urlscan.io logo urlscan.io
SecurityTrails logo

www.usabaseball.com Open in urlscan Pro
2606:4700::6812:fe6  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.usabaseball.com/news/topic/womens/stripes-clinch-wntdp-series-with-two-hit-shutout-of-stars?mc\_cid=116e898e6e&m...
Submission: On November 08 via api from SE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 6 countries across 23 domains to perform 37 HTTP transactions. The main IP is 2606:4700::6812:fe6, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.usabaseball.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 1st 2021. Valid for: a year.
This is the only time www.usabaseball.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
10 52.17.185.148 16509 (AMAZON-02)
1 34.248.116.162 16509 (AMAZON-02)
1 15.188.95.229 16509 (AMAZON-02)
1 1 54.75.68.230 16509 (AMAZON-02)
1 1 35.176.195.187 16509 (AMAZON-02)
2 2 35.244.174.68 15169 (GOOGLE)
1 208.100.17.177 32748 (STEADFAST)
2 3 142.250.184.194 15169 (GOOGLE)
1 1 34.247.104.176 16509 (AMAZON-02)
1 1 2600:1901:0:8... 15169 (GOOGLE)
2 2 143.204.98.87 16509 (AMAZON-02)
2 2 54.194.226.253 16509 (AMAZON-02)
8 8 151.101.194.49 54113 (FASTLY)
1 8.39.36.142 26667 (RUBICONPR...)
1 2 2.18.234.21 16625 (AKAMAI-AS)
1 2 185.33.220.241 29990 (ASN-APPNEX)
1 2 35.244.159.8 15169 (GOOGLE)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 2 185.94.180.126 35220 (SPOTX-AMS)
1 2a03:2880:f12... 32934 (FACEBOOK)
1 1 52.35.10.191 16509 (AMAZON-02)
37 16
2    2606:4700::6812:fe6 (United States)

ASN13335 (CLOUDFLARENET, US)
www.usabaseball.com
4    2606:4700::6812:816 (United States)

ASN13335 (CLOUDFLARENET, US)
www.mlbstatic.com
6    2606:4700::6812:1b44 (United States)

ASN13335 (CLOUDFLARENET, US)
builds-cf.webeng-gcp.mlbinfra.com
4    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
10    52.17.185.148 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-185-148.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.248.116.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-116-162.eu-west-1.compute.amazonaws.com
mlb.demdex.net
1    15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
ans.mlb.com
1    54.75.68.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-68-230.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    35.176.195.187 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-195-187.eu-west-2.compute.amazonaws.com
aa.agkn.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    208.100.17.177 (United States)

ASN32748 (STEADFAST, US)
PTR: ip177.208-100-17.static.steadfastdns.net
dp2.33across.com
3    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
1    34.247.104.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com
ml314.com
1    2600:1901:0:8eee:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
fei.pro-market.net
2    143.204.98.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-87.fra50.r.cloudfront.net
ads.scorecardresearch.com
2    54.194.226.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
8    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
2    185.33.220.241 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    52.35.10.191 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
ids.ad.gt
Domain Requested by
10 dpm.demdex.net builds-cf.webeng-gcp.mlbinfra.com
8 sync-tm.everesttech.net 8 redirects
6 builds-cf.webeng-gcp.mlbinfra.com www.usabaseball.com
builds-cf.webeng-gcp.mlbinfra.com
4 fonts.gstatic.com builds-cf.webeng-gcp.mlbinfra.com
4 www.mlbstatic.com www.usabaseball.com
builds-cf.webeng-gcp.mlbinfra.com
3 cm.g.doubleclick.net 2 redirects
2 sync.search.spotxchange.com 1 redirects
2 us-u.openx.net 1 redirects
2 ib.adnxs.com 1 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 sync.crwdcntrl.net 2 redirects
2 ads.scorecardresearch.com 2 redirects
2 idsync.rlcdn.com 2 redirects
2 www.usabaseball.com www.usabaseball.com
1 ids.ad.gt 1 redirects
1 www.facebook.com
1 image2.pubmatic.com
1 pixel.rubiconproject.com
1 fei.pro-market.net 1 redirects
1 ml314.com 1 redirects
1 dp2.33across.com
1 aa.agkn.com 1 redirects
1 cm.everesttech.net 1 redirects
1 ans.mlb.com builds-cf.webeng-gcp.mlbinfra.com
1 mlb.demdex.net builds-cf.webeng-gcp.mlbinfra.com
37 25
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-02-01 -
2022-01-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
ans.mlb.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.usabaseball.com/news/topic/womens/stripes-clinch-wntdp-series-with-two-hit-shutout-of-stars?mc\_cid=116e898e6e&mc\_eid=d03cef87e4&mc\_cid=025be6e1fa&mc\_eid=UNIQID
Frame ID: 93AEF3DBD477B96F3A62616DA409CD45
Requests: 19 HTTP requests in this frame

Frame: https://mlb.demdex.net/dest5.html?d_nsid=0
Frame ID: A0DD17EC25DBDBA5303538C22C05F8E1
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 Error - Page not found | USA Baseball

