urlscan.io logo urlscan.io
SecurityTrails logo

www.winchesterlax.org Open in urlscan Pro
2a02:26f0:dc::213:c51b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://winchesterlax.org/
Effective URL: http://www.winchesterlax.org/
Submission: On March 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 56 IPs in 9 countries across 42 domains to perform 169 HTTP transactions. The main IP is 2a02:26f0:dc::213:c51b, located in Vienna, Austria and belongs to AKAMAI-ASN1, NL. The main domain is www.winchesterlax.org.
This is the only time www.winchesterlax.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 50.16.246.179 14618 (AMAZON-AES)
24 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
12 52.217.91.14 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
4 23.206.208.114 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.216.48.73 16509 (AMAZON-02)
1 69.192.161.152 16625 (AKAMAI-AS)
9 2a00:1450:400... 15169 (GOOGLE)
1 13.32.121.17 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 13.32.121.21 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:402... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
1 35.227.239.69 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2620:116:800d... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:238... 16509 (AMAZON-02)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.1.11 44788 (ASN-CRITE...)
1 104.154.142.214 15169 (GOOGLE)
1 34.149.20.76 15169 (GOOGLE)
2 2602:803:c004... 26667 (RUBICONPR...)
1 4 185.89.210.46 29990 (ASN-APPNEX)
1 18.197.93.99 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
9 24 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.18.13.14 13335 (CLOUDFLAR...)
2 2 18.156.0.31 16509 (AMAZON-02)
1 34.98.64.218 396982 (GOOGLE-CL...)
2 2 185.80.39.216 27381 (CASALE-MEDIA)
2 5 69.173.144.138 26667 (RUBICONPR...)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
1 1 185.64.189.110 62713 (AS-PUBMATIC)
1 188.65.124.66 41690 (DAILYMOTI...)
1 1 46.137.131.3 16509 (AMAZON-02)
1 54.171.3.192 16509 (AMAZON-02)
1 151.101.1.108 54113 (FASTLY)
2 23.37.42.132 16625 (AKAMAI-AS)
1 67.202.105.24 32748 (STEADFAST)
4 4 69.173.144.165 26667 (RUBICONPR...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 15.197.193.217 16509 (AMAZON-02)
1 3 142.250.180.226 15169 (GOOGLE)
2 3 52.46.151.131 16509 (AMAZON-02)
2 3 52.94.223.37 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
169 56
1    50.16.246.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-246-179.compute-1.amazonaws.com
winchesterlax.org
24    2a02:26f0:dc::213:c51b (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
www.winchesterlax.org
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2a02:26f0:dc::213:c513 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
www.leagueathletics.com
12    52.217.91.14 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
8    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
jnn-pa.googleapis.com
4    23.206.208.114 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-114.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
2    2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400d:80d::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    52.216.48.73 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
la-web-assets.s3.amazonaws.com
1    69.192.161.152 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-161-152.deploy.static.akamaitechnologies.com
z.moatads.com
9    2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)
www.youtube.com
1    13.32.121.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net
b.scorecardresearch.com
3    2a00:1450:400d:803::2010 (Ireland)

ASN15169 (GOOGLE, US)
storage.googleapis.com
3    13.32.121.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net
sb.scorecardresearch.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4025:402::9d (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
17    2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
1    35.227.239.69 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 69.239.227.35.bc.googleusercontent.com
storage.didna.io
1    2a00:1450:400d:804::2016 (Ireland)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    2a00:1450:400d:804::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2600:9000:238d:f200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com
lockerdome.com
1    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
2    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    18.197.93.99 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-93-99.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
2    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
9fa75feac1486a765e27619b6d63ec7f.safeframe.googlesyndication.com
04ccc222d058f53913b2334b5fe7f8c0.safeframe.googlesyndication.com
1    2606:4700::6812:ddb (United States)

ASN13335 (CLOUDFLARENET, US)
tags.expo9.exponential.com
3    2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
6    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
24    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    104.18.13.14 (None, )

ASN13335 (CLOUDFLARENET, US)
a4.tribalfusion.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
5    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    188.65.124.66 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com
public-prod-dspcookiematching.dmxleo.com
1    46.137.131.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-131-3.eu-west-1.compute.amazonaws.com
aa.agkn.com
1    54.171.3.192 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-3-192.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    67.202.105.24 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a05:d018:d29:3602:6398:bc78:96b2:ccd4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    142.250.180.226 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net
cm.g.doubleclick.net
3    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    52.94.223.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
Apex Domain
Subdomains		 Transfer
25 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 741
a4.tribalfusion.com — Cisco Umbrella Rank: 27902
s.tribalfusion.com — Cisco Umbrella Rank: 1813
19 KB
25 winchesterlax.org
winchesterlax.org
www.winchesterlax.org
228 KB
18 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
static.doubleclick.net — Cisco Umbrella Rank: 262
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 202
320 KB
14 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
9fa75feac1486a765e27619b6d63ec7f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 140
04ccc222d058f53913b2334b5fe7f8c0.safeframe.googlesyndication.com
88 KB
13 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 450
pixel.rubiconproject.com — Cisco Umbrella Rank: 313
eus.rubiconproject.com — Cisco Umbrella Rank: 533
token.rubiconproject.com — Cisco Umbrella Rank: 541
15 KB
13 amazonaws.com
s3.amazonaws.com
la-web-assets.s3.amazonaws.com — Cisco Umbrella Rank: 667944
419 KB
12 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 306
fonts.googleapis.com — Cisco Umbrella Rank: 36
storage.googleapis.com — Cisco Umbrella Rank: 398
jnn-pa.googleapis.com — Cisco Umbrella Rank: 239
251 KB
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 87
843 KB
6 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 267
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 940
4 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 73
16 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
acdn.adnxs.com — Cisco Umbrella Rank: 542
21 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 378
mug.criteo.com — Cisco Umbrella Rank: 2719
1 KB
4 scorecardresearch.com
b.scorecardresearch.com — Cisco Umbrella Rank: 4960
sb.scorecardresearch.com — Cisco Umbrella Rank: 152
5 KB
3 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 725
simage2.pubmatic.com — Cisco Umbrella Rank: 668
1 KB
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 265
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439
1 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 183
124 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6149
adservice.google.de — Cisco Umbrella Rank: 8947
1 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
33 KB
3 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 1580
m.addthis.com — Cisco Umbrella Rank: 1550
141 KB
3 leagueathletics.com
www.leagueathletics.com — Cisco Umbrella Rank: 44384
25 KB
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531
2 KB
2 33across.com
ssc.33across.com — Cisco Umbrella Rank: 2438
ssc-cms.33across.com — Cisco Umbrella Rank: 877
347 B
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 980
pixel.quantserve.com — Cisco Umbrella Rank: 779
9 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
20 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 361
648 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 296
265 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 585
338 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 481
477 B
1 dmxleo.com
public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 4003
123 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 422
304 B
1 exponential.com
tags.expo9.exponential.com — Cisco Umbrella Rank: 10970
14 KB
1 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 948
162 B
1 lockerdome.com
lockerdome.com — Cisco Umbrella Rank: 11632
340 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 924
642 B
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 228
4 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 109
3 KB
1 didna.io
storage.didna.io — Cisco Umbrella Rank: 124716
3 KB
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 1748
325 B
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 433
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
52 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 693
6 KB
0 demdex.net Failed
dpm.demdex.net Failed
169 42
Domain Requested by
24 www.winchesterlax.org www.winchesterlax.org
18 a.tribalfusion.com 6 redirects tags.expo9.exponential.com
www.winchesterlax.org
a.tribalfusion.com
12 s3.amazonaws.com www.winchesterlax.org
s3.amazonaws.com
11 securepubads.g.doubleclick.net storage.googleapis.com
securepubads.g.doubleclick.net
www.winchesterlax.org
www.googletagservices.com
9 www.youtube.com www.winchesterlax.org
www.youtube.com
6 s.tribalfusion.com 3 redirects a.tribalfusion.com
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
5 pixel.rubiconproject.com 2 redirects a.tribalfusion.com
4 token.rubiconproject.com 4 redirects
4 ib.adnxs.com 1 redirects storage.googleapis.com
acdn.adnxs.com
4 jnn-pa.googleapis.com www.youtube.com
4 www.google.com www.winchesterlax.org
www.youtube.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
4 fonts.googleapis.com www.winchesterlax.org
3 aax-eu.amazon-adsystem.com 2 redirects
3 s.amazon-adsystem.com 2 redirects
3 cm.g.doubleclick.net 1 redirects
3 www.googletagservices.com securepubads.g.doubleclick.net
a.tribalfusion.com
3 sb.scorecardresearch.com www.winchesterlax.org
storage.didna.io
3 storage.googleapis.com www.winchesterlax.org
storage.googleapis.com
3 www.leagueathletics.com www.winchesterlax.org
2 eus.rubiconproject.com storage.googleapis.com
eus.rubiconproject.com
2 image6.pubmatic.com 2 redirects
2 dsum-sec.casalemedia.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 fastlane.rubiconproject.com storage.googleapis.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 fonts.gstatic.com www.youtube.com
2 www.google-analytics.com www.winchesterlax.org
www.google-analytics.com
2 s7.addthis.com www.winchesterlax.org
s7.addthis.com
1 px.ads.linkedin.com
1 match.adsrvr.org
1 pr-bh.ybp.yahoo.com 1 redirects
1 ssc-cms.33across.com storage.googleapis.com
1 acdn.adnxs.com storage.googleapis.com
1 beacon.krxd.net a.tribalfusion.com
1 aa.agkn.com 1 redirects
1 public-prod-dspcookiematching.dmxleo.com a.tribalfusion.com
1 simage2.pubmatic.com 1 redirects
1 us-u.openx.net a.tribalfusion.com
1 04ccc222d058f53913b2334b5fe7f8c0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 a4.tribalfusion.com www.winchesterlax.org
1 tags.expo9.exponential.com securepubads.g.doubleclick.net
1 9fa75feac1486a765e27619b6d63ec7f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 btlr.sharethrough.com storage.googleapis.com
1 ssc.33across.com storage.googleapis.com
1 lockerdome.com storage.googleapis.com
1 pixel.quantserve.com storage.didna.io
1 rules.quantcount.com secure.quantserve.com
1 www.gstatic.com www.youtube.com
1 secure.quantserve.com storage.didna.io
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 storage.didna.io storage.googleapis.com
1 static.doubleclick.net www.youtube.com
1 www.google.de www.winchesterlax.org
1 stats.g.doubleclick.net www.google-analytics.com
1 b.scorecardresearch.com www.winchesterlax.org
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 z.moatads.com s7.addthis.com
1 la-web-assets.s3.amazonaws.com s3.amazonaws.com
1 www.googletagmanager.com www.winchesterlax.org
1 ajax.googleapis.com www.winchesterlax.org
1 code.jquery.com www.winchesterlax.org
1 winchesterlax.org 1 redirects
0 dpm.demdex.net Failed a.tribalfusion.com
169 71
Subject Issuer Validity Valid
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2022-12-06 -
2023-12-05		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.s3.amazonaws.com
Amazon		 2022-09-21 -
2023-08-26		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-12-30 -
2024-01-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
storage.didna.io
GTS CA 1D4		 2023-02-03 -
2023-05-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
quantserve.com
R3		 2023-02-13 -
2023-05-14		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.lockerdome.com
Go Daddy Secure Certificate Authority - G2		 2022-09-27 -
2023-10-29		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2023-01-09 -
2023-04-09		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh
*.google.de
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-07-03 -
2023-07-03		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh

This page contains 23 frames:

Primary Page: http://www.winchesterlax.org/
Frame ID: F7FD44A23457A011937F528ADD5351B0
Requests: 77 HTTP requests in this frame

Frame: https://www.youtube.com/embed/0D04crVSZYc?wmode=transparent?autoplay=0
Frame ID: A3C3D3AF032C82B9009A005FE61AD838
Requests: 20 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: C76D93DB9914F9964ECF5251DA9CF8D5
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: CF11BE8D740CC500B4E6E0F4D5FC1263
Requests: 1 HTTP requests in this frame

Frame: https://storage.didna.io/didna_trackers.html
Frame ID: F7C2431D876237134D3A5960F0AB5AB6
Requests: 6 HTTP requests in this frame

Frame: https://9fa75feac1486a765e27619b6d63ec7f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BB90DE37641DB0A83291FA1FD98F2CC8
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstElu5xhPt19DN5cJTfc38714hxEpdoKqFfbAIfkGuEFUj1LCkInAsXdywvF4l6q44Ul2aROz3pf-0rqp-StJ2UKc0-2hYXuQrmLmmFR-g-BzHIpNAXFiq1M_WEGFsvofjmLeDYlX1z52CQ1gUZsUkA6YGpi_SOov558MT_E9-rHCh8HDcPEABcW2nJxFOjIURQ3HVd1PBmvwxxkoHE4EXL-MpP3AKV55bgU7faaJzgcxGJtdVnzBgoAyH6AZ2znCD2M6tlssZ1DA-THK1gqQuFfyqAyofLzx_m6cLuKZvN55RpGF-OFjDRyM0mGcA0zSPEXC5k30dG3hF-zFQ2r_cC1gbOomGElDPBe9rZzzKpVonILpOOofoC&sai=AMfl-YQtJFvVguTVcAE3u84JqicZurBJf_ZHpQjEPJhv6ap3KHZlYjG9eyJbbjfAxoa5sqW27a0wu4QNqXHen_4tS-Q_F8fOb8gzIbt3VncR-w3-pa2Axj347fcijHLOVqbtBSX4VZNOeZ2Aknw3z4g&sig=Cg0ArKJSzAvu5JYcEA51EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D81306B095D6238EBCEAE2DEB9428443
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F5051ABA11D1D1A661B3C4E07A768AA0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6723DAECD8EF139B36EF2B532AA2B630
Requests: 2 HTTP requests in this frame

