILdFkWGuwp4GuecKLf28Y54-lrsx5RIjEbHoSWmOclXg5cI1c10I-TSB3svrT-SBy3PLefKgQnNol-d6RbcSS0fapIpW_7QAfAFPdRTy67NGiprJtaRNc05-1ZFEc9aozEidURoATRmgHWhXdB120PTrzQz08rayIazZoyBpOlLzGpUPBB6u0Bu28SXCa0vjfLfMTqjvdj9tJUN8HhzhtPPE6nmtXAqY749sVPxYA11FvysxUehG7H-xo_WzLO4pfDGTokyq1hqBSU9j6aS0dEfuDJmJ6HnU--dFL1HEXdgGTBjatudKS1WZ4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2zyaSZLoaDzW2mtWLJC1nNeyIy6w%2526client%253Dca-pub-8272786997612568%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7e05 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:57 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
vary
Accept-Encoding
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=e958Ud2mocDFpXXqOBjUNL6bdRYlYbJj0O.RnWoHW4U-1677712797-0-AZKK6q5Yaa_64zzFKUrnFLcbqEdRWHzP1vUAJ6pWq3vEuXWIvla4YJ7s05vaw-k2yTAn4c3SsaoeFZEodLn-zpkcaFRuXF9NOBGVp-WEmLWHzX0tOqfIZ1KTdOxIgK8szQ; report-to cf-csp-endpoint
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=e958Ud2mocDFpXXqOBjUNL6bdRYlYbJj0O.RnWoHW4U-1677712797-0-AZKK6q5Yaa_64zzFKUrnFLcbqEdRWHzP1vUAJ6pWq3vEuXWIvla4YJ7s05vaw-k2yTAn4c3SsaoeFZEodLn-zpkcaFRuXF9NOBGVp-WEmLWHzX0tOqfIZ1KTdOxIgK8szQ"}],"group":"cf-csp-endpoint","max_age":86400}
cache-control
no-cache
cf-ray
7a1520ba0ebd9a1d-FRA
content-length
0
expires
-1

Redirect headers

Date
Wed, 01 Mar 2023 23:19:57 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1677712797_94ededb2-b887-11ed-b0d0-22643fc428fe&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame FB2E 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_puRJzjy1zfnexco0FuFqNfJGgHM10CT6XguxdjHRYXiZn7FBVtsm949ymiQ-Gh786hMlRiCUFuzt0kF7lsSFtURwXqs4Xs2BmJkUKFatTfiVWo9j&sig=Cg0ArKJSzE1jfG6BkLooEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230227&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2709129966&rs=4&la=0&cr=0&vs=4&r=v&rst=1677712795707&rpt=1324&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame FB2E 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023022301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
138bd9abed43b84ed6f811afd5b84ee52619d7a92949f8fa2f168d27be0dfbe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11293
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FB2E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 01 Mar 2023 23:19:58 GMT
usync.html
eus.rubiconproject.com/ Frame 94B0 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/prebid/didna_prebid.js.gz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
http://www.gmflmidland.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Mar 2023 23:19:58 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame C144 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/prebid/didna_prebid.js.gz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
http://www.gmflmidland.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 01 Mar 2023 23:19:58 GMT
ETag
"623de86a-cf34"
Expires
Thu, 02 Mar 2023 23:20:00 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame F0AC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cQGneY9Z4r6BaCaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/prebid/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 -, , ASN (),
Reverse DNS
Software
33XP005 /
Resource Hash

Request headers

Referer
http://www.gmflmidland.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Wed, 01 Mar 2023 23:19:58 GMT
server
33XP005
x-33x-status
2000208
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0E58 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.gmflmidland.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3838
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Mar 2023 22:16:00 GMT
expires
Thu, 29 Feb 2024 22:16:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BCB6 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