Page Statistics

37
Requests

54 %
HTTPS

24 %
IPv6

23
Domains

25
Subdomains

16
IPs

6
Countries

439 kB
Transfer

1137 kB
Size

31
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://cm.everesttech.net/cm/dd?d_uuid=41088977953193496502743884807758368422 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YYmQoQAAAL4lkQP0
Request Chain 19
  • https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=41088977953193496502743884807758368422 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=21&dpuuid=164870703964000503455
Request Chain 20
  • https://idsync.rlcdn.com/365868.gif?partner_uid=41088977953193496502743884807758368422 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNDEwODg5Nzc5NTMxOTM0OTY1MDI3NDM4ODQ4MDc3NTgzNjg0MjIQABoNCKKhpowGEgUI6AcQAEIASgA HTTP 307
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=a8ed29754711db5dc4c5176cb5a9a2aea59e7f6c49952a418e17aa2a23282c6cb0da87c991749652
Request Chain 22
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDEwODg5Nzc5NTMxOTM0OTY1MDI3NDM4ODQ4MDc3NTgzNjg0MjI= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDEwODg5Nzc5NTMxOTM0OTY1MDI3NDM4ODQ4MDc3NTgzNjg0MjI=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEJCvO-Sk1SfbGO5AlirOa8&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 23
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3622869072949542981
Request Chain 24
  • https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=41088977953193496502743884807758368422 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=575&dpuuid=3504188307961628887
Request Chain 25
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=41088977953193496502743884807758368422&rn=1636405409877&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D41088977953193496502743884807758368422 HTTP 302
  • https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=41088977953193496502743884807758368422&rn=1636405409877&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D41088977953193496502743884807758368422 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=41088977953193496502743884807758368422
Request Chain 26
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=41088977953193496502743884807758368422?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=41088977953193496502743884807758368422?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=19fb8a14a3773c15e2729533c75c3b88
Request Chain 27
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVltUW9RQUFBTDRsa1FQMA==
Request Chain 28
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YYmQoQAAAL4lkQP0&expires=90
Request Chain 29
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYmQoQAAAL4lkQP0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYmQoQAAAL4lkQP0&C=1
Request Chain 30
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=YYmQoQAAAL4lkQP0 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYYmQoQAAAL4lkQP0
Request Chain 31
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YYmQoQAAAL4lkQP0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YYmQoQAAAL4lkQP0
Request Chain 32
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYmQoQAAAL4lkQP0
Request Chain 33
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YYmQoQAAAL4lkQP0&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YYmQoQAAAL4lkQP0&img=1&__user_check__=1&sync_id=536c8d38-40d7-11ec-87c4-1ebee0f60406
Request Chain 34
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YYmQoQAAAL4lkQP0&t=2592000&o=0
Request Chain 35
  • https://ids.ad.gt/api/v1/put/adb?adb=$41088977953193496502743884807758368422 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=29d019e9-4047-4eac-af52-15cd1badafbb

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request stripes-clinch-wntdp-series-with-two-hit-shutout-of-stars
www.usabaseball.com/news/topic/womens/ 		64 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.usabaseball.com/news/topic/womens/stripes-clinch-wntdp-series-with-two-hit-shutout-of-stars?mc\_cid=116e898e6e&mc\_eid=d03cef87e4&mc\_cid=025be6e1fa&mc\_eid=UNIQID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fafc81e9ce0d17c66fabc096c6fbb4d01ca6f1ab10f618c74b5615780f712c97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 08 Nov 2021 21:03:29 GMT
content-type
text/html; charset=utf-8
x-dns-prefetch-control
off
x-download-options
noopen
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
public, max-age=180
vary
Accept-Encoding
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ab1bf5bfc2f2b89-FRA
content-encoding
gzip
usa-baseball.svg
www.mlbstatic.com/team-logos/usa-baseball/ 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlbstatic.com/team-logos/usa-baseball/usa-baseball.svg
Requested by
Host: www.usabaseball.com
URL: https://www.usabaseball.com/news/topic/womens/stripes-clinch-wntdp-series-with-two-hit-shutout-of-stars?mc\_cid=116e898e6e&mc\_eid=d03cef87e4&mc\_cid=025be6e1fa&mc\_eid=UNIQID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b25f2a07fbfa43a2e7148e9c8c3f0bf859e19e4208d91ccf2de0b96b62e69065

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.usabaseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 21:03:29 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1632859001
age
416524
x-guploader-uploadid
ADPycdu9XesWk-DN_LbnZKWEM6sWmn6bVFnHzwelUGvTW1mle9iuENcOJXO797aIRZz9ESLa3Rj-79GpBsW10iHjWgraoSWsDA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Tue, 28 Sep 2021 19:57:40 GMT
server
cloudflare
etag
W/"9431b193b6662f526448ebcc4202b9dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=s2MCtQ==, md5=lDGxk7ZmL1JkSOvMQgK53A==
x-goog-generation
1632859060232887
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
10215
cf-ray
6ab1bf91ed3442d5-FRA
expires
Wed, 10 Nov 2021 06:04:22 GMT
793x400_placeholder.png
www.usabaseball.com/site-core/images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usabaseball.com/site-core/images/793x400_placeholder.png
Requested by
Host: www.usabaseball.com
URL: https://www.usabaseball.com/news/topic/womens/stripes-clinch-wntdp-series-with-two-hit-shutout-of-stars?mc\_cid=116e898e6e&mc\_eid=d03cef87e4&mc\_cid=025be6e1fa&mc\_eid=UNIQID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6ef3169664ecf0d55cc1b0781b74f481da60dd6399bf853e7024d2da6eabdba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.usabaseball.com/news/topic/womens/stripes-clinch-wntdp-series-with-two-hit-shutout-of-stars?mc\_cid=116e898e6e&mc\_eid=d03cef87e4&mc\_cid=025be6e1fa&mc\_eid=UNIQID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 21:03:29 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
26421
x-xss-protection
1; mode=block
last-modified
Mon, 25 Oct 2021 22:40:21 GMT
server
cloudflare
etag
W/"6735-17cb99c9c08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6ab1bf91c99d2b89-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Mon, 08 Nov 2021 22:03:29 GMT
usab-square-light_on_dark.svg
www.mlbstatic.com/team-logos/usa-baseball/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlbstatic.com/team-logos/usa-baseball/usab-square-light_on_dark.svg
Requested by
Host: www.usabaseball.com
URL: https://www.usabaseball.com/news/topic/womens/stripes-clinch-wntdp-series-with-two-hit-shutout-of-stars?mc\_cid=116e898e6e&mc\_eid=d03cef87e4&mc\_cid=025be6e1fa&mc\_eid=UNIQID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bab1d911da45ea2d045bdab4a82d08b32010bcc7394c38ddd1cda970e6e004ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.usabaseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 21:03:29 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
275159
x-guploader-uploadid
ADPycdtQP-4e_-XeVrr0DCYu84mDIbe7zql4G-wErtsRcDcMA6IiK71Evb9bp49DFpwokX-hfYoWpBs8lj9qOWWsiLEdzhoh9Q
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:50 GMT
server
cloudflare
etag
W/"a1d738b2ee6d19109babf80c25fd7fc8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=EFfsjg==, md5=odc4su5tGRCbq/gMJf1/yA==
x-goog-generation
1625081990384203
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
8822
cf-ray
6ab1bf91ed3742d5-FRA
expires
Wed, 17 Nov 2021 20:39:47 GMT
usab-our-pastimes-future.svg
www.mlbstatic.com/team-logos/usa-baseball/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlbstatic.com/team-logos/usa-baseball/usab-our-pastimes-future.svg
Requested by
Host: www.usabaseball.com
URL: https://www.usabaseball.com/news/topic/womens/stripes-clinch-wntdp-series-with-two-hit-shutout-of-stars?mc\_cid=116e898e6e&mc\_eid=d03cef87e4&mc\_cid=025be6e1fa&mc\_eid=UNIQID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40dace853b05e55eb6e0095c7b24714a0876c88f8357295c9fb3c9477f2f3403

