csurams.com Open in urlscan Pro
74.205.81.134 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://csurams.com/
Effective URL:
https://csurams.com/
Submission Tags: tranco_l324
Submission: On November 28 via api (November 28th 2021, 9:07:51 am UTC) from DE — Scanned from DE

Summary HTTP 179 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 36 IPs in 5 countries across 27 domains to perform 179 HTTP transactions. The main IP is 74.205.81.134, located in United States and belongs to RMH-14, US. The main domain is csurams.com.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on October 5th 2021. Valid for: a year.

This is the only time csurams.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	74.205.81.134 74.205.81.134	33070 (RMH-14) (RMH-14)
18	143.204.98.31 143.204.98.31	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:215... 2600:9000:2156:200:4:cc99:4000:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1 4	143.204.98.125 143.204.98.125	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28d::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	54.231.134.249 54.231.134.249	16509 (AMAZON-02) (AMAZON-02)
8	174.143.40.29 174.143.40.29	33070 (RMH-14) (RMH-14)
7	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3 7	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
6	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
3	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3 3	54.90.48.240 54.90.48.240	14618 (AMAZON-AES) (AMAZON-AES)
2 2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
6	52.31.243.184 52.31.243.184	16509 (AMAZON-02) (AMAZON-02)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.168.102.56 18.168.102.56	16509 (AMAZON-02) (AMAZON-02)
1	69.169.85.6 69.169.85.6	29838 (AMC) (AMC)
1 1	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
1 2	35.186.212.60 35.186.212.60	15169 (GOOGLE) (GOOGLE)
14	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
179	36

27 74.205.81.134 (United States) 1 redirects

ASN33070 (RMH-14, US)

csurams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 143.204.98.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-31.fra50.r.cloudfront.net

dbukjj6eu5tsf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:200:4:cc99:4000:93a1 (United States)

ASN16509 (AMAZON-02, US)

fonts.sidearmsports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.98.125 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-125.fra50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28d::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.231.134.249 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

sidearm-syndication.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 174.143.40.29 (United States)

ASN33070 (RMH-14, US)

statcollector.sidearmsports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.74.198 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

6590391.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.90.48.240 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-48-240.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.31.243.184 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-243-184.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.168.102.56 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-102-56.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.169.85.6 (Cranford, United States)

ASN29838 (AMC, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8eee:: (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.212.60 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 60.212.186.35.bc.googleusercontent.com

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d9585b1770e366f845ae2d899d5bda4d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	csurams.com 1 redirects csurams.com	359 KB
26	doubleclick.net 5 redirects 6590391.fls.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net securepubads.g.doubleclick.net	165 KB
18	krxd.net 3 redirects cdn.krxd.net consumer.krxd.net usermatch.krxd.net beacon.krxd.net	179 KB
18	cloudfront.net dbukjj6eu5tsf.cloudfront.net	2 MB
16	googlesyndication.com d9585b1770e366f845ae2d899d5bda4d.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	309 KB
12	sidearmsports.com fonts.sidearmsports.com statcollector.sidearmsports.com	77 KB
9	google.com www.google.com adservice.google.com analytics.google.com	2 KB
9	cloudflare.com cdnjs.cloudflare.com	58 KB
7	gstatic.com fonts.gstatic.com	106 KB
7	google-analytics.com www.google-analytics.com	21 KB
5	googletagservices.com www.googletagservices.com	172 KB
4	adsrvr.org 2 redirects insight.adsrvr.org match.adsrvr.org	1 KB
4	googletagmanager.com www.googletagmanager.com	191 KB
4	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
4	typekit.net use.typekit.net p.typekit.net	68 KB
3	google.de www.google.de adservice.google.de	1 KB
2	facebook.com www.facebook.com	386 B
2	yieldoptimizer.com 1 redirects tag.yieldoptimizer.com	1009 B
2	rlcdn.com idsync.rlcdn.com	459 B
2	facebook.net connect.facebook.net	113 KB
2	amazonaws.com sidearm-syndication.s3.amazonaws.com	56 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	pro-market.net 1 redirects fei.pro-market.net	327 B
1	ib-ibi.com global.ib-ibi.com	72 B
1	agkn.com aa.agkn.com	22 B
1	bluekai.com 1 redirects stags.bluekai.com	716 B
0	ixiaa.com Failed kr.ixiaa.com Failed
179	27

	Domain	Requested by
27	csurams.com	1 redirects csurams.com cdnjs.cloudflare.com sidearm-syndication.s3.amazonaws.com
18	dbukjj6eu5tsf.cloudfront.net	csurams.com cdnjs.cloudflare.com
14	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net csurams.com
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
9	cdnjs.cloudflare.com	csurams.com cdnjs.cloudflare.com
8	statcollector.sidearmsports.com	dbukjj6eu5tsf.cloudfront.net statcollector.sidearmsports.com sidearm-syndication.s3.amazonaws.com
7	6590391.fls.doubleclick.net	3 redirects csurams.com www.googletagmanager.com
7	fonts.gstatic.com	fonts.googleapis.com
7	www.google-analytics.com	csurams.com www.google-analytics.com
6	beacon.krxd.net	csurams.com cdn.krxd.net
6	cdn.krxd.net	csurams.com cdn.krxd.net
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	www.googletagservices.com	dbukjj6eu5tsf.cloudfront.net securepubads.g.doubleclick.net
4	adservice.google.com	6590391.fls.doubleclick.net securepubads.g.doubleclick.net
4	www.google.com	csurams.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	www.googletagmanager.com	csurams.com www.googletagmanager.com
4	sb.scorecardresearch.com	1 redirects csurams.com
4	fonts.sidearmsports.com	csurams.com fonts.sidearmsports.com
3	usermatch.krxd.net	3 redirects
3	consumer.krxd.net	cdn.krxd.net
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	use.typekit.net	csurams.com use.typekit.net
2	www.facebook.com	6590391.fls.doubleclick.net
2	tag.yieldoptimizer.com	1 redirects csurams.com
2	idsync.rlcdn.com	csurams.com
2	match.adsrvr.org	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	connect.facebook.net	6590391.fls.doubleclick.net connect.facebook.net
2	insight.adsrvr.org	6590391.fls.doubleclick.net
2	www.google.de	csurams.com
2	sidearm-syndication.s3.amazonaws.com	cdnjs.cloudflare.com csurams.com
2	fonts.googleapis.com	csurams.com sidearm-syndication.s3.amazonaws.com
1	analytics.google.com	www.googletagmanager.com
1	d9585b1770e366f845ae2d899d5bda4d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	fei.pro-market.net	1 redirects
1	global.ib-ibi.com	csurams.com
1	aa.agkn.com	csurams.com
1	stags.bluekai.com	1 redirects
1	p.typekit.net	use.typekit.net
0	kr.ixiaa.com Failed	csurams.com
179	41

This site contains links to these domains. Also see Links.

Domain
www.csuramcamps.com
music.colostate.edu
alumni.colostate.edu
www.colostate.edu
www.learfield.com
themw.com
csurams.evenue.net
www.stubhub.com
shop.csurams.com
fanbrander.com
csura.ms
power1029noco.com
www.sidearmstats.com
www.facebook.com
twitter.com
www.ncaa.com
sidearmsports.com
www.cbssports.com
www.sidearmsports.com

Subject Issuer	Validity	Valid
lb02.sidearmsports.com Starfield Secure Certificate Authority - G2	`2021-10-05` - `2022-11-06`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.sidearmsports.com Amazon	`2021-04-26` - `2022-05-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-16` - `2022-07-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-02-08` - `2022-02-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-07-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-06` - `2021-12-05`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.ib-ibi.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-03-08`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://csurams.com/
Frame ID: 87CAE4B1689459EB29D6C8846E3949A5
Requests: 114 HTTP requests in this frame

Frame: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=colstate&cbs_site_code=csu&content_id=null&sect=frontpage&sid=af992026-3daf-4dd5-a023-866f9dc555f8&uid=1cbac6e2-80a2-4f39-b054-c29b5fd7aecb&count=csurams_com.pageview%7Call.pageview&events=&traits=&r=csurams.com&server_name=866413-LB18&path_and_query=%2F&_=1638090463616
Frame ID: 9495ECBC7F057A8A11D57298609E536F
Requests: 2 HTTP requests in this frame

Frame: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=colstate&cbs_site_code=csu&content_id=null&sect=frontpage&sid=af992026-3daf-4dd5-a023-866f9dc555f8&uid=1cbac6e2-80a2-4f39-b054-c29b5fd7aecb&count=csurams_com.active%7Call.active&events=&traits=&r=csurams.com&server_name=866413-LB18&path_and_query=%2F&_=1638090463634
Frame ID: B6F0BF30AF63DC46F197D1CA12CE51F6
Requests: 2 HTTP requests in this frame

Frame: https://6590391.fls.doubleclick.net/activityi;dc_pre=CLL_5sHauvQCFQWdGwod7VcCTw;src=6590391;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=7281974978571.53
Frame ID: 0C2EFB5B2F04EC67837C61A71F9371CF
Requests: 2 HTTP requests in this frame

Frame: https://6590391.fls.doubleclick.net/activityi;dc_pre=CM-G58HauvQCFbhBHQkdr5gFVQ;src=6590391;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6851623039193.586
Frame ID: E22E3D139DD2C642B35B61102270580F
Requests: 8 HTTP requests in this frame

Frame: https://6590391.fls.doubleclick.net/activityi;dc_pre=CPeH58HauvQCFQZCHQkdnRYNWA;src=6590391;type=counter;cat=pagev0;ord=8721424807285;gtm=2wgba1;auiddc=844647134.1638090464;u15=undefined;ps=1;~oref=https%3A%2F%2Fcsurams.com%2F
Frame ID: 690E7282487095068FB3873B7346DE7E
Requests: 2 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: FBBD3D7ECF130721EF037A49E2AD877E
Requests: 15 HTTP requests in this frame

Frame: https://d9585b1770e366f845ae2d899d5bda4d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 279A5CBFAE5347BEF764CD5220ADD492
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssej76AN81GgBIy5Y_qmJ0vP3jVeF-x0ug2rLmAQ0ResCvKDhb4STrQCHlfCxD4ZkH8HyBqkb1362rfwvZvjSVbNbhp8YpJsjWi3vZX0VUdqrcoTHRCrOZySnMbhmmMBl7RcOnBCBZ3C9JbnN7y-aZ5ZMwaXgNjm1rGQsEiiKZiQzLDM0I4vqUQD6W6Hz6QmY7mIZiRLZUtIVUCg7_V7LclyYOBm72ZY1-IDxBskDZN62pcRnGFK5uFt-VcohIEWvlPO3_rnZBPCfPFgiZ95ucUiSJy67Epedd_Dcz14qdaap93&sig=Cg0ArKJSzE7uu9DzoPG5EAE&uach_m=[UACH]&adurl=
Frame ID: D4A4797D3448E30A50E812AB017B45D3
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsty_U6vp1a0opTWoIFQCrihPxGnHugTEsfqpNik0wytUsU0uz_xWsiLl4ZkcpShyy5VtQlZRwgMgs4x7kSvqrbAPIUbfcNtGWcGwyK99CuyNj7t0cQNQYDpkIh0aLNOlXlzq1RvTi0pM6IZYcCsKl2WFcu1QOqxkSclkZs-k_1oCQT2EDW38d21yVRtRzZgGkuSrPkbOge6SEw0QLYZze3-DMyUeVu827qO7_4wN5vgFXsKGUbWAnzObP9hYx5CgLHd_UtLRyo9tJAtI_yTJ4QkOdxcTvRTgnF_T3_eQ7-0UOap&sig=Cg0ArKJSzNsfaG8dNPUzEAE&uach_m=[UACH]&adurl=
Frame ID: 0F5601A728DAD67A60F901F6EC14AA34
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNM-vxlQhOd1Sc-ScJsyUWO3Ce5s0IMMsJUNkB27RGKfqQW02vx7DnG--eJN_aC6JGr_Xu_2jIMhu9kAj2lguL4HGbMPU5hmjMG0YfPgkP9_Sj_R4YeVdRWmaOYAH7u5Yx1qP0buEIYvoP5MXrY84yfA8vDr7TvW1MgalvntoQOGnosCNUNEjao5MGEY_eqAloJ2xYc16nV3AORXvl89gbA_6ZJjoGcKQbmMxS1UcCaFtfdf7_A93t9QOgGg4Aoy9N_OwBqXB9zOdM0uAG5gLhTchF5xTsesnphIgtelnlLrLL&sig=Cg0ArKJSzGD_n4IVj2ReEAE&uach_m=[UACH]&adurl=
Frame ID: E30284CA4DC0CA92CC73BBDD50D84FB9
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJAMxtgyuRMlDxxKCJDgAt81MxMibVNGHdX7-w7e7SyS4aqswwvf2MNA1PSXPWXq8dC1y8lNt7OdOKEmbbyv6nWBDvHQB8JXcdxHNRLvsrMJ1Md1wJY04pUkgIOW_s-W66C6Dt1tPePdZy_v4kejj1Qn1lWiwSS3lbhGI--LijxySWzSWKx8Qrskoj5WNk2PnfHKr7dqFNnNUkhOSqd9Rg_DW6Sa6Rqb7pze1JndG1S6cksFS1e9HlsRDJjz_I3lIN8hlqrxdYLFMCH9bMYEAH1gozxW_I4gn08UOka-j4aU9c&sig=Cg0ArKJSzMzAlp9G99gUEAE&uach_m=[UACH]&adurl=
Frame ID: 6F7F855C6905C5955C3BE2B3BE10CFDB
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 195587CD29E8238460D1164D89AC1A8C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FBC7097C825EB1837FF3F5137A25ADEE
Requests: 2 HTTP requests in this frame

Frame: https://statcollector.sidearmsports.com/services/fetch-ids.html?local=1cbac6e2-80a2-4f39-b054-c29b5fd7aecb&session=af992026-3daf-4dd5-a023-866f9dc555f8
Frame ID: C6FE5FC659B9CBFFA6408FD65B302E62
Requests: 1 HTTP requests in this frame

Frame: https://statcollector.sidearmsports.com/services/fetch-ids.html?local=1cbac6e2-80a2-4f39-b054-c29b5fd7aecb&session=af992026-3daf-4dd5-a023-866f9dc555f8
Frame ID: 997FE397C9EB2CF76C523F458601F80C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Colorado State University Athletics - Official Athletics Website LearfieldSidearm Sports Learfield

Page URL History Show full URLs

http://csurams.com/ HTTP 301
https://csurams.com/ Page URL

Page Statistics

179
Requests

93 %
HTTPS

53 %
IPv6

27
Domains

41
Subdomains

36
IPs

5
Countries

3788 kB
Transfer

7105 kB
Size

24
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://www.csuramcamps.com/
Title: Camps & Clinics

Search URL Search Domain Scan URL

URL: http://music.colostate.edu/bands/
Title: Band

Search URL Search Domain Scan URL

URL: https://alumni.colostate.edu/get-your-green-on/
Title: Get Your Green On

Search URL Search Domain Scan URL

URL: https://www.colostate.edu/
Title: Colorado State University

Search URL Search Domain Scan URL

URL: http://www.learfield.com/partner/colorado-state-rams/
Title: Sponsorship Opportunities

Search URL Search Domain Scan URL

URL: https://themw.com/
Title: The Mountain West

Search URL Search Domain Scan URL

URL: https://csurams.evenue.net/cgi-bin/ncommerce3/EVExecMacro?linkID=colostate&evm=myac&entry=myaccount.html&url=https://ev8.evenue.net/cgi-bin/ncommerce3/EVExecMacro%3FlinkID%3Dcolostate%26evm%3Dmyac%26entry%3Dmain.html&url=https://ev8.evenue.net/cgi-bin/ncommerce3/EVExecMacro%253FlinkID%253Dcolostate%2526evm%253Dmain
Title: My Account Login

Search URL Search Domain Scan URL

URL: https://csurams.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=GS&linkID=colostate&shopperContext=&caller=&appCode=
Title: Purchase Tickets

Search URL Search Domain Scan URL

URL: https://csurams.evenue.net/cgi-bin/ncommerce3/EVExecMacro?linkID=colostate&evm=myac&msgCode=32000&shopperContext=ST&returnURL=/cgi-bin/ncommerce3/SEGetGroupList%3FlinkID%3Dcolostate%26groupCode%3D%26RSRC%3D%26RDAT%3D%26shopperContext%3DST&url=/cgi-bin/ncommerce3/SEGetGroupList%3FlinkID%3Dcolostate%26groupCode%3D%26RSRC%3D%26RDAT%3D%26shopperContext%3DST
Title: Student Tickets

Search URL Search Domain Scan URL

URL: https://www.stubhub.com/colorado-state-rams-tickets/grouping/229494/?gcid=chPRT-_-geoUS-_-vnCOLORADOSTATE-_-genNCAAF-_-cmNCAAREGSEASON-_-srcTEXTLINK
Title: StubHub Marketplace

Search URL Search Domain Scan URL

URL: http://shop.csurams.com/
Title: Shop Now

Search URL Search Domain Scan URL

URL: http://shop.csurams.com/COLLEGE_Colorado_State_Rams_Under_Armour
Title: Under Armour

Search URL Search Domain Scan URL

URL: https://shop.csurams.com/colorado-state-rams/tailgate-and-party/t-45266072+d-31885734+z-923-1546119061
Title: Game Day & Tailgate

Search URL Search Domain Scan URL

URL: https://fanbrander.com/collections/colorado-state-otterbox
Title: Otter Shop

Search URL Search Domain Scan URL

URL: https://csura.ms/Live
Title: Live video for Women's Basketball vs Louisville on November 28, 2021 at 12:00 PM

Search URL Search Domain Scan URL

URL: https://csura.ms/WBBStats
Title: Live stats for Women's Basketball vs Louisville on November 28, 2021 at 12:00 PM