60a2441a6a22df054b63727a42661c49faf8254ea63bfc4968edaa54d55b5741
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WI26uvpzopzzuqAIJJk-Eg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.gmflmidland.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-WI26uvpzopzzuqAIJJk-Eg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Mar 2023 23:19:58 GMT
expires
Wed, 01 Mar 2023 23:19:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usync.js
eus.rubiconproject.com/ Frame 94B0 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
24003668cc6bbf9a4f80982aaac431f82d291c9b594f5ac02959d91797d29f38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 23:19:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Mar 2023 13:51:11 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52298
Connection
keep-alive
Content-Length
10005
Expires
Thu, 02 Mar 2023 13:51:36 GMT
bounce
ib.adnxs.com/ Frame C144
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
925 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Mar 2023 23:19:58 GMT
AN-X-Request-Uuid
d46e1e4b-4bf4-4560-b536-10a747e36e16
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.57.5; 37.58.57.5; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 01 Mar 2023 23:19:58 GMT
AN-X-Request-Uuid
6f017df1-65e4-4098-aa45-593bc2fd4294
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
37.58.57.5; 37.58.57.5; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BCB6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023022301&jk=1385177460343065&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 0705 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYK-egduD1-kFQniMlUPjy2FAUXbNqiMBFalMlLZ5EZPNafjp11AxaCPydQnYxvJXTVOjPmH-bElAFwZyh6VICjtSl&sig=Cg0ArKJSzIUETjeTpGOmEAE&cid=CAASF-Ro_LVTuHPQXy-4okJS7QvlxhNJchJJ&id=lidar2&mcvt=1002&p=1110,436,1200,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230227&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4234887178&rs=4&la=0&cr=0&vs=4&r=v&rst=1677712797265&rpt=228&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B0h6yWoM4A2thohR-97yuNcdUnoq8bXKVyp7ELIWWXY.js
pagead2.googlesyndication.com/bg/ Frame 0E58 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/B0h6yWoM4A2thohR-97yuNcdUnoq8bXKVyp7ELIWWXY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07487ac96a0ce00dad868851fbdef2b8d71d527a2af1b5ca572a7b10b2165976
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 03:17:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
72172
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14392
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Feb 2024 03:17:06 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 94B0
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Ybj7MuIsRpqGEggfm4KmBA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Ybj7MuIsRpqGEggfm4KmBA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Ybj7MuIsRpqGEggfm4KmBA
Protocol
HTTP/1.1
Server
52.95.126.138 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Mar 2023 23:19:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
86CT3XRXSA4Q6FQVR496
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Ybj7MuIsRpqGEggfm4KmBA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 94B0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEQAVOIY-J-9LLB
0
672 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEQAVOIY-J-9LLB
Protocol
H2
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:58 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: F48F029E490F41BD9885B106C92F66EE Ref B: FRAEDGE1414 Ref C: 2023-03-01T23:19:58Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-source-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX13vNoLok8bQc8BDkXKQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEQAVOIY-J-9LLB