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.usabaseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 21:03:29 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
266609
x-guploader-uploadid
ADPycds-437ltLSRqf_JeIC3M6hUVtAPs8VAWF9mRgDogC_J8pjk8Ms671e3yyOKn_3zYUvGBmeFoW4B4J5O9tqHlhAk6OWLMw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:50 GMT
server
cloudflare
etag
W/"b26a7ce2082eaa0acba5ba7f751a663f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=lqhAYg==, md5=smp84gguqgrLpbp/dRpmPw==
x-goog-generation
1625081990372213
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
3218
cf-ray
6ab1bf91ed3942d5-FRA
expires
Wed, 17 Nov 2021 20:35:03 GMT
vendors.js
builds-cf.webeng-gcp.mlbinfra.com/usabaseball.com/builds/site-core/1635201728411/scripts/ 		100 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builds-cf.webeng-gcp.mlbinfra.com/usabaseball.com/builds/site-core/1635201728411/scripts/vendors.js
Requested by
Host: www.usabaseball.com
URL: https://www.usabaseball.com/news/topic/womens/stripes-clinch-wntdp-series-with-two-hit-shutout-of-stars?mc\_cid=116e898e6e&mc\_eid=d03cef87e4&mc\_cid=025be6e1fa&mc\_eid=UNIQID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa59e176c340aadcec1e50c55af24b52d4ecbe9a4ef92ef286877a6b2f01a2ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.usabaseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 21:03:29 GMT
content-encoding
gzip
cf-cache-status
HIT
age
71763
x-guploader-uploadid
ADPycdvD6SuFzfExo9BeGhdyuiYyAh5o-MelE5ByZRenwuVpJAz-O854G2kpn1ofOBg4RGY4uKFb3kvX7owhL-vl8yo
x-goog-storage-class
REGIONAL
x-guploader-response-body-transformations
gunzipped
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript; charset=utf-8
last-modified
Mon, 25 Oct 2021 22:46:52 GMT
server
cloudflare
etag
W/"d078023ff7bce89e3ed27f0bfac5743c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=6I0e4Q==, md5=0HgCP/e86J4+0n8L+sV0PA==
x-goog-generation
1635202012640334
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
x-goog-stored-content-length
35473
cf-ray
6ab1bf91e8176946-FRA
warning
214 UploadServer gunzipped
expires
Tue, 09 Nov 2021 01:07:25 GMT
uglify.js
builds-cf.webeng-gcp.mlbinfra.com/usabaseball.com/builds/site-core/1635201728411/scripts/ 		208 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builds-cf.webeng-gcp.mlbinfra.com/usabaseball.com/builds/site-core/1635201728411/scripts/uglify.js
Requested by
Host: www.usabaseball.com
URL: https://www.usabaseball.com/news/topic/womens/stripes-clinch-wntdp-series-with-two-hit-shutout-of-stars?mc\_cid=116e898e6e&mc\_eid=d03cef87e4&mc\_cid=025be6e1fa&mc\_eid=UNIQID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0323eda44028474341716c4609235264ad50ffdca2f3e15865bf415c6adf8c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.usabaseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 21:03:29 GMT
content-encoding
gzip
cf-cache-status
HIT
age
71763
x-guploader-uploadid
ADPycdtvx5B11Z0SVTWR1yzp6XP51ukHbuGy1YzV1DaMoDzBM21rFJze_nRWp__tMBmGV6iLwIVE2s4HIC8xIqf7bHU
x-goog-storage-class
REGIONAL
x-guploader-response-body-transformations
gunzipped
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript; charset=utf-8
last-modified
Mon, 25 Oct 2021 22:46:52 GMT
server
cloudflare
etag
W/"d250bd40d9f616897ffbe40345020aff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=CK3A2A==, md5=0lC9QNn2Fol/++QDRQIK/w==
x-goog-generation
1635202012649610
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
x-goog-stored-content-length
72045
cf-ray
6ab1bf91e8196946-FRA
warning
214 UploadServer gunzipped
expires
Tue, 09 Nov 2021 01:07:26 GMT
global.css
builds-cf.webeng-gcp.mlbinfra.com/usabaseball.com/builds/site-core/1635201728411/styles/ 		194 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builds-cf.webeng-gcp.mlbinfra.com/usabaseball.com/builds/site-core/1635201728411/styles/global.css
Requested by
Host: www.usabaseball.com
URL: https://www.usabaseball.com/news/topic/womens/stripes-clinch-wntdp-series-with-two-hit-shutout-of-stars?mc\_cid=116e898e6e&mc\_eid=d03cef87e4&mc\_cid=025be6e1fa&mc\_eid=UNIQID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
002c73c6934fb3b70ab041a7ca677af239aaa1dbf740ca182b49157583be5e7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.usabaseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 21:03:29 GMT
content-encoding
gzip
cf-cache-status
HIT
age
71763
x-guploader-uploadid
ADPycdt3NochERlOihbGY5LgreyTygd2Ye0c6nlxDwXA75e2ZUL4XPb4qZKPQ7jr86AY9HY7H_Unmx9YikGHRrG2s2Q
x-goog-storage-class
REGIONAL
x-guploader-response-body-transformations
gunzipped
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
text/css; charset=utf-8
last-modified
Mon, 25 Oct 2021 22:46:52 GMT
server
cloudflare
etag
W/"042419c1a7a75dbfb810258b62a4216a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=8Q2lxQ==, md5=BCQZwaenXb+4ECWLYqQhag==
x-goog-generation
1635202012650851
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
x-goog-stored-content-length
34349
cf-ray
6ab1bf91e80e6946-FRA
warning
214 UploadServer gunzipped
expires
Tue, 09 Nov 2021 01:07:25 GMT
index.css
builds-cf.webeng-gcp.mlbinfra.com/usabaseball.com/sections/news/builds/de32e3891872ba2f018e9965b1190ef1c8ccbe48_1632848563/styles/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builds-cf.webeng-gcp.mlbinfra.com/usabaseball.com/sections/news/builds/de32e3891872ba2f018e9965b1190ef1c8ccbe48_1632848563/styles/index.css
Requested by
Host: www.usabaseball.com
URL: https://www.usabaseball.com/news/topic/womens/stripes-clinch-wntdp-series-with-two-hit-shutout-of-stars?mc\_cid=116e898e6e&mc\_eid=d03cef87e4&mc\_cid=025be6e1fa&mc\_eid=UNIQID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2d48dc5127e35ae082df783413c77c7b36f0c53a12c2b3f8f94f2781b6d383c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.usabaseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 21:03:29 GMT
content-encoding
gzip
cf-cache-status
HIT
age
24709
x-guploader-uploadid
ADPycdvP168IF3k5Xw4rYNqmpAkS-ridYWBNGBcxkZSm7Go8l9NYOxx11eBSkfXVm_-cgvaziAXNhW3xyqTlFgHQL-M
x-goog-storage-class
REGIONAL
x-guploader-response-body-transformations
gunzipped
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
text/css; charset=utf-8
last-modified
Tue, 28 Sep 2021 17:04:44 GMT
server
cloudflare
etag
W/"d3ec33eceb5effdc0d0d5426cdb36b29"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=AlUxpA==, md5=0+wz7Ote/9wNDVQmzbNrKQ==
x-goog-generation
1632848684741464
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
x-goog-stored-content-length
4398
cf-ray
6ab1bf91e8146946-FRA
warning
214 UploadServer gunzipped
expires
Tue, 09 Nov 2021 14:11:40 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7g.ttf
fonts.gstatic.com/s/sourcesanspro/v14/ 		39 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7g.ttf
Requested by
Host: builds-cf.webeng-gcp.mlbinfra.com
URL: https://builds-cf.webeng-gcp.mlbinfra.com/usabaseball.com/builds/site-core/1635201728411/styles/global.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed891295d5d4f70182e68bb3fa450a2b0bf22cfc89286c420632639fb6fd3510
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://builds-cf.webeng-gcp.mlbinfra.com/
Origin
https://www.usabaseball.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 21:43:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170394