Search URL Search Domain Scan URL

URL: https://csurams.evenue.net/cgi-bin/ncommerce3/SEGetEventInfo?ticketCode=GS%3ACOLOSTATE%3AWB21%3AWB06%3A&linkID=colostate&shopperContext=&pc=&caller=&appCode=&groupCode=WBSS&cgc=&dataAccId=158&locale=en_US&siteId=ev_colostate&_ga=2.199868073.665782534.1638090464-1963339490.1638090464
Title: Buy tickets for Women's Basketball vs Louisville on November 28, 2021 at 12:00 PM

Search URL Search Domain Scan URL

URL: https://power1029noco.com/
Title: Live audio for Radio Show vs Basketball Coaches Show on November 29, 2021 at 6:00 PM

Search URL Search Domain Scan URL

URL: http://www.sidearmstats.com/colstate/mbball/
Title: Live stats for Men's Basketball vs Little Rock on December 1, 2021 at 7:00 PM

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https://csurams.com/watch/?type=Archive&id=13679&p[title]=Colorado%20State%20Football:%20Trey%20McBride%20and%20Ryan%20Stonehouse%20Postgame%20(Nevada)

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Colorado%20State%20Football:%20Trey%20McBride%20and%20Ryan%20Stonehouse%20Postgame%20(Nevada)&url=https://csurams.com/watch/?Archive=13679%26type=Archive

Search URL Search Domain Scan URL

URL: https://www.ncaa.com/

Search URL Search Domain Scan URL

URL: http://sidearmsports.com/terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: http://sidearmsports.com/privacypolicy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.cbssports.com/
Title: video platform powered by CBS Sports Digital

Search URL Search Domain Scan URL

URL: https://www.learfield.com/
Title: Learfield

Search URL Search Domain Scan URL

URL: https://www.sidearmsports.com/
Title: Sidearm Sports Learfield

Search URL Search Domain Scan URL

URL: http://www.sidearmsports.com/blockers
Title: Learn More About Ad Blockers

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://csurams.com/ HTTP 301
https://csurams.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://sb.scorecardresearch.com/b?c1=2&c2=3005086&ns__t=1638090464014&ns_c=UTF-8&cv=3.5&c8=Colorado%20State%20University%20Athletics%20-%20Official%20Athletics%20Website&c7=https%3A%2F%2Fcsurams.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3005086&ns__t=1638090464014&ns_c=UTF-8&cv=3.5&c8=Colorado%20State%20University%20Athletics%20-%20Official%20Athletics%20Website&c7=https%3A%2F%2Fcsurams.com%2F&c9=

Request Chain 39

https://6590391.fls.doubleclick.net/activityi;src=6590391;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=7281974978571.53 HTTP 302
https://6590391.fls.doubleclick.net/activityi;dc_pre=CLL_5sHauvQCFQWdGwod7VcCTw;src=6590391;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=7281974978571.53

Request Chain 40

https://6590391.fls.doubleclick.net/activityi;src=6590391;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6851623039193.586 HTTP 302
https://6590391.fls.doubleclick.net/activityi;dc_pre=CM-G58HauvQCFbhBHQkdr5gFVQ;src=6590391;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6851623039193.586

Request Chain 49

https://6590391.fls.doubleclick.net/activityi;src=6590391;type=counter;cat=pagev0;ord=8721424807285;gtm=2wgba1;auiddc=844647134.1638090464;u15=undefined;ps=1;~oref=https%3A%2F%2Fcsurams.com%2F HTTP 302
https://6590391.fls.doubleclick.net/activityi;dc_pre=CPeH58HauvQCFQZCHQkdnRYNWA;src=6590391;type=counter;cat=pagev0;ord=8721424807285;gtm=2wgba1;auiddc=844647134.1638090464;u15=undefined;ps=1;~oref=https%3A%2F%2Fcsurams.com%2F

Request Chain 91

https://usermatch.krxd.net/um/v2?partner=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T2dpempINXU HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEOhyrW5j-q66wU_fJe4RfKc&google_cver=1

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T2dpempINXU HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEOhyrW5j-q66wU_fJe4RfKc&google_cver=1

Request Chain 93

https://match.adsrvr.org/track/cmf/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=OgizjH5u&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=OgizjH5u&gdpr=0 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=85d2fc85-e3a8-4beb-8fca-7701d620758c

Request Chain 95

https://stags.bluekai.com/site/26357?id=OgizjH5u&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOgizjH5u%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
https://beacon.krxd.net/usermatch.gif?_kuid=OgizjH5u&partner=bluekai&bk_uuid=$_BK_UUID

Request Chain 97

https://usermatch.krxd.net/um/v2?partner=neustar HTTP 302
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OgizjH5u

Request Chain 100

https://fei.pro-market.net/engine?mimetype=img&du=88&csync=OgizjH5u HTTP 302
https://idsync.rlcdn.com/398696.gif?partner_uid=-1800405411936451684

Request Chain 101

https://usermatch.krxd.net/um/v2?partner=adara HTTP 302
https://tag.yieldoptimizer.com/ps/ps?t=s&p=2818&uid=OgizjH5u HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=363040339&t=s&p=2818&uid=OgizjH5u

179 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
csurams.com/
Redirect Chain

http://csurams.com/
https://csurams.com/

456 KB
51 KB

649ms
259ms

Document
text/html

74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://csurams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

9a9f559578efd0e89aa6d87ca1e6fb2f877bc92108b33b0e14ce0ee97891ea99

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: public, max-age=613
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Sun, 28 Nov 2021 09:17:56 GMT
Last-Modified: Sun, 28 Nov 2021 08:47:56 GMT
Vary: *
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=0;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Date: Sun, 28 Nov 2021 09:07:42 GMT
Content-Length: 52156

Redirect headers

Location: https://csurams.com/
Server: Microsoft-IIS/8.5
Strict-Transport-Security: max-age=0;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Date: Sun, 28 Nov 2021 09:07:41 GMT
Content-Length: 0

GET
H2 200 main.1635997962150.js Show response
dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/responsive/js/ 119 KB
27 KB 44ms
12ms Script
application/javascript 143.204.98.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/responsive/js/main.1635997962150.js
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-31.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0af831f02446abba45f9f0128e242e257e5880694b9a6e21136eaf4f0b4daa53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 09:33:49 GMT
content-encoding: gzip
last-modified: Thu, 04 Nov 2021 03:52:44 GMT
server: AmazonS3
age: 2072035
etag: "90014ca543e50f23f73f3c20bd583918"
x-cache: Hit from cloudfront
x-amz-version-id: wNQ3HShQPs7V4.dammNSxN_Hy38FNyTc
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 27078
x-amz-cf-id: _AG7OwWFw1vdnTBCEjH30hSwVZ6jb0iS7iLVYiK45nGZaE7vf59biQ==
expires: Sat, 04 Nov 2023 03:52:42 GMT

GET
H2 200 sidearm_font_v2.css
fonts.sidearmsports.com/sidearm_v2/2021-08-16-883562/ 14 KB
3 KB 78ms
7ms Stylesheet
text/css 2600:9000:2156:200:4:cc99:4000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.sidearmsports.com/sidearm_v2/2021-08-16-883562/sidearm_font_v2.css
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:200:4:cc99:4000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 22aa5adb7ec9ec635bf5ea794b146c0ef2fc74e4849d6c36e2db99b1144cc700

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:01:03 GMT
content-encoding: gzip
last-modified: Mon, 16 Aug 2021 20:52:08 GMT
server: AmazonS3
age: 4648001
etag: "51f84a4d56570f38f0a95eab98731858"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3005
x-amz-cf-id: 2T2ovXpeDgJpc6mewcHqEMufDTevCW4wXlgLsH7Rd9Y8bz9nOeTOBw==
expires: Wed, 16 Aug 2023 20:52:03 GMT

GET
H2 200 sidearm_font.css
fonts.sidearmsports.com/sidearm/2020-05-12-535576/ 11 KB
3 KB 79ms
8ms Stylesheet
text/css 2600:9000:2156:200:4:cc99:4000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.sidearmsports.com/sidearm/2020-05-12-535576/sidearm_font.css
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:200:4:cc99:4000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d713dd84892c763b25143502308aa8cf82f0d60aad22ea5b6c2968cf9b6bb135

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 02:48:14 GMT
content-encoding: gzip
last-modified: Tue, 12 May 2020 20:42:55 GMT
server: AmazonS3
age: 4169970
etag: "1ad82ee377693ace7a947b0c66052a4d"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 2670
x-amz-cf-id: Jcyd1ZfMTkJVa2CeKfxOLB00TaORyC-Ssh3GOhhZiQ4dLeJz8EY0cg==
expires: Thu, 12 May 2022 20:42:52 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/ 90 KB
29 KB 39ms
19ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 979740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29363
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-169d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Op1y%2FG%2BXCI5tOjKsb%2Bwv2BCiLJaQ5r0Jr0XdgdXd9bN9coVsbuyquV0b2IMjQy9Z8LPbiF87HwH3uB0Hhg1za134LCu6D17CSpQ0ZKPYdeNHpg85ve9XyZrgBaGqrp%2BtQpUG3GcobTU3n97KcSmLJXE0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b527292dbfd3258-FRA
expires: Fri, 18 Nov 2022 09:07:43 GMT

GET
H2 200 require.min.js Show response
cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/ 25 KB
7 KB 41ms
21ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02055da12953582666aec83c667c693f874a6bd5068e41b6f9c574b18615734c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1684997
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7122
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fbf-653e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Av5OpjAS7H%2B83YtYoUAXe%2BMVhuJcLENNn2UrktG2fJkTWWHR01CJdTzy%2FbUfbfEWZHGxAJ0QfwOT2tOpyaWR0pfKQ%2BLUEEzdPFj5gpHwFX2Ub%2FlY16WndS07lKrMhKvoUdOxPXhTTo7bwq5ybffM8cbU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b527292dbfe3258-FRA
expires: Fri, 18 Nov 2022 09:07:43 GMT

GET
H2 200 bundle.1623185959941.js Show response
dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/responsive/js/ 475 KB
136 KB 42ms
12ms Script
application/javascript 143.204.98.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/responsive/js/bundle.1623185959941.js
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-31.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df9dc60b9eb6c3b12435878476d534072616a4e0677c57c25b9ad3a7d6a8d08f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 20:24:40 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 20:59:25 GMT
server: AmazonS3
age: 4452184
etag: "755badebea710386655f939549133367"
x-cache: Hit from cloudfront
x-amz-version-id: vGHF.2fkmpHLhkO.ae7OsVyYgDLAytcP
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 138581
x-amz-cf-id: gUjy7StXh_DCd55uGoVvQDAGyW_5WVKpQ0uHSExf6a-_3VhJz2v66w==
expires: Thu, 08 Jun 2023 20:59:20 GMT

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.5.9/ 1 KB
1 KB 37ms
17ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.5.9/slick.min.css

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9811f9f571e747d90c59b3dafcc49ef225807b15f2b06e1c92f14d02739653b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2116641
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 347
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-4fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUSxU4%2B%2FGtASKa8GpKOigeGBde6zcjaYKJJ93NbyIE0U%2BXFA%2FsElGFVyf97e%2FVBJYwMtV4i3s8dY2AO7dYhswAbbyKi7lWy1foe2XBf75rmBOMdZLLCavnlnsD5e7quCYR9MbWJWf5CMewWK6U3fq1vj"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b527292dbfa3258-FRA
expires: Fri, 18 Nov 2022 09:07:43 GMT

GET
H/1.1 200
OK sidearm-responsive-grid.less
csurams.com/less/ 240 KB
21 KB 358ms
130ms Stylesheet
text/css 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://csurams.com/less/sidearm-responsive-grid.less?_=637732603264318975

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

47e7b5ca20e0b72b7a992ead1d85c9c933ee0cf23334f28ccd7750b53e626e73

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sat, 27 Nov 2021 10:04:04 GMT
Server: Microsoft-IIS/8.5
ETag: "2c+skvooyRC1klNLinNvaemsVmM7x2coIVUJ2lJrkzM="
Vary: *
Content-Type: text/css; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: public
Date: Sun, 28 Nov 2021 09:07:42 GMT
Content-Length: 21255
X-Content-Type-Options: nosniff
Expires: Sun, 05 Dec 2021 07:04:25 GMT

GET
H2 200 vlh6vjp.css
use.typekit.net/ 9 KB
1 KB 166ms
139ms Stylesheet
text/css 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/vlh6vjp.css

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

37df8fe0738cfcd1e8f0362b5dc1295ca82fdcc11900bc29ce2829022af18388

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Sun, 28 Nov 2021 09:07:43 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1056

GET
H2 200 css2
fonts.googleapis.com/ 16 KB
2 KB 142ms
51ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Archivo:wght@400;600;700&family=Roboto:wght@400;500;700;900&family=Source+Sans+Pro:wght@400;700&display=swap

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d8e6de10d60d5495f6c21767dac248c9908cec2eb38399fc3c2276ce7d66a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 28 Nov 2021 09:07:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 28 Nov 2021 09:07:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Nov 2021 09:07:43 GMT

GET
H/1.1 200
OK site.less
csurams.com/site/ 73 KB
9 KB 391ms
133ms Stylesheet
text/css 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://csurams.com/site/site.less?_=637655170355347592

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

f0dfb575a3bbcbbbf9c890cd4b435b969377d444ada10654cfd976c137094e38

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/8.5
Date: Sun, 28 Nov 2021 09:07:42 GMT
Vary: *
Content-Type: text/css; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: public
Content-Length: 8737
X-Content-Type-Options: nosniff
Expires: Sun, 05 Dec 2021 09:07:43 GMT

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/ 57 KB
4 KB 43ms
25ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/animate.min.css

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://csurams.com/
Origin: https://csurams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5664750
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3511
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-e311"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2F7Z2D%2F4y7IfKiXfdum4NW5h9If2F6Ao73tA2JKRxhgAehyy%2B7bHd2MwbtdzFAFVIuwRVFfw%2FdirGH9YNn18Ss7hOIwJZ7fMQ5jAg6pypsmNVAMy3K9uMkYAK2S542feLkD47FSmUxu8%2BBPC12FF0KI0"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b527292ddf76973-FRA
expires: Fri, 18 Nov 2022 09:07:43 GMT

GET
H2 200 logo_main.svg
dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/responsive_2020/ 7 KB
7 KB 13ms
13ms Image
image/svg+xml 143.204.98.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/responsive_2020/logo_main.svg
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-31.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c85b540f09f4d98f4c94cce10b1cf654fe6a9d393042b067500e78fa42ccf1c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:42:09 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
etag: "9b97333f6d30d660e4760dea127fe133"
last-modified: Fri, 05 Jun 2020 20:06:35 GMT
server: AmazonS3
age: 8735
x-amz-meta-cb-modifiedtime: Wed, 03 Jun 2020 12:23:37 GMT
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 7111
x-amz-cf-id: c-TxNo4CDrd5z9V3ibxRBx25Ktioyn8fn9_JATqSWjdw-02upqKqjg==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 100ms
9ms Script
application/javascript 143.204.98.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-125.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 05:03:24 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 14659
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: e5Pt2VPc1n51xvFExtabclWxJkcjyTNf1koukKySkyGY2LSteUDS6w==

GET
H2 200 logo_video.svg
dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/responsive_2020/ 10 KB
10 KB 10ms
10ms Image
image/svg+xml 143.204.98.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/responsive_2020/logo_video.svg
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-31.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1bf11cfef5b22c06615c9ec2bf5660543ed00e73b54220be594327683c02b6f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:42:09 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
etag: "69c383739fcd43c7743181a70db8c361"
last-modified: Fri, 05 Jun 2020 20:06:35 GMT
server: AmazonS3
age: 8735
x-amz-meta-cb-modifiedtime: Wed, 03 Jun 2020 12:23:37 GMT
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 9758
x-amz-cf-id: zdPA8pptibAcCEbVd7nRx8ZiqJkSuGYsws5huazvVIYeBN2gFkfBUQ==

GET
H2 200 logo_footer_edu.png
dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/responsive_2020/ 3 KB
4 KB 13ms
12ms Image
image/png 143.204.98.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/responsive_2020/logo_footer_edu.png
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-31.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66fc290fe44f2fba699a50375ab8f5d972ba45c02ea9ffe6dbc8ad0c3b6ff672

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 09:40:03 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
etag: "0f18091e31e8e2489f257ce34711d0ff"
last-modified: Fri, 05 Jun 2020 20:06:32 GMT
server: AmazonS3
age: 84461
x-amz-meta-cb-modifiedtime: Wed, 03 Jun 2020 12:23:33 GMT
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3313
x-amz-cf-id: 2GRAIJBWJcxDlDfgW6J0HqlO7SEVUdm363sb68bv1nT2Vt_5DR4mMA==

GET
H2 200 footer_logo_conf-mw.svg
dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/responsive_2020/ 1 KB
2 KB 12ms
11ms Image
image/svg+xml 143.204.98.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/responsive_2020/footer_logo_conf-mw.svg
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-31.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 458de08f4f61564d2cb5dcdbcb43b14b73651df9318088f9ed221d020a574d92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 09:40:03 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
etag: "12de4948cafda12028a68b7342eda083"
last-modified: Fri, 05 Jun 2020 20:06:35 GMT
server: AmazonS3
age: 84461
x-amz-meta-cb-modifiedtime: Wed, 03 Jun 2020 12:23:36 GMT
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1230
x-amz-cf-id: tI8X8e4PVu7PdXpBnUllVGbGjl13OoiyCHzgMCQiRy2iS0_43ATalg==

GET
H2 200 logo_footer_ncaa.svg
dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/responsive_2020/ 2 KB
3 KB 14ms
13ms Image
image/svg+xml 143.204.98.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/responsive_2020/logo_footer_ncaa.svg
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-31.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ddc21d18f58485c8b659e266f1e6d5327630060eb05490ddc2c9179b984f19c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:42:09 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
etag: "d60e6a16baf80771001442f7e3aca828"
last-modified: Fri, 05 Jun 2020 20:06:35 GMT
server: AmazonS3
age: 8735
x-amz-meta-cb-modifiedtime: Wed, 03 Jun 2020 12:23:36 GMT
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 2280
x-amz-cf-id: DXELurrhfPSkktCoqmJwqjCSbPweDTZGUHsmceCMLzoXLD8fdcOmvg==