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 94B0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTVjNDJlNzBmMGMyOWRjMWM5ZjIyYzVmMWE0N2EzZjYyMzA3YTIxMQ
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTVjNDJlNzBmMGMyOWRjMWM5ZjIyYzVmMWE0N2EzZjYyMzA3YTIxMQ
Protocol
H2
Server
142.251.208.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTVjNDJlNzBmMGMyOWRjMWM5ZjIyYzVmMWE0N2EzZjYyMzA3YTIxMQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 94B0
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=gjfAxeJoScK11ddbJn4FoQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=gjfAxeJoScK11ddbJn4FoQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=gjfAxeJoScK11ddbJn4FoQ
Protocol
HTTP/1.1
Server
52.46.143.56 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Mar 2023 23:19:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SVJYK4TW2EMQYGB9ZZVS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=gjfAxeJoScK11ddbJn4FoQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 94B0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/mh7094LYI1t7pYzngvQftg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nd6EiXtE2oILZBKkt65tzL0aFeK7yHnNoSld_w--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nd6EiXtE2oILZBKkt65tzL0aFeK7yHnNoSld_w--~A
Protocol
HTTP/1.1
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 01 Mar 2023 23:19:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nd6EiXtE2oILZBKkt65tzL0aFeK7yHnNoSld_w--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 94B0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIK7wHNDWrYhaVZIPsJcUbg&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIK7wHNDWrYhaVZIPsJcUbg&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIK7wHNDWrYhaVZIPsJcUbg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 94B0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVRQVZPSVktSi05TExC
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVRQVZPSVktSi05TExC
Protocol
H2
Server
142.251.208.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Mar 2023 23:19:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVRQVZPSVktSi05TExC
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 94B0 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 01 Mar 2023 23:19:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
generate_204
tpc.googlesyndication.com/ Frame 0E58 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?tHAzNg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:19:58 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame FB2E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023022301&jk=1385177460343065&bg=!dnWldSHNAAbK-VRH6vk7ADkAdvg8Wv5k5rXiNstj5HDjHj9KI5cTdcPA3tIn925G-UI0RgrPuD4v0ot4BUcKfveYG5MfaUUllngCAAAAWlIAAAACaAEHCgAW2VsPKPesfo1FLdZLiwFui36tWm1oN5kCvC4hi3EqBii-QACFGyBdYEAM2p5NRj5zqh0cAbGUd00y9tCQkKXRXhvLLncmEoHaUeSypKZ9Bh6ZLXfEdwK6Y7hjPe16URxHJQQuShKwZPFChJ_ozr64zpcxDsSRSQF7gSRIg6855Dl9OrUR_JerCBYg4nDN1tTVeecUuCetNpnkKQwmgQgk1kFXoo7ALN6hdF5vtTKxmA-hLl7Nxbv9etAjSDugHteteTzicXOhqyjwGY5xbwak_VsQSEgvF7ijNhKOqHuLXFTF6D7lIL3i7uX6OsT3IqxD30_vf3-1GBVDhdG-SS3Ndz-y_KQh550mO9LEu3Gmxd-OxvPW5D67uF11ickqzPBG4WxdfK8UVHCI-7EKOqBgpHn-vVFzKJcugrC3TInBrb1i9L6XOqr4Hx9eoxb9gBBLMPW_IIQVsd4asfN_ynZbqA1vRQ5qE-Py7TQzO4-Zs8KI9x8C43IsDyyjREKmVHRKtnlih_VfFe1vRA9SyuL25oa3c9K94zmnw2wUUGOi-epUKJHXXIABSN-QYTFJ7v3PrggKgvLUiMhad5QwzmYv5Da2X6isLU_BRdTgJtKsmY5ciXCiD-fy5l7xACwrIFN6CCsTnZu2PLeBM0aV8LBBqoTycvk3mRn6WX_lV9XtJPNfgv9Ptd0oLgEtRqWhF5Ti9UEZlbbbM4ueZj1scmiBHsUhUQ06EOtInz6CsyDWu_Kx75Z13CUtPzYWW9qOReLSG_yCZucy4CuPNj9UhDC4At3Ewyn119y5qdJjnZ6lcZ8tVJEy0jDgvr5WZPLK8tl5pswqd4ksSP09zXmamJilBqBxW4E8FxCI7kKzcAMGxkytSTTRct8ll7tuuakfJ82M_lvE-P6KJcD2nYfONHN_5Qe_cUAyi9cxS5_IBSgt40lzbfgLGWvOoWbfN8X4yF-Qeufa9ts
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.gmflmidland.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=cQGneY9Z4r6BaCaKlId8sQ