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20810
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:09 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 06 Nov 2022 21:43:35 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdr.ttf
fonts.gstatic.com/s/sourcesanspro/v14/ 		39 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdr.ttf
Requested by
Host: builds-cf.webeng-gcp.mlbinfra.com
URL: https://builds-cf.webeng-gcp.mlbinfra.com/usabaseball.com/builds/site-core/1635201728411/styles/global.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e44186395f92ca92a743b7bfce319e95f8a16705b772ae61fc46e8c00f6842c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://builds-cf.webeng-gcp.mlbinfra.com/
Origin
https://www.usabaseball.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16763
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20519
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 08 Nov 2022 16:24:06 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYag.ttf
fonts.gstatic.com/s/robotocondensed/v19/ 		35 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYag.ttf
Requested by
Host: builds-cf.webeng-gcp.mlbinfra.com
URL: https://builds-cf.webeng-gcp.mlbinfra.com/usabaseball.com/builds/site-core/1635201728411/styles/global.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3114cffcc2fc4ad6c6912c03aad1b6908549013fba4a721340f5c6d8a1d3c2d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://builds-cf.webeng-gcp.mlbinfra.com/
Origin
https://www.usabaseball.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 15:15:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20893
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20643
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 08 Nov 2022 15:15:16 GMT
fontawesome-webfont.woff
www.mlbstatic.com/usabaseball/builds/site-core/fontawesome/fonts/ 		64 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlbstatic.com/usabaseball/builds/site-core/fontawesome/fonts/fontawesome-webfont.woff
Requested by
Host: builds-cf.webeng-gcp.mlbinfra.com
URL: https://builds-cf.webeng-gcp.mlbinfra.com/usabaseball.com/builds/site-core/1635201728411/styles/global.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer
https://builds-cf.webeng-gcp.mlbinfra.com/
Origin
https://www.usabaseball.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 21:03:29 GMT
content-encoding
gzip
cf-cache-status
HIT
age
556703
x-guploader-uploadid
ABg5-UzwayLU8yIGdGQKcNUBbYv1JNGSxQrGKkPc0q_1K9BtBrfeK9njDDkpeX5QAPEfVtIeX3QLwCKhL42AZPHjjzY0Mpjq2g
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/font-woff
last-modified
Tue, 04 Feb 2020 13:31:35 GMT
server
cloudflare
etag
W/"d95d6f5d5ab7cfefd09651800b69bd54"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=hsPowQ==, md5=2V1vXVq3z+/QllGAC2m9VA==
x-goog-generation
1580823095513639
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
max-age=604800
x-goog-stored-content-length
65452
cf-ray
6ab1bf925857702b-FRA
expires
Tue, 02 Nov 2021 16:34:45 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7CA.ttf
fonts.gstatic.com/s/robotocondensed/v19/ 		35 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7CA.ttf
Requested by
Host: builds-cf.webeng-gcp.mlbinfra.com
URL: https://builds-cf.webeng-gcp.mlbinfra.com/usabaseball.com/builds/site-core/1635201728411/styles/global.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7649ce6be20fce64c9154e7b9d8e59df09184f5cb62740f533c24b94776eceb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://builds-cf.webeng-gcp.mlbinfra.com/
Origin
https://www.usabaseball.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 08:09:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
305634
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20629
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 05 Nov 2022 08:09:35 GMT
id
dpm.demdex.net/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A65F776A5245B01B0A490D44%40AdobeOrg&d_nsid=0&ts=1636405409745
Requested by
Host: builds-cf.webeng-gcp.mlbinfra.com
URL: https://builds-cf.webeng-gcp.mlbinfra.com/usabaseball.com/builds/site-core/1635201728411/scripts/uglify.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.185.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-185-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d54b9b209fbc1ee8362586f201ce61fa5a2067bcdf69a4ec4f98421dfae3e55b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.usabaseball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v019-0f4b0dfcb.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
UuVdmSGvRcI=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.usabaseball.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1407
Expires
Thu, 01 Jan 1970 00:00:00 UTC
global.js
builds-cf.webeng-gcp.mlbinfra.com/usabaseball.com/builds/site-core/1635201728411/scripts/ 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builds-cf.webeng-gcp.mlbinfra.com/usabaseball.com/builds/site-core/1635201728411/scripts/global.js
Requested by
Host: builds-cf.webeng-gcp.mlbinfra.com
URL: https://builds-cf.webeng-gcp.mlbinfra.com/usabaseball.com/builds/site-core/1635201728411/scripts/uglify.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
970a511e723e8797df7193821561663ded4da72ce4a3ad7ad596ed1741f66bac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.usabaseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 21:03:29 GMT
content-encoding
gzip
cf-cache-status
HIT
age
71763
x-guploader-uploadid
ADPycdsBRqzJQMiBsV3ZPWOfmmax-UwexAsKaSxA0CC7TPr8sEV15CX7BckdFlwj0BJGS8mh7tNZs0SVNWFh07ezH6g
x-goog-storage-class
REGIONAL
x-guploader-response-body-transformations
gunzipped
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript; charset=utf-8
last-modified
Mon, 25 Oct 2021 22:46:52 GMT
server
cloudflare
etag
W/"7ee33d205fd343631a1c8c07a4a94a8d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=8hbe/g==, md5=fuM9IF/TQ2MaHIwHpKlKjQ==
x-goog-generation
1635202012757632
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
x-goog-stored-content-length
47961
cf-ray
6ab1bf92fa906946-FRA
warning
214 UploadServer gunzipped
expires
Tue, 09 Nov 2021 01:07:26 GMT
index-startup.js
builds-cf.webeng-gcp.mlbinfra.com/usabaseball.com/sections/news/builds/de32e3891872ba2f018e9965b1190ef1c8ccbe48_1632848563/scripts/build/ 		119 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builds-cf.webeng-gcp.mlbinfra.com/usabaseball.com/sections/news/builds/de32e3891872ba2f018e9965b1190ef1c8ccbe48_1632848563/scripts/build/index-startup.js
Requested by
Host: builds-cf.webeng-gcp.mlbinfra.com
URL: https://builds-cf.webeng-gcp.mlbinfra.com/usabaseball.com/builds/site-core/1635201728411/scripts/uglify.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd506e7f3950aa82dfd719a1a51eb12c2c54455207808838be813b0ed7588e0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.usabaseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 21:03:29 GMT
content-encoding
gzip
cf-cache-status
HIT
age
24708
x-guploader-uploadid
ADPycdsqMfSDvxTMJCHin1p5RCsy5lt8NkbofMhXDBBZ_5Oo6k4Re5_VbEW9IGG9xQIuiLCAwAamT8Kf6TcleuaWKiYb5DdOjg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript; charset=utf-8
content-length
38589
last-modified
Tue, 28 Sep 2021 17:04:45 GMT
server
cloudflare
etag