GET
H2 200 p.css
p.typekit.net/ 5 B
162 B 29ms
8ms Stylesheet
text/css 2a02:26f0:6c00:28d::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=vlh6vjp&ht=tk&f=139.140.175.176.143.144.147.148.156.157.161.162&a=28109973&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vlh6vjp.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28d::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://use.typekit.net/vlh6vjp.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:43 GMT
last-modified: Thu, 05 Nov 2020 13:49:42 GMT
server: nginx
etag: "5fa402f6-5"
content-type: text/css
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H/1.1 200
OK site.png
csurams.com/images/logos/site/ 4 KB
5 KB 136ms
136ms Image
image/png 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://csurams.com/images/logos/site/site.png?width=48

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

c135427ff8988ace2515c68ca8321f7f2263c71e6ce77ea5bde4fe9d868bc268

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sun, 28 Nov 2021 07:00:33 GMT
Server: Microsoft-IIS/8.5
ETag: "f4624a325e4d71:0"
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Cache-Control: public
Date: Sun, 28 Nov 2021 09:07:42 GMT
Accept-Ranges: bytes
Content-Length: 4454
X-Content-Type-Options: nosniff
Expires: Sat, 26 Feb 2022 09:07:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 115 KB
42 KB 136ms
49ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K3TH4CC

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

131a0aec79ec5f60fcfc70da6e3b9e8f00538c2ff6b0cb4e93617f22b543ab6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:43 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42247
x-xss-protection: 0
expires: Sun, 28 Nov 2021 09:07:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 104 KB
38 KB 156ms
69ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TW6R675

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1fdc5d43ecaa524c11f3eaddd483d99483bb22cc6f87aeff96b5e61d35b7eac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:43 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39229
x-xss-protection: 0
expires: Sun, 28 Nov 2021 09:07:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 220 KB
51 KB 213ms
126ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-54NFNZ5

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

522c07984844c20a59145358c7b5a23a3eb8268eca6814b0d6eec90e3ba5ba38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:43 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51893
x-xss-protection: 0
expires: Sun, 28 Nov 2021 09:07:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 127ms
41ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 396
date: Sun, 28 Nov 2021 09:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 28 Nov 2021 11:01:07 GMT

GET
H2 200 knockout-fast-foreach.min.js Show response
dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/common/js/ 7 KB
7 KB 208ms
207ms Script
application/x-javascript 143.204.98.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/common/js/knockout-fast-foreach.min.js?bust=637449796769291123
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-31.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eec10fa1e2c159ef712bb5add157fce337037e1fb9177cfdeb659536a4bc38c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: lKr3ANDj088p2nhHUmVOIYlNf8.eSZsC
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
etag: "7d4c22c0f7e7c7eff721fadb17e18645"
last-modified: Tue, 27 Nov 2018 22:42:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
x-amz-meta-cb-modifiedtime: Tue, 16 May 2017 21:35:03 GMT
x-cache: RefreshHit from cloudfront
content-type: application/x-javascript
date: Sun, 28 Nov 2021 09:07:44 GMT
accept-ranges: bytes
content-length: 7184
x-amz-cf-id: VcTTpP51qurcrQiY8XmqTmJGvoL1lOmNu1R3JpM5uBRYNLcj_2567g==
expires: Thu Nov 11 2021 00:00:00 GMT

GET
H2 200 underscore-min.js Show response
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/ 16 KB
6 KB 19ms
18ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/underscore-min.js?bust=637449796769291123

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 912274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5303
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04015-4041"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yg8t0UNUO0DC9NmITA36X%2BHqkyceTbldXNaGcyxIdsVmnYO9r8aCg7STu5jN3ELcYFBuH2zqk0t0QT7GtmosG8kAlNx%2BVY1BdvnwuQb2axKHyFeRbRckLIviFr43eoiAf1iBmyBaXeP4BCyUQlBqX6B3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b5272956fd43258-FRA
expires: Fri, 18 Nov 2022 09:07:43 GMT

GET
H/1.1 200
OK cbs-surround.js Show response
csurams.com/common/ts/dist/ 9 KB
3 KB 131ms
131ms Script
application/javascript 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://csurams.com/common/ts/dist/cbs-surround.js?bust=637449796769291123

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

e2835d80b6411495935bae8411e0b879708edfdd4fc8534e3dc73a6ded9243ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 23 Nov 2021 09:58:58 GMT
Server: Microsoft-IIS/8.5
ETag: "09d97bb50e0d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Date: Sun, 28 Nov 2021 09:07:42 GMT
Accept-Ranges: bytes
Content-Length: 2456
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK header-bidding-wrapper.bundle.js Show response
sidearm-syndication.s3.amazonaws.com/prod/ 4 KB
2 KB 650ms
115ms Script
application/javascript 54.231.134.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sidearm-syndication.s3.amazonaws.com/prod/header-bidding-wrapper.bundle.js?bust=637449796769291123
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.134.249 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e9dcc2645a16e5d73a567d092634a84efd25429916a7e8e0725364afe3a9fe68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 09:07:45 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 18:07:41 GMT
Server: AmazonS3
x-amz-request-id: 7JJ94T0BPGPMX1XW
ETag: "cdcb6419fd5882ec9a677b357d7c729b"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1842
x-amz-id-2: uNDbhSj2GCiiGGXL0cMcZ16BcOurCf3e92uRYhQh6/2ucOokjS3EE1KAFTnXxBo4Tw/LK+zgvuI=

GET
H2 200 pixel.html Show response
statcollector.sidearmsports.com/services/ Frame 9495 7 KB
2 KB 521ms
130ms Document
text/html 174.143.40.29
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=colstate&cbs_site_code=csu&content_id=null&sect=frontpage&sid=af992026-3daf-4dd5-a023-866f9dc555f8&uid=1cbac6e2-80a2-4f39-b054-c29b5fd7aecb&count=csurams_com.pageview%7Call.pageview&events=&traits=&r=csurams.com&server_name=866413-LB18&path_and_query=%2F&_=1638090463616
Requested by: Host: dbukjj6eu5tsf.cloudfront.net
URL: https://dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/responsive/js/bundle.1623185959941.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.143.40.29 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9b4169ff73f9018c3a92743f72a209b998deb1809e9a07984a7e1e7603522aa9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/

Response headers

cache-control: max-age=2592000
content-type: text/html
content-encoding: br
last-modified: Thu, 18 Oct 2018 17:58:52 GMT
accept-ranges: bytes
etag: "0568a3ac67d41:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
date: Sun, 28 Nov 2021 09:07:43 GMT
content-length: 1782

GET
H2 200 pixel.html Show response
statcollector.sidearmsports.com/services/ Frame B6F0 7 KB
2 KB 520ms
130ms Document
text/html 174.143.40.29
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=colstate&cbs_site_code=csu&content_id=null&sect=frontpage&sid=af992026-3daf-4dd5-a023-866f9dc555f8&uid=1cbac6e2-80a2-4f39-b054-c29b5fd7aecb&count=csurams_com.active%7Call.active&events=&traits=&r=csurams.com&server_name=866413-LB18&path_and_query=%2F&_=1638090463634
Requested by: Host: dbukjj6eu5tsf.cloudfront.net
URL: https://dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/responsive/js/bundle.1623185959941.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.143.40.29 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9b4169ff73f9018c3a92743f72a209b998deb1809e9a07984a7e1e7603522aa9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/

Response headers

cache-control: max-age=2592000
content-type: text/html
content-encoding: br
last-modified: Thu, 18 Oct 2018 17:58:52 GMT
accept-ranges: bytes
etag: "0568a3ac67d41:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
date: Sun, 28 Nov 2021 09:07:43 GMT
content-length: 1782

GET
H2 200 l
use.typekit.net/af/949f99/00000000000000003b9b3068/27/ 34 KB
34 KB 33ms
8ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/949f99/00000000000000003b9b3068/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vlh6vjp.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3302ef568a096b5d784190fc4a27a5360a9e0a22c069d90253c6341e311024d8

Request headers

Referer: https://use.typekit.net/vlh6vjp.css
Origin: https://csurams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:43 GMT
server: nginx
etag: "b5fef031a96fc670f9c3b1b64dd52243a29d7531"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34344

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 415ms
39ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Archivo:wght@400;600;700&family=Roboto:wght@400;500;700;900&family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://csurams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 156476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:39:48 GMT

GET
H3 200 lazysizes-umd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lazysizes/4.1.5/ 7 KB
3 KB 35ms
34ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lazysizes/4.1.5/lazysizes-umd.min.js?bust=637449796769291123

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c907bd7064f1d38a655634ba22d80fa1d1995ad33eb3296d3f14849be4566dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 918621
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2847
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed0-1aa5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r6nUWP%2BYqI286oSUM2kD3EbiUGcJFB6eVpYYIG3v6lks%2B5bxDKlUV74SAmjeejx%2Fge7bkvZe7fLpkn6wiZbeXnv7AzmboF3VZCZ1mJNJcAW3B6UlO27oB%2Fk3NNP2obKOeXTpzhxmQeX41y7BcGag1IeC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b527295fd294e25-FRA
expires: Fri, 18 Nov 2022 09:07:43 GMT

GET
H3 200 jquery.lazyload.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/ 3 KB
2 KB 18ms
18ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/jquery.lazyload.min.js?bust=637449796769291123

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2693646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1120
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-d35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNLjg6pO3X2KFM4qL3jwEwzYapPz5Z8GkHQbA9dOdwwoSkWrvPUFl%2BgMrKHe5z3n8ODbfBte1lvUjt2230RtmXNIPRQ4CubYHOtg%2BGYPlKRL1xUoHHQW8ucqPnyjnUHq3hlsXCbo7r9pfhNMwmTwV2R4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b527295fd2b4e25-FRA
expires: Fri, 18 Nov 2022 09:07:43 GMT

GET
H2 200 sidearm.showcaseplayerembed.min.js Show response
dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/common/js/ 927 B
857 B 17ms
16ms Script
application/javascript 143.204.98.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/common/js/sidearm.showcaseplayerembed.min.js?bust=637449796769291123
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-31.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c50f2e1a8fd249e8aac7c38d8e515d6d92ff8909cfd73185124dd5e397f341f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 08:53:06 GMT
content-encoding: gzip
last-modified: Fri, 19 Jul 2019 14:48:11 GMT
server: AmazonS3
age: 878
etag: "888c63df665817774a9931f08fcde5ef"
x-cache: Hit from cloudfront
x-amz-version-id: 0Xdf3vz0Gb9nfHFZTni0S4qUG5cVpsyc
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 465
x-amz-cf-id: O5zl8Y4_oyIr4oo4EZMrrl-s4GKOmWNviTvrgWAAaoFmY9EGDqGB_g==

GET
H3 200 imagesloaded.pkgd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.imagesloaded/3.1.8/ 7 KB
3 KB 19ms
19ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.imagesloaded/3.1.8/imagesloaded.pkgd.min.js?bust=637449796769291123

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37dbf4b6012d4e23cbc1cba50baa3572c93a5c371b9873fb5440cb84dfbf9902

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 911739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2101
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-1b25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQLDtbt9vwQt%2Bf7flwjHopPaOpNmdaFuwnKghLxpGmyh5J9pZ9C7eZd9Ps6iWUO%2BEWuJg0Gz9l426FLaze%2FM01kmlyC7gu76wFIr6Fn5mEg3KsLz42q475Mt%2Bz6LHeSLLn6JM7p40UJ1KY7W1XMhS3Xz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b527295fd2c4e25-FRA
expires: Fri, 18 Nov 2022 09:07:43 GMT

GET
H2 200 sidearm_font_v2.woff2
fonts.sidearmsports.com/sidearm_v2/2021-08-16-883562/ 39 KB
39 KB 44ms
21ms Font
font/woff2 2600:9000:2156:200:4:cc99:4000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.sidearmsports.com/sidearm_v2/2021-08-16-883562/sidearm_font_v2.woff2?58914551
Requested by: Host: fonts.sidearmsports.com
URL: https://fonts.sidearmsports.com/sidearm_v2/2021-08-16-883562/sidearm_font_v2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:200:4:cc99:4000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7904b4c684b31d393b96a92275154b596b5263784fc3da9a2748757318c6a6fe

Request headers

Referer: https://fonts.sidearmsports.com/sidearm_v2/2021-08-16-883562/sidearm_font_v2.css
Origin: https://csurams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 09:32:55 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 4404889
x-cache: Hit from cloudfront
content-length: 39801
access-control-allow-origin: *
last-modified: Mon, 16 Aug 2021 20:52:08 GMT
server: AmazonS3
etag: "56bb58ff45823e6bc55e9d0f4ce85169"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: aAGoGPqePWiHuU8_x2wRfEP5T3PTiWfxxq_pg8ruVcDTSzch2Vc5AA==
expires: Wed, 16 Aug 2023 20:52:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 413ms
75ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Archivo:wght@400;600;700&family=Roboto:wght@400;500;700;900&family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://csurams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:56:19 GMT
x-content-type-options: nosniff
age: 313885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 17:56:19 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3005086&ns__t=1638090464014&ns_c=UTF-8&cv=3.5&c8=Colorado%20State%20University%20Athletics%20-%20Official%20Athletics%20Website&c7=https%3A%2F%2Fcsurams.c...
https://sb.scorecardresearch.com/b2?c1=2&c2=3005086&ns__t=1638090464014&ns_c=UTF-8&cv=3.5&c8=Colorado%20State%20University%20Athletics%20-%20Official%20Athletics%20Website&c7=https%3A%2F%2Fcsurams....

0
224 B

11ms
11ms

Image
text/plain

143.204.98.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005086&ns__t=1638090464014&ns_c=UTF-8&cv=3.5&c8=Colorado%20State%20University%20Athletics%20-%20Official%20Athletics%20Website&c7=https%3A%2F%2Fcsurams.com%2F&c9=
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Server: 143.204.98.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-125.fra50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:44 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: F9BdP6GgaN8sfM5mmKqLL1Z68QIn1QD4Zp9LQqmgJx6ql_fBsejsnw==
x-cache: Miss from cloudfront

Redirect headers

date: Sun, 28 Nov 2021 09:07:44 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=3005086&ns__t=1638090464014&ns_c=UTF-8&cv=3.5&c8=Colorado%20State%20University%20Athletics%20-%20Official%20Athletics%20Website&c7=https%3A%2F%2Fcsurams.com%2F&c9=
content-length: 229
x-amz-cf-id: y4T5ZMdq5M2hiO7HL12sdke4Nb650nbcT1BYAJmVRuJizNR1yUbngQ==

GET
H3

200

activityi;dc_pre=CLL_5sHauvQCFQWdGwod7VcCTw;src=6590391;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=7281974978571.53 Show response
6590391.fls.doubleclick.net/ Frame 0C2E
Redirect Chain

https://6590391.fls.doubleclick.net/activityi;src=6590391;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=7281974978571.53?
https://6590391.fls.doubleclick.net/activityi;dc_pre=CLL_5sHauvQCFQWdGwod7VcCTw;src=6590391;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=7281974978571.53?

392 B
347 B

96ms
51ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6590391.fls.doubleclick.net/activityi;dc_pre=CLL_5sHauvQCFQWdGwod7VcCTw;src=6590391;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=7281974978571.53?

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

fc93ff0657a86215aee5a8d88f43796d4996e9a511857ef7c03f511c6e879414

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 28 Nov 2021 09:07:44 GMT
expires: Sun, 28 Nov 2021 09:07:44 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 28 Nov 2021 09:07:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6590391.fls.doubleclick.net/activityi;dc_pre=CLL_5sHauvQCFQWdGwod7VcCTw;src=6590391;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=7281974978571.53?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=CM-G58HauvQCFbhBHQkdr5gFVQ;src=6590391;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6851623039193.586 Show response
6590391.fls.doubleclick.net/ Frame E22E
Redirect Chain

https://6590391.fls.doubleclick.net/activityi;src=6590391;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6851623039193.586?
https://6590391.fls.doubleclick.net/activityi;dc_pre=CM-G58HauvQCFbhBHQkdr5gFVQ;src=6590391;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6851623039193.586?

1 KB
839 B

110ms
65ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6590391.fls.doubleclick.net/activityi;dc_pre=CM-G58HauvQCFbhBHQkdr5gFVQ;src=6590391;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6851623039193.586?

