www.on3.com Open in urlscan Pro
2606:4700:10::6816:42d2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/redirect?url=https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-f...
Effective URL:
https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Submission: On September 01 via api (September 1st 2022, 7:31:44 pm UTC) from US — Scanned from DE

Summary HTTP 340 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 59 IPs in 8 countries across 40 domains to perform 340 HTTP transactions. The main IP is 2606:4700:10::6816:42d2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.on3.com. The Cisco Umbrella rank of the primary domain is 60644.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 3rd 2022. Valid for: a year.

This is the only time www.on3.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1 72	2606:4700:10:... 2606:4700:10::6816:42d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:10:... 2606:4700:10::6816:22d7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	178.79.227.9 178.79.227.9	22822 (LLNW) (LLNW)
11	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700:303... 2606:4700:3034::6815:4d81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:440e::6812:2fe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	3.214.35.174 3.214.35.174	14618 (AMAZON-AES) (AMAZON-AES)
7	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
8	108.138.4.10 108.138.4.10	16509 (AMAZON-02) (AMAZON-02)
4	107.23.86.249 107.23.86.249	14618 (AMAZON-AES) (AMAZON-AES)
1	104.18.115.97 104.18.115.97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:400e:80c::200a	15169 (GOOGLE) (GOOGLE)
2	18.204.159.191 18.204.159.191	14618 (AMAZON-AES) (AMAZON-AES)
13	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
1	13.32.121.27 13.32.121.27	16509 (AMAZON-02) (AMAZON-02)
1	52.222.214.6 52.222.214.6	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	52.216.114.123 52.216.114.123	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	213.19.147.43 213.19.147.43	26120 (RHYTHMONE) (RHYTHMONE)
10	34.234.47.166 34.234.47.166	14618 (AMAZON-AES) (AMAZON-AES)
6	35.157.194.177 35.157.194.177	16509 (AMAZON-02) (AMAZON-02)
4 8	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
2	185.64.190.77 185.64.190.77	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
1	52.59.9.89 52.59.9.89	16509 (AMAZON-02) (AMAZON-02)
6	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
1	72.251.249.14 72.251.249.14	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
6	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.248.135.230 3.248.135.230	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
11	50.16.128.157 50.16.128.157	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:402... 2a00:1450:4028:809::2003	15169 (GOOGLE) (GOOGLE)
3	108.138.7.103 108.138.7.103	16509 (AMAZON-02) (AMAZON-02)
22	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1 3	13.32.121.72 13.32.121.72	16509 (AMAZON-02) (AMAZON-02)
3	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
2	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
1	52.11.0.105 52.11.0.105	16509 (AMAZON-02) (AMAZON-02)
1	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:2156:2000:15:6f6c:b180:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.207.62.173 18.207.62.173	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
6 12	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
4 8	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
340	59

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 2606:4700:10::6816:42d2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.on3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.on3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::6816:22d7 (United States)

ASN13335 (CLOUDFLARENET, US)

on3static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 178.79.227.9 (Vienna, Austria)

ASN22822 (LLNW, US)
PTR: https-178-79-227-9.vie.llnw.net

player.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
config.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn9.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::6815:4d81 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn-ext.spiny.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 3.214.35.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-35-174.compute-1.amazonaws.com

pixel.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.23.86.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-86-249.compute-1.amazonaws.com

trafficmanager.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.115.97 (None, )

ASN13335 (CLOUDFLARENET, US)

ipv4.icanhazip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400e:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.204.159.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-159-191.compute-1.amazonaws.com

vid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-27.fra60.r.cloudfront.net

api.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-6.fra56.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.114.123 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

anyclip-player.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.43 (Beverwijk, Netherlands)

ASN26120 (RHYTHMONE, US)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.234.47.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-47-166.compute-1.amazonaws.com

pbs.nextmillmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.157.194.177 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-194-177.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.252.172.250 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.77 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.9.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-9-89.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.14 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.135.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-135-230.eu-west-1.compute.amazonaws.com

exchange.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 50.16.128.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-128-157.compute-1.amazonaws.com

marketplace.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4028:809::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.7.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-103.fra56.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.72 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.11.0.105 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-11-0-105.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:2000:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)

vpaid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.207.62.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-62-173.compute-1.amazonaws.com