Frame: https://04ccc222d058f53913b2334b5fe7f8c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 12F06717732872A53C96B3B4F637043F
Requests: 1 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aHmU0hRUjt1E3t4q3l4ar1oTJH1bj7TtFXmPUKnVUnmHML3T3k3dmo4mbFpbnH0GMX1s320GvupEnT3FU2WrjDUPnVPajYScFoStfr0WBuVmbx4cn2YFYZaVmmw46Zb8PAnA4WYr1WMZbpdAo4PMP5s39Vc38Vc77S6QmUdFWWrbP3r2pUqYvWqY6PTYZbRsQLRrAsRtQbVcMS5rqsmtqO0qep4dvgQsrZavUmIS8vroWQPqBZdRds&mediaDataID=6347136&mediaName=frame.html
Frame ID: 9F782324D84DEC95A83591C197C40161
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aImU0hTTQcSTYZbSVfZdQbqmPHY7WGrV5UXxmtIqXa2u4dnZbQVbD46JLpWEOVHFe0bMi1FBf0aqqPrBHUFQSWHU0obBvPrMm1EZbp3Tfa5EYRmEMAXrBaUWbWoArBns7modbD5EYh2tZap3AbGmFYZbXGYS1cQY1Gbomaj23UFVTFfZcWP75REQQPsnrPWfy0WvnT63y2Gn2YbUZdUAut4AZbeR6MK4WQ00dBAVCbMNb6PvsjQrbOsXB&mediaDataID=5436426&mediaName=frame.html
Frame ID: F098E6442BC06D6264D7A37133953D0B
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aJmU0hScUqStZbyYdfqVmQw4sZb5YrnJUATw4An9PmJB4WYM0HQZdnt2N4P303cveVc3lUsbeRPFxWtZbWUbjP2UArUaMxVqB8STJKQVjCQUAvRW79WVvP5rqqodeOXEev2HfFSG7G5mrKmdEyUdj8XbYd1UZbi1aeNSU3ZdUUBYTtQWmbQmRUBN1qYq3Ejf5E71oTFHYFb6TtbTnmMZanV7wmHfJ5EQE3HmNubAJPmEZbNGf7ycZd2wW&mediaDataID=8039566&mediaName=frame.html
Frame ID: 52A16AC6487DDE57009544A069E5AF15
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aKmU0h1E3r3TZbl2qv1mTjB1r7aTHJRnAQBnV3noW3C5EY93d6n5PvKmFvH0VMX1cQTXV7xnTvW5FZbVVU7ZcVmMYRTrSQGFnSt3wYtFuWA3p2cB0XbUKUA2r2PQePPMA2tBrXWUKmd6O363Y4GQ9TcvaUcfjSPYnTWQ5UrM05bEuWajoTTMlPqvZbScYKQUumPHY9WcUV5rutnW6oXaep4dbZdSGff4AJHUC7prRm8NbfUpHRQYt&mediaDataID=6530936&mediaName=frame.html
Frame ID: 6BD1D2A4CB36013F5E40CEE801305B55
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aLmU0hSTYZaQVJJRbirPWjbUVQR2UusndZaOXaTu2tQESG7Zc46YIotXmUdZbe0rMi1UZb7XqitRbJEWFJYVdYWnFZbsRFbyYaZbO3T3h2a3RnqFIYbUcUtbVn67ZcpGMwotfD3aBh5taq4AFLprvEYsUSYcr5XGjNmTb32bQ4VFnEUAvTPTb0ScvMPWjw0WBwWAbw4sv0XbMKUAqs56YbPmMK4WZbOXW3bnW2ouFuVNpZa9ocJVmqWyeo&mediaDataID=6546596&mediaName=frame.html
Frame ID: BC6FC0637E8DE1EA26CA29728EDB4F3D
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=ammU0h2av1oTbCYb76TdBQoA3CmcrrptQJ3Tng3dEr3AjEnbrLXVfVXVYUXVjppTj25F3VVFnHUPf4PTrQPVQmSdFt1WnwT6jy4sMUYrrDT6ir46rcQmfF4WQO0dBKnHPu36US4sQdVcUjVVBhRPrxWdQRTr7S2UIwWqjpTTQlQEBZcQVbCQUIpPWQ9VsbV2FXqmWEsYEmO3WnCQVrZa2mJHmdEYTdQhOAP7uPugyaqGoe0Uw6&mediaDataID=6719746&mediaName=frame.html
Frame ID: 21DE6F2C48A79A6940C1171DC3ACED21
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aomVCGT6Mw4sY0XbBIU62p2PraQPnB3HrO0HMLntev36U15cMbTsJ7VV77PAQnWdQ5Wbb03b2nUabpVEYlPa3IQGBAPraoPHf9UVY55bXxmtqtYqXy2HrASG7Zd5mFLmtTyUWB9YrY81UBgXTiMRFQBTbrSVHJXnFFpQU7NYavm5aYh4Ef0oTbIYbU9WH7Xn6fZdmVQvoHUE5EY72dZar4AjJnbULXc3P1cFVXGvnnb3U5UEvpQZaCmEqqRHvgcLL3Zdv&mediaDataID=5578346&mediaName=frame.html
Frame ID: 019E8B2757CBCF63B76B570F8EC75B71
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=apmU0hoTbB1rZb6WWjUoPbIpGQsmW3H3Tr73dZar5PZbZbprnGXVvUYsF01sbopEj35UQ4TUfEWA73RTj1Qs3MPHJuYdfwV6vv4sJ00UnDUPTw4AZbdPAjJ3WMmXW3AnW2u5AZbS3sv6Ucr6Uc78S6vxUdrTWrf52bAxVEvxVTJbSTYFSGQJRrZavSHU7VGY35b6oodZamXEXw3WMDPs7B46JHmdXyVWZbZcXUfkNm6ix7UqqbJsu9uHsF&mediaDataID=7665496&mediaName=frame.html
Frame ID: 7FFCA879A5E8E51119D9B1550070FF2F
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aqmU0hPHvbUVMU4bTmndZas0q2n3WjEQVZbZa46rZaotitVWFfXrv7YFYl1TeNPr3ZcWUUQTdQ3mrQoRFMqYTUy4aJf2qnPmT7B1r3cWHBXn6QBnV7rotYB2ank5tiN5mvZanUfZc0GMPXcv1XGbnmaFW3UrUTFbBVAMWQqnSQcZbtStZbr1dvpT6Qp3VZb4YUnZcUPip2PrdPPZbD3dUp1dUZbnt2o36BY3snZdTVJjmDEjpUaxpdFcxXN57D&mediaDataID=6807466&mediaName=frame.html
Frame ID: D4ACF5AB1EDE7E0812F397B64818E19E
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXDRD7aUM8ioLjBbrmhVZORrq3NP6B4_krogu5ZARB5_Z0Kn2UM--lCPiTKbIdD15PsINu1KkKrfKxoe851RVSX_b1yqitYq_VypeYzcbU-eFfXKIQHz9cnAeRu8a6xNCum-qoPA_c27kfXevR2xi1xl1fucrf66lZNuHNzwx1ejaTqXhLxugfdECRxpQhvyDM55-AuhZ3bmVrIB2JnNMzaBLQpfDCPmwkqgQgErdF20TA4WgEHsU-yjs1TjPPgTEBvnNAfg9odVceK2Yc23APr0dBP9LA47FKkgqVmuvIwPsbckEOJEhHEbEQJJYuc73PLhzORmglYQr5jTJoIZHEOElqm-jzdPHu99A1AkXfaNBCIbwFtV8mrw&sai=AMfl-YQiYSYyjw5nLPXZpZRhZRHgCniynbPxE11jMefHgURSAoCy4pN8bmX9PSwwX18X3kTVLLL9DwCKnt2iW6N7xaATcyGdDXcsYn87E5atKV9fSMtOla84e3YEeMd6WQ&sig=Cg0ArKJSzFC6Aa5LeedCEAE&uach_m=[UACH]&adurl=
Frame ID: 0F65BA68D24FB7F2A634D11218D7FC4E
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9F771A92514B3ECFC48AA1D84FFBFC8D
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 58611C8DABF47C7C5883F0AFA93EF65B
Requests: 10 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cQGneY9Z4r6BaCaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 45B113A9D1050DA1A0E9891922C33CD7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Winchester Youth Lacrosse

Page URL History Show full URLs

  1. http://winchesterlax.org/ HTTP 301
    http://www.winchesterlax.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

169
Requests

61 %
HTTPS

51 %
IPv6

42
Domains

71
Subdomains

56
IPs

9
Countries

2660 kB
Transfer

7565 kB
Size

40
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://winchesterlax.org/ HTTP 301
    http://www.winchesterlax.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 68
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 93
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwww.winchesterlax.org%2F&domain=www.winchesterlax.org&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=9ZC2TXw2Z0pwdzJPL2dWZVM2am1VQ21xYXB4bk4zMkVnSjBvMU1oN1B1aVBENnNOLzBwYnJPM3k4S3NmaTBSbFVGT3FSY1IveEpFZ0Vwa0J4SUczdDNBVmFXaFQxekFRdVBBakFBajNnNTlyUXgxSnJBeW9VTFZrM2djUW9VUEN5ZVpoY2dreHVWejEzcXNWZXdkNWZwQXJ5M21xaWpKVENEa3FES2tKd0diK0h1V3VHL1ZMZVhoZ083c3A5bE9zMkIvalFSZGhUczBNUFpCejROejI3cithVFZyZXd5K09ZVlRYMEg0aVhTM1oxbit5bHhBUUM5ZjlHRlZyRk1ld28zUFJUfA&cppv=2
Request Chain 137
  • https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662249639699288&_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662249639699288&_origin=1&redir=true&verify=true HTTP 302
  • https://a.tribalfusion.com/i.match?p=b17&u=y-NNTQ2CJE2ugDCtWyhupxyy9zk__txAk-~A HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b17&u=y-NNTQ2CJE2ugDCtWyhupxyy9zk__txAk-~A
Request Chain 146
  • https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662249639699288&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&cm_dsp_id=131&external_user_id=18072662249639699288&C=1 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b20&u=ZAImu9RdGBy0aHypvdHIoAAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&u=ZAImu9RdGBy0aHypvdHIoAAA
Request Chain 147
  • https://a.tribalfusion.com/i.match?p=b10&u=18072662249639699288&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b10&u=18072662249639699288&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662249639853032&expires=180
Request Chain 148
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662249639699288%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662249639699288%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D&rdf=1 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662249639699288&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_UID%7D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b11&u=4A05C30D-27E2-49A0-BA9F-E51A3B9A4A7C
Request Chain 149
  • https://a.tribalfusion.com/i.match?p=b24&u=18072662249639699288&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b24&u=18072662249639699288&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662249639849014
Request Chain 151
  • https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662249639699288 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b23&u=219383204444002518232 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b23&u=219383204444002518232
Request Chain 152
  • https://a.tribalfusion.com/i.match?p=b22&u=18072662249639699288&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b22&u=18072662249639699288&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662249639848842
Request Chain 158
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 161
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/x-DniCAGuFkcM_DJ1yYUXg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pj8TKvtE2oLDZ1uHdhsrO2SCz1G64zo6kYtyYg--~A
Request Chain 163
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDExMWYwMzFlN2NjOWYwOTQxYjc2ZjkyYzAyMDY3MzQ1YWJkNzk4Yw
Request Chain 164
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDG1aB6AJmRDELJnRhGn_K4&google_cver=1
Request Chain 165
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_Lyfo4YAQ9StQBD6-k9WZw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_Lyfo4YAQ9StQBD6-k9WZw
Request Chain 166
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WLTt0pT9RJ-hFIdDNW7TjQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WLTt0pT9RJ-hFIdDNW7TjQ
Request Chain 167
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVTUzI3UlAtVC01OUxH
Request Chain 168
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LESS27RP-T-59LG

169 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.winchesterlax.org/
Redirect Chain
  • http://winchesterlax.org/
  • http://www.winchesterlax.org/
81 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1ba514abf9df84484468ec82dd95057b07ee40c9ef1bc840f06d209486815c91

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Length
20554
Content-Type
text/html
Date
Fri, 03 Mar 2023 16:56:20 GMT
Expires
Fri, 03 Mar 2023 16:55:20 GMT
Pragma
no-cache
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
X-Powered-By
ASP.NET

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
169
Content-Type
text/html
Date
Fri, 03 Mar 2023 16:56:18 GMT
Location
http://www.winchesterlax.org/
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
widgets_headlines.css
www.winchesterlax.org/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.winchesterlax.org/css/widgets_headlines.css
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
6acbed2b6e9b426a12a97ad036e3fba8908b49a4bf660a9926bb522f2a137cf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:20 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:04 GMT
Server
Microsoft-IIS/8.5
ETag
"05ac7758440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=86393
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3273
Expires
Sat, 04 Mar 2023 16:56:13 GMT
jquery-ui.css
code.jquery.com/ui/1.10.3/themes/smoothness/ 		31 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.10.3/themes/smoothness/jquery-ui.css
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
9c286c1a80773a8c752ffc323aec348776f86ab242a4e58636b87f376e0853b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:20 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-7d2e"
vary
Accept-Encoding
x-hw
1677862580.dop266.fr8.t,1677862580.cds229.fr8.hn,1677862580.cds265.fr8.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
6050
jquery-1.10.2.min.js
www.winchesterlax.org/js/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.winchesterlax.org/js/jquery-1.10.2.min.js
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32825
Expires
Sat, 04 Mar 2023 16:56:21 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/ 		223 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 09:39:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
26225
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
60529
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sat, 02 Mar 2024 09:39:15 GMT
jquery.timepicker_old.min.js
www.winchesterlax.org/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.winchesterlax.org/js/jquery.timepicker_old.min.js
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f39a1948afb2eb2458272cb7307bea21a52f15482c6fa2284f9d5c1a36615481

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2940
Expires
Sat, 04 Mar 2023 16:56:21 GMT
bootstrap23.min.js
www.winchesterlax.org/js/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.winchesterlax.org/js/bootstrap23.min.js
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
bbe9769868e99862bf9858149dc98c70529d3228ef57e277a1d94325948d52ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86380
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7468
Expires
Sat, 04 Mar 2023 16:56:01 GMT
jquery.cookie.js
www.winchesterlax.org/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.winchesterlax.org/js/jquery.cookie.js
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
05133ea0cca7437d914451446b248c01060c2e903ebfe12ecf797466c92afe97

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86347
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1043
Expires
Sat, 04 Mar 2023 16:55:28 GMT
jquery.bxslider.js
www.winchesterlax.org/js/bxSlider/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.winchesterlax.org/js/bxSlider/jquery.bxslider.js
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
54b5c9cb0cff8303395c302978135685c6ed659650dd9ef4840f09be6204a4b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86357
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12072
Expires
Sat, 04 Mar 2023 16:55:38 GMT
colpick.js
www.winchesterlax.org/js/colpick-jQuery-Color-Picker-master/js/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.winchesterlax.org/js/colpick-jQuery-Color-Picker-master/js/colpick.js
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f901ac542e87b0b218a642541e69729ef1631113e42ea97a2bdc9353db122492

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86388
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4928
Expires
Sat, 04 Mar 2023 16:56:09 GMT
jquery.bootstrap-growl.min.js
www.winchesterlax.org/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.winchesterlax.org/js/jquery.bootstrap-growl.min.js
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
95639f6cb9f5fed47d630e6ba881faf6c69a9e04a7b25067c24d377eb6393855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86391
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
626
Expires
Sat, 04 Mar 2023 16:56:12 GMT
moment.js
www.winchesterlax.org/js/ 		91 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.winchesterlax.org/js/moment.js
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c971da8733003f78cd8a2f8436a7c8bdda056e97411ab2c13f6dabec82c2828a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21494
Expires
Sat, 04 Mar 2023 16:56:21 GMT
jquery.masonry.min.js
www.winchesterlax.org/Tools/Masonary/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.winchesterlax.org/Tools/Masonary/jquery.masonry.min.js
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f707c589d82154ee8ea0d326ad8fb8034d29f5eaaba12f8482f319685bcae0a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:12 GMT
Server
Microsoft-IIS/8.5
ETag
"0e8c7a8440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86344
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2163
Expires
Sat, 04 Mar 2023 16:55:25 GMT
modernizr-transitions.js
www.winchesterlax.org/Tools/Masonary/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.winchesterlax.org/Tools/Masonary/js/modernizr-transitions.js
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c2d59c9a36c921c829c0e35100664f0d206be63dfc84db080415afec064d41b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:12 GMT
Server
Microsoft-IIS/8.5
ETag
"0e8c7a8440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86364
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1068
Expires
Sat, 04 Mar 2023 16:55:45 GMT
galleria.classic.css
www.leagueathletics.com/js/galleria/themes/classic/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.leagueathletics.com/js/galleria/themes/classic/galleria.classic.css
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c513 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c4ce12cec6a6ff918e2437b098249eb9369a1df752faa170efa848b934a129c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:20 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=58131
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1118
Expires
Sat, 04 Mar 2023 09:05:11 GMT
galleria-1.2.9.min.js
www.leagueathletics.com/js/galleria/ 		75 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.leagueathletics.com/js/galleria/galleria-1.2.9.min.js
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c513 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
aa30473a739f955f6cb4108f5908f36067309348be0513ea7357ab6544181946

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:20 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=58274
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22678
Expires
Sat, 04 Mar 2023 09:07:34 GMT
galleria.classic.min.js
www.leagueathletics.com/js/galleria/themes/classic/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.leagueathletics.com/js/galleria/themes/classic/galleria.classic.min.js
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c513 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
788953ee1092fdd88b00161fdd4ce05c9c728caa6bbe5ca1982b0022824a09a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:20 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=53710
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
643
Expires
Sat, 04 Mar 2023 07:51:30 GMT
oswald-font.css
s3.amazonaws.com/la-web-assets/public/images/fonts/ 		469 B
883 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/la-web-assets/public/images/fonts/oswald-font.css
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.91.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d5d08de1aede7f8889a719f4ad492a0ff19ffa068d8f6b9c3d477464b302f172

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:21 GMT
Last-Modified
Wed, 15 Mar 2017 21:43:51 GMT
Server
AmazonS3
x-amz-request-id
YC0PHC1QAF2M5CCC
ETag
"94658a8866d7b71298c387c5acb54515"
x-amz-meta-cb-modifiedtime
Tue, 26 Jul 2016 21:24:10 GMT
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
469
x-amz-id-2
feYlPnF2bbQFxvdW4x6+tHkJC+RSs259cCmL3c09j98Fkj19yJUikxfJYuVCLEFfYJRp6hIzZMg=
jquery.marquee.min.css
www.winchesterlax.org/js/jquery.marquee/css/ 		320 B
627 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.winchesterlax.org/js/jquery.marquee/css/jquery.marquee.min.css
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
693b7c07f50088c0bd777e72d17f1cd9126fe735b35be4a29176f52b63eca186

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:20 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
241
Expires
Sat, 04 Mar 2023 16:56:20 GMT
jquery.timepicker.css
www.winchesterlax.org/css/ 		1 KB
769 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.winchesterlax.org/css/jquery.timepicker.css
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
59db6bffa1696646aa3b14eda83dae911e3b92441dc86befa0610063381e00d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:20 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:04 GMT
Server
Microsoft-IIS/8.5
ETag
"05ac7758440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
383
Expires
Sat, 04 Mar 2023 16:56:20 GMT
datepicker.css
www.winchesterlax.org/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.winchesterlax.org/css/datepicker.css
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
38e74de19544de03795e264abcaa31b90e48631fc3c6aa262ee055d0c271f2b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:20 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:04 GMT
Server
Microsoft-IIS/8.5
ETag
"05ac7758440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=86341
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
992
Expires
Sat, 04 Mar 2023 16:55:21 GMT
bootstrap23.min.css
www.winchesterlax.org/css/ 		104 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.winchesterlax.org/css/bootstrap23.min.css
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f835e3c49aa6e6421f1728761cecb75dea22f603dbc03ad4bf3930be33afd477