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

7c62673f8970f2d09c8588adc7ba9e339b680367c8be1cc988873de9ec557844

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 28 Nov 2021 09:07:44 GMT
expires: Sun, 28 Nov 2021 09:07:44 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 814
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 28 Nov 2021 09:07:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6590391.fls.doubleclick.net/activityi;dc_pre=CM-G58HauvQCFbhBHQkdr5gFVQ;src=6590391;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6851623039193.586?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 so4l4yxm2.js Show response
cdn.krxd.net/controltag/ 14 KB
4 KB 35ms
6ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/so4l4yxm2.js
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f49be56afd4d83f03bcdeb4f0075c7a56c58ec084993ddc9363ed8fca5be339d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Sun, 28 Nov 2021 09:07:44 GMT
via: 1.1 varnish, 1.1 varnish
age: 768
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 4049
x-served-by: config-service-a005-ash-prod.krxd.net, cache-bwi5148-BWI, cache-hhn4043-HHN
x-response-time: 0
x-do-esi: esi
x-timer: S1638090464.057149,VS0,VE0
etag: "00a81b4c48d78e470ca600b86689df178587abe3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 9

GET
H/1.1 200
OK web-push.bundle.js Show response
sidearm-syndication.s3.amazonaws.com/prod/ 176 KB
54 KB 316ms
106ms Script
application/javascript 54.231.134.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sidearm-syndication.s3.amazonaws.com/prod/web-push.bundle.js?_=1638090464024
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.134.249 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 041df148c8e60b129f3394dd0e4cad28e85f7f73521a6aaa7e3816a2feca78b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 09:07:45 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 18:07:41 GMT
Server: AmazonS3
x-amz-request-id: 7JJ6MDPYB0K6AZKT
ETag: "1dac3fcb69c3cc2e58348a874277451f"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 54809
x-amz-id-2: /M3bVuaOuLegsVFnjO7VflTBkhJoHdfD0tF3d2uoNcm6whYX1H5G+481VzEgWkkFgaLoYE4ShZM=

GET
H3 200 wow.min.js Show response
cdnjs.cloudflare.com/ajax/libs/wow/1.1.2/ 8 KB
3 KB 15ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/wow/1.1.2/wow.min.js?bust=637449796769291123

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 911099
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2346
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:55 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04033-1ff6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4d4GofHlG1cAzWgfw6mAzTDjXC%2Fp4Ns9BLEBZGq9%2B2UTce1G2rGrCKL8zsb4lDAjQYkiIcswSaVUXkNwUQwmJCdWPu770AnW29WwC6nqzvEZ0zGrmFKROYawaIL45pudSNMY3mOr%2BcbvQSZdIweLLw3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b52729839404e25-FRA
expires: Fri, 18 Nov 2022 09:07:44 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 86ms
39ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 08:22:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2700
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 28 Nov 2021 09:22:44 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 87ms
48ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1681071212&t=pageview&_s=1&dl=https%3A%2F%2Fcsurams.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Colorado%20State%20University%20Athletics%20-%20Official%20Athletics%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEIhAAAAAC~&jid=1926868850&gjid=446598169&cid=1963339490.1638090464&tid=UA-87580067-4&_gid=665782534.1638090464&_r=1&_slc=1&z=859763988

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://csurams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 09:07:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://csurams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H/1.1 200
OK analytics.js Show response
csurams.com/components/js/ 0
418 B 130ms
130ms XHR
application/javascript 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://csurams.com/components/js/analytics.js

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://csurams.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 23 Nov 2021 09:59:06 GMT
Server: Microsoft-IIS/8.5
ETag: "1a2eacc050e0d71:0"
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Date: Sun, 28 Nov 2021 09:07:43 GMT
Accept-Ranges: bytes
Content-Length: 0
X-Content-Type-Options: nosniff

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 59ms
48ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1681071212&t=pageview&_s=1&dl=https%3A%2F%2Fcsurams.com%2F&ul=en-us&de=UTF-8&dt=Colorado%20State%20University%20Athletics%20-%20Official%20Athletics%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEIhAAAAAC~&jid=1877123571&gjid=1989555682&cid=1963339490.1638090464&tid=UA-180696617-1&_gid=665782534.1638090464&_r=1&gtm=2wgba1K3TH4CC&cd1=2021-11-28T09%3A07%3A43%2B00%3A00&cd20=Colorado%20State%20University%20&cd21=DI&cd22=Mountain%20West&cd23=1319&cd24=Colorado%20State%20University%20Athletics%20-%20Official%20Athletics%20Website&cd25=home&cd26=0&cd27=learfield&cd28=1&cd29=1&cd35=0&cd37=0&cd49=UA-180624321-25&cd50=colstate&cd53=frontpage&cd54=paciolan&cd55=west&cd5=1963339490.1638090464&z=1263422595

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://csurams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 09:07:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://csurams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 59ms
56ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1681071212&t=pageview&_s=1&dl=https%3A%2F%2Fcsurams.com%2F&ul=en-us&de=UTF-8&dt=Colorado%20State%20University%20Athletics%20-%20Official%20Athletics%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEIhAAAAAC~&jid=1841445578&gjid=255794820&cid=1963339490.1638090464&tid=UA-180624321-25&_gid=665782534.1638090464&_r=1&gtm=2wgba1TW6R675&cd1=2021-11-28T09%3A07%3A43%2B00%3A00&cd20=Colorado%20State%20University%20&cd21=DI&cd22=Mountain%20West&cd23=1319&cd24=Colorado%20State%20University%20Athletics%20-%20Official%20Athletics%20Website&cd25=home&cd26=0&cd27=learfield&cd28=1&cd29=1&cd35=0&cd37=0&cd49=UA-180624321-25&cd50=colstate&cd53=frontpage&cd54=paciolan&cd55=west&cd5=1963339490.1638090464&z=1106130813

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://csurams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 09:07:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://csurams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CPeH58HauvQCFQZCHQkdnRYNWA;src=6590391;type=counter;cat=pagev0;ord=8721424807285;gtm=2wgba1;auiddc=844647134.1638090464;u15=undefined;ps=1;~oref=https%3A%2F%2Fcsurams.com%2F Show response
6590391.fls.doubleclick.net/ Frame 690E
Redirect Chain

https://6590391.fls.doubleclick.net/activityi;src=6590391;type=counter;cat=pagev0;ord=8721424807285;gtm=2wgba1;auiddc=844647134.1638090464;u15=undefined;ps=1;~oref=https%3A%2F%2Fcsurams.com%2F?
https://6590391.fls.doubleclick.net/activityi;dc_pre=CPeH58HauvQCFQZCHQkdnRYNWA;src=6590391;type=counter;cat=pagev0;ord=8721424807285;gtm=2wgba1;auiddc=844647134.1638090464;u15=undefined;ps=1;~oref...

407 B
365 B

101ms
57ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6590391.fls.doubleclick.net/activityi;dc_pre=CPeH58HauvQCFQZCHQkdnRYNWA;src=6590391;type=counter;cat=pagev0;ord=8721424807285;gtm=2wgba1;auiddc=844647134.1638090464;u15=undefined;ps=1;~oref=https%3A%2F%2Fcsurams.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54NFNZ5

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

93cb444f12d58e1fb7c13aa4e9472895d3cb49e9ca1f27372aeb52e03a639b76

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 28 Nov 2021 09:07:44 GMT
expires: Sun, 28 Nov 2021 09:07:44 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 340
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 28 Nov 2021 09:07:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6590391.fls.doubleclick.net/activityi;dc_pre=CPeH58HauvQCFQZCHQkdnRYNWA;src=6590391;type=counter;cat=pagev0;ord=8721424807285;gtm=2wgba1;auiddc=844647134.1638090464;u15=undefined;ps=1;~oref=https%3A%2F%2Fcsurams.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 activityi;register_conversion=1;src=6590391;type=counter;cat=pagev0;ord=8721424807285;gtm=2wgba1;auiddc=844647134.1638090464;u15=undefined;ps=1;~oref=https%3A%2F%2Fcsurams.com%2F
6590391.fls.doubleclick.net/ 0
0 49ms
45ms Image
text/html 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6590391.fls.doubleclick.net/activityi;register_conversion=1;src=6590391;type=counter;cat=pagev0;ord=8721424807285;gtm=2wgba1;auiddc=844647134.1638090464;u15=undefined;ps=1;~oref=https%3A%2F%2Fcsurams.com%2F?
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.74.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 8ms
7ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/so4l4yxm2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Sun, 28 Nov 2021 09:07:44 GMT
content-encoding: gzip
age: 2626600
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 2802704
content-length: 84509
x-served-by: cache-hhn4043-HHN
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1638090464.138335,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 284ms
18ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-180696617-1&cid=1963339490.1638090464&jid=1877123571&gjid=1989555682&_gid=665782534.1638090464&_u=aEDAAEIhAAAAAC~&z=676110946

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://csurams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 28 Nov 2021 09:07:44 GMT
content-type: text/plain
access-control-allow-origin: https://csurams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 284ms
18ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-87580067-4&cid=1963339490.1638090464&jid=1926868850&gjid=446598169&_gid=665782534.1638090464&_u=IEBAAEIgAAAAAC~&z=833843124

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://csurams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 28 Nov 2021 09:07:44 GMT
content-type: text/plain
access-control-allow-origin: https://csurams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame FBBD 805 B
826 B 7ms
7ms Document
text/html 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/

Response headers

last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 28 Nov 2021 09:07:44 GMT
via: 1.1 varnish
age: 3317007
x-served-by: cache-hhn4043-HHN
x-cache: HIT
x-cache-hits: 644721
x-timer: S1638090464.403479,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

GET
H/1.1 200
OK dfp-component-template.html Show response
csurams.com/common/templates/dfp/ 2 KB
2 KB 129ms
129ms XHR
text/html 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://csurams.com/common/templates/dfp/dfp-component-template.html

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

eba0eddec259d711d3a36f694990701f397bc3273c92034900107f69b319984e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://csurams.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 23 Nov 2021 09:59:06 GMT
Server: Microsoft-IIS/8.5
ETag: "727d9bc050e0d71:0"
Content-Type: text/html
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Date: Sun, 28 Nov 2021 09:07:43 GMT
Accept-Ranges: bytes
Content-Length: 1551
X-Content-Type-Options: nosniff

GET
H2 200 57df5244-ab7b-416d-92b3-c6c352ac3360 Show response
consumer.krxd.net/consent/get/ 243 B
307 B 222ms
39ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/57df5244-ab7b-416d-92b3-c6c352ac3360?idt=device&dt=kxcookie&callback=Krux.ns.mogointeractive.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0096abe5b817d6ea9eac518f16604bdee4632105b66d385c221966a121a5730c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:44 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a006-dub-prod.krxd.net, cache-hhn4073-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1638090464.412982,VS0,VE26
content-length: 195
x-cache-hits: 0, 0

GET
H2 200 57df5244-ab7b-416d-92b3-c6c352ac3360 Show response
consumer.krxd.net/consent/set/ 308 B
489 B 215ms
38ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/set/57df5244-ab7b-416d-92b3-c6c352ac3360?idt=device&dt=kxcookie&dc=1&al=1&tg=1&cd=0&sh=0&re=0&callback=Krux.ns.mogointeractive.kxjsonp_consent_set_1
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8894c1eec2d12d32964aa9e08072a82333f8f15249edffc4b1618e94a6813a05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:44 GMT
via: 1.1 varnish
x-timer: S1638090464.413185,VS0,VE26
x-served-by: consumer-a009-dub-prod.krxd.net, cache-hhn4073-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=10
x-age: 0
accept-ranges: bytes
content-encoding: gzip
content-length: 248
x-cache-hits: 0, 0

GET
H2 200 pixel.ashx
statcollector.sidearmsports.com/services/ Frame 9495 42 B
279 B 129ms
129ms Image
image/gif 174.143.40.29
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statcollector.sidearmsports.com/services/pixel.ashx?page_template=home&sport_name=0&sport_name_custom=0&site=colstate&cbs_site_code=csu&content_id=null&sect=frontpage&r=csurams.com&server_name=866413-LB18&path_and_query=%2F&_=1638090463616&user_id=1cbac6e2-80a2-4f39-b054-c29b5fd7aecb&session_id=af992026-3daf-4dd5-a023-866f9dc555f8&pv_id=&traits=&count=csurams_com.pageview%7Call.pageview&_=1638090464427
Requested by: Host: statcollector.sidearmsports.com
URL: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=colstate&cbs_site_code=csu&content_id=null&sect=frontpage&sid=af992026-3daf-4dd5-a023-866f9dc555f8&uid=1cbac6e2-80a2-4f39-b054-c29b5fd7aecb&count=csurams_com.pageview%7Call.pageview&events=&traits=&r=csurams.com&server_name=866413-LB18&path_and_query=%2F&_=1638090463616
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.143.40.29 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=colstate&cbs_site_code=csu&content_id=null&sect=frontpage&sid=af992026-3daf-4dd5-a023-866f9dc555f8&uid=1cbac6e2-80a2-4f39-b054-c29b5fd7aecb&count=csurams_com.pageview%7Call.pageview&events=&traits=&r=csurams.com&server_name=866413-LB18&path_and_query=%2F&_=1638090463616
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 09:07:44 GMT
x-invalid-metric: csurams_com.pageview, all.pageview
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-pv-id
content-type: image/gif
cache-control: no-cache
x-session-id: af992026-3daf-4dd5-a023-866f9dc555f8
content-length: 42
x-user-id: 1cbac6e2-80a2-4f39-b054-c29b5fd7aecb
expires: -1

GET
H2 200 pixel.ashx
statcollector.sidearmsports.com/services/ Frame B6F0 42 B
107 B 128ms
128ms Image
image/gif 174.143.40.29
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statcollector.sidearmsports.com/services/pixel.ashx?page_template=home&sport_name=0&sport_name_custom=0&site=colstate&cbs_site_code=csu&content_id=null&sect=frontpage&r=csurams.com&server_name=866413-LB18&path_and_query=%2F&_=1638090463634&user_id=1cbac6e2-80a2-4f39-b054-c29b5fd7aecb&session_id=af992026-3daf-4dd5-a023-866f9dc555f8&pv_id=&traits=&count=csurams_com.active%7Call.active&_=1638090464428
Requested by: Host: statcollector.sidearmsports.com
URL: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=colstate&cbs_site_code=csu&content_id=null&sect=frontpage&sid=af992026-3daf-4dd5-a023-866f9dc555f8&uid=1cbac6e2-80a2-4f39-b054-c29b5fd7aecb&count=csurams_com.active%7Call.active&events=&traits=&r=csurams.com&server_name=866413-LB18&path_and_query=%2F&_=1638090463634
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.143.40.29 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=colstate&cbs_site_code=csu&content_id=null&sect=frontpage&sid=af992026-3daf-4dd5-a023-866f9dc555f8&uid=1cbac6e2-80a2-4f39-b054-c29b5fd7aecb&count=csurams_com.active%7Call.active&events=&traits=&r=csurams.com&server_name=866413-LB18&path_and_query=%2F&_=1638090463634
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 09:07:44 GMT
x-invalid-metric: csurams_com.active, all.active
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-pv-id
content-type: image/gif
cache-control: no-cache
x-session-id: af992026-3daf-4dd5-a023-866f9dc555f8
content-length: 42
x-user-id: 1cbac6e2-80a2-4f39-b054-c29b5fd7aecb
expires: -1

GET
H2 200 so4l4yxm2.js Show response
cdn.krxd.net/controltag/ Frame FBBD 14 KB
4 KB 6ms
6ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/so4l4yxm2.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f49be56afd4d83f03bcdeb4f0075c7a56c58ec084993ddc9363ed8fca5be339d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Sun, 28 Nov 2021 09:07:44 GMT
via: 1.1 varnish, 1.1 varnish
age: 769
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 4049
x-served-by: config-service-a005-ash-prod.krxd.net, cache-bwi5148-BWI, cache-hhn4043-HHN
x-response-time: 0
x-do-esi: esi
x-timer: S1638090464.432341,VS0,VE0
etag: "00a81b4c48d78e470ca600b86689df178587abe3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 10

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 149ms
62ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-180696617-1&cid=1963339490.1638090464&jid=1877123571&_u=aEDAAEIhAAAAAC~&z=548545789

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 09:07:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 146ms
61ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-180696617-1&cid=1963339490.1638090464&jid=1877123571&_u=aEDAAEIhAAAAAC~&z=548545789

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 09:07:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ Frame FBBD 259 KB
83 KB 8ms
7ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/so4l4yxm2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Sun, 28 Nov 2021 09:07:44 GMT
content-encoding: gzip
age: 2626601
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 2802708
content-length: 84509
x-served-by: cache-hhn4043-HHN
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1638090464.441556,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 82ms
37ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Archivo:wght@400;600;700&family=Roboto:wght@400;500;700;900&family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://csurams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:54:46 GMT
x-content-type-options: nosniff
age: 403978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15724
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 16:54:46 GMT

GET
H/1.1 200
OK livestats.ashx Show response
csurams.com/services/ 12 B
436 B 130ms
130ms XHR
application/json 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://csurams.com/services/livestats.ashx

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

3afdd367b45f02a8d2b88343e8d622c44332965cf6004d63831b22eb6219fcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://csurams.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/8.5
ETag: F24602A3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: private
Date: Sun, 28 Nov 2021 09:07:43 GMT
Content-Length: 49
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK sportnames.ashx Show response
csurams.com/services/ 9 KB
2 KB 130ms
130ms XHR
text/html 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://csurams.com/services/sportnames.ashx

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

02322119b0e2a17e5032208d3ca804591b57cf732906c4d8bf01a9df67f6b18a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://csurams.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/8.5
Date: Sun, 28 Nov 2021 09:07:43 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: private
Content-Length: 1360
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK livestats.ashx Show response
csurams.com/services/ 12 B
436 B 142ms
142ms XHR
application/json 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://csurams.com/services/livestats.ashx

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

3afdd367b45f02a8d2b88343e8d622c44332965cf6004d63831b22eb6219fcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://csurams.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/8.5
ETag: F24602A3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: private
Date: Sun, 28 Nov 2021 09:07:43 GMT
Content-Length: 49
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK sportnames.ashx Show response
csurams.com/services/ 9 KB
2 KB 244ms
131ms XHR
text/html 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://csurams.com/services/sportnames.ashx

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

02322119b0e2a17e5032208d3ca804591b57cf732906c4d8bf01a9df67f6b18a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://csurams.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/8.5
Date: Sun, 28 Nov 2021 09:07:44 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: private
Content-Length: 1360
X-Content-Type-Options: nosniff

GET
H2 200 logo_csu.png
dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/responsive_2020/ 1 KB
2 KB 10ms
9ms Image
image/png 143.204.98.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/responsive_2020/logo_csu.png
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-31.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f83d692c0e28eeb199daf71876db22ede0a3f1d65db0adc732a3f52b42fed90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 07:40:19 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
etag: "655edff49b6a9403302b940929b3aeee"
last-modified: Mon, 06 Jul 2020 16:04:46 GMT
server: AmazonS3
age: 5246
x-amz-meta-cb-modifiedtime: Mon, 06 Jul 2020 15:26:48 GMT
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1413
x-amz-cf-id: GRbWMVm5BkzaaA1-N8vSRiZeVej-m_HtdbZdD3EIpo9unNnE7RzVrQ==

GET
H/1.1 200
OK sportnames.ashx Show response
csurams.com/services/ 9 KB
2 KB 229ms
130ms XHR
text/html 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://csurams.com/services/sportnames.ashx

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

02322119b0e2a17e5032208d3ca804591b57cf732906c4d8bf01a9df67f6b18a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://csurams.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/8.5
Date: Sun, 28 Nov 2021 09:07:44 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: private
Content-Length: 1360
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK sportnames.ashx Show response
csurams.com/services/ 9 KB
2 KB 245ms
131ms XHR
text/html 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://csurams.com/services/sportnames.ashx