"6926752d9d61edafe3bf617082837276"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=pJfZOQ==, md5=aSZ1LZ1h7a/jv2FwgoNydg==
x-goog-generation
1632848685922903
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
x-goog-stored-content-length
38589
accept-ranges
bytes
cf-ray
6ab1bf935b9d6946-FRA
expires
Tue, 09 Nov 2021 14:11:41 GMT
dest5.html
mlb.demdex.net/ Frame A0DD 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mlb.demdex.net/dest5.html?d_nsid=0
Requested by
Host: builds-cf.webeng-gcp.mlbinfra.com
URL: https://builds-cf.webeng-gcp.mlbinfra.com/usabaseball.com/builds/site-core/1635201728411/scripts/uglify.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.116.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-116-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.usabaseball.com/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Mon, 8 Nov 2021 21:03:30 GMT
DCS
dcs-prod-irl1-1-v019-0143259ca.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Thu, 14 Oct 2021 10:46:54 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
3+BqdKv/St0=
Content-Length
2791
Connection
keep-alive
id
ans.mlb.com/ 		48 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ans.mlb.com/id?d_visid_ver=2.1.0&d_fieldgroup=A&mcorgid=A65F776A5245B01B0A490D44%40AdobeOrg&mid=41428055706205240742769629933226068254&ts=1636405409902
Requested by
Host: builds-cf.webeng-gcp.mlbinfra.com
URL: https://builds-cf.webeng-gcp.mlbinfra.com/usabaseball.com/builds/site-core/1635201728411/scripts/uglify.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
30c42e20d7e917afd9c88717db35d643fb7c9888b21028dcd0aab19ba4726d02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.usabaseball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 08 Nov 2021 21:03:29 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-6988cccb6f-b7fcc
vary
Origin
x-c
main-1542.If2e2aa.M0-523
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.usabaseball.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YYmQoQAAAL4lkQP0
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=41088977953193496502743884807758368422
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YYmQoQAAAL4lkQP0
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YYmQoQAAAL4lkQP0
Protocol
HTTP/1.1
Server
52.17.185.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-185-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.usabaseball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v019-05f4e7fba.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
AsStzNJiRAU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YYmQoQAAAL4lkQP0
Date
Mon, 08 Nov 2021 21:03:29 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
ibs:dpid=21&dpuuid=164870703964000503455
dpm.demdex.net/ Frame A0DD
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=41088977953193496502743884807758368422
  • https://dpm.demdex.net/ibs:dpid=21&dpuuid=164870703964000503455
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=21&dpuuid=164870703964000503455
Protocol
HTTP/1.1
Server
52.17.185.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-185-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v019-0f0f8a4eb.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
5+fS36f8Quk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 21:03:30 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://dpm.demdex.net/ibs:dpid=21&dpuuid=164870703964000503455
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
ibs:dpid=477&dpuuid=a8ed29754711db5dc4c5176cb5a9a2aea59e7f6c49952a418e17aa2a23282c6cb0da87c991749652
dpm.demdex.net/ Frame A0DD
Redirect Chain
  • https://idsync.rlcdn.com/365868.gif?partner_uid=41088977953193496502743884807758368422
  • https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNDEwODg5Nzc5NTMxOTM0OTY1MDI3NDM4ODQ4MDc3NTgzNjg0MjIQABoNCKKhpowGEgUI6AcQAEIASgA
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=a8ed29754711db5dc4c5176cb5a9a2aea59e7f6c49952a418e17aa2a23282c6cb0da87c991749652
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=477&dpuuid=a8ed29754711db5dc4c5176cb5a9a2aea59e7f6c49952a418e17aa2a23282c6cb0da87c991749652
Protocol
HTTP/1.1
Server
52.17.185.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-185-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v019-0d97b02b4.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
mo/b/7W7Qq8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Mon, 08 Nov 2021 21:03:30 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dpm.demdex.net/ibs:dpid=477&dpuuid=a8ed29754711db5dc4c5176cb5a9a2aea59e7f6c49952a418e17aa2a23282c6cb0da87c991749652
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
/
dp2.33across.com/ps/ Frame A0DD 		0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dp2.33across.com/ps/?pid=897&random=1478466283
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.177 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip177.208-100-17.static.steadfastdns.net
Software
33XP003 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-33x-status
208
date
Mon, 08 Nov 2021 21:03:29 GMT
server
33XP003
ibs:dpid=771&dpuuid=CAESEEJCvO-Sk1SfbGO5AlirOa8&google_cver=1
dpm.demdex.net/ Frame A0DD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDEwODg5Nzc5NTMxOTM0OTY1MDI3NDM4ODQ4MDc3NTgzNjg0MjI=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDEwODg5Nzc5NTMxOTM0OTY1MDI3NDM4ODQ4MDc3NTgzNjg0MjI=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEJCvO-Sk1SfbGO5AlirOa8&google_cver=1?gdpr=0&gdpr_consent=
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEJCvO-Sk1SfbGO5AlirOa8&google_cver=1?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.17.185.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-185-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v019-0c1efb9a7.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
T9UC+WzGSM0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 21:03:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEJCvO-Sk1SfbGO5AlirOa8&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=22052&dpuuid=3622869072949542981
dpm.demdex.net/ Frame A0DD
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID]
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3622869072949542981
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3622869072949542981
Protocol
HTTP/1.1
Server
52.17.185.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-185-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v019-03345fb8d.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
CwMBCjOhQN0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 21:03:29 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Location
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3622869072949542981
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
185
Expires
0,Tue, 09 Nov 2021 16:03:30 GMT
ibs:dpid=575&dpuuid=3504188307961628887
dpm.demdex.net/ Frame A0DD
Redirect Chain
  • https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=41088977953193496502743884807758368422
  • https://dpm.demdex.net/ibs:dpid=575&dpuuid=3504188307961628887
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=575&dpuuid=3504188307961628887
Protocol
HTTP/1.1
Server
52.17.185.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-185-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v019-0fd187a7f.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