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 boolean| credentialless object| wInst boolean| bOpen object| imgPlay object| imgPause number| slideShowSpeed number| crossFadeDuration object| engine function| $ function| jQuery object| jQuery110202499043019571403 function| auth function| nagPopover function| trackOutboundLink string| GoogleAnalyticsObject function| ga function| apiLoader function| moment object| Modernizr function| Galleria object| dataLayer number| assocID string| sessionID function| menuOn function| menuOff object| googletag string| trk_title string| trk_requestHost string| trk_path function| fetchTitle number| logedIn function| closeCommentary function| setCookie function| gotoSecureURL function| growl function| ElevioOpenModule object| ELEVIO_MODULE function| searchFocus boolean| gTopBarHasFocus boolean| bPaused1 number| rotationSpeed1 number| timerSpon1 number| imageNoSpon1 boolean| drawingImgSpon1 number| noImagesSpon1 object| sponImg1 object| sponLink1 object| sponID1 function| runSponSlideShow1 function| showSponImage1 function| linkSponSlideShow1 function| pauseSponSlideShow1 function| reverseSpon1 function| pauseSpon1 function| forwardSpon1 function| parseDateTimeValue function| logEvent function| dismisPrivacy function| loadMasonry function| showResult boolean| ajaxBusy function| xmlhttpPost function| setCloaked object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| postscribe object| google_tag_manager_external object| google_tag_manager object| usPrivacyVar undefined| usPrivacy string| csUCFR object| _comscore object| COMSCORE function| udm_ object| ns_p function| getdidnaLOC function| getUrlParameter function| appendStyle function| removeSticky function| addSticky object| didnaLOC function| getMediaLayout string| tfStatus object| tfPassback object| DIDNA_CONFIG object| DIDNA_PLACEMENTS string| gtm_key object| gtmBannedIds object| gtmBannerUrls object| bannedUrls boolean| onBannedUrl string| assocIDCHECK object| assocIDOFF boolean| stickyStyleAdded string| poly object| didna object| pbjs object| _LTracker function| didna_ajax_setup function| pbjsChunk object| _pbjsGlobals object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| e9PageData object| google_image_requests

34 Cookies

Domain/Path Name / Value
www.gmflmidland.org/ Name: News19229
Value: 3/1/2023
www.gmflmidland.org/ Name: TargetPage19229
Value: %2FDefault%2Easp
.gmflmidland.org/ Name: _ga
Value: GA1.2.1419361296.1677712793
.gmflmidland.org/ Name: _gid
Value: GA1.2.191185689.1677712793
.gmflmidland.org/ Name: _gat
Value: 1
.quantserve.com/ Name: mc
Value: 63ffdd99-33600-05a13-7dda8
www.gmflmidland.org/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.gmflmidland.org/ Name: _pubcid
Value: f1b17254-0cba-4e79-b831-238c15af78a4
www.gmflmidland.org/ Name: cto_bidid
Value: Xj5LC19rbHRETkt4NyUyRmszOUdlaUt5Sk5jNjk3NlhTSG9WRWpnVE1zOVNtWlpxOWNxbHI1aURiM2U4RzdheE5jUmFCaEd5NURsUnhiRjc5MnNWaHNsaXR5V2ZRJTNEJTNE
www.gmflmidland.org/ Name: cto_bundle
Value: Y7V_vV9IOGRYS2d6dk9oT2Q4WFBxVzk0UFhrNFlIbXdOcFNlRm42Ukh3OGRENzljTkswQ1U0Q1ZpSDVKZjNpaGUwZDFJSTN6VnNySVh1clFlTWJMUVN0T1JsV1lDdWFPbjlOTHZnYWwzQk1KRnR1NyUyRjl1cWphYkYwYmQ5cmpnSXpOMW9v
.rubiconproject.com/ Name: khaos
Value: LEQAVOIY-J-9LLB
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/EidQQteEeffa7JGe4Ni1ThWK2euPP2lVg2b55ZO9yeic2piPvguRNBzXNqzahlmBmDs1PLgFjZ06TH7GB4r/EfZ3zexieo7aksdOKW1qRBjyg==
.gmflmidland.org/ Name: __gads
Value: ID=4db8893e8e129b19:T=1677712795:S=ALNI_MbEQuPe7SI0nlWJEDnCoV0tNiBGLQ
.gmflmidland.org/ Name: __gpi
Value: UID=00000bbd852ddeda:T=1677712795:RT=1677712795:S=ALNI_MaM0ZpLU_vx5FC4vWaoEfEn0bjszw
.doubleclick.net/ Name: IDE
Value: AHWqTUn18hlC1Xifh0OGbZArI402tSqeNIijAm9jMQI1_fwnoJztweLvlYaxQANn8jM