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

02322119b0e2a17e5032208d3ca804591b57cf732906c4d8bf01a9df67f6b18a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://csurams.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/8.5
Date: Sun, 28 Nov 2021 09:07:44 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: private
Content-Length: 1360
X-Content-Type-Options: nosniff

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 37ms
37ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Archivo:wght@400;600;700&family=Roboto:wght@400;500;700;900&family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://csurams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 14:02:00 GMT
x-content-type-options: nosniff
age: 414344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 14:02:00 GMT

GET
H/1.1 200
OK sportnames.ashx Show response
csurams.com/services/ 9 KB
2 KB 315ms
131ms XHR
text/html 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://csurams.com/services/sportnames.ashx

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

02322119b0e2a17e5032208d3ca804591b57cf732906c4d8bf01a9df67f6b18a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://csurams.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/8.5
Date: Sun, 28 Nov 2021 09:07:44 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: private
Content-Length: 1360
X-Content-Type-Options: nosniff

GET
H2 200 l
use.typekit.net/af/705e94/00000000000000003b9b3062/27/ 33 KB
33 KB 9ms
9ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/705e94/00000000000000003b9b3062/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vlh6vjp.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f37e21c653607facbf39ad55a0d09b23fbda4ee1be8202257bd4c218eb1544ee

Request headers

Referer: https://use.typekit.net/vlh6vjp.css
Origin: https://csurams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:44 GMT
server: nginx
etag: "79fea02668402fc378c129193093131a2db2577c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33568

GET
H2 200 sidearm_font.woff2
fonts.sidearmsports.com/sidearm/2020-05-12-535576/ 25 KB
26 KB 20ms
20ms Font
font/woff2 2600:9000:2156:200:4:cc99:4000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.sidearmsports.com/sidearm/2020-05-12-535576/sidearm_font.woff2?1790541
Requested by: Host: fonts.sidearmsports.com
URL: https://fonts.sidearmsports.com/sidearm/2020-05-12-535576/sidearm_font.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:200:4:cc99:4000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 444963e1e31f8fc85c130de4b47ac44c1fbbb895af2ce037d60e0fa33536f5f6

Request headers

Referer: https://fonts.sidearmsports.com/sidearm/2020-05-12-535576/sidearm_font.css
Origin: https://csurams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 06:58:43 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 2945342
x-cache: Hit from cloudfront
content-length: 25877
access-control-allow-origin: *
last-modified: Tue, 12 May 2020 20:42:55 GMT
server: AmazonS3
etag: "e2106beae2f5fdf4d1252ab2ab4b43a3"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: Jc0DJt1NIBrgUk5XioStFQdUZ9bYAB63pZ4OLTTx_1fTG7HkHM9kvQ==
expires: Thu, 12 May 2022 20:42:52 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
27 KB 134ms
47ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: dbukjj6eu5tsf.cloudfront.net
URL: https://dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/responsive/js/main.1635997962150.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1057 / 791 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26861
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 28 Nov 2021 09:07:44 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 13 KB
13 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Archivo:wght@400;600;700&family=Roboto:wght@400;500;700;900&family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7209c26bc245ae1b293f4b9622201b1dc97282229a2e8fcae555f36caa8650e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://csurams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 14:06:47 GMT
x-content-type-options: nosniff
age: 414057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13008
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 14:06:47 GMT

GET
H/1.1 200
OK adaptive_components.ashx Show response
csurams.com/services/ 904 B
772 B 252ms
130ms XHR
text/html 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://csurams.com/services/adaptive_components.ashx?type=ads&sport_id=0&name=sidearm-dfp-1

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

ddde048adc9ec46b7b54bc12477d77bee0362bab10de9d5908301f7dcbbbadbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://csurams.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/8.5
Date: Sun, 28 Nov 2021 09:07:44 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: private
Content-Length: 407
X-Content-Type-Options: nosniff

GET
H2 200 57df5244-ab7b-416d-92b3-c6c352ac3360 Show response
consumer.krxd.net/consent/get/ Frame FBBD 228 B
285 B 44ms
44ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/57df5244-ab7b-416d-92b3-c6c352ac3360?idt=device&dt=kxcookie&callback=Krux.ns.mogointeractive.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1a68b58dd97a1e7dc5296d192c879918c875489db9d3e7710e227ba0029015e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:44 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a007-dub-prod.krxd.net, cache-hhn4073-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1638090465.800462,VS0,VE28
content-length: 185
x-cache-hits: 0, 0

GET
H3 200 css
fonts.googleapis.com/ 6 KB
693 B 96ms
49ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400%7Csans-serif

Requested by

Host: sidearm-syndication.s3.amazonaws.com
URL: https://sidearm-syndication.s3.amazonaws.com/prod/web-push.bundle.js?_=1638090464024

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

88101eccef0707bd7ee54179eb036631c5139d41892067f13b7c9efac1a48009

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 28 Nov 2021 08:56:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 28 Nov 2021 09:07:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Nov 2021 09:07:44 GMT

GET
H2 200 TESTV3_71.png
dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/2020/6/24/ 4 KB
4 KB 20ms
19ms Image
image/png 143.204.98.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/2020/6/24/TESTV3_71.png
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-31.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 514e6da587750e6d733397f8e608e32b6afee94d5a0e6844f2d98acc05cf61c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 21:48:22 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
last-modified: Wed, 24 Jun 2020 22:19:35 GMT
server: AmazonS3
age: 40763
etag: "d9cf57e6327ee909eb3cd206d8e101fd"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3653
x-amz-cf-id: k7wV3CeQeMF1lTKKaNozOfkTRaQkAb8LvrF36BraTKzJAYVW5SLhtQ==

GET
H2 200 1416x400.jpg
dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/2021/11/23/ 173 KB
174 KB 19ms
18ms Image
image/jpeg 143.204.98.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/2021/11/23/1416x400.jpg
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-31.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bfaa174efed49733ce204a6421015cd915f39bfa56fd5e7e6c54a448365f5cf7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 09:40:06 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
last-modified: Wed, 24 Nov 2021 00:46:27 GMT
server: AmazonS3
age: 84458
etag: "5b1c2ef50edd575d304370a27a045634"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 177136
x-amz-cf-id: 4bLWDCYHhYzLQnCJpqibXoyzSl_v_oPbetbDC9mQcnpKAB5eeuU6aA==

GET
H/1.1 200
OK Trey_McBride.jpg
csurams.com/images/2021/11/28/ 103 KB
104 KB 212ms
130ms Image
image/jpeg 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://csurams.com/images/2021/11/28/Trey_McBride.jpg?width=880&height=495&mode=crop&anchor=topcenter&format=jpg&quality=80

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

08477caa8371b7ed1318fd5a8c96b66827763c4243e2ecffaa384db22fad6a36

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sun, 28 Nov 2021 07:27:33 GMT
Server: Microsoft-IIS/8.5
ETag: "864fee6829e4d71:0"
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Cache-Control: public
Date: Sun, 28 Nov 2021 09:07:44 GMT
Accept-Ranges: bytes
Content-Length: 105559
X-Content-Type-Options: nosniff
Expires: Sat, 26 Feb 2022 09:07:45 GMT

GET
H/1.1 200
OK DSC06761.jpg
csurams.com/images/2021/11/27/ 70 KB
71 KB 197ms
132ms Image
image/jpeg 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://csurams.com/images/2021/11/27/DSC06761.jpg?width=640&height=360&mode=crop&anchor=topcenter&format=jpg&quality=80

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

84eafb12e36a07b42fb1610ae435518c6a988275344ef6160d87805aa1155139

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sun, 28 Nov 2021 07:01:54 GMT
Server: Microsoft-IIS/8.5
ETag: "465648d325e4d71:0"
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Cache-Control: public
Date: Sun, 28 Nov 2021 09:07:44 GMT
Accept-Ranges: bytes
Content-Length: 71946
X-Content-Type-Options: nosniff
Expires: Sat, 26 Feb 2022 09:07:44 GMT

GET
H2 200 dc_pre=CLL_5sHauvQCFQWdGwod7VcCTw;src=6590391;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=7281974978571.53
adservice.google.com/ddm/fls/z/ Frame 0C2E 42 B
107 B 168ms
81ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLL_5sHauvQCFQWdGwod7VcCTw;src=6590391;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=7281974978571.53

Requested by

Host: 6590391.fls.doubleclick.net
URL: https://6590391.fls.doubleclick.net/activityi;dc_pre=CLL_5sHauvQCFQWdGwod7VcCTw;src=6590391;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=7281974978571.53?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6590391.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 09:07:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CPeH58HauvQCFQZCHQkdnRYNWA;src=6590391;type=counter;cat=pagev0;ord=8721424807285;gtm=2wgba1;auiddc=*;u15=undefined;ps=1;~oref=https%3A%2F%2Fcsurams.com%2F
adservice.google.com/ddm/fls/z/ Frame 690E 42 B
494 B 167ms
80ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPeH58HauvQCFQZCHQkdnRYNWA;src=6590391;type=counter;cat=pagev0;ord=8721424807285;gtm=2wgba1;auiddc=*;u15=undefined;ps=1;~oref=https%3A%2F%2Fcsurams.com%2F

Requested by

Host: 6590391.fls.doubleclick.net
URL: https://6590391.fls.doubleclick.net/activityi;dc_pre=CPeH58HauvQCFQZCHQkdnRYNWA;src=6590391;type=counter;cat=pagev0;ord=8721424807285;gtm=2wgba1;auiddc=844647134.1638090464;u15=undefined;ps=1;~oref=https%3A%2F%2Fcsurams.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6590391.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 09:07:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame E22E 70 B
261 B 115ms
36ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=5i12avh&ct=0:myj2yc1&fmt=3
Requested by: Host: 6590391.fls.doubleclick.net
URL: https://6590391.fls.doubleclick.net/activityi;dc_pre=CM-G58HauvQCFbhBHQkdr5gFVQ;src=6590391;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6851623039193.586?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6590391.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 09:07:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
insight.adsrvr.org/track/conv/ Frame E22E 70 B
260 B 115ms
36ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=56wuai2&ct=0:o7socn2&fmt=3
Requested by: Host: 6590391.fls.doubleclick.net
URL: https://6590391.fls.doubleclick.net/activityi;dc_pre=CM-G58HauvQCFbhBHQkdr5gFVQ;src=6590391;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6851623039193.586?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6590391.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 09:07:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 dc_pre=CM-G58HauvQCFbhBHQkdr5gFVQ;src=6590391;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6851623039193.586
adservice.google.com/ddm/fls/z/ Frame E22E 42 B
107 B 151ms
80ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CM-G58HauvQCFbhBHQkdr5gFVQ;src=6590391;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6851623039193.586

Requested by

Host: 6590391.fls.doubleclick.net
URL: https://6590391.fls.doubleclick.net/activityi;dc_pre=CM-G58HauvQCFbhBHQkdr5gFVQ;src=6590391;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6851623039193.586?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6590391.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 09:07:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame E22E 98 KB
26 KB 24ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6590391.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: inMlsoqRAa/rjoIr5KcevWHYLkAIZxqygAVYp9gxG4AfockANIWVq400PVBgUORNmBa/Ge2JOxUSn/eTrlaHBg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 28 Nov 2021 09:07:44 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame FBBD
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=google
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T2dpempINXU
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEOhyrW5j-q66wU_fJe4RfKc&google_cver=1

0
337 B

27ms
27ms

Image
text/plain

52.31.243.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEOhyrW5j-q66wU_fJe4RfKc&google_cver=1
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Server: 52.31.243.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-243-184.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:45 GMT
cache-control: private, no-cache, no-store
x-request-time: D=30 t=1638090465
x-served-by: beacon-n006-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sun, 28 Nov 2021 09:07:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEOhyrW5j-q66wU_fJe4RfKc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame FBBD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T2dpempINXU
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEOhyrW5j-q66wU_fJe4RfKc&google_cver=1

0
337 B

85ms
28ms

Image
text/plain

52.31.243.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEOhyrW5j-q66wU_fJe4RfKc&google_cver=1
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Server: 52.31.243.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-243-184.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:45 GMT
cache-control: private, no-cache, no-store
x-request-time: D=25 t=1638090465
x-served-by: beacon-n022-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sun, 28 Nov 2021 09:07:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEOhyrW5j-q66wU_fJe4RfKc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame FBBD
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=OgizjH5u&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=OgizjH5u&gdpr=0
https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=85d2fc85-e3a8-4beb-8fca-7701d620758c

0
338 B

97ms
28ms

Image
text/plain

52.31.243.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=85d2fc85-e3a8-4beb-8fca-7701d620758c
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Server: 52.31.243.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-243-184.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:45 GMT
cache-control: private, no-cache, no-store
x-request-time: D=26 t=1638090465
x-served-by: beacon-n020-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sun, 28 Nov 2021 09:07:45 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=85d2fc85-e3a8-4beb-8fca-7701d620758c
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 227

GET
H2 200 379708.gif
idsync.rlcdn.com/ Frame FBBD 42 B
415 B 60ms
19ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/379708.gif?partner_uid=OgizjH5u
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 09:07:44 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame FBBD
Redirect Chain

https://stags.bluekai.com/site/26357?id=OgizjH5u&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOgizjH5u%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID
https://beacon.krxd.net/usermatch.gif?_kuid=OgizjH5u&partner=bluekai&bk_uuid=$_BK_UUID

0
337 B

62ms
28ms

Image
text/plain

52.31.243.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?_kuid=OgizjH5u&partner=bluekai&bk_uuid=$_BK_UUID
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Server: 52.31.243.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-243-184.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:45 GMT
cache-control: private, no-cache, no-store
x-request-time: D=51 t=1638090465
x-served-by: beacon-n002-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://beacon.krxd.net/usermatch.gif?_kuid=OgizjH5u&partner=bluekai&bk_uuid=$_BK_UUID
Date: Sun, 28 Nov 2021 09:07:45 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 p
sb.scorecardresearch.com/ Frame FBBD 64 B
443 B 10ms
10ms Image
image/gif 143.204.98.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=OgizjH5u&rn=1638090465
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-125.fra50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:44 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: U5akRKFpBmv1Ya4oVWQ0lebZozE7IwTn9IrtVxnz3IbRPBW4QK4rOw==

GET
H2

400

g.js
aa.agkn.com/adscores/ Frame FBBD
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=neustar
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OgizjH5u

22 B
22 B

80ms
22ms

Image
text/plain

18.168.102.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OgizjH5u
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Server: 18.168.102.56 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-102-56.eu-west-2.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 412fe890925c0966aa6ed312e5846cac1572c856e551717cd07d0e5f805ac3c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:45 GMT
server: AAWebServer
content-type: text/plain
content-length: 22
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"

Redirect headers

location: https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OgizjH5u
date: Sun, 28 Nov 2021 09:07:45 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a003-ash-prod.krxd.net

GET a.gif
kr.ixiaa.com/C726AB29-0470-440B-B8D2-D552CED3A3DC/ Frame FBBD 0
0

GET
H/1.0 200
OK image.sbxx
global.ib-ibi.com/ Frame FBBD 0
72 B 352ms
86ms Image
text/plain 69.169.85.6
AMC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbxx?go=247532&pid=314&xid=OgizjH5u
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_256_CBC
Server: 69.169.85.6 Cranford, United States, ASN29838 (AMC, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H2

451

398696.gif
idsync.rlcdn.com/ Frame FBBD
Redirect Chain

https://fei.pro-market.net/engine?mimetype=img&du=88&csync=OgizjH5u
https://idsync.rlcdn.com/398696.gif?partner_uid=-1800405411936451684

0
44 B

19ms
19ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398696.gif?partner_uid=-1800405411936451684
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:44 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

pragma: no-cache
date: Sun, 28 Nov 2021 09:07:44 GMT
via: 1.1 google
server: Apache-Coyote/1.1
access-control-allow-origin: *
anserver: gapp-eu-5.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://idsync.rlcdn.com/398696.gif?partner_uid=-1800405411936451684
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

200

ps
tag.yieldoptimizer.com/ps/ Frame FBBD
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adara
https://tag.yieldoptimizer.com/ps/ps?t=s&p=2818&uid=OgizjH5u
https://tag.yieldoptimizer.com/ps/ps?tc=363040339&t=s&p=2818&uid=OgizjH5u

162 B
162 B

21ms
20ms

Image
text/javascript

35.186.212.60
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?tc=363040339&t=s&p=2818&uid=OgizjH5u
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Server: 35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 09:07:44 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control: no-cache
content-type: text/javascript;charset=ISO-8859-1
alt-svc: clear
content-length: 162
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Nov 2021 09:07:44 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://tag.yieldoptimizer.com/ps/ps?tc=363040339&t=s&p=2818&uid=OgizjH5u
cache-control: no-cache
alt-svc: clear
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 561883908045644 Show response
connect.facebook.net/signals/config/ Frame E22E 305 KB
87 KB 16ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/561883908045644?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5c5139bc944c903b40d95ad264ef661cf0748f57f8b4a3c2286a6aa2ef1388dc

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6590391.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88886
x-xss-protection: 0
pragma: public
x-fb-debug: BpX4ACgZqZQErNf0LPtvQ20uLuKJM5ocTH7hkQuUErsVaIhEFr5tc4P2AlKPlg7+eiclltTmYKWFYuQdfksRpg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 28 Nov 2021 09:07:44 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1MmgVxIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400%7Csans-serif

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22482584aeaa7b1d74de072793246c65e38b402ac231f38bb0d9102802543230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://csurams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:03:59 GMT
x-content-type-options: nosniff
age: 435825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15712
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 08:03:59 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 44ms
43ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400%7Csans-serif

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://csurams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:58:32 GMT
x-content-type-options: nosniff
age: 313752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 17:58:32 GMT

GET
H2 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 134ms
52ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 28 Nov 2021 09:07:45 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 81 B
714 B 133ms
47ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=csurams.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