vid-io-iad.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.98 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.19.126 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	on3.com 1 redirects www.on3.com — Cisco Umbrella Rank: 60644 api.on3.com — Cisco Umbrella Rank: 104698	656 KB
53	anyclip.com player.anyclip.com — Cisco Umbrella Rank: 13867 config.anyclip.com — Cisco Umbrella Rank: 18145 pixel.anyclip.com — Cisco Umbrella Rank: 14182 trafficmanager.anyclip.com — Cisco Umbrella Rank: 17728 assets.anyclip.com — Cisco Umbrella Rank: 17655 cdn9.anyclip.com — Cisco Umbrella Rank: 199800 marketplace.anyclip.com — Cisco Umbrella Rank: 15700	7 MB
37	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 stats.g.doubleclick.net — Cisco Umbrella Rank: 85 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 pubads.g.doubleclick.net — Cisco Umbrella Rank: 431 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 293	282 KB
32	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 112 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 145	174 KB
13	google.com 1 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2277 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 78	11 KB
13	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 264	364 KB
10	nextmillmedia.com pbs.nextmillmedia.com — Cisco Umbrella Rank: 4528	2 KB
9	casalemedia.com 4 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 500 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 515	7 KB
9	gstatic.com fonts.gstatic.com csi.gstatic.com	342 KB
8	rubiconproject.com 2 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 476 pixel.rubiconproject.com — Cisco Umbrella Rank: 319	7 KB
8	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 225	7 KB
8	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 424	702 KB
8	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 275	90 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1080 q.stripe.com — Cisco Umbrella Rank: 7709 m.stripe.com — Cisco Umbrella Rank: 1025	84 KB
7	on3static.com on3static.com — Cisco Umbrella Rank: 64574	924 KB
6	yahoo.com c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 946	750 B
6	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1047	925 B
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37 region1.google-analytics.com — Cisco Umbrella Rank: 3463	20 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 66	270 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6487 adservice.google.de — Cisco Umbrella Rank: 9270	1 KB
4	springserve.com vid.springserve.com — Cisco Umbrella Rank: 6801 vpaid.springserve.com — Cisco Umbrella Rank: 9717 vid-io-iad.springserve.com — Cisco Umbrella Rank: 7338	90 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 152	2 KB
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1015	924 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	88 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1166	17 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 154	111 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 132	17 KB
2	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 442	170 B
2	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 796	159 B
2	intentiq.com api.intentiq.com — Cisco Umbrella Rank: 1717 sync.intentiq.com — Cisco Umbrella Rank: 1284	800 B
2	spiny.ai 1 redirects cdn-ext.spiny.ai — Cisco Umbrella Rank: 76323	120 KB
1	postrelease.com exchange.postrelease.com — Cisco Umbrella Rank: 4897	390 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 619	643 B
1	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 552	600 B
1	media.net prebid.media.net — Cisco Umbrella Rank: 1082	818 B
1	amazonaws.com anyclip-player.s3.amazonaws.com — Cisco Umbrella Rank: 61351	29 KB
1	icanhazip.com ipv4.icanhazip.com — Cisco Umbrella Rank: 12102	395 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1058	5 KB
1	t.co t.co — Cisco Umbrella Rank: 499	564 B
0	33across.com Failed ssc.33across.com Failed
340	40