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:04 GMT
Server
Microsoft-IIS/8.5
ETag
"05ac7758440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=86347
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17070
Expires
Sat, 04 Mar 2023 16:55:28 GMT
font-awesome.min.css
www.winchesterlax.org/css/font-awesome-4.3.0/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.winchesterlax.org/css/font-awesome-4.3.0/css/font-awesome.min.css
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:20 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:04 GMT
Server
Microsoft-IIS/8.5
ETag
"05ac7758440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=86392
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5442
Expires
Sat, 04 Mar 2023 16:56:12 GMT
jquery.bxslider.css
www.winchesterlax.org/js/bxSlider/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.winchesterlax.org/js/bxSlider/jquery.bxslider.css
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
82efd9f2736985bd4fa8f0d50182a682d4debde20a6e2225faf6fcd4bf70d7e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=86342
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1156
Expires
Sat, 04 Mar 2023 16:55:23 GMT
colpick.css
www.winchesterlax.org/js/colpick-jQuery-Color-Picker-master/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.winchesterlax.org/js/colpick-jQuery-Color-Picker-master/css/colpick.css
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b0d42285977d9297d0cdcd54162e45333e82d7cdfea48f362dde9baab6d8ad85

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:08 GMT
Server
Microsoft-IIS/8.5
ETag
"0b429788440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1988
Expires
Sat, 04 Mar 2023 16:56:21 GMT
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Open+Sans:400,300,700
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ed8bc35837fb39ca688180ed7acb31ef58de4c939131bd37d44d933c61bc229c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Fri, 03 Mar 2023 16:56:20 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Fri, 03 Mar 2023 16:56:20 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Oswald:400,300,700
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6bb1ab8474e44124d6d91e58bb435f8a70d8176a9b54de52519fdcb439da80c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Fri, 03 Mar 2023 16:40:15 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Fri, 03 Mar 2023 16:56:20 GMT
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Roboto:400,300,700
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a9fded2f535cb3b67bcc739113c2dc6244a03b5e16e4eb93797011bb567ec857
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Fri, 03 Mar 2023 16:56:20 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Fri, 03 Mar 2023 16:56:20 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Exo:300,400,700|Titillium+Web:400,300,700
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4e222ceed7ac22a645ec5c840430489b5be14ca9adca99f141940dc87a0f4ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Fri, 03 Mar 2023 16:56:20 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Fri, 03 Mar 2023 16:56:20 GMT
Basestyles.css
www.winchesterlax.org/Framework/ 		84 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.winchesterlax.org/Framework/Basestyles.css?v=944
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
230a35a73af726cb64e849df226cabe69ecc7617b1ae89b1d25800efd6c28cb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:06 GMT
Server
Microsoft-IIS/8.5
ETag
"087f8768440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=86372
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15558
Expires
Sat, 04 Mar 2023 16:55:53 GMT
6530_Custom.css
s3.amazonaws.com/files.leagueathletics.com/Text/CSS/ 		27 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/files.leagueathletics.com/Text/CSS/6530_Custom.css
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.91.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7bb5f0cd03fb2b44d69afb0422d5697eb311ce128e53cfe2b1048563bbcbd7d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:21 GMT
x-amz-version-id
2jcuVXtCrm_pyUi6v_0p4zFxLCXt9UXO
Last-Modified
Tue, 30 Mar 2021 03:04:59 GMT
Server
AmazonS3
x-amz-request-id
YC0STDP8MX1X4AM3
ETag
"848777a27c2bfbcb9dbd30c7e1bfa060"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
27518
x-amz-id-2
5SnWn7Jy8CoUZv8i1h8H8Lpikl+b6LzYlOmRcPmZtzoi71s97cM3p0rNy2EXDnvUlDU+ZG0i/cM=
animate.css
www.winchesterlax.org/css/ 		67 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.winchesterlax.org/css/animate.css
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0f3ffa7f0b928b893a75953b1b233b2bf8dc84f94851a6d24225a59d862c270b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 14:56:04 GMT
Server
Microsoft-IIS/8.5
ETag
"05ac7758440d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4097
Expires
Sat, 04 Mar 2023 16:56:21 GMT
la_adminbar_logo_co.png
s3.amazonaws.com/la-web-assets/public/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/la-web-assets/public/images/la_adminbar_logo_co.png
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.91.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7cc228ef7147fdd34fc7196fafce61135f5f4f2ceb4715538efb579555911f44

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:22 GMT
Last-Modified
Wed, 15 Mar 2017 22:15:26 GMT
Server
AmazonS3
x-amz-request-id
N8SHEHPJEEW1TPTE
ETag
"3556d683cca26fe1f9359e92391dca98"
x-amz-meta-cb-modifiedtime
Tue, 26 Jul 2016 20:49:25 GMT
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1405
x-amz-id-2
7k+LpIeWPQH7Orc3AJWkElpUdpwNOmtNf7cdnpd9uO45Od8DzrVEHxM8ALMVv9E72l6rQxf2H1k=
6530_AutoBanner.jpg
s3.amazonaws.com/files.leagueathletics.com/Images/Logos/ 		327 KB
328 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/files.leagueathletics.com/Images/Logos/6530_AutoBanner.jpg
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.91.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b254f92c459e67f293ed39e76cf9253d15db8d21d0c51abf794d031d99e0b2a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:22 GMT
x-amz-version-id
eiw9dpxIx9M9BZqheXGJxi1oSwznRWr.
Last-Modified
Tue, 30 Mar 2021 03:05:03 GMT
Server
AmazonS3
x-amz-request-id
N8SMAWXHJ59DEFK4
ETag
"ea0afdac2a6663f3e418b307142399ed"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
335160
x-amz-id-2
e8DskpwtTMPRF3Xxy/HNxJxT8zTynxXcU0ZK58H1STzrfZIPFfrU7KZswpj6DX9gqByJOoPlvMo=
6530.jpg
s3.amazonaws.com/files.leagueathletics.com/Images/Logos/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/files.leagueathletics.com/Images/Logos/6530.jpg
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.91.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
75202d6c4a60f686cd512d44fba996b02afcc89c6ce0bb19debacb6917b6bb7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:23 GMT
x-amz-version-id
z7IDlALXEl7V7_NdsdYlsWrUThxfqKCb
Last-Modified
Tue, 26 Jan 2021 17:31:26 GMT
Server
AmazonS3
x-amz-request-id
R329FB6YXGNVQ7VS
ETag
"51994b990e0e78852c4b492ca824d93e"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
5435
x-amz-id-2
bE7usYO42h9UQE5xSKyBGKnRsa1lOHn2mIKr6CYfCvDl2JHSb7/9IrQ9iZgWfc0m3aqvhHTwWh0=
rss.gif
s3.amazonaws.com/la-web-assets/public/images/ 		329 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/la-web-assets/public/images/rss.gif
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.91.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2c1b58fb99550d47bd68747098a10d76be37ccc5dafbebb6a024e139351ce6c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:23 GMT
Last-Modified
Wed, 15 Mar 2017 22:17:10 GMT
Server
AmazonS3
x-amz-request-id
R3284RDCPY2RKNA2
ETag
"b46e696e689b88849ce1b3057f1d6e37"
x-amz-meta-cb-modifiedtime
Tue, 26 Jul 2016 19:57:04 GMT
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
329
x-amz-id-2
kLKT3FY8+TeNK11vl6ZtvXkPYPabWKNx4/mQXY1sFaJNW330zKAAI7DcV5ONtOK5Brj2tR/ADew=
addthis_widget.js
s7.addthis.com/js/200/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/200/addthis_widget.js
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Fri, 03 Mar 2023 16:56:21 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
x-host
s7.addthis.com
content-length
116421
USAL_horizontal1_rgb_darkbg.png
s3.amazonaws.com/la-web-assets/public/images/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/la-web-assets/public/images/USAL_horizontal1_rgb_darkbg.png
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.91.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2c97758b1f3e79fd60d897654fd7db9ecb3c76d4170252a62ee2eb7cd9894c5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:23 GMT
Last-Modified
Mon, 06 Sep 2021 08:24:24 GMT
Server
AmazonS3
x-amz-request-id
R32AH6A1FPCKBVTR
ETag
"0170d6be632b34a94871fb0ae6e6dd51"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
47882
x-amz-id-2
tn5Kp6ylUeejGgDq/56QaLZPeScwFeJlqRFV66DBtvIno/nfUQQ2Q2gsZMKnh/gTnRx78FxsHuc=
play.gif
s3.amazonaws.com/la-web-assets/public/images/buttons/ 		776 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/la-web-assets/public/images/buttons/play.gif
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.91.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e6622513a0ddf2e6a2c08bb8bcbb93175a090bee61226df03f8b1a17b1390969

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:23 GMT
Last-Modified
Wed, 15 Mar 2017 21:46:26 GMT
Server
AmazonS3
x-amz-request-id
R32DWB0VY1PJ0TJ6
ETag
"4b48b245769c2b2825a5d82537390b60"
x-amz-meta-cb-modifiedtime
Tue, 26 Jul 2016 21:05:12 GMT
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
776
x-amz-id-2
xuhjPfBsUf9i0DdEJlsG4pzfzcat96+jLNnM4tr5mHPdkuXOVsI/hK7NYhHpG4rdFSukRe9YQNs=
stop.gif
s3.amazonaws.com/la-web-assets/public/images/buttons/ 		789 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/la-web-assets/public/images/buttons/stop.gif
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.91.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
3878bb6398bb458a5623218facc58d4c987a00f469a1b30fc9a0a09848c48cd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:23 GMT
Last-Modified
Wed, 15 Mar 2017 21:46:35 GMT
Server
AmazonS3
x-amz-request-id
R3239FY4VD9G7RA2
ETag
"cb4c47163cf64d73ca638c4659fc2980"
x-amz-meta-cb-modifiedtime
Tue, 26 Jul 2016 21:05:04 GMT
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
789
x-amz-id-2
VEZmv99em9bDLqJlvk26ja7Qz67ujN9Er5GUvWt2bXEWsOqfdyYZrtxiXsDmAh82hwQ5gruZ3Ac=
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
H2
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 03 Mar 2023 15:17:30 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5932
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 03 Mar 2023 17:17:30 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
gtm.js
www.googletagmanager.com/ 		136 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KJZ5RQN
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
34805f569966870bb1f53f8fc57474f49679b9ce57e9fb6952301938fabfc778
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53281
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 03 Mar 2023 16:56:22 GMT
6530_gutter.jpg
s3.amazonaws.com/files.leagueathletics.com/Images/Logos/ 		727 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/files.leagueathletics.com/Images/Logos/6530_gutter.jpg
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/files.leagueathletics.com/Text/CSS/6530_Custom.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.91.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8c647f32d32a9c6aec75df4d2741019d74d54425a4f5821a6e8039a508c07c4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s3.amazonaws.com/files.leagueathletics.com/Text/CSS/6530_Custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:23 GMT
x-amz-version-id
jXxCEvMzvzRO6N5KFQQMdFBDbmkAzxlY
Last-Modified
Tue, 26 Jan 2021 17:26:21 GMT
Server
AmazonS3
x-amz-request-id
R320ZQDZEVKAXT2K
ETag
"c037304381a31f65a158d748a65d1f11"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
727
x-amz-id-2
arQJQHAv7cfaeKYn1ZaYfkks/eXhwdp5Cgkq4kN+vavPjJpS3lmsrEAFfzB6rKmJPTFG3p2/hVE=
menumorewhite.png
la-web-assets.s3.amazonaws.com/public/images/ 		1015 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://la-web-assets.s3.amazonaws.com/public/images/menumorewhite.png
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/files.leagueathletics.com/Text/CSS/6530_Custom.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.48.73 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
423caf5fb9f2c9d7c33fa62130e60c8338f81f2098b345e11c84fba8f90fcd46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s3.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:23 GMT
Last-Modified
Wed, 15 Mar 2017 22:16:01 GMT
Server
AmazonS3
x-amz-request-id
R3229JXQDESMP1VR
ETag
"bd8b4a14246458478b67af481c9813a9"
x-amz-meta-cb-modifiedtime
Tue, 26 Jul 2016 20:48:53 GMT
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1015
x-amz-id-2
UAc/HiHLBeO6D1bUJIhM7bvaNrIslY1sHli+p+dFdJEMChI6HqQWAfqsO6URDEP6UPNgB2j4JWY=
light_check.png
s3.amazonaws.com/files.leagueathletics.com/Text/images/headlines/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/files.leagueathletics.com/Text/images/headlines/light_check.png
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/files.leagueathletics.com/Text/CSS/6530_Custom.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.91.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s3.amazonaws.com/files.leagueathletics.com/Text/CSS/6530_Custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
image_holder.png
www.winchesterlax.org/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.winchesterlax.org/images/image_holder.png
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4a9942129f7e070b6eb2e6800c6ef70b3e9b2ef9caba10886270b1267957069b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:22 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Type
text/html; charset=utf-8
Cache-Control
private, max-age=2592000
Connection
keep-alive
Content-Length
5029
Expires
Sun, 02 Apr 2023 16:56:22 GMT
fontawesome-webfont.woff2
www.winchesterlax.org/css/font-awesome-4.3.0/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://www.winchesterlax.org/css/font-awesome-4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/css/font-awesome-4.3.0/css/font-awesome.min.css
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer
http://www.winchesterlax.org/css/font-awesome-4.3.0/css/font-awesome.min.css
Origin
http://www.winchesterlax.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:22 GMT
Last-Modified
Tue, 14 Feb 2023 14:56:04 GMT
Server
Microsoft-IIS/8.5
ETag
"05ac7758440d91:0"
X-Powered-By
ASP.NET
Content-Type
application/font-woff2
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
56780
Expires
Fri, 10 Mar 2023 16:56:22 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/200/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.161.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-161-152.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

unused62
8096267
date
Fri, 03 Mar 2023 16:56:22 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=48529
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
0D04crVSZYc
www.youtube.com/embed/ Frame A3C3 		68 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/0D04crVSZYc?wmode=transparent?autoplay=0
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f674cf132a8c5d73abd0a7902b05a3f0918886287a6b1672dd0aab2d66b07bab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.winchesterlax.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Mar 2023 16:56:22 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
light_check.png
www.winchesterlax.org/images/headlines/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.winchesterlax.org/images/headlines/light_check.png
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2a02:26f0:dc::213:c51b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c552159e6d7a4a42c32a6a20bca5feb0fbead938fd4469abd10253b010cdfadc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:22 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Type
text/html; charset=utf-8
Cache-Control
private, max-age=2592000
Connection
keep-alive
Content-Length
5047
Expires
Sun, 02 Apr 2023 16:56:22 GMT
footer_mark.png
s3.amazonaws.com/la-web-assets/public/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/la-web-assets/public/images/footer_mark.png
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/Framework/Basestyles.css?v=944
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.91.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0c79154d62b41f9ff8b5df1755ffc6189be8aead29bf110238845e9c364d0065

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:23 GMT
Last-Modified
Wed, 15 Mar 2017 22:14:35 GMT
Server
AmazonS3
x-amz-request-id
R324AAW38MNGBPJS
ETag
"5f05352616d17a27434564f2b68237a4"
x-amz-meta-cb-modifiedtime
Tue, 26 Jul 2016 20:50:10 GMT
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2386
x-amz-id-2
3C/I6O/aUnEqQCPWcMjYjpnzg/OuE2Sn2Eke9lQ5Qy73uUdsmffCdN0Z/49i7Hf19alZqwgQSxA=
_ate.track.config_resp
v1.addthisedge.com/live/boost/donmalin/ 		166 B
325 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/donmalin/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/200/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:22 GMT
content-encoding
gzip
etag
659743217
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=29, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
154
300lo.json
m.addthis.com/live/red_lojson/ 		89 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=640226b6ba1c1dc4&bkl=0&bl=1&pdt=2951&sid=640226b6ba1c1dc4&pub=donmalin&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.winchesterlax.org&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Lacrosse%2CWYL%2CWinchester%20Youth%20Lacrosse%2C%2FRegistration%2FFamilyAccounts.asp%3Forg%3DWINCHESTERLAX.ORG%2C01890%2CGoal%2Cathletic%2Cleague%2Cassociation%2Cteam%2Csports%2Cwebsite%2Ccoach%2Cschedule%2Cscores%2Cmessages&colc=1677862582220&jsl=1&uvs=640226b6a3f6b067000&skipb=1&callback=addthis.cbs.jsonp__37543541585871610
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/200/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
21a1785463e2400495efcdefd536d599041f50561b1505aaf2166885c1890d5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Mar 2023 16:56:22 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame C76D 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame CF11 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/200/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
http://www.winchesterlax.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Fri, 03 Mar 2023 16:56:22 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
beacon.js
b.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://b.scorecardresearch.com/beacon.js
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 01:03:28 GMT
Content-Encoding
gzip
Via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P1
Age
57485
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 28 Jun 2022 13:19:23 GMT
Server
AmazonS3
ETag
W/"eaf85c1c6758e84acfe134efd70e9373"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
X-Amz-Cf-Id
vB3VwN1n1Y2dLqagSNgTMKP5tpX0M-If3-STcxyGJf5w_UleI0ncHg==
prebid_config.js
storage.googleapis.com/didna_hb/sports_engine/leagueathletics/ 		16 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/didna_hb/sports_engine/leagueathletics/prebid_config.js
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2010 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c3395e338134840aa5558b073c466c171803c8150cb6d12af1970126cfed5326