rbmP5DXuS10=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 21:03:30 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-origin
*
anserver
gapp-eu-5.c.datonics-gcp-01.internal
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://dpm.demdex.net/ibs:dpid=575&dpuuid=3504188307961628887
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
ibs:dpid=73426&dpuuid=41088977953193496502743884807758368422
dpm.demdex.net/ Frame A0DD
Redirect Chain
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=41088977953193496502743884807758368422&rn=1636405409877&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D410889779531934...
  • https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=41088977953193496502743884807758368422&rn=1636405409877&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D41088977953193...
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=41088977953193496502743884807758368422
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=41088977953193496502743884807758368422
Protocol
HTTP/1.1
Server
52.17.185.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-185-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v019-080af9c5c.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Ss3setE3SXI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Mon, 08 Nov 2021 21:03:30 GMT
via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=41088977953193496502743884807758368422
content-length
105
x-amz-cf-id
iRqzzmTNDHKPSXBf1xSwlcE8tbqBmDVrV00qjQcGkkWj39efiodx9A==
ibs:dpid=121998&dpuuid=19fb8a14a3773c15e2729533c75c3b88
dpm.demdex.net/ Frame A0DD
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=41088977953193496502743884807758368422?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=41088977953193496502743884807758368422?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=19fb8a14a3773c15e2729533c75c3b88
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=19fb8a14a3773c15e2729533c75c3b88
Protocol
HTTP/1.1
Server
52.17.185.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-185-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v019-025614274.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
m322lLCBQEY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 21:03:30 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=19fb8a14a3773c15e2729533c75c3b88
cache-control
no-cache
x-server
10.45.0.234
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame A0DD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVltUW9RQUFBTDRsa1FQMA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVltUW9RQUFBTDRsa1FQMA==
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 21:03:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 21:03:30 GMT
via
1.1 varnish
server
Varnish
x-timer
S1636405410.215895,VS0,VE0
x-served-by
cache-fra19155-FRA
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVltUW9RQUFBTDRsa1FQMA==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame A0DD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YYmQoQAAAL4lkQP0&expires=90
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YYmQoQAAAL4lkQP0&expires=90
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
0963d041a95f271fbba7f411adc03573
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 21:03:30 GMT
via
1.1 varnish
server
Varnish
x-timer
S1636405410.215959,VS0,VE0
x-served-by
cache-fra19155-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YYmQoQAAAL4lkQP0&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame A0DD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYmQoQAAAL4lkQP0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYmQoQAAAL4lkQP0&C=1
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYmQoQAAAL4lkQP0&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 21:03:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 21:03:30 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 21:03:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYmQoQAAAL4lkQP0&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
279
Expires
Mon, 08 Nov 2021 21:03:30 GMT
bounce
ib.adnxs.com/ Frame A0DD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=YYmQoQAAAL4lkQP0
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYYmQoQAAAL4lkQP0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYYmQoQAAAL4lkQP0
Protocol
HTTP/1.1
Server
185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 21:03:30 GMT
X-Proxy-Origin
91.199.118.78; 91.199.118.78; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
88bc8048-8891-40c7-bd39-cff475663d84
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 21:03:30 GMT
X-Proxy-Origin
91.199.118.78; 91.199.118.78; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e838708c-727d-4104-b466-b11a93473380
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYYmQoQAAAL4lkQP0
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A0DD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YYmQoQAAAL4lkQP0
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YYmQoQAAAL4lkQP0
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YYmQoQAAAL4lkQP0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 21:03:30 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YYmQoQAAAL4lkQP0
date
Mon, 08 Nov 2021 21:03:30 GMT
via
1.1 google
server
OXGW/16.218.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
Pug
image2.pubmatic.com/AdServer/ Frame A0DD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYmQoQAAAL4lkQP0
1 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYmQoQAAAL4lkQP0
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 21:03:28 GMT
cache-control
no-store, no-cache, private
x-lat
amspug016:0:406
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 21:03:30 GMT
via
1.1 varnish
server
Varnish
x-timer
S1636405410.261168,VS0,VE0
x-served-by
cache-fra19155-FRA
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYmQoQAAAL4lkQP0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame A0DD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YYmQoQAAAL4lkQP0&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YYmQoQAAAL4lkQP0&img=1&__user_check__=1&sync_id=536c8d38-40d7-11ec-87c4-1ebee0f60406
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YYmQoQAAAL4lkQP0&img=1&__user_check__=1&sync_id=536c8d38-40d7-11ec-87c4-1ebee0f60406
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 21:03:30 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
63
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Mon, 08 Nov 2021 21:03:30 GMT
Server
nginx
Location
/partner?adv_id=6409&uid=YYmQoQAAAL4lkQP0&img=1&__user_check__=1&sync_id=536c8d38-40d7-11ec-87c4-1ebee0f60406
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
92
Connection
keep-alive
Content-Length
0
b.php
www.facebook.com/fr/ Frame A0DD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YYmQoQAAAL4lkQP0&t=2592000&o=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YYmQoQAAAL4lkQP0&t=2592000&o=0
Protocol
H2
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 13:03:30 PST
content-encoding
br
x-content-type-options
nosniff
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
KS6xn+ubJD5q8z76gz68QgMbEflGLVnN4evJMh1H9MyyefZ3hTDVqI6tsAFAQl6uyOZA0l9zm1Gb/KpVMk2Hog==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=0
priority
u=3,i
expires
Mon, 08 Nov 2021 13:03:30 PST