8ba5ee7e33092eae9cf025c71ec0dfe8d99444cedbe7df0364b6effcdcb73839

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 09:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78
x-xss-protection: 0
expires: Sun, 28 Nov 2021 09:07:45 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame E22E 44 B
295 B 26ms
10ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=561883908045644&ev=PageView&dl=https%3A%2F%2F6590391.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCM-G58HauvQCFbhBHQkdr5gFVQ%3Bsrc%3D6590391%3Btype%3Dcounter%3Bcat%3Dsitev0%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D1%3Bnum%3D6851623039193.586%3F&rl=https%3A%2F%2Fcsurams.com%2F&if=true&ts=1638090464963&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&it=1638090464892&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6590391.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Sun, 28 Nov 2021 09:07:44 GMT

GET
H2 200 BankOfColorado.png
dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/2020/7/1/ 5 KB
6 KB 13ms
11ms Image
image/png 143.204.98.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/2020/7/1/BankOfColorado.png
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-31.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89bc47566a5c86a8ced4eb708146b2aadd90597fe527fdd289b7dffec09f41d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 21:48:22 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
last-modified: Wed, 01 Jul 2020 21:05:27 GMT
server: AmazonS3
age: 40763
etag: "734a6d780b6efc7c2ec0c264b98b81e7"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 5592
x-amz-cf-id: 839wW27B4RWXMazibQMxOrBBIJGDOeAsydDhUdkYdKDyq7c8BzwPVQ==

GET
H/1.1 200
OK Louisville-Cardinals.png
csurams.com/images/logos/ 2 KB
2 KB 137ms
136ms Image
image/png 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://csurams.com/images/logos/Louisville-Cardinals.png?width=30

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

4d810245d7fd5bde5af244735636dfb9a16d7d3b6a5973cd4a967608dcc7d66f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sun, 28 Nov 2021 07:01:45 GMT
Server: Microsoft-IIS/8.5
ETag: "f2148ce25e4d71:0"
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Cache-Control: public
Date: Sun, 28 Nov 2021 09:07:44 GMT
Accept-Ranges: bytes
Content-Length: 1579
X-Content-Type-Options: nosniff
Expires: Sat, 26 Feb 2022 09:07:45 GMT

GET
H/1.1 200
OK adaptive_components.ashx Show response
csurams.com/services/ 17 KB
4 KB 133ms
133ms XHR
text/html 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://csurams.com/services/adaptive_components.ashx?type=content-stream&start=0&count=6&sport_id=0&name=all&extra=%7B%7D

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

519047ec3f89d213754724963af73adbd67cfe0d4b35e4a61fa63e4250a5f211

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://csurams.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/8.5
Date: Sun, 28 Nov 2021 09:07:44 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: private
Content-Length: 3865
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK LR.png
csurams.com/images/logos/ 2 KB
2 KB 132ms
131ms Image
image/png 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://csurams.com/images/logos/LR.png?width=30

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

672047273db1c1af649c782961f4463ce6483e4a6a6b440027c53b4dc29626b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sun, 28 Nov 2021 07:00:36 GMT
Server: Microsoft-IIS/8.5
ETag: "c91b3fa525e4d71:0"
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Cache-Control: public
Date: Sun, 28 Nov 2021 09:07:44 GMT
Accept-Ranges: bytes
Content-Length: 1889
X-Content-Type-Options: nosniff
Expires: Sat, 26 Feb 2022 09:07:45 GMT

GET
H/1.1 200
OK AF_002_2.png
csurams.com/images/logos/ 1 KB
2 KB 130ms
130ms Image
image/png 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://csurams.com/images/logos/AF_002_2.png?width=30

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

57ca098e04eb7eedd432a67876f37a30f70aab24b513a0c3e56cbb9247fbca11

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sun, 28 Nov 2021 07:00:34 GMT
Server: Microsoft-IIS/8.5
ETag: "cfeeeea325e4d71:0"
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Cache-Control: public
Date: Sun, 28 Nov 2021 09:07:44 GMT
Accept-Ranges: bytes
Content-Length: 1103
X-Content-Type-Options: nosniff
Expires: Sat, 26 Feb 2022 09:07:45 GMT

GET
H/1.1 200
OK St_Mary_CA.png
csurams.com/images/logos/ 2 KB
2 KB 133ms
133ms Image
image/png 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://csurams.com/images/logos/St_Mary_CA.png?width=30

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

6e613042221fa117459beb91ac9ae813468920229a33a7a630c0aa2aae06de23

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sun, 28 Nov 2021 07:02:05 GMT
Server: Microsoft-IIS/8.5
ETag: "ea1d61da25e4d71:0"
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Cache-Control: public
Date: Sun, 28 Nov 2021 09:07:44 GMT
Accept-Ranges: bytes
Content-Length: 1575
X-Content-Type-Options: nosniff
Expires: Sat, 26 Feb 2022 09:07:45 GMT

GET
H/1.1 200
OK adaptive_components.ashx Show response
csurams.com/services/ 904 B
772 B 132ms
132ms XHR
text/html 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://csurams.com/services/adaptive_components.ashx?type=ads&sport_id=0&name=sidearm-dfp-1

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

ddde048adc9ec46b7b54bc12477d77bee0362bab10de9d5908301f7dcbbbadbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://csurams.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/8.5
Date: Sun, 28 Nov 2021 09:07:44 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: private
Content-Length: 407
X-Content-Type-Options: nosniff

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 134ms
48ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=csurams.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 09:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 92ms
47ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=csurams.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 09:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 142ms
95ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2611453374538161&correlator=2451341590494728&output=ldjh&impl=fifs&eid=31062930&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211128&iu_parts=21708449227%2CCOST&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=pos%3Dtop&eri=1&cust_params=env%3Dprod%26firstpg%3D0%26ptype%3Dhome%26session%3Dc%26subses%3D3%26sport%3D0%26vguid%3D534ba814-39b0-499b-9f78-e6dc330c98e0%26page_template%3Dhome%26sport_name%3D0%26sport_name_custom%3D0%26site%3Dcolstate%26cbs_site_code%3Dcsu%26sect%3Dfrontpage&cookie_enabled=1&bc=31&abxe=1&lmt=1638089276&dt=1638090465238&dlt=1638090463124&idt=2073&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=3341288758&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcsurams.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x-1&ga_vid=1963339490.1638090464&ga_sid=1638090465&ga_hid=1681071212&ga_fc=true&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

28cc7eb85c57c07cb759491b396ba78bf0b0205e4069f765d3e258e1f3d1d9c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11328
x-xss-protection: 0
google-lineitem-id: 5733220005
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138355066955
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://csurams.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d9585b1770e366f845ae2d899d5bda4d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 279A 6 KB
4 KB 160ms
47ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d9585b1770e366f845ae2d899d5bda4d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 28 Nov 2021 09:07:45 GMT
expires: Mon, 28 Nov 2022 09:07:45 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 125ms
88ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2611453374538161&correlator=893179012977119&output=ldjh&impl=fifs&eid=31062930&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211128&iu_parts=21708449227%2CCOST&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=pos%3Dmiddle1&eri=1&cust_params=env%3Dprod%26firstpg%3D0%26ptype%3Dhome%26session%3Dc%26subses%3D3%26sport%3D0%26vguid%3D534ba814-39b0-499b-9f78-e6dc330c98e0%26page_template%3Dhome%26sport_name%3D0%26sport_name_custom%3D0%26site%3Dcolstate%26cbs_site_code%3Dcsu%26sect%3Dfrontpage&cookie_enabled=1&bc=31&abxe=1&lmt=1638089276&dt=1638090465251&dlt=1638090463124&idt=2073&frm=20&biw=1600&bih=1200&oid=2&adxs=1187&adys=526&adks=3341288759&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcsurams.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=297x250&msz=300x-1&ga_vid=1963339490.1638090464&ga_sid=1638090465&ga_hid=1681071212&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

84587c4b684d3d2dfa3a1496babf7523b627c039cd9fb9a87a72adab421a5af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11306
x-xss-protection: 0
google-lineitem-id: 5733212619
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138355446016
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://csurams.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 137ms
105ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2611453374538161&correlator=3125754570301554&output=ldjh&impl=fifs&eid=31062930&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211128&iu_parts=21708449227%2CCOST&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x66%7C728x90&prev_scp=pos%3Dbottom&eri=1&cust_params=env%3Dprod%26firstpg%3D0%26ptype%3Dhome%26session%3Dc%26subses%3D3%26sport%3D0%26vguid%3D534ba814-39b0-499b-9f78-e6dc330c98e0%26page_template%3Dhome%26sport_name%3D0%26sport_name_custom%3D0%26site%3Dcolstate%26cbs_site_code%3Dcsu%26sect%3Dfrontpage&cookie_enabled=1&bc=31&abxe=1&lmt=1638089276&dt=1638090465257&dlt=1638090463124&idt=2073&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=3480&adks=665210337&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcsurams.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=970x0&ga_vid=1963339490.1638090464&ga_sid=1638090465&ga_hid=1681071212&ga_fc=true&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

58a3cd367ee9db06c0410152821febc2bd79471f871b254103c54631928c2b87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
google-lineitem-id: 5733220005
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138355066958
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://csurams.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK John_Tonje.jpg
csurams.com/images/2021/11/27/ 64 KB
64 KB 132ms
132ms Image
image/jpeg 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://csurams.com/images/2021/11/27/John_Tonje.jpg?width=640&height=360&mode=crop&anchor=topcenter&format=jpg&quality=80

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

bba1c2f3fb095f957f2de56c3b85802008496284cb4c5962054f5cc84fe99b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sun, 28 Nov 2021 07:01:54 GMT
Server: Microsoft-IIS/8.5
ETag: "78578d325e4d71:0"
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Cache-Control: public
Date: Sun, 28 Nov 2021 09:07:44 GMT
Accept-Ranges: bytes
Content-Length: 65118
X-Content-Type-Options: nosniff
Expires: Sat, 26 Feb 2022 09:07:45 GMT

GET
H2 200 CSU20_Button_StadiumEvents_300x250_V2.jpg
dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/2021/1/4/ 365 KB
366 KB 269ms
267ms Image
image/jpeg 143.204.98.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/2021/1/4/CSU20_Button_StadiumEvents_300x250_V2.jpg
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-31.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0bf0db895891def4edb77e748cafdc7ea4ebff8f7434094055460a680bbdb41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:46 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
last-modified: Mon, 04 Jan 2021 20:12:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "499d8f492b97dfcaab159ed66168f41c"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 374023
x-amz-cf-id: 2grVjEpUwXp64S6P5FtnzBNePW57fPpEafs4cXIQe6j0A0YOZFRj1w==

GET
H2 200 CSU21_MobileTicketing_Web_300x250.jpg
dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/2021/7/7/ 89 KB
89 KB 297ms
295ms Image
image/jpeg 143.204.98.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/2021/7/7/CSU21_MobileTicketing_Web_300x250.jpg
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-31.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38d1a9b424e37e736dbd6aa430944b51cc0972e20759eb80174b909ba6bb3e77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:46 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
last-modified: Wed, 07 Jul 2021 16:26:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "d3928414b00fa62f49b9ca910dc50433"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 90666
x-amz-cf-id: 86EL5HWoQM8Zs8J-CglPzbmS0itmAoP5PDmakxxSqYJz1StyOQzJZg==

GET
H2 200 CSU20_Button_PurchaseTickets_300x250.jpg
dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/2020/7/1/ 345 KB
346 KB 271ms
269ms Image
image/jpeg 143.204.98.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/2020/7/1/CSU20_Button_PurchaseTickets_300x250.jpg
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-31.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2c964dcca4758eceed4d14569dc3238eadfec8f4e62af3b104e6db47c47d8e5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:46 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
last-modified: Wed, 01 Jul 2020 19:09:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "587e4493322f62a1de13285769353ffe"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 353154
x-amz-cf-id: vLbado88V_EFf8TPEaBz9thz1KYRzI231pJy5EQ5yGetnrP0AfjX6g==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 87ms
87ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2611453374538161&correlator=1072116601278211&output=ldjh&impl=fifs&eid=31062930&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211128&iu_parts=21708449227%2CCOST&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x66%7C728x90&prev_scp=pos%3Dbottom2&eri=1&cust_params=env%3Dprod%26firstpg%3D0%26ptype%3Dhome%26session%3Dc%26subses%3D3%26sport%3D0%26vguid%3D534ba814-39b0-499b-9f78-e6dc330c98e0%26page_template%3Dhome%26sport_name%3D0%26sport_name_custom%3D0%26site%3Dcolstate%26cbs_site_code%3Dcsu%26sect%3Dfrontpage&cookie_enabled=1&bc=31&abxe=1&lmt=1638089276&dt=1638090465335&dlt=1638090463124&idt=2073&frm=20&biw=1600&bih=1200&oid=2&adxs=140&adys=1293&adks=653486517&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcsurams.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1017x0&msz=970x0&ga_vid=1963339490.1638090464&ga_sid=1638090465&ga_hid=1681071212&ga_fc=true&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

b40d6d7c7d9cd4ca36784824aa4776518c8473c6cee6b303b6376fde484c026e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11271
x-xss-protection: 0
google-lineitem-id: 5733220005
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138355066958
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://csurams.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D4A4 0
0 74ms
74ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssej76AN81GgBIy5Y_qmJ0vP3jVeF-x0ug2rLmAQ0ResCvKDhb4STrQCHlfCxD4ZkH8HyBqkb1362rfwvZvjSVbNbhp8YpJsjWi3vZX0VUdqrcoTHRCrOZySnMbhmmMBl7RcOnBCBZ3C9JbnN7y-aZ5ZMwaXgNjm1rGQsEiiKZiQzLDM0I4vqUQD6W6Hz6QmY7mIZiRLZUtIVUCg7_V7LclyYOBm72ZY1-IDxBskDZN62pcRnGFK5uFt-VcohIEWvlPO3_rnZBPCfPFgiZ95ucUiSJy67Epedd_Dcz14qdaap93&sig=Cg0ArKJSzE7uu9DzoPG5EAE&uach_m=[UACH]&adurl=

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 09:07:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame D4A4 2 KB
1 KB 122ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 08:57:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Dec 2021 08:57:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D4A4 119 KB
36 KB 116ms
67ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 28 Nov 2021 09:07:45 GMT

GET
H2 200 11209706880339296823
tpc.googlesyndication.com/simgad/ Frame D4A4 64 KB
64 KB 273ms
192ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11209706880339296823

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ca97dfcfa998d60406892f924d47465fb9edc6b653ac13c6d57150c5cbba0c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:45 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65304
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 12:30:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 28 Nov 2022 09:07:45 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0F56 0
0 73ms
73ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsty_U6vp1a0opTWoIFQCrihPxGnHugTEsfqpNik0wytUsU0uz_xWsiLl4ZkcpShyy5VtQlZRwgMgs4x7kSvqrbAPIUbfcNtGWcGwyK99CuyNj7t0cQNQYDpkIh0aLNOlXlzq1RvTi0pM6IZYcCsKl2WFcu1QOqxkSclkZs-k_1oCQT2EDW38d21yVRtRzZgGkuSrPkbOge6SEw0QLYZze3-DMyUeVu827qO7_4wN5vgFXsKGUbWAnzObP9hYx5CgLHd_UtLRyo9tJAtI_yTJ4QkOdxcTvRTgnF_T3_eQ7-0UOap&sig=Cg0ArKJSzNsfaG8dNPUzEAE&uach_m=[UACH]&adurl=

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 09:07:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 0F56 2 KB
1 KB 112ms
42ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 08:57:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Dec 2021 08:57:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0F56 119 KB
36 KB 167ms
130ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 28 Nov 2021 09:07:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0F56 0
0 96ms
47ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTeQ5Fc56iHC4fUPugPZLpb_BDhTiiQ1CUiL4F3fECWARCBmuGYiQm_4q6haM5sIoe43_ET
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 17931437830054195272
tpc.googlesyndication.com/simgad/ Frame 0F56 39 KB
39 KB 249ms
180ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17931437830054195272

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96bbe6c5d63126df9bf6be85ae047c050ad39521f2f1c7e02c00948e9c817082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:45 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39944
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 12:48:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 28 Nov 2022 09:07:45 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E302 0
0 73ms
73ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNM-vxlQhOd1Sc-ScJsyUWO3Ce5s0IMMsJUNkB27RGKfqQW02vx7DnG--eJN_aC6JGr_Xu_2jIMhu9kAj2lguL4HGbMPU5hmjMG0YfPgkP9_Sj_R4YeVdRWmaOYAH7u5Yx1qP0buEIYvoP5MXrY84yfA8vDr7TvW1MgalvntoQOGnosCNUNEjao5MGEY_eqAloJ2xYc16nV3AORXvl89gbA_6ZJjoGcKQbmMxS1UcCaFtfdf7_A93t9QOgGg4Aoy9N_OwBqXB9zOdM0uAG5gLhTchF5xTsesnphIgtelnlLrLL&sig=Cg0ArKJSzGD_n4IVj2ReEAE&uach_m=[UACH]&adurl=

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 09:07:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame E302 2 KB
2 KB 102ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 08:57:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Dec 2021 08:57:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E302 119 KB
36 KB 127ms
99ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 28 Nov 2021 09:07:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E302 0
0 88ms
47ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRMqR0R_LEgLuw0-6YKFzL5YR7UZ5sPyurj9qMOpnSaXSm_FkVa0I_hz8mS-QoJj9mfjQGA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 10043232114954517251
tpc.googlesyndication.com/simgad/ Frame E302 81 KB
81 KB 205ms
144ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10043232114954517251

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69ee4929e9c514051acdfec68d99a028be511a83c86cdf4876e2404bd33b8404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 18:13:52 GMT
x-content-type-options: nosniff
age: 312833
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82973
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 12:48:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 18:13:52 GMT

GET
H2 200 CSU20_Button_PurchaseGear_300x250.jpg
dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/2020/7/1/ 358 KB
358 KB 258ms
258ms Image
image/jpeg 143.204.98.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/2020/7/1/CSU20_Button_PurchaseGear_300x250.jpg
Requested by: Host: csurams.com
URL: https://csurams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-31.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b9b1a632496ce9214fbbed6dbd1de8a81e3a67f9adcc9ce30a4411bd2402505