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:22 GMT
age
0
x-guploader-uploadid
ADPycdsSVvL5IhOIQZdllHUJnx-0-bJGYPACgYmoNhv15k3rUMbJDrfr0YUPiTl3sl7a2tlUK4hlBksqvHPzqO1vSl00YZady6uA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16795
last-modified
Wed, 07 Dec 2022 20:45:03 GMT
server
UploadServer
etag
"7ec0101ccc3a535f1609caa77555004e"
x-goog-generation
1670445903223335
x-goog-hash
crc32c=zikADQ==, md5=fsAQHMw6U18WCcqndVUATg==
content-type
text/javascript
cache-control
no-cache
x-goog-stored-content-length
16795
accept-ranges
bytes
expires
Sat, 02 Mar 2024 16:56:22 GMT
collect
www.google-analytics.com/j/ 		4 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1259018458&t=pageview&_s=1&dl=http%3A%2F%2Fwww.winchesterlax.org%2F&ul=en-us&de=UTF-8&dt=Winchester%20Youth%20Lacrosse&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=70065510&gjid=602510041&cid=1378022186.1677862582&tid=UA-2070627-2&_gid=1952050382.1677862582&_r=1&_slc=1&z=1508782440
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.winchesterlax.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Mar 2023 16:56:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.winchesterlax.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
b
sb.scorecardresearch.com/ 		0
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=6035083&c3=120300&cs_ucfr=0&cs_it=b3&cv=3.8.0.210223&ns__t=1677862582468&ns_c=UTF-8&c7=http%3A%2F%2Fwww.winchesterlax.org%2F&c8=Winchester%20Youth%20Lacrosse&c9=
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-21.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:22 GMT
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
4nWcMFwuCNMNPEy3BI3CqJ_vOpZ2Ve94RhRC4qDl9U7uFRnPqZw97w==
x-cache
Miss from cloudfront
www-player.css
www.youtube.com/s/player/7862ca1f/ Frame A3C3 		398 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7862ca1f/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0D04crVSZYc?wmode=transparent?autoplay=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
819caf20a98b59edf79abbb9c625bdd6d9d57f52fce7821a7cb041574be96b8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/0D04crVSZYc?wmode=transparent?autoplay=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 16:08:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
175675
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52267
x-xss-protection
0
last-modified
Wed, 01 Mar 2023 01:18:28 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 29 Feb 2024 16:08:27 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A3C3 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0D04crVSZYc?wmode=transparent?autoplay=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 15:27:04 GMT
x-content-type-options
nosniff
age
91758
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 15:27:04 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A3C3 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0D04crVSZYc?wmode=transparent?autoplay=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 18:28:44 GMT
x-content-type-options
nosniff
age
167258
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Feb 2024 18:28:44 GMT
www-embed-player.js
www.youtube.com/s/player/7862ca1f/www-embed-player.vflset/ Frame A3C3 		347 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7862ca1f/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0D04crVSZYc?wmode=transparent?autoplay=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f609d7686d219cc85b7d25028a520f24adf63c99be3242c0ba295060a2ff9eb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/0D04crVSZYc?wmode=transparent?autoplay=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 16:08:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
175675
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111137
x-xss-protection
0
last-modified
Wed, 01 Mar 2023 01:18:28 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 29 Feb 2024 16:08:27 GMT
base.js
www.youtube.com/s/player/7862ca1f/player_ias.vflset/de_DE/ Frame A3C3 		2 MB
608 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7862ca1f/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0D04crVSZYc?wmode=transparent?autoplay=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b1b7fd9deafc45cfc3db423df5859c6fbdf7a4d36baddf2612c82f81d56232f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/0D04crVSZYc?wmode=transparent?autoplay=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 16:11:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
175496
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
622096
x-xss-protection
0
last-modified
Wed, 01 Mar 2023 01:18:28 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 29 Feb 2024 16:11:26 GMT
fetch-polyfill.js
www.youtube.com/s/player/7862ca1f/fetch-polyfill.vflset/ Frame A3C3 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7862ca1f/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0D04crVSZYc?wmode=transparent?autoplay=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/0D04crVSZYc?wmode=transparent?autoplay=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 16:08:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
175675
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2786
x-xss-protection
0
last-modified
Wed, 01 Mar 2023 01:18:28 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 29 Feb 2024 16:08:27 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-2070627-2&cid=1378022186.1677862582&jid=70065510&gjid=602510041&_gid=1952050382.1677862582&_u=IEBAAEAAAAAAACAAI~&z=57247561
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:402::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.winchesterlax.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 03 Mar 2023 16:56:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.winchesterlax.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
didna_util_v3120.min.js.gz
storage.googleapis.com/didna-files/utility/ 		131 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/didna-files/utility/didna_util_v3120.min.js.gz
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/sports_engine/leagueathletics/prebid_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2010 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
007f73ba9534e82182d6318dd0164ad724f1fbd034d75f478c5a782fb52086e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:22 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdviLI5jQ8rG-HxTCz8oSJfKI1KVg5NzZLpZKW9we6n1_LlSSsRJgS2N0aIzQ06OasHTZ59I4oYQNYHFgiZZVG_Kgq92tv0d
x-goog-storage-class
MULTI_REGIONAL
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35723
x-goog-meta-
last-modified
Thu, 24 Sep 2020 13:05:27 GMT
server
UploadServer
etag
"d5a9cf6ab52999a22607ca4a4d61bd45"
vary
Accept-Encoding
x-goog-generation
1600952727748375
x-goog-hash
crc32c=EVMiag==, md5=1anParUpmaImB8pKTWG9RQ==
content-type
text/javascript
cache-control
max-age=86400
x-goog-stored-content-length
35723
accept-ranges
bytes
expires
Sat, 04 Mar 2023 16:56:22 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-2070627-2&cid=1378022186.1677862582&jid=70065510&_u=IEBAAEAAAAAAACAAI~&z=1244302037
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Mar 2023 16:56:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-2070627-2&cid=1378022186.1677862582&jid=70065510&_u=IEBAAEAAAAAAACAAI~&z=1244302037
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Mar 2023 16:56:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
id
googleads.g.doubleclick.net/pagead/ Frame A3C3
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0D04crVSZYc?wmode=transparent?autoplay=0
Protocol
H2
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e34d54d41c8bf2cdde656ff8bef8f040dc2df9c7b868168758e74bf80cab6e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 03 Mar 2023 16:56:22 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame A3C3 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7862ca1f/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:49:37 GMT
x-content-type-options
nosniff
age
405
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Mar 2023 17:04:37 GMT
didna_prebid.js.gz
storage.googleapis.com/didna_hb/prebid/ 		331 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/didna_hb/prebid/didna_prebid.js.gz
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-files/utility/didna_util_v3120.min.js.gz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2010 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
cb23a578a888ff383ba230006154f852c45e550e880e333730ef7e6bfd6c9899

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:23 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdv-55oswbhRuZdWlqtoo6JQYxnYor0AA9dkBXCJKljHOp2rCaAvPqddOiLiOv0gznS10Tx6H5F31Igo3OGUKsdP8YT1QgZy
x-goog-storage-class
MULTI_REGIONAL
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105982
x-goog-meta-
last-modified
Fri, 05 Mar 2021 20:42:13 GMT
server
UploadServer
etag
"3f6a29c05a83f4cb3d56df7cf3e850cb"
vary
Accept-Encoding
x-goog-generation
1614976933656790
x-goog-hash
crc32c=ocyuGA==, md5=P2opwFqD9Ms9Vt988+hQyw==
content-type
text/javascript
cache-control
max-age=172800
x-goog-stored-content-length
105982
accept-ranges
bytes
expires
Sun, 05 Mar 2023 16:56:23 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-files/utility/didna_util_v3120.min.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60be05290d15b4be4393097e375a96297c1908a67fcc0538858715c45ba22f94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27028
x-xss-protection
0
server
sffe
etag
"1499 / 101 of 1000 / last-modified: 1677845493"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 03 Mar 2023 16:56:23 GMT
didna_trackers.html
storage.didna.io/ Frame F7C2 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.didna.io/didna_trackers.html
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-files/utility/didna_util_v3120.min.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.239.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.239.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e042f7b9638fdd28d660eb5a9552b5192f96a1131c0e28c3f63666c9b9deebfe

Request headers

Referer
http://www.winchesterlax.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2301
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-length
2867
content-type
text/html
date
Fri, 03 Mar 2023 16:18:02 GMT
etag
"13d9c4d6c276bc3cb0b5afd7ff642b8d"
expires
Fri, 03 Mar 2023 17:18:02 GMT
last-modified
Sun, 14 Jun 2020 19:10:59 GMT
server
UploadServer
vary
X-Goog-Allowed-Resources
x-goog-generation
1592161859249348
x-goog-hash
crc32c=+vRTlQ== md5=E9nE1sJ2vDywta/X/2QrjQ==
x-goog-metageneration
2
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2867
x-guploader-uploadid
ADPycdugGg41kT48FWJzQ7uTlfN0EOqclj7uan-3zJdA036EjgdRBBedAxYawksEPMJPq-KFfvX1vjB91dkox2Se5yla
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 03 Mar 2023 16:56:23 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A3C3 		66 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7862ca1f/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
14a17f95640a0471866ce452ed8d23c82798e64829c0b14fcb4476ec340bd48a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 03 Mar 2023 16:56:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30855
x-xss-protection
0
remote.js
www.youtube.com/s/player/7862ca1f/player_ias.vflset/de_DE/ Frame A3C3 		116 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7862ca1f/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7862ca1f/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a924aaedff33edf135742da7a868f61982fff698a5d2ed55c1d661db0a3824db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/0D04crVSZYc?wmode=transparent?autoplay=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 16:11:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
175496
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36489
x-xss-protection
0
last-modified
Wed, 01 Mar 2023 01:18:28 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 29 Feb 2024 16:11:27 GMT
KEsbNnzLb741hatNhwIyj19PIhcdml8rYMMyNCragbA.js
www.google.com/js/th/ Frame A3C3 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/KEsbNnzLb741hatNhwIyj19PIhcdml8rYMMyNCragbA.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7862ca1f/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
284b1b367ccb6fbe3585ab4d8702328f5f4f22171d9a5f2b60c332342ada81b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 20:46:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
72620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14296
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Mar 2024 20:46:03 GMT
default.webp
i.ytimg.com/vi_webp/0D04crVSZYc/ Frame A3C3 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/0D04crVSZYc/default.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0D04crVSZYc?wmode=transparent?autoplay=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2016 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c87ca2fa713187975b5da4488716e22ef0a8ae474233746924a3ced8fc71b1ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:23 GMT
x-content-type-options
nosniff
server
sffe
etag
"1493329451"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2240
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 03 Mar 2023 18:56:23 GMT
embed.js
www.youtube.com/s/player/7862ca1f/player_ias.vflset/de_DE/ Frame A3C3 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7862ca1f/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7862ca1f/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73b90835985cc1b0e1b1c7bc34fe5860f19c28d5315ef03b96eb20521ef61644
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/0D04crVSZYc?wmode=transparent?autoplay=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 16:11:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
175496
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8593
x-xss-protection
0
last-modified
Wed, 01 Mar 2023 01:18:28 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 29 Feb 2024 16:11:27 GMT
truncated
/ Frame A3C3 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
AL5GRJU21cKiDQ0g9qb0GELPhAbYrTUMq99mr6Csu4V8=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame A3C3 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AL5GRJU21cKiDQ0g9qb0GELPhAbYrTUMq99mr6Csu4V8=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0D04crVSZYc?wmode=transparent?autoplay=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d173ce93ee8d203371620a26f09a80c76f21d7c445fdb21e1957e208aed419ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:19:49 GMT
x-content-type-options
nosniff
age
12994
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3776
x-xss-protection
0
server
fife
etag
"vf"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 31 Jan 2023 06:17:59 GMT
quant.js
secure.quantserve.com/ Frame F7C2 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
79b87df922384438d3c4a7e6f3b2ebaef856e7b2ddc5f15e279dc7167c33553c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://storage.didna.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:23 GMT
content-encoding
gzip
etag
"liYNKlRv1+e+pwbkZBrDjQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 10 Mar 2023 16:56:23 GMT
beacon.js
sb.scorecardresearch.com/ Frame F7C2 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://storage.didna.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 00:59:06 GMT
content-encoding
gzip
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
57486
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
uoX_3XX_ufNAZGu5gUZV_BZpiu0bANlkX17CkO34cVr-YMKUDwek1g==
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A3C3 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7862ca1f/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3b4da1436ad14977544dec0a7de360acc6a4e1f98b1f95a4aca26cddfce34b8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 03 Mar 2023 16:56:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 03 Mar 2023 16:56:23 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
pubads_impl_2023030201.js
securepubads.g.doubleclick.net/gpt/ 		385 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js?cb=31072824
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f840763a07b5312fc63528256e33b2b0c49ba19d3ff5a2167d3496236f0afc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 12:01:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104079
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133088
x-xss-protection
0
last-modified
Thu, 02 Mar 2023 09:36:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 01 Mar 2024 12:01:44 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		54 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.winchesterlax.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4bbdf1c7fa1bb5939fdacbde9f5347b9e02848bd1b59255f509ded15858944c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54
x-xss-protection
0
expires
Fri, 03 Mar 2023 16:56:23 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame A3C3 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7862ca1f/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Mar 2023 16:56:23 GMT
generate_204
www.youtube.com/ Frame A3C3 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?7dLnzw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0D04crVSZYc?wmode=transparent?autoplay=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/0D04crVSZYc?wmode=transparent?autoplay=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rules-p-WnvyhEGJaE9Xh.js
rules.quantcount.com/ Frame F7C2 		160 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-WnvyhEGJaE9Xh.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:f200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7fd21b6e0980aada740143417f0af047b4c0e30d5e2d353ca62f14feb2c7459