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 21:03:30 GMT
via
1.1 varnish
server
Varnish
x-timer
S1636405410.294006,VS0,VE0
x-served-by
cache-fra19155-FRA
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YYmQoQAAAL4lkQP0&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ibs:dpid=348447&dpuuid=29d019e9-4047-4eac-af52-15cd1badafbb
dpm.demdex.net/ Frame A0DD
Redirect Chain
  • https://ids.ad.gt/api/v1/put/adb?adb=$41088977953193496502743884807758368422
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=29d019e9-4047-4eac-af52-15cd1badafbb
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=348447&dpuuid=29d019e9-4047-4eac-af52-15cd1badafbb
Protocol
HTTP/1.1
Server
52.17.185.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-185-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v019-02cd5e33a.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
yt+ntj9zSBQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=348447&dpuuid=29d019e9-4047-4eac-af52-15cd1badafbb
date
Mon, 08 Nov 2021 21:03:30 GMT
server
nginx/1.18.0
content-length
379
content-type
text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| deviceBootstrap function| getStartupDeviceTypeString number| footerYear string| s_account object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| requirejs function| require function| define function| Visitor function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq function| $ function| jQuery number| s_objectID number| s_giq object| s_c_il number| s_c_in object| visitor function| setAppMeasurementConfig string| b object| gptadslots object| googletag object| pbjs object| scrollMonitor object| visibly function| setTakeover