	Domain	Requested by
70	www.on3.com	1 redirects t.co www.on3.com static.cloudflareinsights.com
20	pixel.anyclip.com	www.on3.com
18	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
13	s0.2mdn.net	player.anyclip.com imasdk.googleapis.com t.co s0.2mdn.net 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
12	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
11	marketplace.anyclip.com	www.on3.com player.anyclip.com
10	pbs.nextmillmedia.com	cdn-ext.spiny.ai
9	cdn9.anyclip.com	www.on3.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	ib.adnxs.com	4 redirects cdn-ext.spiny.ai vpaid.springserve.com googleads.g.doubleclick.net
8	imasdk.googleapis.com	player.anyclip.com imasdk.googleapis.com
8	c.amazon-adsystem.com	cdn-ext.spiny.ai c.amazon-adsystem.com player.anyclip.com
7	pubads.g.doubleclick.net	imasdk.googleapis.com
7	googleads.g.doubleclick.net	1 redirects www.googleadservices.com 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com t.co
7	fonts.gstatic.com	www.on3.com
7	on3static.com	www.on3.com
6	adservice.google.com	imasdk.googleapis.com securepubads.g.doubleclick.net
6	www.google.com	1 redirects www.on3.com tpc.googlesyndication.com 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
6	fastlane.rubiconproject.com	cdn-ext.spiny.ai
6	c2shb.ssp.yahoo.com	cdn-ext.spiny.ai
6	btlr.sharethrough.com	cdn-ext.spiny.ai
6	player.anyclip.com	www.on3.com player.anyclip.com imasdk.googleapis.com
5	www.googletagmanager.com	www.on3.com www.googletagmanager.com
5	securepubads.g.doubleclick.net	www.on3.com securepubads.g.doubleclick.net
4	googleads4.g.doubleclick.net	t.co
4	trafficmanager.anyclip.com	player.anyclip.com
3	3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	q.stripe.com	t.co
3	sb.scorecardresearch.com	1 redirects
3	js.stripe.com	www.on3.com js.stripe.com
3	www.google.de	www.on3.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	pixel.rubiconproject.com	2 redirects
2	cms.quantserve.com	3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
2	www.googletagservices.com	3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	connect.facebook.net	t.co connect.facebook.net
2	csi.gstatic.com	imasdk.googleapis.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	hbopenbid.pubmatic.com	cdn-ext.spiny.ai player.anyclip.com
2	targeting.unrulymedia.com	cdn-ext.spiny.ai
2	api.on3.com	www.on3.com
2	vid.springserve.com	player.anyclip.com imasdk.googleapis.com
2	assets.anyclip.com	player.anyclip.com www.on3.com
2	cdn-ext.spiny.ai	1 redirects www.on3.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	vid-io-iad.springserve.com	vpaid.springserve.com
1	vpaid.springserve.com	imasdk.googleapis.com
1	htlb.casalemedia.com	player.anyclip.com
1	m.stripe.com	m.stripe.network
1	exchange.postrelease.com	cdn-ext.spiny.ai
1	ap.lijit.com	cdn-ext.spiny.ai
1	tlx.3lift.com	cdn-ext.spiny.ai
1	prebid.media.net	cdn-ext.spiny.ai
1	anyclip-player.s3.amazonaws.com	www.on3.com
1	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
1	sync.intentiq.com	www.on3.com
1	api.intentiq.com	player.anyclip.com
1	ipv4.icanhazip.com	player.anyclip.com
1	config.anyclip.com	player.anyclip.com
1	static.cloudflareinsights.com	www.on3.com
1	t.co
0	ssc.33across.com Failed	cdn-ext.spiny.ai
340	66

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
instagram.com
www.youtube.com
apps.apple.com
shopksr.com
www.ksbarandgrille.com
anyclip.com
on3.zendesk.com

Subject Issuer	Validity	Valid
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
on3.com Cloudflare Inc ECC CA-3	`2022-02-03` - `2023-02-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-13` - `2023-03-13`	a year	crt.sh
*.anyclip.com Go Daddy Secure Certificate Authority - G2	`2022-05-13` - `2023-06-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.springserve.com Amazon	`2022-08-28` - `2023-09-26`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.intentiq.com Amazon	`2022-03-20` - `2023-04-17`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-09` - `2023-05-09`	a year	crt.sh
pbs.nextmillmedia.com Amazon	`2022-07-13` - `2023-08-11`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.postrelease.com Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-08-31` - `2023-01-10`	4 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-11` - `2022-09-09`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-15` - `2022-11-13`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-11` - `2022-10-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Frame ID: B169007B3CB5639B5515F84ABCC3AEB7
Requests: 215 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: 7828C02B4492F9FC596F88122A401CF7
Requests: 2 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 65B3740EE1287B50C4B17566A4BFEDDC
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: F96CC32DE1174E7C22B15751B5E617EE
Requests: 21 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: E845943819F3C5240EDA9FF29F1F15C2
Requests: 11 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-2a0f7db50009238158f4274fa211fa55.html
Frame ID: 3414EF8723046C2947DE747A02E8208E
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 46E38C698660FD91180BCF910908D41F
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: FE71C936D279C4868C2CDF961726AD88
Requests: 4 HTTP requests in this frame

Frame: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D5710EACF951BABC842E95D293C97B85
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0E47C842E1337A962E8E089D1EC4602B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4CBF12F441E1299D1F447CB77110BB03
Requests: 2 HTTP requests in this frame

Frame: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 59C22AB819CF731616F345E58D47A676
Requests: 15 HTTP requests in this frame