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:46 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
last-modified: Wed, 01 Jul 2020 19:09:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "af1e6294c6b1975468c8dfc98653f706"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 366163
x-amz-cf-id: 1WD0wr4SRi7slY5IxPfjRErqnBeaKOSTLAAxc6WPCLSghmhAnvHpGA==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6F7F 0
0 76ms
74ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJAMxtgyuRMlDxxKCJDgAt81MxMibVNGHdX7-w7e7SyS4aqswwvf2MNA1PSXPWXq8dC1y8lNt7OdOKEmbbyv6nWBDvHQB8JXcdxHNRLvsrMJ1Md1wJY04pUkgIOW_s-W66C6Dt1tPePdZy_v4kejj1Qn1lWiwSS3lbhGI--LijxySWzSWKx8Qrskoj5WNk2PnfHKr7dqFNnNUkhOSqd9Rg_DW6Sa6Rqb7pze1JndG1S6cksFS1e9HlsRDJjz_I3lIN8hlqrxdYLFMCH9bMYEAH1gozxW_I4gn08UOka-j4aU9c&sig=Cg0ArKJSzMzAlp9G99gUEAE&uach_m=[UACH]&adurl=

Requested by

Host: csurams.com
URL: https://csurams.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 09:07:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 10043232114954517251
tpc.googlesyndication.com/simgad/ Frame 6F7F 81 KB
81 KB 74ms
43ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10043232114954517251

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69ee4929e9c514051acdfec68d99a028be511a83c86cdf4876e2404bd33b8404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 18:13:52 GMT
x-content-type-options: nosniff
age: 312833
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82973
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 12:48:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 18:13:52 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 6F7F 2 KB
1 KB 175ms
175ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 08:57:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Dec 2021 08:57:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F7F 119 KB
36 KB 114ms
113ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 28 Nov 2021 09:07:45 GMT

GET
DATA 200
OK truncated
/ Frame D4A4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a8e0fb6aed9b78e0a71932b22c8eee2b4296f1ecffb9a5f8f0a4d398153d906

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E302 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 776d4fb35ddd33328278a944f39137435623fab0ec7f3139fd9321374315fc39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6F7F 0
0 121ms
74ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstB9qqZvFkD1HW366FVNCbizELmahtdOH5upD_rEVERZwBxJ4JKrOcMxSyKqBZm9WqTt-X7S6IlbWiFNE7CYdlTBE5EeKOGlUVd0h5EqLZRqVTKFJm0OhpgBLjUPppXzD3SCoSgaNB7tl5L74CvyUXTQMAFXAHi75tOK0xfv7TKJHIkbMRDWXCnfcncDpyt1HP0o9Mo2oGsvSO7jYSi6iszIQ3eqI6hsggEmy9V6-tJXdOsOPmAxDzAO7BfVLXQFx1_Ysw7OQ5ON_lrLTsCKLqAJwvT14x4B2zZPGeaMNnYjUpEXNY&sig=Cg0ArKJSzJ_xE0HngICpEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 09:07:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 28 Nov 2021 09:07:45 GMT

GET
DATA 200
OK truncated
/ Frame 6F7F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b2947988cbabae80a3b47f42ad008ab5a07edc77fb501817bee86de66d6b429

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E302 0
0 102ms
75ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssprmXMK22kt8ev9bSxte3rEoXtaFa4HPxT3Dw_TmeLndcdkcD1dePnx-V76pHoArCNjVs9o4bXr0CbPLDMD8XNiynczfEJobZ44Ssi1-zLq_Ob_QiaFK7m642RgAxQqTUKFDy3cEFeqkzLTi5kGPQ88ztcTpCBqUcndQUT6jkeOgAY3yvVIWzQz1bn6XhoFoG6MNQ5ZpvsLj9LcxufN-YvMzRar1TAdbMeZPmlrR03L8XJal-eo6vHRAoZ8SmcgwgOWrXwYBd-gLSVzZxxXZMwmX68ruTHMrDOv8w6bUd4f1ltfcc&sig=Cg0ArKJSzH93iMFYRRmsEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 09:07:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 28 Nov 2021 09:07:45 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0F56 0
0 92ms
74ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIoCCr35EdOEaAAlk53E_WagQLY9Jw4ZmAINKbV70HH1xz2_-t2PWb8AmcxKX_PhM8KkBcRcQve6IZ_GNNIGrJeoNrbOWRVFT8Ege4CNvOnFYiNAH7oA1HnAb6lWB2Vu9brl9usbx0W7bHWIe-Bsy1Mm29mR1sSc9esyzPiSKJO_bUto1b3-QljjN3GPZ4N8uc4yaFagURdkUqB9v-xtblOHmOZJz8ck8vzLSWnAeJpjGm2T1xFuE90IzokQj8KTqBMRen7ITB4YVMfaU-eAwye_94NLOkShCb3sW_TkNdJ696Mv8&sig=Cg0ArKJSzKSivNvI-faoEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 09:07:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 28 Nov 2021 09:07:45 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D4A4 0
0 75ms
73ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXLr9GokkrZLPOZHWQNEp8oewjw5yO1W4xg-N1k8wQdFFbJCj_2PhobVZ9jlPF0sdQvDfVEF2xkRBjJbxxwyvblSO5kcnZlwEfWd3WUavill8mkYdman72OnLsJIwRv2rnrh-Om97l3ErnBk4pIVimZoBX_uo0YypMz4_1GK0C7LX5EjWBfj2_JvddWAlmUCzUg6KunjnywUF1LxWHoPk_Z81TWFejObHMMFru9f6WqVUl5qS-6sjJ2AnYaSR1Zn6jA35hKJPFfxbV4gzn6HctdZquJUYs2OOK9agEwjPBz-KD9ZE&sig=Cg0ArKJSzG42B8dohUmbEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 09:07:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 28 Nov 2021 09:07:45 GMT

GET
H2 200 optout_check Show response
beacon.krxd.net/ 88 B
247 B 28ms
27ms Script
text/javascript 52.31.243.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.mogointeractive.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.243.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-243-184.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1a8e8d564011e7d0b9b15aac86d22c0ee4be7cd23d3e4ce80014c0abad7a749a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:46 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=23 t=1638090466
x-served-by: beacon-n005-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 get Show response
cdn.krxd.net/userdata/ 366 B
506 B 101ms
101ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=57df5244-ab7b-416d-92b3-c6c352ac3360&technographics=1&callback=Krux.ns.mogointeractive.kxjsonp_userdata
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9d1996090850211658068b462ed95cfc734d731e430b4c39e414f5209cfe34e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Sun, 28 Nov 2021 09:07:46 GMT
content-encoding: gzip
age: 0
x-served-by: userdata-a020-ash-prod.krxd.net, cache-hhn4043-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript
via: 1.1 varnish
cache-control: private, max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1638090466.061798,VS0,VE95
content-length: 279
x-cache-hits: 0, 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 134ms
53ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1944f4b2c9b20406a9a461c740a2a44da7674b306c0f923743c6f86a31a0b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 09:07:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9191
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 96ms
48ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y29PC3P5S9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3TH4CC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8c787e18f074312f0047802a5c1d78cae9fbf24904ffef02842ffaac6b1a0d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61782
x-xss-protection: 0
expires: Sun, 28 Nov 2021 09:07:46 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 101ms
53ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 28 Nov 2021 09:07:46 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
344 B 133ms
46ms Ping
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-Y29PC3P5S9&gtm=2oeba1&_p=1681071212&sr=1600x1200&_gaz=1&ul=en-us&cid=1963339490.1638090464&_s=1&dl=https%3A%2F%2Fcsurams.com%2F&dt=Colorado%20State%20University%20Athletics%20-%20Official%20Athletics%20Website&sid=1638090466&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.division=DI&ep.conference=Mountain%20West&ep.ss_client_id=1319&ep.school_name=Colorado%20State%20University%20
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y29PC3P5S9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csurams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 09:07:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://csurams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 37ms
18ms Ping
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Y29PC3P5S9&cid=1963339490.1638090464&gtm=2oeba1&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y29PC3P5S9&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csurams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 09:07:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://csurams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 110ms
62ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Y29PC3P5S9&cid=1963339490.1638090464&gtm=2oeba1&aip=1&z=1282166787

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 09:07:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
beacon.krxd.net/ 0
337 B 28ms
28ms Image
text/plain 52.31.243.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=so4l4yxm2&_kpid=57df5244-ab7b-416d-92b3-c6c352ac3360&_kcp_s=Sidearm&_kcp_d=csurams.com&_knifr=11&_kua_kx_tz=0&geo_country=de&geo_region=he&geo_dma=276003&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_tech_browser=Chrome%209&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=de&_kua_kx_geo_region=he&_kua_kx_geo_dma=276003&_kua_kx_whistle=0&_kpa_meta_keywords=Colorado%20State&_kpa_domain=csurams.com&_kpa_sidearm_page_template=home&_kpa_sidearm_sport_name=0&_kpa_sidearm_sport_name_custom=0&_kpa_sidearm_site=colstate&_kpa_sidearm_cbs_site_code=csu&_kpa_sidearm_sect=frontpage&t_navigation_type=0&t_dns=0&t_tcp=390&t_http_request=-1&t_http_response=258&t_content_ready=1831&t_window_load=3856&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=wwjq813gg&_kurl_=https%3A%2F%2Fcsurams.com&userdata_user=OgizjH5u%2Cwwjq813gg&sview=1&kplt0=34590&kplt1=34589&kplt2=34663&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F57df5244-ab7b-416d-92b3-c6c352ac3360%2C530%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fset%2F57df5244-ab7b-416d-92b3-c6c352ac3360%2C524%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C30%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C104
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.243.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-243-184.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:46 GMT
cache-control: private, no-cache, no-store
x-request-time: D=49 t=1638090466
x-served-by: beacon-n020-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1955 12 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 27 Nov 2021 20:25:53 GMT
expires: Sun, 27 Nov 2022 20:25:53 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 45713
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FBC7 783 B
536 B 48ms
48ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c1be95d35113bf447a055417aca2f613328e0a35d2fd6cdb837c6480ee47ff59

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VKGM0PirEdMaAA1W84EN6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 28 Nov 2021 09:07:46 GMT
date: Sun, 28 Nov 2021 09:07:46 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-VKGM0PirEdMaAA1W84EN6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 /
www.facebook.com/tr/ Frame E22E 44 B
91 B 16ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=561883908045644&ev=Microdata&dl=https%3A%2F%2F6590391.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCM-G58HauvQCFbhBHQkdr5gFVQ%3Bsrc%3D6590391%3Btype%3Dcounter%3Bcat%3Dsitev0%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D1%3Bnum%3D6851623039193.586%3F&rl=https%3A%2F%2Fcsurams.com%2F&if=true&ts=1638090466466&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&it=1638090464892&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6590391.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Sun, 28 Nov 2021 09:07:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FBC7 0
0 138ms
91ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=2611453374538161&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 1955 35 KB
13 KB 85ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 20:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 20:09:52 GMT

GET
H/1.1 200
OK sports Show response
csurams.com/api/config/sidearm-app/ 3 KB
992 B 139ms
138ms XHR
application/json 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://csurams.com/api/config/sidearm-app/sports

Requested by

Host: sidearm-syndication.s3.amazonaws.com
URL: https://sidearm-syndication.s3.amazonaws.com/prod/web-push.bundle.js?_=1638090464024

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

1faa46bab67d50f997b74af8e1b9bf90013b2d51a537bab656abb95ce17b9b8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://csurams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/8.5
ETag: c1dedb971024c993815d4e0127a2ab4d
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: private
Date: Sun, 28 Nov 2021 09:07:46 GMT
Content-Length: 580
X-Content-Type-Options: nosniff

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D4A4 42 B
64 B 121ms
73ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOwRLP2qcoqqy9X12R1b3Xq54m2y7a6fw18UTJXr6cwxkZ8yZwQ3YvuOuU3w7F0q12lmkv9dW-pPPEdYVUduFh6stZskKZZkNvLx4IdmFuB-QwciiX&sig=Cg0ArKJSzF_mleVhaNAcEAE&id=lidar2&mcvt=1147&p=526,1187,776,1487&mtos=1147,1147,1147,1147,1147&tos=1147,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3341288759&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638090465389&rpt=295&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 09:07:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=2611453374538161&bg=!ExClEFTNAAZQLpa_UC47ACkAdvg8WnXjll6mf2p4u80AE8iyRLLNMvr9A4akWr43y8ucUDunbTVJJwIAAAD-UgAAAAxoAQcKAQ16B2mnyiqmoOTPX5lhIaVOlE4INgeaft5SD9R2bqMpf-yTmHyOXy_e0WIhEO1sWNSV17exq7kVCEid6yD5dqq_UIZBCWEn8B1jOX4UhBSWhHBl_PBajC0q_F5l8mwG0xNewiKkTKYivLOmM5Q1b3YM7IUnWbP4ogRnUdHHxlJscNGK8KsveppQy0vzy-HGOMbeJ29Fk6KO47Tvq6MAanzPlpksLMKqGx5G76IU165CouPzBe8L5sgoS4owDMOpEAmBtOknY56U1RkI8Z6gEy8dMVV2FjHXWlxp6zNCUgRblha1EKAVaO61I0Y6uvJNFqqbBYR_qDxmOhPOIJrujNEcYuOj4WpFVzSuoQ3JNZkCfdKuNX9jutO4bUqGVxp2oSKeN9XLYOP1mLBja-Umf_iXVTShcAIA-ci_sLHNREd22FWn-1E8MHMd5uOKaoYIyYaVIH9U-hpiUQThFcnZ_mQyABsKjMZb6K3DnXTrdBilYXe_nzsgiiwF4abU1eo6GnOcUxQNU9jLlchUXb2oJAqMBvgUE_AF6oDot7X10Z2h2-qmlelEWKjTXGkiumbvwhHBdEH3_BLG6sMcfSoy7D1pBrEjYrLqZ40lINfrA09XYxaPr4QUGyNQlwvz7BAVSqEReqtmMihyYpq1rQ3epYpTtAa7H_768VGmJ0Zzxiy15Y8RJmBSW8QurxjYrdCIUh1zBOfHNdrVVxQkb9OD1FtwrH3z1Kt_M5XBIOG8eRtROnvkUFo6Y0A3S3odNvziT1pArtnW1WNC5Lmf_3iebE5bNjJN83lVxPRfhIKDRjbD_KbrqsB8oMancBFjgdUwlxOaz9IAdghF7sXh78P9mpbinnD0HmXH68D-QcVWFrji0e4zW9C3o2xrS_pAtg9rNaLFgTLHTbdF8b-h4ZdsHZMPiIM6EBJYFWnh_Rz-cS3Ctg_Ena2Ju3XWcjRDXWE2U2kGW62NKcWuxJwPke1a3V9qk4L2EXdh-ABoM5Fwf_qyBtI83L01tePiFwLuDxsjGEDQYB7ZAHcYfmcE2bJ31Z6nfV56_7HmvwcL3aOOfUxSRYt162sJ94L3H-e7lVE1qWm2FtTTb6K4NpmvFAfrZjORrMcT2WssLjdJmbg-G75oBQPihZYVoptOQtO0FOAbkXzbU5KwbeeDRNVm9LGrz2Fn9l6N8XLSLMKnI4qI8_g_mpAHtHLjYGne4m8V11Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 09:07:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK logo_handler.ashx
csurams.com/services/ 5 KB
5 KB 132ms
131ms Image
image/png 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://csurams.com/services/logo_handler.ashx?image_path=/images/logos/site/site.png&width=50&height=50

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

7464fab2befb3307718df44bed3814dc1aa5b80a05313bd98bca94608c09ea5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sun, 28 Nov 2021 07:01:46 GMT
Server: Microsoft-IIS/8.5
ETag: "6b60a7ce25e4d71:0"
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Cache-Control: public
Date: Sun, 28 Nov 2021 09:07:46 GMT
Accept-Ranges: bytes
Content-Length: 4617
X-Content-Type-Options: nosniff
Expires: Sat, 26 Feb 2022 09:07:47 GMT

GET
H2 200 fetch-ids.html Show response
statcollector.sidearmsports.com/services/ Frame C6FE 2 KB
820 B 129ms
129ms Document
text/html 174.143.40.29
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://statcollector.sidearmsports.com/services/fetch-ids.html?local=1cbac6e2-80a2-4f39-b054-c29b5fd7aecb&session=af992026-3daf-4dd5-a023-866f9dc555f8
Requested by: Host: sidearm-syndication.s3.amazonaws.com
URL: https://sidearm-syndication.s3.amazonaws.com/prod/web-push.bundle.js?_=1638090464024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.143.40.29 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7c1c21762731edc2d5f3fc47c16d0117ae5bbd2b6946630fd67a8165f4aef1b7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/

Response headers

cache-control: max-age=2592000
content-type: text/html
content-encoding: br
last-modified: Mon, 08 Jul 2019 14:24:02 GMT
accept-ranges: bytes
etag: "0ad24ca9835d51:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
date: Sun, 28 Nov 2021 09:07:47 GMT
content-length: 717

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1681071212&t=event&_s=2&dl=https%3A%2F%2Fcsurams.com%2F&ul=en-us&de=UTF-8&dt=Colorado%20State%20University%20Athletics%20-%20Official%20Athletics%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Push&ea=permission-needed&el=&ev=1&_u=aHDAAEIhAAAAAC~&jid=&gjid=&cid=1963339490.1638090464&tid=UA-87580067-4&_gid=665782534.1638090464&z=595062996

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 10:50:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 80241
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.ashx
statcollector.sidearmsports.com/services/ 42 B
81 B 129ms
128ms Image
image/gif 174.143.40.29
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statcollector.sidearmsports.com/services/pixel.ashx?site=colstate&r=csurams.com&page_template=home&sport_name=0&sport_name_custom=0&content_id=&server_name=&path_and_query=&user_id=1cbac6e2-80a2-4f39-b054-c29b5fd7aecb&session_id=af992026-3daf-4dd5-a023-866f9dc555f8&traits=&events=category%3DWeb%2520Push%26name%3Dpermission-needed%26label%3D%26value%3D1&count=&_=1638090468162
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.143.40.29 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 09:07:47 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-pv-id
content-type: image/gif
cache-control: no-cache
x-session-id: af992026-3daf-4dd5-a023-866f9dc555f8
content-length: 42
x-user-id: 1cbac6e2-80a2-4f39-b054-c29b5fd7aecb
expires: -1