www.gmflmidland.org/ Name: tfPassback
Value: true
.yahoo.com/ Name: A3
Value: d=AQABBJ3d_2MCENCtTodW1WRMCWXUtP9bshoFEgEBAQEvAWQJZAAAAAAA_eMAAA&S=AQAAArowtSCO8Mnprgsw9633fEE
.analytics.yahoo.com/ Name: IDSYNC
Value: 18gs~2a9z
.quantserve.com/ Name: d
Value: EAQBCQG0KIEA
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.turn.com/ Name: uid
Value: 7963256385646172555
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 11AA7A7C-0CF6-4AC7-8351-B8CBA6A685A1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d1369838-ba92-42d6-810a-968aa3c173ae-003%22%7D
.mathtag.com/ Name: uuid
Value: c2f663ff-dd9d-4f00-a148-d0a3f3653b00
.mathtag.com/ Name: mt_mop
Value: 4:1677712797
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d1369838-ba92-42d6-810a-968aa3c173ae-003%22%7D
.casalemedia.com/ Name: CMID
Value: Y--dnalqEzSo.XIhOnrHcAAA
.casalemedia.com/ Name: CMPS
Value: 3257
.casalemedia.com/ Name: CMPRO
Value: 3257
.pubmatic.com/ Name: KRTBCOOKIE_1051
Value: 22884-18072662249692265348
.pubmatic.com/ Name: PugT
Value: 1677712796
.agkn.com/ Name: ab
Value: 0001%3A1X9YdtCxmIxLG4%2Bln57J5lcWPuwRMWen
.demdex.net/ Name: demdex
Value: 80208892439739300010112766904287312891
.tribalfusion.com/ Name: ANON_ID
Value: axnr6isKBRhFmDqU7peOEpfVnIr2GZdngbUvTa7X7MG6GatAuGyEpX7V5vHQXHFYP3CYZb593N

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

19913099f1504574a15349449b422489.safeframe.googlesyndication.com
1d021dd01bf09a946ebfd7e23695670d.safeframe.googlesyndication.com
a.tribalfusion.com
a4.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ad4m.at
adservice.google.com
adservice.google.de
ajax.googleapis.com
as.ad4m.at
assets.ad4m.at
b.scorecardresearch.com
beacon.krxd.net
btlr.sharethrough.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
dpm.demdex.net
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
gmflmidland.org
gum.criteo.com
ib.adnxs.com
image6.pubmatic.com
lockerdome.com
match.adsrvr.org
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.o2online.de
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
public-prod-dspcookiematching.dmxleo.com
px.ads.linkedin.com
r.turn.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s3.amazonaws.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssc-cms.33across.com
ssc.33across.com
static-de.ad4mat.net
stats.g.doubleclick.net
storage.didna.io
storage.googleapis.com
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
tags.expo9.exponential.com
token.rubiconproject.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
www.awin1.com
www.conrad.de
www.gmflmidland.org
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.leagueathletics.com
www.telefonica-partner.de
ssc.33across.com
104.109.78.125
104.154.142.214
104.18.13.14
13.32.121.17
13.32.121.72
142.250.185.198
142.251.208.130
15.197.193.217
167.233.13.224
178.250.1.11
18.196.141.24
185.29.134.244
185.64.189.110
185.64.189.115
185.80.39.216
185.89.211.116
188.65.124.66
2.19.44.80
2001:4de0:ac18::1:a:1b
2001:678:cb4:bbbb::11
213.19.147.45
23.35.236.188
2600:1901:0:76b9::
2600:9000:223c:1a00:6:44e3:f8c0:93a1
2600:9000:2362:200:1b:5138:8a40:93a1
2602:803:c003:200::31
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:20::ac43:4a81
2606:4700::6812:18ad
2606:4700::6812:19ad
2606:4700::6812:7e05
2606:4700::6812:ddb
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:21::14
2a00:1450:4001:803::2002
2a00:1450:4001:809::2001
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:812::2001
2a00:1450:4001:812::2008
2a00:1450:4001:827::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2010
2a00:1450:4001:831::2004
2a00:1450:4001:831::200a
2a00:1450:400c:c0c::9d
2a00:1450:400d:803::2002
2a00:1450:400d:80d::2002
2a00:1450:400d:80e::2002
2a02:2638::1c
2a02:26f0:6c00::210:ba3b