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://storage.didna.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:12:14 GMT
via
1.1 29d6db1b5ecb170f22487453430df556.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P1
age
2654
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:48:13 GMT
server
AmazonS3
etag
"be75d26a2b1c32b2802b4df92f1949d9"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
uXxSMYR_4QslxNSVo4-7qkxi_KQSgVCNEm64W4WpLgxaCWmQimwsyA==
b
sb.scorecardresearch.com/ Frame F7C2 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=27875916&cs_it=b3&cv=3.8.0.210223&ns__t=1677862583714&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html&c8=diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield&c9=http%3A%2F%2Fwww.winchesterlax.org%2F
Requested by
Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-21.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://storage.didna.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:23 GMT
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
-52koV12HQxXHK58S3ewkZBHunESAuTG2tLlbCxHygl1qVfQv6y92g==
x-cache
Miss from cloudfront
pixel;r=283807963;rf=0;a=p-WnvyhEGJaE9Xh;url=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html;ref=http%3A%2F%2Fwww.winchesterlax.org%2F;uht=2;fpan=1;fpa=P0-326951082-1677862583703;pbc=;ns=1;ce=...
pixel.quantserve.com/ Frame F7C2 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=283807963;rf=0;a=p-WnvyhEGJaE9Xh;url=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html;ref=http%3A%2F%2Fwww.winchesterlax.org%2F;uht=2;fpan=1;fpa=P0-326951082-1677862583703;pbc=;ns=1;ce=1;qjs=1;qv=463953fd-20230224153512;cm=;gdpr=0;d=storage.didna.io;dst=0;et=1677862583794;tzo=0;ogl=locale.en_US%2Ctype.website%2Ctitle.diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield%2Cdescription.diDNA%20programmatic%20yield%20management%2Curl.https%3A%2F%2Fwww%252Edidna%252Eio%2F%2Csite_name.diDNA;ses=30b18145-23a3-4809-9fae-9feebc23a85d
Requested by
Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://storage.didna.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Mar 2023 16:56:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwww.winchesterlax.org%2F&domain=www.winchesterlax.org&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://www.winchesterlax.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
http://www.winchesterlax.org
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 03 Mar 2023 16:56:23 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
572960
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwww.winchesterlax.org%2F&domain=www.winchesterlax.org&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=9ZC2TXw2Z0pwdzJPL2dWZVM2am1VQ21xYXB4bk4zMkVnSjBvMU1oN1B1aVBENnNOLzBwYnJPM3k4S3NmaTBSbFVGT3FSY1IveEpFZ0Vwa0J4SUczdDNBVmFXaFQxekFRdVBBakFBajNnNTlyUXgxSnJBeW9VTFZrM2djUW...
370 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=9ZC2TXw2Z0pwdzJPL2dWZVM2am1VQ21xYXB4bk4zMkVnSjBvMU1oN1B1aVBENnNOLzBwYnJPM3k4S3NmaTBSbFVGT3FSY1IveEpFZ0Vwa0J4SUczdDNBVmFXaFQxekFRdVBBakFBajNnNTlyUXgxSnJBeW9VTFZrM2djUW9VUEN5ZVpoY2dreHVWejEzcXNWZXdkNWZwQXJ5M21xaWpKVENEa3FES2tKd0diK0h1V3VHL1ZMZVhoZ083c3A5bE9zMkIvalFSZGhUczBNUFpCejROejI3cithVFZyZXd5K09ZVlRYMEg0aVhTM1oxbit5bHhBUUM5ZjlHRlZyRk1ld28zUFJUfA&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5498c886fd478109941b6c9b3597ba7891ab3aa62455238581e3b8bd11e7454b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Mar 2023 16:56:24 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
672231
expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Mar 2023 16:56:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=9ZC2TXw2Z0pwdzJPL2dWZVM2am1VQ21xYXB4bk4zMkVnSjBvMU1oN1B1aVBENnNOLzBwYnJPM3k4S3NmaTBSbFVGT3FSY1IveEpFZ0Vwa0J4SUczdDNBVmFXaFQxekFRdVBBakFBajNnNTlyUXgxSnJBeW9VTFZrM2djUW9VUEN5ZVpoY2dreHVWejEzcXNWZXdkNWZwQXJ5M21xaWpKVENEa3FES2tKd0diK0h1V3VHL1ZMZVhoZ083c3A5bE9zMkIvalFSZGhUczBNUFpCejROejI3cithVFZyZXd5K09ZVlRYMEg0aVhTM1oxbit5bHhBUUM5ZjlHRlZyRk1ld28zUFJUfA&cppv=2
access-control-allow-origin
http://www.winchesterlax.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
753041
content-length
0
expires
0
prebid
lockerdome.com/ladbid/ 		11 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/ladbid/prebid
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/prebid/didna_prebid.js.gz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
http://www.winchesterlax.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
http://www.winchesterlax.org
Date
Fri, 03 Mar 2023 16:56:25 GMT
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Content-Encoding
gzip
Content-Length
31
Content-Type
application/json; charset=utf-8
hb
ssc.33across.com/api/v1/ 		65 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cQGneY9Z4r6BaCaKlId8sQ
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/prebid/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
4207718995ce4b662d744f7111babfc498bd6901555b85bd2ccd3ee138723313

Request headers

Referer
http://www.winchesterlax.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 03 Mar 2023 16:56:24 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
http://www.winchesterlax.org
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fastlane.json
fastlane.rubiconproject.com/a/api/ 		303 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21618&site_id=293386&zone_id=1474214&size_id=2&alt_size_ids=55&eid_pubcid.org=3ec78b80-c8f1-426e-b608-5003c2014ab4%5E1&rf=http%3A%2F%2Fwww.winchesterlax.org%2F&tk_flint=pbjs_lite_v4.25.0&x_source.tid=55e7f19a-7ff5-4897-8b2d-0184e8032712&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.507013724786842
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/prebid/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ca02d8a1425ee55bfda5a96d970879232eec31770f3fedaf23f46695e32c5484

Request headers

Referer
http://www.winchesterlax.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Mar 2023 16:56:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://www.winchesterlax.org
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
303
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		303 B
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21618&site_id=293386&zone_id=1474214&size_id=2&alt_size_ids=55&eid_pubcid.org=3ec78b80-c8f1-426e-b608-5003c2014ab4%5E1&rf=http%3A%2F%2Fwww.winchesterlax.org%2F&tk_flint=pbjs_lite_v4.25.0&x_source.tid=55e7f19a-7ff5-4897-8b2d-0184e8032712&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.7250914603307685
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/prebid/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ddb71ae476df1c71a98adb71e462561719124f62ba46cd5a4f319006c81e212e

Request headers

Referer
http://www.winchesterlax.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Mar 2023 16:56:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://www.winchesterlax.org
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
303
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		53 B
864 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/prebid/didna_prebid.js.gz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.winchesterlax.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 03 Mar 2023 16:56:24 GMT
AN-X-Request-Uuid
2cab9418-14ba-4d23-ad3c-0def964a0941
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://www.winchesterlax.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.29; 217.64.151.29; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/prebid/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.93.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-93-99.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.winchesterlax.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://www.winchesterlax.org
date
Fri, 03 Mar 2023 16:56:24 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=9ZC2TXw2Z0pwdzJPL2dWZVM2am1VQ21xYXB4bk4zMkVnSjBvMU1oN1B1aVBENnNOLzBwYnJPM3k4S3NmaTBSbFVGT3FSY1IveEpFZ0Vwa0J4SUczdDNBVmFXaFQxekFRdVBBakFBajNnNTlyUXgxSnJBeW9VTFZrM2djUW9VUEN5ZVpoY2dreHVWejEzcXNWZXdkNWZwQXJ5M21xaWpKVENEa3FES2tKd0diK0h1V3VHL1ZMZVhoZ083c3A5bE9zMkIvalFSZGhUczBNUFpCejROejI3cithVFZyZXd5K09ZVlRYMEg0aVhTM1oxbit5bHhBUUM5ZjlHRlZyRk1ld28zUFJUfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 03 Mar 2023 16:56:24 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
280573
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.winchesterlax.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js?cb=31072824
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.winchesterlax.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js?cb=31072824
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3099441113803887&correlator=4479700307849285&eid=31072824%2C44785064&output=ldjh&gdfp_req=1&vrg=2023030201&ptt=17&impl=fifs&iu_parts=5727661%2CDesktop%2Cleagueathletics%2CSticky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90&ifi=1&adks=2709129966&sfv=1-0-40&prev_scp=auid%3DdivSticky-01%26tfPassback%3Dfalse%26inView%3Dtrue&eri=1&sc=0&cookie_enabled=1&abxe=1&dt=1677862585323&lmt=1677862585&dlt=1677862580568&idt=3416&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fwww.winchesterlax.org%2F&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=1378022186.1677862582&ga_sid=1677862585&ga_hid=1259018458&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js?cb=31072824
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7bb60ef1a204ffe5ba55c3a58eaed043d4630b237d1c5de947a1a28c2fcab908
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10151
x-xss-protection
0
google-lineitem-id
6234957325
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138422716869
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.winchesterlax.org
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023030201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js?cb=31072824
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fac708742f1b2a3c6778de1c5535ad1a192df4a62ce6fd5166a1e7ba9cd1629b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11404
x-xss-protection
0
container.html
9fa75feac1486a765e27619b6d63ec7f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BB90 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9fa75feac1486a765e27619b6d63ec7f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js?cb=31072824
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.winchesterlax.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Mar 2023 16:56:25 GMT
expires
Sat, 02 Mar 2024 16:56:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame D813 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstElu5xhPt19DN5cJTfc38714hxEpdoKqFfbAIfkGuEFUj1LCkInAsXdywvF4l6q44Ul2aROz3pf-0rqp-StJ2UKc0-2hYXuQrmLmmFR-g-BzHIpNAXFiq1M_WEGFsvofjmLeDYlX1z52CQ1gUZsUkA6YGpi_SOov558MT_E9-rHCh8HDcPEABcW2nJxFOjIURQ3HVd1PBmvwxxkoHE4EXL-MpP3AKV55bgU7faaJzgcxGJtdVnzBgoAyH6AZ2znCD2M6tlssZ1DA-THK1gqQuFfyqAyofLzx_m6cLuKZvN55RpGF-OFjDRyM0mGcA0zSPEXC5k30dG3hF-zFQ2r_cC1gbOomGElDPBe9rZzzKpVonILpOOofoC&sai=AMfl-YQtJFvVguTVcAE3u84JqicZurBJf_ZHpQjEPJhv6ap3KHZlYjG9eyJbbjfAxoa5sqW27a0wu4QNqXHen_4tS-Q_F8fOb8gzIbt3VncR-w3-pa2Axj347fcijHLOVqbtBSX4VZNOeZ2Aknw3z4g&sig=Cg0ArKJSzAvu5JYcEA51EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 03 Mar 2023 16:56:25 GMT
tags.js
tags.expo9.exponential.com/tags/SportsNgincom/ROS/ Frame D813 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.expo9.exponential.com/tags/SportsNgincom/ROS/tags.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js?cb=31072824
Protocol
HTTP/1.1
Server
2606:4700::6812:ddb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd7158ef42785000c01392658cb59d4b4618dd9e50d96bc539f8ff1467927636

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:26 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
P3P
CP="NOI DEVo TAIa OUR BUS"
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
14158
X-Function
151
Last-Modified
Fri, 17 Feb 2023 18:05:21 GMT
Server
cloudflare
X-Reuse-Index
1
ETag
13319129765085067188
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600, private
CF-RAY
7a2369a96af839ec-FRA
Expires
Fri, 03 Mar 2023 17:56:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D813 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js?cb=31072824
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677673803517815"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Mar 2023 16:56:25 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js?cb=31072824
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Mar 2023 16:56:26 GMT
log_event
www.youtube.com/youtubei/v1/ Frame A3C3 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7862ca1f/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
X-Goog-Request-Time
1677862585787
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/0D04crVSZYc?wmode=transparent?autoplay=0
X-YouTube-Client-Version
1.20230228.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgstUGhWTXg4V2FKNCi2zYigBg%3D%3D
X-YouTube-Ad-Signals
dt=1677862582659&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C248%2C158&vis=1&wgl=true&ca_type=image

Response headers

date
Fri, 03 Mar 2023 16:56:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Fri, 03 Mar 2023 16:56:25 GMT
displayAd.js
a.tribalfusion.com/ Frame D813 		678 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/displayAd.js?dver=0.9&th=7997709702
Requested by
Host: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/SportsNgincom/ROS/tags.js
Protocol
HTTP/1.1
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b40db569827441db5d27ac3ffdcddc0e5ac65a5d2a7c7e4e5e3f5790554a8707

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:26 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
P3P
CP="NOI DEVo TAIa OUR BUS"
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
330
X-Function
153
Last-Modified
Fri, 17 Feb 2023 18:04:49 GMT
Server
cloudflare
X-Reuse-Index
2
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private
CF-RAY
7a2369ae5fdf901c-FRA
Expires
Thu, 01 Jun 2023 16:56:26 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F505 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.winchesterlax.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8790
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Mar 2023 14:29:56 GMT
expires
Sat, 02 Mar 2024 14:29:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6723 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6827f44478fd8b9f2445416e645864d7870c2387600094719970a0a5dd78391a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ztcK4OkYiaGpInYbLRv02A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.winchesterlax.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-ztcK4OkYiaGpInYbLRv02A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 03 Mar 2023 16:56:26 GMT
expires
Fri, 03 Mar 2023 16:56:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 6723 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023030201&jk=3099441113803887&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
pagead2.googlesyndication.com/bg/ Frame F505 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 20:40:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
159352
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14167
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Feb 2024 20:40:34 GMT
j.ad
a.tribalfusion.com/ Frame D813 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7997709702&tagKey=1258583474&site=sportsngincom&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=http%3A%2F%2Fwww.winchesterlax.org%2F&f=1&p=2507305&tKey=aomneMWmYu3sU0XFMZaTPXmR9QSQMrLLk&a=1&adContainerId=richmedia_2&rnd=2508018
Requested by
Host: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/SportsNgincom/ROS/tags.js
Protocol
HTTP/1.1
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
494240582057941c1bf3cc3480a74b51dab4ff6efcf5f287ab6b4a330862bc52

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:26 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
P3P
CP="NOI DEVo TAIa OUR BUS"
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
2448
Pragma
no-cache
X-Function
101
Server
cloudflare
X-Reuse-Index
3
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private, no-cache, no-store, proxy-revalidate
CF-RAY
7a2369af9921901c-FRA
Expires
0
generate_204
tpc.googlesyndication.com/ Frame F505 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?FNnZfQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gpt.js
www.googletagservices.com/tag/js/ Frame D813 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7997709702&tagKey=1258583474&site=sportsngincom&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=http%3A%2F%2Fwww.winchesterlax.org%2F&f=1&p=2507305&tKey=aomneMWmYu3sU0XFMZaTPXmR9QSQMrLLk&a=1&adContainerId=richmedia_2&rnd=2508018
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3b6a5c146a45a56ee6f6aa633570de9c9e5c1cb06b6857cc688a1365af92a4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26805
x-xss-protection
0
server
sffe
etag
"1499 / 339 of 1000 / last-modified: 1677845418"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 03 Mar 2023 16:56:27 GMT
ipg
a4.tribalfusion.com/ Frame D813 		43 B
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4.tribalfusion.com/ipg?ip6=2001:ac8:20:3a00:1011:aa2a:49ac:3959&kv=%7B%22ord%22%3A%20406939292%2C%20%22clientID%22%3A%20565943%7D
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Mar 2023 16:56:27 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a2369b10e339948-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pubads_impl_2023022801.js
securepubads.g.doubleclick.net/gpt/ Frame D813 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ccd9121a14b7d9a66e942de02634cb4058f3b8faa32ae268a14fb6a8fe301d4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 15:48:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
263305
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132270
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 09:36:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 28 Feb 2024 15:48:02 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame D813 		43 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.winchesterlax.org
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ef3c302ffee0bea215e9243db4836b5fd7ac36b6fb9424a9024898fd9a4b0c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
x-xss-protection
0
expires
Fri, 03 Mar 2023 16:56:27 GMT
integrator.js
adservice.google.de/adsid/ Frame D813 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.winchesterlax.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D813 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.winchesterlax.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame D813 		53 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=734920738298015&correlator=3657012994811776&eid=31072020%2C31072701%2C31072801&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fif&iu_parts=5727661%2CDesktop%2CTribalFusion_Passback_SNN_ROS_728x90_ATF&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=4234887178&sfv=1-0-40&eri=2&sc=0&cookie=ID%3D3eb743418f7c25f4%3AT%3D1677862585%3AS%3DALNI_MaGTWx4X60Iljry-j_yNbiuKBbLJA&gpic=UID%3D00000bbee1384ac1%3AT%3D1677862585%3ART%3D1677862585%3AS%3DALNI_MafGU0HcSdvPnDqdSEU9UPdxWZzzQ&abxe=1&dt=1677862587239&lmt=1677862587&dlt=1677862585709&idt=1478&adxs=436&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=djajl5ey6bj8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&nhd=1&url=http%3A%2F%2Fwww.winchesterlax.org%2F&ref=http%3A%2F%2Fwww.winchesterlax.org%2F&top=http%3A%2F%2Fwww.winchesterlax.org%2F&frm=23&vis=1&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1378022186.1677862582&ga_sid=1677862587&ga_hid=2014301631&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
244e386590218438ddc7baf79b886152642f0523be70788c8c1daed9d45785a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21554
x-xss-protection
0
google-lineitem-id
5168439498
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138265497076
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.winchesterlax.org
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
04ccc222d058f53913b2334b5fe7f8c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 12F0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://04ccc222d058f53913b2334b5fe7f8c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.winchesterlax.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Mar 2023 16:56:27 GMT
expires
Sat, 02 Mar 2024 16:56:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
p.media
a.tribalfusion.com/ Frame 9F78 		211 B
1014 B 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=aHmU0hRUjt1E3t4q3l4ar1oTJH1bj7TtFXmPUKnVUnmHML3T3k3dmo4mbFpbnH0GMX1s320GvupEnT3FU2WrjDUPnVPajYScFoStfr0WBuVmbx4cn2YFYZaVmmw46Zb8PAnA4WYr1WMZbpdAo4PMP5s39Vc38Vc77S6QmUdFWWrbP3r2pUqYvWqY6PTYZbRsQLRrAsRtQbVcMS5rqsmtqO0qep4dvgQsrZavUmIS8vroWQPqBZdRds&mediaDataID=6347136&mediaName=frame.html
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3501c9a5c64d8a268826e5fe44a12826d226742e23d69447eff6b387ea6d0253