31 Cookies

Domain/Path Name / Value
www.usabaseball.com/ Name: __cflb
Value: 0H28vaXSP9pxxAEHBmRzaJt6vJsWcRFGRJUZ6zMZcE8
.demdex.net/ Name: demdex
Value: 41088977953193496502743884807758368422
.usabaseball.com/ Name: AMCVS_A65F776A5245B01B0A490D44%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YYmQoQAAAL4lkQP0
.dpm.demdex.net/ Name: dpm
Value: 41088977953193496502743884807758368422
.usabaseball.com/ Name: AMCV_A65F776A5245B01B0A490D44%40AdobeOrg
Value: 1099438348%7CMCIDTS%7C18940%7CMCMID%7C41428055706205240742769629933226068254%7CMCAAMLH-1637010209%7C6%7CMCAAMB-1637010209%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1636412609s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18947%7CvVersion%7C2.1.0
.rlcdn.com/ Name: rlas3
Value: jSEikGqMHWhSiKyv6+gSAlMKSFFwd/Pg7AxFZywvffM=
.rlcdn.com/ Name: pxrc
Value: CKKhpowGEgUI6AcQABIGCPHrARAA
.agkn.com/ Name: ab
Value: 0001%3APO0YbWhHLYizJJUTncx8QMFW4aynEXs%2B
.doubleclick.net/ Name: IDE
Value: AHWqTUnxelgxYe4LZsS-bQ0060iiftDBLYBDqyuMb66IXGGv21TUDkhEpzkAi__9NWg
.scorecardresearch.com/ Name: UID
Value: 1QVSEMYEVMYERQHPKIXFBHg1636405410
.casalemedia.com/ Name: CMID
Value: YYmQojwtE8Q-r7f6gpR57AAA
.casalemedia.com/ Name: CMPS
Value: 5229
.adnxs.com/ Name: uuid2
Value: 7087448933159740965
.casalemedia.com/ Name: CMPRO
Value: 1173
.casalemedia.com/ Name: CMST
Value: YYmQomGJkKIA
.casalemedia.com/ Name: CMRUM3
Value: 58618990a22760YYmQoQAAAL4lkQP0
.openx.net/ Name: i
Value: 075e955c-c81c-4b13-86d1-ea8c230a53f2|1636405410
.adnxs.com/ Name: anj
Value: dTM7k!M4.FErk#WF']wIg2E?ai%^g9!]tbPl1MwL(!R7qUY$*qHMDuiYWJXJ<T]K>N>^Q4P!.ju/X%W#.wL5oa9/sZwfzrVVGFa)<wEexQ67Oe!@G<H*=V[?
.demdex.net/ Name: dextp
Value: 21-1-1636405410047|60-1-1636405410061|477-1-1636405410077|601-1-1636405410092|771-1-1636405410107|22052-1-1636405410122|575-1-1636405410137|73426-1-1636405410152|121998-1-1636405410167|144230-1-1636405410183|144231-1-1636405410198|144232-1-1636405410213|144233-1-1636405410228|144234-1-1636405410243|144235-1-1636405410259|144236-1-1636405410274|144237-1-1636405410289|348447-1-1636405410304
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 19fb8a14a3773c15e2729533c75c3b88
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMLRMS7JINDRJNDY3N042NE01MjeyNDU2TjY3TTZOsrBgAILEzgmLQDQUAABIrgp2"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI7JywCEhBAQAaCwId"
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YYmQoQAAAL4lkQP0&KRTB&22978-YYmQoQAAAL4lkQP0&KRTB&23194-YYmQoQAAAL4lkQP0&KRTB&23209-YYmQoQAAAL4lkQP0
.pubmatic.com/ Name: PugT
Value: 1636405408
.pubmatic.com/ Name: PUBMDCID
Value: 3
.spotxchange.com/ Name: audience
Value: 536c8ce0-40d7-11ec-87c4-1ebee0f60406
.ad.gt/ Name: last_seenadb
Value: 1636405410707
.ad.gt/ Name: au_id
Value: 29d019e9-4047-4eac-af52-15cd1badafbb
.ad.gt/ Name: adb
Value: $41088977953193496502743884807758368422

1 Console Messages

Source Level URL
Text
network error URL: https://www.usabaseball.com/news/topic/womens/stripes-clinch-wntdp-series-with-two-hit-shutout-of-stars?mc\_cid=116e898e6e&mc\_eid=d03cef87e4&mc\_cid=025be6e1fa&mc\_eid=UNIQID
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ads.scorecardresearch.com
ans.mlb.com
builds-cf.webeng-gcp.mlbinfra.com
cm.everesttech.net
cm.g.doubleclick.net
dp2.33across.com
dpm.demdex.net
dsum-sec.casalemedia.com
fei.pro-market.net
fonts.gstatic.com
ib.adnxs.com
ids.ad.gt
idsync.rlcdn.com
image2.pubmatic.com
ml314.com
mlb.demdex.net
pixel.rubiconproject.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.search.spotxchange.com
us-u.openx.net
www.facebook.com
www.mlbstatic.com
www.usabaseball.com
142.250.184.194
143.204.98.87
15.188.95.229
151.101.194.49
185.33.220.241
185.64.189.110
185.94.180.126
2.18.234.21
208.100.17.177
2600:1901:0:8eee::
2606:4700::6812:1b44
2606:4700::6812:816
2606:4700::6812:fe6
2a00:1450:4001:827::2003
2a03:2880:f12d:83:face:b00c:0:25de
34.247.104.176
34.248.116.162
35.176.195.187
35.244.159.8
35.244.174.68
52.17.185.148
52.35.10.191
54.194.226.253
54.75.68.230
8.39.36.142
002c73c6934fb3b70ab041a7ca677af239aaa1dbf740ca182b49157583be5e7d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
30c42e20d7e917afd9c88717db35d643fb7c9888b21028dcd0aab19ba4726d02
3114cffcc2fc4ad6c6912c03aad1b6908549013fba4a721340f5c6d8a1d3c2d9
40dace853b05e55eb6e0095c7b24714a0876c88f8357295c9fb3c9477f2f3403
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
7649ce6be20fce64c9154e7b9d8e59df09184f5cb62740f533c24b94776eceb1
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
970a511e723e8797df7193821561663ded4da72ce4a3ad7ad596ed1741f66bac
a6ef3169664ecf0d55cc1b0781b74f481da60dd6399bf853e7024d2da6eabdba
aa59e176c340aadcec1e50c55af24b52d4ecbe9a4ef92ef286877a6b2f01a2ba
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b25f2a07fbfa43a2e7148e9c8c3f0bf859e19e4208d91ccf2de0b96b62e69065
b2d48dc5127e35ae082df783413c77c7b36f0c53a12c2b3f8f94f2781b6d383c
bab1d911da45ea2d045bdab4a82d08b32010bcc7394c38ddd1cda970e6e004ca
c0323eda44028474341716c4609235264ad50ffdca2f3e15865bf415c6adf8c7
d54b9b209fbc1ee8362586f201ce61fa5a2067bcdf69a4ec4f98421dfae3e55b
dd506e7f3950aa82dfd719a1a51eb12c2c54455207808838be813b0ed7588e0b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44186395f92ca92a743b7bfce319e95f8a16705b772ae61fc46e8c00f6842c4
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ed891295d5d4f70182e68bb3fa450a2b0bf22cfc89286c420632639fb6fd3510
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fafc81e9ce0d17c66fabc096c6fbb4d01ca6f1ab10f618c74b5615780f712c97