2a02:26f0:dc::213:c51b
2a05:d018:d29:3602:5605:49d6:f1da:885d
3.209.131.242
3.75.62.37
34.240.188.129
34.240.23.125
34.98.64.218
35.227.239.69
51.75.86.98
52.216.41.0
52.46.143.56
52.95.126.138
54.73.101.116
67.202.105.21
69.173.144.139
69.173.144.165
84.200.5.215
007f73ba9534e82182d6318dd0164ad724f1fbd034d75f478c5a782fb52086e6
05133ea0cca7437d914451446b248c01060c2e903ebfe12ecf797466c92afe97
0659500121d5d7f42922be68f4d7b88df11a04c341460aa7c41e4d40981e3f3d
07487ac96a0ce00dad868851fbdef2b8d71d527a2af1b5ca572a7b10b2165976
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
083481ff72ea6369ca3275d522ec10a1a89f409e6749a40bb4761ac6fb6f6c99
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9aa969c54944ac71514ae380a5d212d4de8b92ec6171dc23d50e79acc03670
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0c473916b74fde6396a00220a1f1d07f46d9c21a7659577d371dc418f707fff5
0c79154d62b41f9ff8b5df1755ffc6189be8aead29bf110238845e9c364d0065
0f3ffa7f0b928b893a75953b1b233b2bf8dc84f94851a6d24225a59d862c270b
138bd9abed43b84ed6f811afd5b84ee52619d7a92949f8fa2f168d27be0dfbe5
171130e203f1a925368e002facdd8ffaa1e8bfb9d78244a00facf51e49a523b0
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
1b4759c7fbbd78a59ab78925df9aaba26e3a8cea04882a3d050d5f693da1a2c5
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e61cc282c6e0bd93d7be936baff900956dac6014a951ed83eb40cb37e90eaf1
21666feac6784d79f2d73f614342b6b422fbedb16a225f4535a65fe9022234e9
230a35a73af726cb64e849df226cabe69ecc7617b1ae89b1d25800efd6c28cb2
24003668cc6bbf9a4f80982aaac431f82d291c9b594f5ac02959d91797d29f38
2651f01d201d941117d92367065d8127926c8a8f317bc61140806ff9f31bf627
26a114e1a13946bf1055528bad26a2eb9c9760f47a2f82fd8581ff8aae3bea9d
2a8f2a9948ddd24474cdd027201a0a23cb38742e93608b578ac7aa31a98daf36
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3046b8b6c4c88b2c34bc56b1463be5281f653195848a78925d12eb66a428694f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34f504882775812288325d75383466fa28af656dc8529f57cefe4c899465ff17
36d5d35eb3e0a7669efbec9ae042b88ccd865adf7c2885859f9b4ca92faa0f2a
3878bb6398bb458a5623218facc58d4c987a00f469a1b30fc9a0a09848c48cd5
38e74de19544de03795e264abcaa31b90e48631fc3c6aa262ee055d0c271f2b4
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c
3f13c6b3026bf5f9437ea17554965e56be1b5ab25b5cf6f3de7415b5b8bd2f60
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
4347d5f32ca791c1aa813595733d7a3a417c5af3ffa215be33d52a320733729f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5fe22cba6da8755bd4b65b3bdd864a2739fe40f9dea9d469431c1453dcdc45
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
54b5c9cb0cff8303395c302978135685c6ed659650dd9ef4840f09be6204a4b4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
588373a6f0a147cbfbd2cb152edca41d4e34111b04206d5b39f1de7d8bd4693b
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59db6bffa1696646aa3b14eda83dae911e3b92441dc86befa0610063381e00d1
5ba35f9ab19aed204ce337c47fe6a43a7caf1fd66c387a989f577e482909db3f
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
60a2441a6a22df054b63727a42661c49faf8254ea63bfc4968edaa54d55b5741
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
647c8dedd816589570eeeb2d230c8a6c06437fdc01a56a350b936eab78b43223
693b7c07f50088c0bd777e72d17f1cd9126fe735b35be4a29176f52b63eca186
6acbed2b6e9b426a12a97ad036e3fba8908b49a4bf660a9926bb522f2a137cf0
6b0727bc02e90ef9c744013d7e4d9b30f76eed705ce7d6424444142a8e770051
6bb1ab8474e44124d6d91e58bb435f8a70d8176a9b54de52519fdcb439da80c2
6d2f12b025a45ef5bbd1a33ab871e4f081f1a4fad78b9810118f52c273814b36
722280e81c0ddd7f21f5594306ac368d15d888709ec94333e01b5686d3c6e2fb
788953ee1092fdd88b00161fdd4ce05c9c728caa6bbe5ca1982b0022824a09a0
79b87df922384438d3c4a7e6f3b2ebaef856e7b2ddc5f15e279dc7167c33553c
7b69d9430cd3089f0667284080c99a3c1b95f566cec6a92594c64fb375cf61d5