Request headers

Referer
http://www.winchesterlax.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7a2369b29c59901c-FRA
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 03 Mar 2023 16:56:27 GMT
Expires
0
P3P
CP="NOI DEVo TAIa OUR BUS"
Pragma
no-cache
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Function
102
X-Reuse-Index
4
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
a.tribalfusion.com/ Frame F098 		322 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=aImU0hTTQcSTYZbSVfZdQbqmPHY7WGrV5UXxmtIqXa2u4dnZbQVbD46JLpWEOVHFe0bMi1FBf0aqqPrBHUFQSWHU0obBvPrMm1EZbp3Tfa5EYRmEMAXrBaUWbWoArBns7modbD5EYh2tZap3AbGmFYZbXGYS1cQY1Gbomaj23UFVTFfZcWP75REQQPsnrPWfy0WvnT63y2Gn2YbUZdUAut4AZbeR6MK4WQ00dBAVCbMNb6PvsjQrbOsXB&mediaDataID=5436426&mediaName=frame.html
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f7100fe126232273e0bbbf6062f736694a8a2631a22c1c55e047abc07532b8f

Request headers

Referer
http://www.winchesterlax.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7a2369b2b8be9055-FRA
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 03 Mar 2023 16:56:27 GMT
Expires
0
P3P
CP="NOI DEVo TAIa OUR BUS"
Pragma
no-cache
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Function
102
X-Reuse-Index
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
a.tribalfusion.com/ Frame 52A1 		307 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=aJmU0hScUqStZbyYdfqVmQw4sZb5YrnJUATw4An9PmJB4WYM0HQZdnt2N4P303cveVc3lUsbeRPFxWtZbWUbjP2UArUaMxVqB8STJKQVjCQUAvRW79WVvP5rqqodeOXEev2HfFSG7G5mrKmdEyUdj8XbYd1UZbi1aeNSU3ZdUUBYTtQWmbQmRUBN1qYq3Ejf5E71oTFHYFb6TtbTnmMZanV7wmHfJ5EQE3HmNubAJPmEZbNGf7ycZd2wW&mediaDataID=8039566&mediaName=frame.html
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b043fbba33e9391de334bea6ad1cf2a844f78e4b8f6f9f71893231b03053d72

Request headers

Referer
http://www.winchesterlax.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7a2369b2bd552bcf-FRA
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 03 Mar 2023 16:56:27 GMT
Expires
0
P3P
CP="NOI DEVo TAIa OUR BUS"
Pragma
no-cache
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Function
102
X-Reuse-Index
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
a.tribalfusion.com/ Frame 6BD1 		273 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=aKmU0h1E3r3TZbl2qv1mTjB1r7aTHJRnAQBnV3noW3C5EY93d6n5PvKmFvH0VMX1cQTXV7xnTvW5FZbVVU7ZcVmMYRTrSQGFnSt3wYtFuWA3p2cB0XbUKUA2r2PQePPMA2tBrXWUKmd6O363Y4GQ9TcvaUcfjSPYnTWQ5UrM05bEuWajoTTMlPqvZbScYKQUumPHY9WcUV5rutnW6oXaep4dbZdSGff4AJHUC7prRm8NbfUpHRQYt&mediaDataID=6530936&mediaName=frame.html
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c762e8360fc1a1c5340738087764ab026a964d7e1c8d0424da43035ca8de9c2e

Request headers

Referer
http://www.winchesterlax.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7a2369b2bc8e914c-FRA
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 03 Mar 2023 16:56:27 GMT
Expires
0
P3P
CP="NOI DEVo TAIa OUR BUS"
Pragma
no-cache
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Function
102
X-Reuse-Index
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
a.tribalfusion.com/ Frame BC6F 		379 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=aLmU0hSTYZaQVJJRbirPWjbUVQR2UusndZaOXaTu2tQESG7Zc46YIotXmUdZbe0rMi1UZb7XqitRbJEWFJYVdYWnFZbsRFbyYaZbO3T3h2a3RnqFIYbUcUtbVn67ZcpGMwotfD3aBh5taq4AFLprvEYsUSYcr5XGjNmTb32bQ4VFnEUAvTPTb0ScvMPWjw0WBwWAbw4sv0XbMKUAqs56YbPmMK4WZbOXW3bnW2ouFuVNpZa9ocJVmqWyeo&mediaDataID=6546596&mediaName=frame.html
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fca29ae80c91a18114de8a28c91ecacaf99424a37cd09ec0faa58ba83e5e060b

Request headers

Referer
http://www.winchesterlax.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7a2369b2bbf9bbf1-FRA
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 03 Mar 2023 16:56:27 GMT
Expires
0
P3P
CP="NOI DEVo TAIa OUR BUS"
Pragma
no-cache
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Function
102
X-Reuse-Index
3
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
a.tribalfusion.com/ Frame 21DE 		445 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=ammU0h2av1oTbCYb76TdBQoA3CmcrrptQJ3Tng3dEr3AjEnbrLXVfVXVYUXVjppTj25F3VVFnHUPf4PTrQPVQmSdFt1WnwT6jy4sMUYrrDT6ir46rcQmfF4WQO0dBKnHPu36US4sQdVcUjVVBhRPrxWdQRTr7S2UIwWqjpTTQlQEBZcQVbCQUIpPWQ9VsbV2FXqmWEsYEmO3WnCQVrZa2mJHmdEYTdQhOAP7uPugyaqGoe0Uw6&mediaDataID=6719746&mediaName=frame.html
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28f22a58392e9794727076758c2f157ddee3a1e6632009d1f7a3617c456cd744

Request headers

Referer
http://www.winchesterlax.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7a2369b2be21bbeb-FRA
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 03 Mar 2023 16:56:27 GMT
Expires
0
P3P
CP="NOI DEVo TAIa OUR BUS"
Pragma
no-cache
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Function
102
X-Reuse-Index
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
a.tribalfusion.com/ Frame 019E 		262 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=aomVCGT6Mw4sY0XbBIU62p2PraQPnB3HrO0HMLntev36U15cMbTsJ7VV77PAQnWdQ5Wbb03b2nUabpVEYlPa3IQGBAPraoPHf9UVY55bXxmtqtYqXy2HrASG7Zd5mFLmtTyUWB9YrY81UBgXTiMRFQBTbrSVHJXnFFpQU7NYavm5aYh4Ef0oTbIYbU9WH7Xn6fZdmVQvoHUE5EY72dZar4AjJnbULXc3P1cFVXGvnnb3U5UEvpQZaCmEqqRHvgcLL3Zdv&mediaDataID=5578346&mediaName=frame.html
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b7f9d94e37b4b1309c6abdfc979033222a28e1c4189e806a0b3aefe3d8f02d5

Request headers

Referer
http://www.winchesterlax.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7a2369b41de1901c-FRA
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 03 Mar 2023 16:56:27 GMT
Expires
0
P3P
CP="NOI DEVo TAIa OUR BUS"
Pragma
no-cache
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Function
102
X-Reuse-Index
5
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
a.tribalfusion.com/ Frame 7FFC 		199 B
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=apmU0hoTbB1rZb6WWjUoPbIpGQsmW3H3Tr73dZar5PZbZbprnGXVvUYsF01sbopEj35UQ4TUfEWA73RTj1Qs3MPHJuYdfwV6vv4sJ00UnDUPTw4AZbdPAjJ3WMmXW3AnW2u5AZbS3sv6Ucr6Uc78S6vxUdrTWrf52bAxVEvxVTJbSTYFSGQJRrZavSHU7VGY35b6oodZamXEXw3WMDPs7B46JHmdXyVWZbZcXUfkNm6ix7UqqbJsu9uHsF&mediaDataID=7665496&mediaName=frame.html
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
587eda62f8cab72e7daf2c7b41bf2c1029772bc4bf5b96c6834c91cb2e89016a

Request headers

Referer
http://www.winchesterlax.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7a2369b41dcdbbf1-FRA
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 03 Mar 2023 16:56:27 GMT
Expires
0
P3P
CP="NOI DEVo TAIa OUR BUS"
Pragma
no-cache
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Function
102
X-Reuse-Index
14
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
a.tribalfusion.com/ Frame D4AC 		300 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=aqmU0hPHvbUVMU4bTmndZas0q2n3WjEQVZbZa46rZaotitVWFfXrv7YFYl1TeNPr3ZcWUUQTdQ3mrQoRFMqYTUy4aJf2qnPmT7B1r3cWHBXn6QBnV7rotYB2ank5tiN5mvZanUfZc0GMPXcv1XGbnmaFW3UrUTFbBVAMWQqnSQcZbtStZbr1dvpT6Qp3VZb4YUnZcUPip2PrdPPZbD3dUp1dUZbnt2o36BY3snZdTVJjmDEjpUaxpdFcxXN57D&mediaDataID=6807466&mediaName=frame.html
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
HTTP/1.1
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a5f087e4490132d6dbd1f24188b1c468618df5df3581790ae6c6a210217c4e