GET
H2 200 fetch-ids.html Show response
statcollector.sidearmsports.com/services/ Frame 997F 2 KB
778 B 129ms
129ms Document
text/html 174.143.40.29
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://statcollector.sidearmsports.com/services/fetch-ids.html?local=1cbac6e2-80a2-4f39-b054-c29b5fd7aecb&session=af992026-3daf-4dd5-a023-866f9dc555f8
Requested by: Host: sidearm-syndication.s3.amazonaws.com
URL: https://sidearm-syndication.s3.amazonaws.com/prod/web-push.bundle.js?_=1638090464024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.143.40.29 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7c1c21762731edc2d5f3fc47c16d0117ae5bbd2b6946630fd67a8165f4aef1b7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/

Response headers

cache-control: max-age=2592000
content-type: text/html
content-encoding: br
last-modified: Mon, 08 Jul 2019 14:24:02 GMT
accept-ranges: bytes
etag: "0ad24ca9835d51:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
date: Sun, 28 Nov 2021 09:07:48 GMT
content-length: 717

GET
H2 200 CSU20_Button_StadiumEvents_300x250_V2.jpg
dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/2021/1/4/ 365 KB
366 KB 19ms
18ms Image
image/jpeg 143.204.98.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbukjj6eu5tsf.cloudfront.net/sidearm.sites/csurams.com/images/2021/1/4/CSU20_Button_StadiumEvents_300x250_V2.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/lazysizes/4.1.5/lazysizes-umd.min.js?bust=637449796769291123
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-31.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0bf0db895891def4edb77e748cafdc7ea4ebff8f7434094055460a680bbdb41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 09:07:46 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
last-modified: Mon, 04 Jan 2021 20:12:05 GMT
server: AmazonS3
age: 4
etag: "499d8f492b97dfcaab159ed66168f41c"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 374023
x-amz-cf-id: PRB6d4cxAy4AHZg-ZNKLJzo08OnxdzHr2xYplOhdDDPLc4Zt0y8Q5Q==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1681071212&t=event&_s=3&dl=https%3A%2F%2Fcsurams.com%2F&ul=en-us&de=UTF-8&dt=Colorado%20State%20University%20Athletics%20-%20Official%20Athletics%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Push&ea=permission-tip-shown&el=&ev=1&_u=aHDAAEIhAAAAAC~&jid=&gjid=&cid=1963339490.1638090464&tid=UA-87580067-4&_gid=665782534.1638090464&z=613695586

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 10:50:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 80242
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.ashx
statcollector.sidearmsports.com/services/ 42 B
81 B 129ms
128ms Image
image/gif 174.143.40.29
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statcollector.sidearmsports.com/services/pixel.ashx?site=colstate&r=csurams.com&page_template=home&sport_name=0&sport_name_custom=0&content_id=&server_name=&path_and_query=&user_id=1cbac6e2-80a2-4f39-b054-c29b5fd7aecb&session_id=af992026-3daf-4dd5-a023-866f9dc555f8&traits=&events=category%3DWeb%2520Push%26name%3Dpermission-tip-shown%26label%3D%26value%3D1&count=&_=1638090469143
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.143.40.29 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://csurams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 09:07:48 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-pv-id
content-type: image/gif
cache-control: no-cache
x-session-id: af992026-3daf-4dd5-a023-866f9dc555f8
content-length: 42
x-user-id: 1cbac6e2-80a2-4f39-b054-c29b5fd7aecb
expires: -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: kr.ixiaa.com
URL: https://kr.ixiaa.com/C726AB29-0470-440B-B8D2-D552CED3A3DC/a.gif

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
csurams.com/common/templates/dfp	1969-12-31 23:59:59	Name: f5_cspm Value: 1234
.scorecardresearch.com/	1970-01-20 16:18:18	Name: UID Value: 1Y4T5ZMDQ5M2HIO7HL12SDg1638090464
.csurams.com/	1970-01-19 23:02:56	Name: _gid Value: GA1.2.665782534.1638090464
.csurams.com/	1970-01-19 23:01:30	Name: _gat_tracker0 Value: 1
.csurams.com/	1970-01-19 23:01:30	Name: _gat_UA-180696617-1 Value: 1
.csurams.com/	1970-01-19 23:01:30	Name: _gat_UA-180624321-25 Value: 1
.csurams.com/	1970-01-20 01:11:06	Name: _gcl_au Value: 1.1.844647134.1638090464
.doubleclick.net/	1970-01-20 08:23:06	Name: IDE Value: AHWqTUlxAhoCokeOq1nbUmczMzFRR-wmLBV5JD26s25rgRfyLjJY3J4JyZbPkUgofgE
.krxd.net/	1970-01-20 03:20:42	Name: _kuid_ Value: OgizjH5u
.rlcdn.com/	1970-01-20 07:47:06	Name: rlas3 Value: JdQpV9A7Kodmy/zZBpB0ffoEHjrbnwY1/BcsAesIte8=
.rlcdn.com/	1970-01-20 00:27:54	Name: pxrc Value: CAA=
.adsrvr.org/	1970-01-20 07:47:06	Name: TDID Value: 85d2fc85-e3a8-4beb-8fca-7701d620758c
.adsrvr.org/	1970-01-20 07:47:06	Name: TDCPM Value: CAESEwoEa3J1eBILCO6LnaySlpk6EAUYBSABKAIyCwiG6-bYqJaZOhAFOAE.
.yieldoptimizer.com/	1970-01-20 07:47:06	Name: fbh0 Value: %7B%7D
.yieldoptimizer.com/	1970-01-20 07:47:06	Name: gcma Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-20 07:47:06	Name: rmxc Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-20 07:47:06	Name: cktst Value: 363040339
.yieldoptimizer.com/	1970-01-20 07:47:06	Name: ckid Value: 3015348860295
.yieldoptimizer.com/	1970-01-20 07:47:06	Name: dph Value: %7B%22t%22%3A%5B113145%5D%2C%22dp%22%3A%5B2818%5D%7D
.yieldoptimizer.com/	1970-01-20 07:47:06	Name: ph Value: %7B%22p%22%3A%5B1034%5D%2C%22t%22%3A%5B113145%5D%7D
.agkn.com/	1970-01-20 07:47:06	Name: ab Value: 0001%3A600j3T1tDF0JjVdOqudOPyYp9YDkC9Dq
.csurams.com/	1970-01-20 08:23:06	Name: __gads Value: ID=b4c4ba2d5753c34b:T=1638090465:S=ALNI_Mb6aPtrv-nu7mEpOXB8JY_VU2W2fQ
.csurams.com/	1970-01-20 16:32:42	Name: _ga_Y29PC3P5S9 Value: GS1.1.1638090466.1.0.1638090466.60
.csurams.com/	1970-01-20 16:32:42	Name: _ga Value: GA1.1.1963339490.1638090464

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kr.ixiaa.com/C726AB29-0470-440B-B8D2-D552CED3A3DC/a.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://idsync.rlcdn.com/398696.gif?partner_uid=-1800405411936451684 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OgizjH5u Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6590391.fls.doubleclick.net
aa.agkn.com
adservice.google.com
adservice.google.de
analytics.google.com
beacon.krxd.net
cdn.krxd.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
consumer.krxd.net
csurams.com
d9585b1770e366f845ae2d899d5bda4d.safeframe.googlesyndication.com
dbukjj6eu5tsf.cloudfront.net
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
fonts.sidearmsports.com
global.ib-ibi.com
idsync.rlcdn.com
insight.adsrvr.org
kr.ixiaa.com
match.adsrvr.org
p.typekit.net
pagead2.googlesyndication.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
sidearm-syndication.s3.amazonaws.com
stags.bluekai.com
statcollector.sidearmsports.com
stats.g.doubleclick.net
tag.yieldoptimizer.com
tpc.googlesyndication.com
use.typekit.net
usermatch.krxd.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
kr.ixiaa.com
104.111.215.191
142.250.185.162
142.250.186.98
142.250.74.198
143.204.98.125
143.204.98.31
151.101.194.133
151.101.2.133
174.143.40.29
18.168.102.56
2600:1901:0:8eee::
2600:9000:2156:200:4:cc99:4000:93a1
2606:4700::6810:125e
2a00:1450:4001:808::2003
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9c
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00::210:ba2a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.33.220.150
35.186.212.60
35.244.174.68
35.71.131.137
52.31.243.184
54.231.134.249
54.90.48.240
69.169.85.6
74.205.81.134
0096abe5b817d6ea9eac518f16604bdee4632105b66d385c221966a121a5730c
02055da12953582666aec83c667c693f874a6bd5068e41b6f9c574b18615734c
02322119b0e2a17e5032208d3ca804591b57cf732906c4d8bf01a9df67f6b18a
041df148c8e60b129f3394dd0e4cad28e85f7f73521a6aaa7e3816a2feca78b6
08477caa8371b7ed1318fd5a8c96b66827763c4243e2ecffaa384db22fad6a36
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
0af831f02446abba45f9f0128e242e257e5880694b9a6e21136eaf4f0b4daa53
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
131a0aec79ec5f60fcfc70da6e3b9e8f00538c2ff6b0cb4e93617f22b543ab6a
1a68b58dd97a1e7dc5296d192c879918c875489db9d3e7710e227ba0029015e4
1a8e8d564011e7d0b9b15aac86d22c0ee4be7cd23d3e4ce80014c0abad7a749a
1bf11cfef5b22c06615c9ec2bf5660543ed00e73b54220be594327683c02b6f0
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1faa46bab67d50f997b74af8e1b9bf90013b2d51a537bab656abb95ce17b9b8c
1fdc5d43ecaa524c11f3eaddd483d99483bb22cc6f87aeff96b5e61d35b7eac6
22482584aeaa7b1d74de072793246c65e38b402ac231f38bb0d9102802543230
22aa5adb7ec9ec635bf5ea794b146c0ef2fc74e4849d6c36e2db99b1144cc700
28cc7eb85c57c07cb759491b396ba78bf0b0205e4069f765d3e258e1f3d1d9c6
2c964dcca4758eceed4d14569dc3238eadfec8f4e62af3b104e6db47c47d8e5d
2d8e6de10d60d5495f6c21767dac248c9908cec2eb38399fc3c2276ce7d66a16
3302ef568a096b5d784190fc4a27a5360a9e0a22c069d90253c6341e311024d8
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37dbf4b6012d4e23cbc1cba50baa3572c93a5c371b9873fb5440cb84dfbf9902
37df8fe0738cfcd1e8f0362b5dc1295ca82fdcc11900bc29ce2829022af18388
38d1a9b424e37e736dbd6aa430944b51cc0972e20759eb80174b909ba6bb3e77
3afdd367b45f02a8d2b88343e8d622c44332965cf6004d63831b22eb6219fcd7
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295
3ca97dfcfa998d60406892f924d47465fb9edc6b653ac13c6d57150c5cbba0c3
3ddc21d18f58485c8b659e266f1e6d5327630060eb05490ddc2c9179b984f19c
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
412fe890925c0966aa6ed312e5846cac1572c856e551717cd07d0e5f805ac3c8
444963e1e31f8fc85c130de4b47ac44c1fbbb895af2ce037d60e0fa33536f5f6
458de08f4f61564d2cb5dcdbcb43b14b73651df9318088f9ed221d020a574d92
47e7b5ca20e0b72b7a992ead1d85c9c933ee0cf23334f28ccd7750b53e626e73
4d810245d7fd5bde5af244735636dfb9a16d7d3b6a5973cd4a967608dcc7d66f
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
514e6da587750e6d733397f8e608e32b6afee94d5a0e6844f2d98acc05cf61c0
519047ec3f89d213754724963af73adbd67cfe0d4b35e4a61fa63e4250a5f211
522c07984844c20a59145358c7b5a23a3eb8268eca6814b0d6eec90e3ba5ba38
57ca098e04eb7eedd432a67876f37a30f70aab24b513a0c3e56cbb9247fbca11
58a3cd367ee9db06c0410152821febc2bd79471f871b254103c54631928c2b87
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
5c5139bc944c903b40d95ad264ef661cf0748f57f8b4a3c2286a6aa2ef1388dc
66fc290fe44f2fba699a50375ab8f5d972ba45c02ea9ffe6dbc8ad0c3b6ff672
672047273db1c1af649c782961f4463ce6483e4a6a6b440027c53b4dc29626b3
69ee4929e9c514051acdfec68d99a028be511a83c86cdf4876e2404bd33b8404
6a8e0fb6aed9b78e0a71932b22c8eee2b4296f1ecffb9a5f8f0a4d398153d906
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c50f2e1a8fd249e8aac7c38d8e515d6d92ff8909cfd73185124dd5e397f341f
6e613042221fa117459beb91ac9ae813468920229a33a7a630c0aa2aae06de23
7209c26bc245ae1b293f4b9622201b1dc97282229a2e8fcae555f36caa8650e8
7464fab2befb3307718df44bed3814dc1aa5b80a05313bd98bca94608c09ea5a
776d4fb35ddd33328278a944f39137435623fab0ec7f3139fd9321374315fc39
7904b4c684b31d393b96a92275154b596b5263784fc3da9a2748757318c6a6fe
7b9b1a632496ce9214fbbed6dbd1de8a81e3a67f9adcc9ce30a4411bd2402505
7c1c21762731edc2d5f3fc47c16d0117ae5bbd2b6946630fd67a8165f4aef1b7
7c62673f8970f2d09c8588adc7ba9e339b680367c8be1cc988873de9ec557844
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84587c4b684d3d2dfa3a1496babf7523b627c039cd9fb9a87a72adab421a5af7
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84eafb12e36a07b42fb1610ae435518c6a988275344ef6160d87805aa1155139
88101eccef0707bd7ee54179eb036631c5139d41892067f13b7c9efac1a48009
8894c1eec2d12d32964aa9e08072a82333f8f15249edffc4b1618e94a6813a05
89bc47566a5c86a8ced4eb708146b2aadd90597fe527fdd289b7dffec09f41d0
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8ba5ee7e33092eae9cf025c71ec0dfe8d99444cedbe7df0364b6effcdcb73839
8c787e18f074312f0047802a5c1d78cae9fbf24904ffef02842ffaac6b1a0d96
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93cb444f12d58e1fb7c13aa4e9472895d3cb49e9ca1f27372aeb52e03a639b76
96bbe6c5d63126df9bf6be85ae047c050ad39521f2f1c7e02c00948e9c817082
9a9f559578efd0e89aa6d87ca1e6fb2f877bc92108b33b0e14ce0ee97891ea99
9b2947988cbabae80a3b47f42ad008ab5a07edc77fb501817bee86de66d6b429
9b4169ff73f9018c3a92743f72a209b998deb1809e9a07984a7e1e7603522aa9
9c85b540f09f4d98f4c94cce10b1cf654fe6a9d393042b067500e78fa42ccf1c
9d1996090850211658068b462ed95cfc734d731e430b4c39e414f5209cfe34e2
9f83d692c0e28eeb199daf71876db22ede0a3f1d65db0adc732a3f52b42fed90
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1944f4b2c9b20406a9a461c740a2a44da7674b306c0f923743c6f86a31a0b53
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b40d6d7c7d9cd4ca36784824aa4776518c8473c6cee6b303b6376fde484c026e
b9811f9f571e747d90c59b3dafcc49ef225807b15f2b06e1c92f14d02739653b
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bba1c2f3fb095f957f2de56c3b85802008496284cb4c5962054f5cc84fe99b77
bfaa174efed49733ce204a6421015cd915f39bfa56fd5e7e6c54a448365f5cf7
c0bf0db895891def4edb77e748cafdc7ea4ebff8f7434094055460a680bbdb41
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c135427ff8988ace2515c68ca8321f7f2263c71e6ce77ea5bde4fe9d868bc268
c1be95d35113bf447a055417aca2f613328e0a35d2fd6cdb837c6480ee47ff59
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
c907bd7064f1d38a655634ba22d80fa1d1995ad33eb3296d3f14849be4566dec
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5
d713dd84892c763b25143502308aa8cf82f0d60aad22ea5b6c2968cf9b6bb135
ddde048adc9ec46b7b54bc12477d77bee0362bab10de9d5908301f7dcbbbadbb
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df9dc60b9eb6c3b12435878476d534072616a4e0677c57c25b9ad3a7d6a8d08f
e2835d80b6411495935bae8411e0b879708edfdd4fc8534e3dc73a6ded9243ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9dcc2645a16e5d73a567d092634a84efd25429916a7e8e0725364afe3a9fe68
eba0eddec259d711d3a36f694990701f397bc3273c92034900107f69b319984e
eec10fa1e2c159ef712bb5add157fce337037e1fb9177cfdeb659536a4bc38c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0dfb575a3bbcbbbf9c890cd4b435b969377d444ada10654cfd976c137094e38
f37e21c653607facbf39ad55a0d09b23fbda4ee1be8202257bd4c218eb1544ee
f49be56afd4d83f03bcdeb4f0075c7a56c58ec084993ddc9363ed8fca5be339d
fc93ff0657a86215aee5a8d88f43796d4996e9a511857ef7c03f511c6e879414

csurams.com Open in urlscan Pro 74.205.81.134 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

179 Requests

93 %HTTPS

53 %IPv6

27 Domains

41 Subdomains

36 IPs

5 Countries

3788 kBTransfer

7105 kBSize

24 Cookies

28 Outgoing links

Page URL History

Redirected requests

179 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

csurams.com Open in urlscan Pro
74.205.81.134 Public Scan

Screenshot
Live screenshot

Full Image

179
Requests

93 %
HTTPS

53 %
IPv6

27
Domains

41
Subdomains

36
IPs

5
Countries

3788 kB
Transfer

7105 kB
Size

24
Cookies

179 HTTP transactions
-1 data transactions