7cc228ef7147fdd34fc7196fafce61135f5f4f2ceb4715538efb579555911f44
803c97dfec60844a664eac3cdac01b78a8cfaf1fe5d9397abbb877eb32d46c92
80819d092f80806eeb17a304ecbdd1f906eeae808bc75a75f6cc9b0ead198999
818c732be9bce8bc6fbaef3ca7a9d37545af46a019bac55405360bb39592e209
82efd9f2736985bd4fa8f0d50182a682d4debde20a6e2225faf6fcd4bf70d7e9
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8653bc4ed9b2bb3d1c49b7b025acde462448472aa2262679bb15cadb38a40223
879a34c9f2f689108d2640dc7c722f9177aee56e3d3a00393a48eba4fab906c1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e71afd53d34b1a32c15ee776f34aa51869e45820afcc130ee01477b7e9e275e
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d
95639f6cb9f5fed47d630e6ba881faf6c69a9e04a7b25067c24d377eb6393855
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c286c1a80773a8c752ffc323aec348776f86ab242a4e58636b87f376e0853b1
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2c496986afbd33dbe977503e2a19c3c73f01df0dc070c750bdd2f578d22d732
a2fbb1002ced7e36b77d14df4c7944474aa2da639af6474d77f35dd8a8a50a84
a46f3d4637bbdad664528bc04057e834902a5edcec42c5640d50105798399a4d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
a7b604623b04027e066c34312038a8e3c1d6eee74428303dc80114db8ff3cb1d
a9fded2f535cb3b67bcc739113c2dc6244a03b5e16e4eb93797011bb567ec857
aa30473a739f955f6cb4108f5908f36067309348be0513ea7357ab6544181946
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ac54bbade01ac04016af5318ed8c00d29997ff8f1ff2abbe1bfddf47fb33211c
ad9cfb9dfc4bbe75509f6268415c710c44474dc703b8705eacada2ac8acb2725
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b0d42285977d9297d0cdcd54162e45333e82d7cdfea48f362dde9baab6d8ad85
b225d2881d8f76c5380c6f65b184c72e3169d3a2a8a3987419ef72a13b4e30dc
b40f25ebb08d9413bc7818da0981c567eb1bc1b12bb0a75d3aa02e5d7bbcd008
b4e222ceed7ac22a645ec5c840430489b5be14ca9adca99f141940dc87a0f4ae
b71fde3c435f4803d82b66f8878313b93911b533252432a00ecb3d51d05ae18d
bbe9769868e99862bf9858149dc98c70529d3228ef57e277a1d94325948d52ef
bcff8a94843e3638585da61a244cb3a2fa5d8829502f4f0b848618ff4a8a7cac
bd7158ef42785000c01392658cb59d4b4618dd9e50d96bc539f8ff1467927636
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2d59c9a36c921c829c0e35100664f0d206be63dfc84db080415afec064d41b0
c3395e338134840aa5558b073c466c171803c8150cb6d12af1970126cfed5326
c4ce12cec6a6ff918e2437b098249eb9369a1df752faa170efa848b934a129c3
c971da8733003f78cd8a2f8436a7c8bdda056e97411ab2c13f6dabec82c2828a
cb23a578a888ff383ba230006154f852c45e550e880e333730ef7e6bfd6c9899
ccc415761dc5487c6d953e1ff0de4904b7bca42512371811d84e712253628f97
d04e9b5d07f00d0bd0c3ab5b2c19af228f762ae96c06790a97741ab9e89aa76d
d5d08de1aede7f8889a719f4ad492a0ff19ffa068d8f6b9c3d477464b302f172
d754a8e34872b7057bbdb0d85c961d9561accd81e0c67c755bf6924ba1f64b32
e042f7b9638fdd28d660eb5a9552b5192f96a1131c0e28c3f63666c9b9deebfe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e620ded44e6e8c8cea3dcc7e8053126664f728f70899aee68b2a5a441e82dd11
e6622513a0ddf2e6a2c08bb8bcbb93175a090bee61226df03f8b1a17b1390969
ec0e3f25210ce28047c540fc16a6d812be1fb1627540dbbc9de2c16177baa209
ec63e0be53d0be7e8b96a662caf415b5b50836b457194b77c8b0f099e41cbe29
ed8bc35837fb39ca688180ed7acb31ef58de4c939131bd37d44d933c61bc229c
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1986b8026f48b0396b823b483b519f8fc5a1f219d66b8ccc16e99be407eb7dc
f39a1948afb2eb2458272cb7307bea21a52f15482c6fa2284f9d5c1a36615481
f707c589d82154ee8ea0d326ad8fb8034d29f5eaaba12f8482f319685bcae0a9
f7fd21b6e0980aada740143417f0af047b4c0e30d5e2d353ca62f14feb2c7459
f835e3c49aa6e6421f1728761cecb75dea22f603dbc03ad4bf3930be33afd477
f901ac542e87b0b218a642541e69729ef1631113e42ea97a2bdc9353db122492
fa190244c5a634834644a5145237cfe16b092cb94e6c097fb3a6fbe513a9510d
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2