Request headers

Referer
http://www.winchesterlax.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7a2369b49f1d914c-FRA
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 03 Mar 2023 16:56:27 GMT
Expires
0
P3P
CP="NOI DEVo TAIa OUR BUS"
Pragma
no-cache
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Function
102
X-Reuse-Index
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
view
securepubads.g.doubleclick.net/pcs/ Frame D813 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSJHQFef6bdX0J3AZhPqvZtx-4Ui67582ZacPReiYSyWPlfgPgVZji5qvSPQ0DhAUdNNYd3QDVdTwbwPT3XVY-sTeK2Y7BfcMABJXUo9HXBvx4-L2uHdNvqF0pRg_Su9VnUpDeXspBMKoDKVrlx_3gtcFWjf0bxxwO2lzkSxWiMl3sruPVWlssGwhVvjJLKPgh9pEQchXxFGMXThX79krfWLf5lCAQT2T3wG2c2fFZVx1NyKn_HIatbx_jOPxrYaqFibeYMueejMzjOLlHjaLd4KaDaOUsduRjzL3LgVKfx6gsqY3aWpTw9tESueX-Z5lcrPPuWsh8hD9wlxq43tEHas7Nlo9hRcc1YAp_&sai=AMfl-YRQNVllGpZXTmqIgi8txvPwpUZg37NjglAOsudpOe8jPPRcE9-qVf936LSNcRabUHuNIRwpaBYFMwDP2sx8soCXvltZKPoz_S-EPUqngWwT2h25dgnWtXXc-66PEVOq-wJqxGRReMFjbEgFg5E&sig=Cg0ArKJSzO-WB6Gs44hVEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 03 Mar 2023 16:56:27 GMT
truncated
/ Frame D813 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6df2fee9faeacabb45395767b5a1c17c031a32c42d1f5d06d047ffb9baf5c26a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
i.match
s.tribalfusion.com/z/ Frame 9F78
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662249639699288&_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662249639699288&_origin=1&redir=true&verify=true
  • https://a.tribalfusion.com/i.match?p=b17&u=y-NNTQ2CJE2ugDCtWyhupxyy9zk__txAk-~A
  • https://s.tribalfusion.com/z/i.match?p=b17&u=y-NNTQ2CJE2ugDCtWyhupxyy9zk__txAk-~A
43 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b17&u=y-NNTQ2CJE2ugDCtWyhupxyy9zk__txAk-~A
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aHmU0hRUjt1E3t4q3l4ar1oTJH1bj7TtFXmPUKnVUnmHML3T3k3dmo4mbFpbnH0GMX1s320GvupEnT3FU2WrjDUPnVPajYScFoStfr0WBuVmbx4cn2YFYZaVmmw46Zb8PAnA4WYr1WMZbpdAo4PMP5s39Vc38Vc77S6QmUdFWWrbP3r2pUqYvWqY6PTYZbRsQLRrAsRtQbVcMS5rqsmtqO0qep4dvgQsrZavUmIS8vroWQPqBZdRds&mediaDataID=6347136&mediaName=frame.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Mar 2023 16:56:28 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a2369b7cadd9025-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Mar 2023 16:56:28 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
468
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b17&u=y-NNTQ2CJE2ugDCtWyhupxyy9zk__txAk-~A
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a2369b6d9d29025-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0F65 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXDRD7aUM8ioLjBbrmhVZORrq3NP6B4_krogu5ZARB5_Z0Kn2UM--lCPiTKbIdD15PsINu1KkKrfKxoe851RVSX_b1yqitYq_VypeYzcbU-eFfXKIQHz9cnAeRu8a6xNCum-qoPA_c27kfXevR2xi1xl1fucrf66lZNuHNzwx1ejaTqXhLxugfdECRxpQhvyDM55-AuhZ3bmVrIB2JnNMzaBLQpfDCPmwkqgQgErdF20TA4WgEHsU-yjs1TjPPgTEBvnNAfg9odVceK2Yc23APr0dBP9LA47FKkgqVmuvIwPsbckEOJEhHEbEQJJYuc73PLhzORmglYQr5jTJoIZHEOElqm-jzdPHu99A1AkXfaNBCIbwFtV8mrw&sai=AMfl-YQiYSYyjw5nLPXZpZRhZRHgCniynbPxE11jMefHgURSAoCy4pN8bmX9PSwwX18X3kTVLLL9DwCKnt2iW6N7xaATcyGdDXcsYn87E5atKV9fSMtOla84e3YEeMd6WQ&sig=Cg0ArKJSzFC6Aa5LeedCEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.winchesterlax.org
URL: http://www.winchesterlax.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame 0F65 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 18:29:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
80816
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9103
x-xss-protection
0
server
cafe
etag
315661852888499207
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Mar 2023 18:29:31 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 0F65 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 08:21:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
30924
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Mar 2023 08:21:03 GMT
l
www.google.com/ads/measurement/ Frame 0F65 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/ads/measurement/l?ebcid=ALh7CaRWN4mwYDIJM8CxzdrC-kLfBsA-9L-yZn9QViDRcP7uAPg0X2Tt12rStbWfnMcds4AFQk9r5Hw4sh6QRIWT-Y5G113EAA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0F65 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677673803517815"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Mar 2023 16:56:27 GMT
7744563085497270634
tpc.googlesyndication.com/simgad/ Frame 0F65 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7744563085497270634
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0eeb629a7ed433d033e73021ff45ad3243e6bfaf72051c8edab63e2e0c57f14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 22:53:01 GMT
x-content-type-options
nosniff
age
237806
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36058
x-xss-protection
0
last-modified
Sat, 23 Mar 2019 00:52:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Feb 2024 22:53:01 GMT
cm
us-u.openx.net/w/1.0/ Frame BC6F 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aLmU0hSTYZaQVJJRbirPWjbUVQR2UusndZaOXaTu2tQESG7Zc46YIotXmUdZbe0rMi1UZb7XqitRbJEWFJYVdYWnFZbsRFbyYaZbO3T3h2a3RnqFIYbUcUtbVn67ZcpGMwotfD3aBh5taq4AFLprvEYsUSYcr5XGjNmTb32bQ4VFnEUAvTPTb0ScvMPWjw0WBwWAbw4sv0XbMKUAqs56YbPmMK4WZbOXW3bnW2ouFuVNpZa9ocJVmqWyeo&mediaDataID=6546596&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Mar 2023 16:56:27 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023030201&jk=3099441113803887&bg=!wcKlwpbNAAbv3-2Ez987ADkAdvg8WnJHwXy13MuzAPHoVlWChsZqmyS1V5Kpnz9NTBK63YkwJDybPrWlKtYY1bXp7H2pPTkZqywCAAAA_FIAAAANaAEHmQKuPw3qdFooymIa4kzdfiLKPcXMyNx-11r36C0LQRCyfnDCkjrmoU3btHBqoYsbDyA5aOfeto1QF29kTndx2yB3vv_qdasjMdL7pb0f2B99kEPofmdvqa2-qBS53hHQcg69mvBZuZq8mOqhAR6lpJx0CmvQajJnLoQhil03l0_feqI9cBFK6bRMYAEwdHyYp_247feD7tHOgdsmFiVo32bk4tHoF0UC7aEEmTvYaYf0X3SK-bfwwmytBJhdlZR4yIKFQ2okp8a4y1QjEs2JUMBANPOqGc52G6P9NoMFmZR_nxwtPJt4SG2lEtydfFDeLCxxZsXQwJfmRKNq2elCTocUOIlXvI76liRhFIQ_sX2qrDVWMmtvpSPP8WecwUb9nwpuzdlQgXA6MfNc9t5r5zUcGVT-_pUs9V8D3Z7aVyFBefVkX7_dqHBGQFf2ENaQv9JxWHNfKO9CGb452wcT2sG7dpdv6GyEHErv1SwKW_a34v0BbnrcK3QSdWJRip8b4cACsc4lwG32X0a-fTNVz0fZUDMawAuDn9-WWL7mwt67a9UVxoukGYauNSO_3MXw0JUEstY8AOUZKRBjDi5gBz_Dw8A2-SDRQOULI4u3mQphP5p9KNpuHlLrKPhhG77pBTUCJdWRC3sdVT3oXPqPORBpj-NkgCtXvT0O3ukqhaFQLIuP6bIZXSrwmKGIduXMVtgTPFrQsLNp-7O12-i7JGSQNM0xLTwAyuirUZ6LnNikZ2fLn7LFZD0brbk1GfDVDiKbQszgoG7fpfvgBqY77NZ2UqYtCsQ-Nz9is6t4xJkn07aNCiBeqGsZzVHrTyHEI97Fn0fBSoE2hHAzG4UxFu1vnZHZGdrNaTtVatcFwRWJUMEQDkE1Cc5iEPWilymfwtKZUEOL9J1dxygjqKR0o8w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
i.match
s.tribalfusion.com/z/ Frame 6BD1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662249639699288&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&cm_dsp_id=131&external_user_id=18072662249639699288&C=1
  • https://a.tribalfusion.com/i.match?p=b20&u=ZAImu9RdGBy0aHypvdHIoAAA
  • https://s.tribalfusion.com/z/i.match?p=b20&u=ZAImu9RdGBy0aHypvdHIoAAA
43 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b20&u=ZAImu9RdGBy0aHypvdHIoAAA
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aKmU0h1E3r3TZbl2qv1mTjB1r7aTHJRnAQBnV3noW3C5EY93d6n5PvKmFvH0VMX1cQTXV7xnTvW5FZbVVU7ZcVmMYRTrSQGFnSt3wYtFuWA3p2cB0XbUKUA2r2PQePPMA2tBrXWUKmd6O363Y4GQ9TcvaUcfjSPYnTWQ5UrM05bEuWajoTTMlPqvZbScYKQUumPHY9WcUV5rutnW6oXaep4dbZdSGff4AJHUC7prRm8NbfUpHRQYt&mediaDataID=6530936&mediaName=frame.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Mar 2023 16:56:28 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a2369b7cadc9025-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Mar 2023 16:56:28 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1070
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b20&u=ZAImu9RdGBy0aHypvdHIoAAA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a2369b6c9ca9025-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame F098
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b10&u=18072662249639699288&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
  • https://s.tribalfusion.com/z/i.match?p=b10&u=18072662249639699288&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
  • https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662249639853032&expires=180
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662249639853032&expires=180
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aImU0hTTQcSTYZbSVfZdQbqmPHY7WGrV5UXxmtIqXa2u4dnZbQVbD46JLpWEOVHFe0bMi1FBf0aqqPrBHUFQSWHU0obBvPrMm1EZbp3Tfa5EYRmEMAXrBaUWbWoArBns7modbD5EYh2tZap3AbGmFYZbXGYS1cQY1Gbomaj23UFVTFfZcWP75REQQPsnrPWfy0WvnT63y2Gn2YbUZdUAut4AZbeR6MK4WQ00dBAVCbMNb6PvsjQrbOsXB&mediaDataID=5436426&mediaName=frame.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 03 Mar 2023 16:56:28 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
499
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662249639853032&expires=180
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a2369b76a6d9025-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame 21DE
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726622496...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726622496...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662249639699288&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_U...
  • https://a.tribalfusion.com/i.match?p=b11&u=4A05C30D-27E2-49A0-BA9F-E51A3B9A4A7C
43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b11&u=4A05C30D-27E2-49A0-BA9F-E51A3B9A4A7C
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=ammU0h2av1oTbCYb76TdBQoA3CmcrrptQJ3Tng3dEr3AjEnbrLXVfVXVYUXVjppTj25F3VVFnHUPf4PTrQPVQmSdFt1WnwT6jy4sMUYrrDT6ir46rcQmfF4WQO0dBKnHPu36US4sQdVcUjVVBhRPrxWdQRTr7S2UIwWqjpTTQlQEBZcQVbCQUIpPWQ9VsbV2FXqmWEsYEmO3WnCQVrZa2mJHmdEYTdQhOAP7uPugyaqGoe0Uw6&mediaDataID=6719746&mediaName=frame.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Mar 2023 16:56:28 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a2369b7eafb9025-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://a.tribalfusion.com/i.match?p=b11&u=4A05C30D-27E2-49A0-BA9F-E51A3B9A4A7C
date
Fri, 03 Mar 2023 16:56:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 52A1
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b24&u=18072662249639699288&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24
  • https://s.tribalfusion.com/z/i.match?p=b24&u=18072662249639699288&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662249639849014
0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662249639849014
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aJmU0hScUqStZbyYdfqVmQw4sZb5YrnJUATw4An9PmJB4WYM0HQZdnt2N4P303cveVc3lUsbeRPFxWtZbWUbjP2UArUaMxVqB8STJKQVjCQUAvRW79WVvP5rqqodeOXEev2HfFSG7G5mrKmdEyUdj8XbYd1UZbi1aeNSU3ZdUUBYTtQWmbQmRUBN1qYq3Ejf5E71oTFHYFb6TtbTnmMZanV7wmHfJ5EQE3HmNubAJPmEZbNGf7ycZd2wW&mediaDataID=8039566&mediaName=frame.html
Protocol
H2
Server
188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ingress-03-pub-prod-ix7.vip.dailymotion.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-dm-lb-name
ingress-nginx-nginx-in-cluster-4wqvp
date
Fri, 03 Mar 2023 16:56:28 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 03 Mar 2023 16:56:28 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
92
content-type
text/html
location
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662249639849014
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a2369b76a6c9025-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D
dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662249639699288&redir=https%3A//a.tribalfusion.com/ Frame 019E 		0
0
i.match
s.tribalfusion.com/z/ Frame 7FFC
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662249639699288
  • https://a.tribalfusion.com/i.match?p=b23&u=219383204444002518232
  • https://s.tribalfusion.com/z/i.match?p=b23&u=219383204444002518232
43 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b23&u=219383204444002518232
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=apmU0hoTbB1rZb6WWjUoPbIpGQsmW3H3Tr73dZar5PZbZbprnGXVvUYsF01sbopEj35UQ4TUfEWA73RTj1Qs3MPHJuYdfwV6vv4sJ00UnDUPTw4AZbdPAjJ3WMmXW3AnW2u5AZbS3sv6Ucr6Uc78S6vxUdrTWrf52bAxVEvxVTJbSTYFSGQJRrZavSHU7VGY35b6oodZamXEXw3WMDPs7B46JHmdXyVWZbZcXUfkNm6ix7UqqbJsu9uHsF&mediaDataID=7665496&mediaName=frame.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Mar 2023 16:56:28 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a2369b80b099025-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Mar 2023 16:56:28 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
624
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b23&u=219383204444002518232
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a2369b71a159025-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame D4AC
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b22&u=18072662249639699288&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24
  • https://s.tribalfusion.com/z/i.match?p=b22&u=18072662249639699288&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24
  • https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662249639848842
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662249639848842
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aqmU0hPHvbUVMU4bTmndZas0q2n3WjEQVZbZa46rZaotitVWFfXrv7YFYl1TeNPr3ZcWUUQTdQ3mrQoRFMqYTUy4aJf2qnPmT7B1r3cWHBXn6QBnV7rotYB2ank5tiN5mvZanUfZc0GMPXcv1XGbnmaFW3UrUTFbBVAMWQqnSQcZbtStZbr1dvpT6Qp3VZb4YUnZcUPip2PrdPPZbD3dUp1dUZbnt2o36BY3snZdTVJjmDEjpUaxpdFcxXN57D&mediaDataID=6807466&mediaName=frame.html
Protocol
H2
Server
54.171.3.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-3-192.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-served-by
beacon-n015-dub-prod.krxd.net
date
Fri, 03 Mar 2023 16:56:28 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1677862588
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 03 Mar 2023 16:56:28 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
92
content-type
text/html
location
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662249639848842
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a2369b78a8b9025-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/ Frame 0F65 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4bd86b83f33e518d08f9bea8d9a7a679f676f6d4d8108d33bc5f64ef596a9169

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 0F65 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuybG4Db4A81tTVJgH3olZOSC3eAuCesNP61RQcI-mUyS2BXfvBLlcd_lRet-b3QjtOEorWXoS7QaA566njpyYshgzPz0UbC9zmazHEzjgvfufEsEVA39d_6H_tMHm1tdg_Q5tNIlNyZU16Ace1wNcX1pxtI8CI7zyDNC5rcXdGuz3xh_nCLxNabEGulXP5VkGcynyFXXi0emrmYNs5QCEuz6l3I6L7A_URRvxZgwKYCoxXFCEtTow23OOHIwtPulxzkIZEej0RYi0IGc2zBDEsDK4NgQ8INaczbSm8PsWoZRgtziVuxBv2xPrVE9dc3H6vS-NRpJo7Ol3UOdbpSdKd0n8-ozlEGKc8yoS6CzHtw5zCAhnZQmI2KvZL&sai=AMfl-YRHpwkefBcuIDyrj49AEULti0sy6QgEcbWbpFqm9s1NEzciTlzThdC5mj4WxfCKF62in3KWXrkhQuA9JByIJkUxcILl6ot2VzqycECZruFrvmxAKY2VQtUHM024OQ&sig=Cg0ArKJSzCD43hVlbMRCEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 03 Mar 2023 16:56:27 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9F77 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/prebid/didna_prebid.js.gz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
http://www.winchesterlax.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
35051
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 03 Mar 2023 16:56:28 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 27 Feb 2023 06:34:24 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
27, 446368
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220023-HHN
X-Timer
S1677862588.369374,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 5861 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/prebid/didna_prebid.js.gz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
http://www.winchesterlax.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 03 Mar 2023 16:56:28 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 45B1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cQGneY9Z4r6BaCaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/prebid/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

Referer
http://www.winchesterlax.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Fri, 03 Mar 2023 16:56:29 GMT
server
33XP004
x-33x-status
2000208
bounce
ib.adnxs.com/ Frame 9F77
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Mar 2023 16:56:28 GMT
AN-X-Request-Uuid
7936ee03-8016-4185-85de-814ff4db5cca
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.29; 217.64.151.29; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 03 Mar 2023 16:56:28 GMT
AN-X-Request-Uuid
41bc33d9-b5e6-4d32-8a17-c8bb5e053cec
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.29; 217.64.151.29; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 5861 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6ca76b196ae1c1401fcc70d48123310a800224e9639181fb207241fabe7ef709

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 16:56:28 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Mar 2023 13:28:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=73932
Connection
keep-alive
Content-Length
10006
Expires
Sat, 04 Mar 2023 13:28:40 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D813 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFqDrCYa-Lk8V5ZQ_Aw3Fj7fgIp39Td2jV1YiTJq_vUP_Wu9fj-_IWx1ikh4D069MYo4vI-ay6oBklyZ1WGSqXGjhctkm0mIZrUaV9e73lhIoM7fRP&sig=Cg0ArKJSzCwj_iGBsKZVEAE&id=lidar2&mcvt=1015&p=1110,436,1200,1164&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20230301&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2709129966&rs=4&la=0&cr=0&vs=4&r=v&rst=1677862585709&rpt=1674&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Mar 2023 16:56:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 5861
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/x-DniCAGuFkcM_DJ1yYUXg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pj8TKvtE2oLDZ1uHdhsrO2SCz1G64zo6kYtyYg--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pj8TKvtE2oLDZ1uHdhsrO2SCz1G64zo6kYtyYg--~A
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 03 Mar 2023 16:56:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pj8TKvtE2oLDZ1uHdhsrO2SCz1G64zo6kYtyYg--~A
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame 5861 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 03 Mar 2023 16:56:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 5861
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDExMWYwMzFlN2NjOWYwOTQxYjc2ZjkyYzAyMDY3MzQ1YWJkNzk4Yw
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDExMWYwMzFlN2NjOWYwOTQxYjc2ZjkyYzAyMDY3MzQ1YWJkNzk4Yw
Protocol
H2
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Mar 2023 16:56:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDExMWYwMzFlN2NjOWYwOTQxYjc2ZjkyYzAyMDY3MzQ1YWJkNzk4Yw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 5861
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDG1aB6AJmRDELJnRhGn_K4&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDG1aB6AJmRDELJnRhGn_K4&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 03 Mar 2023 16:56:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDG1aB6AJmRDELJnRhGn_K4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 5861
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_Lyfo4YAQ9StQBD6-k9WZw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_Lyfo4YAQ9StQBD6-k9WZw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_Lyfo4YAQ9StQBD6-k9WZw
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Mar 2023 16:56:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KVAR40TKHFF5FQWKX2ZP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_Lyfo4YAQ9StQBD6-k9WZw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5861
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WLTt0pT9RJ-hFIdDNW7TjQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WLTt0pT9RJ-hFIdDNW7TjQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WLTt0pT9RJ-hFIdDNW7TjQ
Protocol
HTTP/1.1
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Mar 2023 16:56:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
P0F24P8N4DM6DRG9W6SD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WLTt0pT9RJ-hFIdDNW7TjQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 5861
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVTUzI3UlAtVC01OUxH
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVTUzI3UlAtVC01OUxH
Protocol
H2
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Mar 2023 16:56:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVTUzI3UlAtVC01OUxH
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 5861
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LESS27RP-T-59LG
0
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LESS27RP-T-59LG
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:56:28 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 0F6567C65EE3424DAF92D8914696D0DF Ref B: FRAEDGE1520 Ref C: 2023-03-03T16:56:28Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX2AdOVam9c6yFmketLWg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LESS27RP-T-59LG
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
activeview
pagead2.googlesyndication.com/pcs/ Frame 0F65 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvBgWRiNhguhfYbuB3tb1NsLF5B6-gjec2bTXi0bRN6eKyTDR_690_qA4WbMZCHTR5yG34lSybuGs10TRyEhD98rGmcbAOyNvvF9nfu6h-WvP_itA_&sig=Cg0ArKJSzIl9G3xA4j9kEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230301&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4234887178&rs=4&la=0&cr=0&vs=4&r=v&rst=1677862587608&rpt=322&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.winchesterlax.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Mar 2023 16:56:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 9F77 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Mar 2023 16:56:29 GMT
AN-X-Request-Uuid
18fce484-7055-400c-b293-3871dc5a7384
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.29; 217.64.151.29; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662249639699288&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 boolean| credentialless object| wInst boolean| bOpen object| imgPlay object| imgPause number| slideShowSpeed number| crossFadeDuration object| engine function| $ function| jQuery object| jQuery110203823793615793767 function| auth function| nagPopover function| trackOutboundLink string| GoogleAnalyticsObject function| ga function| apiLoader function| moment object| Modernizr function| Galleria object| dataLayer number| assocID string| sessionID function| menuOn function| menuOff object| googletag string| trk_title string| trk_requestHost string| trk_path function| fetchTitle number| logedIn function| closeCommentary function| setCookie function| gotoSecureURL function| growl function| ElevioOpenModule object| ELEVIO_MODULE function| searchFocus boolean| gTopBarHasFocus function| setDropdowns string| em string| ename string| addthis_pub object| addthis_share function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto function| parseDateTimeValue function| logEvent function| dismisPrivacy function| loadMasonry function| showResult boolean| ajaxBusy function| xmlhttpPost function| setCloaked function| postscribe object| google_tag_manager_external object| google_tag_manager object| addthis_config object| usPrivacyVar undefined| usPrivacy string| csUCFR object| _comscore boolean| __@@##MUH object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| COMSCORE function| udm_ object| ns_p function| getdidnaLOC function| getUrlParameter function| appendStyle function| removeSticky function| addSticky object| didnaLOC function| getMediaLayout string| tfStatus object| tfPassback object| DIDNA_CONFIG object| DIDNA_PLACEMENTS string| gtm_key object| gtmBannedIds object| gtmBannerUrls object| bannedUrls boolean| onBannedUrl string| assocIDCHECK object| assocIDOFF boolean| stickyStyleAdded string| poly object| didna object| pbjs object| _LTracker function| didna_ajax_setup function| pbjsChunk object| _pbjsGlobals object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| e9PageData object| google_image_requests

40 Cookies

Domain/Path Name / Value
www.winchesterlax.org/ Name: News6530
Value: 3/3/2023
www.winchesterlax.org/ Name: TargetPage6530
Value: %2FDefault%2Easp
www.winchesterlax.org/ Name: __atuvc
Value: 1%7C9
www.winchesterlax.org/ Name: __atuvs
Value: 640226b6a3f6b067000
.addthis.com/ Name: uvc
Value: 1%7C9
.winchesterlax.org/ Name: _ga
Value: GA1.2.1378022186.1677862582
.winchesterlax.org/ Name: _gid
Value: GA1.2.1952050382.1677862582
.winchesterlax.org/ Name: _gat
Value: 1
.youtube.com/ Name: YSC
Value: gc_8yzyG3T4
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: -PhVMx8WaJ4
.addthis.com/ Name: loc
Value: MDAwMDBFVURFU0wyMjkyMTg2MTAwMzAwMDBDSA==
.quantserve.com/ Name: mc
Value: 640226b7-c9e19-27c47-bf8e9
www.winchesterlax.org/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.winchesterlax.org/ Name: _pubcid
Value: 3ec78b80-c8f1-426e-b608-5003c2014ab4
.rubiconproject.com/ Name: khaos
Value: LESS27RP-T-59LG
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB3clMBk1f3OqyAkF7RiBdb4AgvEG2sPPZrw0zLiRRUt4VZlXRH7pENkjSuRvxpFDYwNOD2v00sUuU7LxSmpgHYndo6DNeMwNrKh8Bl7XvGB0Q==
www.winchesterlax.org/ Name: cto_bidid
Value: CrMJ_F9kcE9JelZ2V2M3aWE1VzhjeSUyQlpkY1hKZ1NTbW4weVZGUVVYQ0Vna2xtaGp2QTRLdHpJYkNhblJhSlVZalg4dExwQjNDMjNZeG1ENm1jNFpFSTJ3RjB3JTNEJTNE
www.winchesterlax.org/ Name: cto_bundle
Value: h-RBDF9wa1R6MVVjWVlvNiUyRmFBY0k0Qk84ODElMkJGUEtRbFJjNk04Mm1FT1RKSk1ScExnVHRHaTMlMkIlMkJvT3B6V0lINlVQYVFBZnolMkJTZzFsUkVXalJrVUZhMnQlMkJjdnRocyUyRm9FMGlyYWF2WVNNcjMzTG4ybjFld0hJTFRiQ0kzYndDbCUyRk1TMCUyRg
.winchesterlax.org/ Name: __gads
Value: ID=3eb743418f7c25f4:T=1677862585:S=ALNI_MaGTWx4X60Iljry-j_yNbiuKBbLJA
.winchesterlax.org/ Name: __gpi
Value: UID=00000bbee1384ac1:T=1677862585:RT=1677862585:S=ALNI_MafGU0HcSdvPnDqdSEU9UPdxWZzzQ
.doubleclick.net/ Name: IDE
Value: AHWqTUmV4_DYRPW4FhLw-T0eGMwkDT5e58yNSRvgi-2JFN2F05mjxcTdKyOpxDcEbPA
www.winchesterlax.org/ Name: tfPassback
Value: true
.casalemedia.com/ Name: CMID
Value: ZAImu9RdGBy0aHypvdHIoAAA
.casalemedia.com/ Name: CMPS
Value: 2239
.casalemedia.com/ Name: CMPRO
Value: 2239
.yahoo.com/ Name: A3
Value: d=AQABBLsmAmQCEKjlUDHbvo4ZgNfEDLXGM58FEgEBAQF4A2QMZAAAAAAA_eMAAA&S=AQAAAnGBlhI-aXBLsj38qKm0hEY
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.analytics.yahoo.com/ Name: IDSYNC
Value: 18gs~2ab4
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 4A05C30D-27E2-49A0-BA9F-E51A3B9A4A7C
.agkn.com/ Name: ab
Value: 0001%3ABLxBaBx2qDPWd82B8D5umSf0uig0Vqau
.pubmatic.com/ Name: KRTBCOOKIE_1051
Value: 22884-18072662249639699288
.pubmatic.com/ Name: PugT
Value: 1677862586
.tribalfusion.com/ Name: ANON_ID
Value: aynr6iRwEfES2QVormfaaAoGuJnxc8HI9eJUHYUtUZbhB1mPPl631tXmbZbZa1q4T4PvgB9h9Rh
.krxd.net/ Name: _kuid_
Value: Paa34PHL
.adnxs.com/ Name: uuid2
Value: 3392717291579241018
.linkedin.com/ Name: bcookie
Value: "v=2&e778b208-a3ea-4112-8298-1fae882dbe89"
.linkedin.com/ Name: li_gc
Value: MTswOzE2Nzc4NjI1ODg7MjswMjHOmRbhUYRWt/fWmKm1V5+i8UyHFAhxI7BRWBH3d5kQzw==
.linkedin.com/ Name: lidc
Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2895:u=1:x=1:i=1677862588:t=1677948988:v=2:sig=AQHhFsphUi-3CGB9UK391ihPCOXgFJ0O"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: AyHZbmowLUForE8khyhEOm8

3 Console Messages

Source Level URL
Text
network error URL: https://s3.amazonaws.com/files.leagueathletics.com/Text/images/headlines/light_check.png
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: http://www.winchesterlax.org/images/headlines/light_check.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://www.winchesterlax.org/images/image_holder.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

04ccc222d058f53913b2334b5fe7f8c0.safeframe.googlesyndication.com
9fa75feac1486a765e27619b6d63ec7f.safeframe.googlesyndication.com
a.tribalfusion.com
a4.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
b.scorecardresearch.com
beacon.krxd.net
btlr.sharethrough.com
cm.g.doubleclick.net
code.jquery.com
dpm.demdex.net
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.ytimg.com
ib.adnxs.com
image6.pubmatic.com
jnn-pa.googleapis.com
la-web-assets.s3.amazonaws.com
lockerdome.com
m.addthis.com
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
public-prod-dspcookiematching.dmxleo.com
px.ads.linkedin.com
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s3.amazonaws.com
s7.addthis.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssc-cms.33across.com
ssc.33across.com
static.doubleclick.net
stats.g.doubleclick.net
storage.didna.io
storage.googleapis.com
tags.expo9.exponential.com
token.rubiconproject.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
v1.addthisedge.com
winchesterlax.org
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.leagueathletics.com
www.winchesterlax.org
www.youtube.com
yt3.ggpht.com
z.moatads.com
dpm.demdex.net
s7.addthis.com
104.154.142.214
104.18.13.14
13.32.121.17
13.32.121.21
142.250.180.226
15.197.193.217
151.101.1.108
178.250.1.11
18.156.0.31
18.197.93.99
185.64.189.110
185.64.190.78
185.80.39.216
185.89.210.46
188.65.124.66
2001:4de0:ac18::1:a:3b
23.206.208.114
23.37.42.132
2600:9000:238d:f200:6:44e3:f8c0:93a1
2602:803:c004:200::140
2606:4700::6812:19ad
2606:4700::6812:ddb
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2a00:1450:4001:802::2003
2a00:1450:4001:806::2002
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2001
2a00:1450:4001:810::200a
2a00:1450:4001:813::2004
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2006
2a00:1450:400d:803::2010
2a00:1450:400d:804::2003
2a00:1450:400d:804::2016
2a00:1450:400d:805::2002
2a00:1450:400d:806::200e
2a00:1450:400d:807::2002
2a00:1450:400d:80a::200e
2a00:1450:400d:80d::2008
2a00:1450:400d:80e::2002
2a00:1450:4025:402::9d
2a02:2638::1c
2a02:26f0:dc::213:c513
2a02:26f0:dc::213:c51b
2a05:d018:d29:3602:6398:bc78:96b2:ccd4
34.149.20.76
34.98.64.218
35.227.239.69
46.137.131.3
50.16.246.179
52.216.48.73
52.217.91.14
52.46.151.131
52.94.223.37
54.171.3.192
67.202.105.24
69.173.144.138
69.173.144.165
69.192.161.152
007f73ba9534e82182d6318dd0164ad724f1fbd034d75f478c5a782fb52086e6
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05133ea0cca7437d914451446b248c01060c2e903ebfe12ecf797466c92afe97
0b043fbba33e9391de334bea6ad1cf2a844f78e4b8f6f9f71893231b03053d72
0b7f9d94e37b4b1309c6abdfc979033222a28e1c4189e806a0b3aefe3d8f02d5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0c79154d62b41f9ff8b5df1755ffc6189be8aead29bf110238845e9c364d0065
0f3ffa7f0b928b893a75953b1b233b2bf8dc84f94851a6d24225a59d862c270b
14a17f95640a0471866ce452ed8d23c82798e64829c0b14fcb4476ec340bd48a
1ba514abf9df84484468ec82dd95057b07ee40c9ef1bc840f06d209486815c91
21a1785463e2400495efcdefd536d599041f50561b1505aaf2166885c1890d5e
230a35a73af726cb64e849df226cabe69ecc7617b1ae89b1d25800efd6c28cb2
244e386590218438ddc7baf79b886152642f0523be70788c8c1daed9d45785a3
284b1b367ccb6fbe3585ab4d8702328f5f4f22171d9a5f2b60c332342ada81b0
28f22a58392e9794727076758c2f157ddee3a1e6632009d1f7a3617c456cd744
2c1b58fb99550d47bd68747098a10d76be37ccc5dafbebb6a024e139351ce6c2
2c97758b1f3e79fd60d897654fd7db9ecb3c76d4170252a62ee2eb7cd9894c5e
2f840763a07b5312fc63528256e33b2b0c49ba19d3ff5a2167d3496236f0afc7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34805f569966870bb1f53f8fc57474f49679b9ce57e9fb6952301938fabfc778
3501c9a5c64d8a268826e5fe44a12826d226742e23d69447eff6b387ea6d0253
3878bb6398bb458a5623218facc58d4c987a00f469a1b30fc9a0a09848c48cd5
38e74de19544de03795e264abcaa31b90e48631fc3c6aa262ee055d0c271f2b4
3b4da1436ad14977544dec0a7de360acc6a4e1f98b1f95a4aca26cddfce34b8d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5
4207718995ce4b662d744f7111babfc498bd6901555b85bd2ccd3ee138723313
423caf5fb9f2c9d7c33fa62130e60c8338f81f2098b345e11c84fba8f90fcd46
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
494240582057941c1bf3cc3480a74b51dab4ff6efcf5f287ab6b4a330862bc52
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a9942129f7e070b6eb2e6800c6ef70b3e9b2ef9caba10886270b1267957069b
4b1b7fd9deafc45cfc3db423df5859c6fbdf7a4d36baddf2612c82f81d56232f
4bd86b83f33e518d08f9bea8d9a7a679f676f6d4d8108d33bc5f64ef596a9169
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5498c886fd478109941b6c9b3597ba7891ab3aa62455238581e3b8bd11e7454b
54b5c9cb0cff8303395c302978135685c6ed659650dd9ef4840f09be6204a4b4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
587eda62f8cab72e7daf2c7b41bf2c1029772bc4bf5b96c6834c91cb2e89016a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59db6bffa1696646aa3b14eda83dae911e3b92441dc86befa0610063381e00d1
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
60be05290d15b4be4393097e375a96297c1908a67fcc0538858715c45ba22f94
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6827f44478fd8b9f2445416e645864d7870c2387600094719970a0a5dd78391a
693b7c07f50088c0bd777e72d17f1cd9126fe735b35be4a29176f52b63eca186
6acbed2b6e9b426a12a97ad036e3fba8908b49a4bf660a9926bb522f2a137cf0
6bb1ab8474e44124d6d91e58bb435f8a70d8176a9b54de52519fdcb439da80c2
6ca76b196ae1c1401fcc70d48123310a800224e9639181fb207241fabe7ef709
6df2fee9faeacabb45395767b5a1c17c031a32c42d1f5d06d047ffb9baf5c26a
6e34d54d41c8bf2cdde656ff8bef8f040dc2df9c7b868168758e74bf80cab6e4
6ef3c302ffee0bea215e9243db4836b5fd7ac36b6fb9424a9024898fd9a4b0c1
73b90835985cc1b0e1b1c7bc34fe5860f19c28d5315ef03b96eb20521ef61644
75202d6c4a60f686cd512d44fba996b02afcc89c6ce0bb19debacb6917b6bb7c
788953ee1092fdd88b00161fdd4ce05c9c728caa6bbe5ca1982b0022824a09a0
79b87df922384438d3c4a7e6f3b2ebaef856e7b2ddc5f15e279dc7167c33553c
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7bb5f0cd03fb2b44d69afb0422d5697eb311ce128e53cfe2b1048563bbcbd7d0
7bb60ef1a204ffe5ba55c3a58eaed043d4630b237d1c5de947a1a28c2fcab908
7cc228ef7147fdd34fc7196fafce61135f5f4f2ceb4715538efb579555911f44
819caf20a98b59edf79abbb9c625bdd6d9d57f52fce7821a7cb041574be96b8d
82efd9f2736985bd4fa8f0d50182a682d4debde20a6e2225faf6fcd4bf70d7e9
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c647f32d32a9c6aec75df4d2741019d74d54425a4f5821a6e8039a508c07c4c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
95639f6cb9f5fed47d630e6ba881faf6c69a9e04a7b25067c24d377eb6393855
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
9c286c1a80773a8c752ffc323aec348776f86ab242a4e58636b87f376e0853b1
9f7100fe126232273e0bbbf6062f736694a8a2631a22c1c55e047abc07532b8f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3b6a5c146a45a56ee6f6aa633570de9c9e5c1cb06b6857cc688a1365af92a4e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a924aaedff33edf135742da7a868f61982fff698a5d2ed55c1d661db0a3824db
a9fded2f535cb3b67bcc739113c2dc6244a03b5e16e4eb93797011bb567ec857
aa30473a739f955f6cb4108f5908f36067309348be0513ea7357ab6544181946
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0d42285977d9297d0cdcd54162e45333e82d7cdfea48f362dde9baab6d8ad85
b0eeb629a7ed433d033e73021ff45ad3243e6bfaf72051c8edab63e2e0c57f14
b254f92c459e67f293ed39e76cf9253d15db8d21d0c51abf794d031d99e0b2a6
b40db569827441db5d27ac3ffdcddc0e5ac65a5d2a7c7e4e5e3f5790554a8707
b4e222ceed7ac22a645ec5c840430489b5be14ca9adca99f141940dc87a0f4ae
bbe9769868e99862bf9858149dc98c70529d3228ef57e277a1d94325948d52ef
bd7158ef42785000c01392658cb59d4b4618dd9e50d96bc539f8ff1467927636
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2d59c9a36c921c829c0e35100664f0d206be63dfc84db080415afec064d41b0
c3395e338134840aa5558b073c466c171803c8150cb6d12af1970126cfed5326
c4bbdf1c7fa1bb5939fdacbde9f5347b9e02848bd1b59255f509ded15858944c
c4ce12cec6a6ff918e2437b098249eb9369a1df752faa170efa848b934a129c3
c552159e6d7a4a42c32a6a20bca5feb0fbead938fd4469abd10253b010cdfadc
c762e8360fc1a1c5340738087764ab026a964d7e1c8d0424da43035ca8de9c2e
c87ca2fa713187975b5da4488716e22ef0a8ae474233746924a3ced8fc71b1ef
c971da8733003f78cd8a2f8436a7c8bdda056e97411ab2c13f6dabec82c2828a
ca02d8a1425ee55bfda5a96d970879232eec31770f3fedaf23f46695e32c5484
cb23a578a888ff383ba230006154f852c45e550e880e333730ef7e6bfd6c9899
ccd9121a14b7d9a66e942de02634cb4058f3b8faa32ae268a14fb6a8fe301d4e
d173ce93ee8d203371620a26f09a80c76f21d7c445fdb21e1957e208aed419ed
d5a5f087e4490132d6dbd1f24188b1c468618df5df3581790ae6c6a210217c4e
d5d08de1aede7f8889a719f4ad492a0ff19ffa068d8f6b9c3d477464b302f172
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
ddb71ae476df1c71a98adb71e462561719124f62ba46cd5a4f319006c81e212e
e042f7b9638fdd28d660eb5a9552b5192f96a1131c0e28c3f63666c9b9deebfe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6622513a0ddf2e6a2c08bb8bcbb93175a090bee61226df03f8b1a17b1390969
ed8bc35837fb39ca688180ed7acb31ef58de4c939131bd37d44d933c61bc229c
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39a1948afb2eb2458272cb7307bea21a52f15482c6fa2284f9d5c1a36615481
f609d7686d219cc85b7d25028a520f24adf63c99be3242c0ba295060a2ff9eb5
f674cf132a8c5d73abd0a7902b05a3f0918886287a6b1672dd0aab2d66b07bab
f707c589d82154ee8ea0d326ad8fb8034d29f5eaaba12f8482f319685bcae0a9
f7fd21b6e0980aada740143417f0af047b4c0e30d5e2d353ca62f14feb2c7459
f835e3c49aa6e6421f1728761cecb75dea22f603dbc03ad4bf3930be33afd477
f901ac542e87b0b218a642541e69729ef1631113e42ea97a2bdc9353db122492
fac708742f1b2a3c6778de1c5535ad1a192df4a62ce6fd5166a1e7ba9cd1629b
fca29ae80c91a18114de8a28c91ecacaf99424a37cd09ec0faa58ba83e5e060b