Frame: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0D34893D0735C31B2FD6C5EC3788D9D7
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeO4gEQ7NyYlQIYlOm3xAEwAQ&v=APEucNWpqx7A-pr32nZA77qGZhA3wvOk_mrkXl-MadGo4PRgenukePgq38mt2vPy0aIEOP28dVWEjrQlNtPOt2XrKtwA7gnE_AsHPn69L06PbLR3mOK_pUHdzBzp7ej3a4bFQ-4EyahCI1W5xqp0cOqciNwzztl6KhhCnDkQAtAzVU-nHDiIZLU
Frame ID: 217EE134CD30853584730FE912ED7A44
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeO4gEQ7NyYlQIYlOm3xAEwAQ&v=APEucNUQTtEJuQ8VFonn20-rD6JZNFmaIVEKBmNNLHS1cIE6ovmJVRw7Kkm5Z2Jcpv1WB6lw-Z5W9CJDbYLhKL5M1xNXGVMhD-uyJs1EedQ5oSPj663vkwWMnH_7Z9_b7sIfGzCd6QNDlTzH2IN4_9gRGZzdcl6x3MLqBKdFVtxAF4SwBiqT144
Frame ID: A35E829CF6507CF3293228C1838FB6C0
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 43B4353799D1B9B0F220DC0B6752E9F1
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A1428AE5BE1B922EBF0838C34015307A
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 77391F66438CFD3C80F84B8B3E1F3E3C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8270229051994701042/2022-Spring-Refresh-programmatic-DE-300x250.html
Frame ID: 85016F4290E6278CF2C1B8D2A5EB547A
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2932139913943983440/2022-Spring-Refresh-programmatic-DE-300x250.html
Frame ID: 3946B38DE32AB76C7294C85FDB3C9AA3
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 105EC7418E28E9B8BCC5781279792825
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kentucky's Chris Rodriguez set to face multi-game suspension - On3

Page URL History Show full URLs

https://t.co/redirect?url=https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chri... Page URL
https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-gam... HTTP 308
https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-gam... Page URL

Detected technologies

RxJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

rx(?:\.\w+)?(?:\.compat|\.global)?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Zip (Payment processors) Expand

Overall confidence: 100%
Detected patterns

zip\.co

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

basket.js (JavaScript Libraries) Expand

Overall confidence: 10%
Detected patterns

basket.*\.js

Page Statistics

340
Requests

94 %
HTTPS

42 %
IPv6

40
Domains

66
Subdomains

59
IPs

8
Countries

11216 kB
Transfer

19767 kB
Size

30
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/kysportsradio

Search URL Search Domain Scan URL

URL: https://twitter.com/kysportsradio

Search URL Search Domain Scan URL

URL: https://instagram.com/ksr_ig

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCxlgPWNLi8UInV0HHhfSQCg
Title: Youtube

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/ksr/id1171616913
Title: KSR APP

Search URL Search Domain Scan URL

URL: http://shopksr.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://www.ksbarandgrille.com/
Title: KSBAR and GRILLE

Search URL Search Domain Scan URL

URL: https://twitter.com/KySportsRadio/status/1560737583151419394
Title: Jones tweeted.

Search URL Search Domain Scan URL

URL: https://twitter.com/KySportsRadio/status/1560747073053638656?s=20&t=pbH08XoPtZFfn_doEJ-ihw
Title: added.

Search URL Search Domain Scan URL

URL: https://anyclip.com/?source=powered&wid=0011r00002QYAoh_1326
Title: Powered by AnyClip

Search URL Search Domain Scan URL

URL: https://anyclip.com/privacy-policy/?source=policy&wid=0011r00002QYAoh_1326
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://on3.zendesk.com/hc/en-us
Title: Customer Service

Search URL Search Domain Scan URL

URL: https://on3.zendesk.com/hc/en-us/requests/new
Title: Help

Search URL Search Domain Scan URL

URL: https://facebook.com/On3Sports

Search URL Search Domain Scan URL

URL: https://twitter.com/on3sports

Search URL Search Domain Scan URL

URL: https://instagram.com/on3/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/redirect?url=https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension&t=1+1660973635168&cn=ZmxleGlibGVfcmVjcw==&sig=40bad6fbc349dda1671e7be1a5d5211a4673f18a&iid=b743bf18de794936848ccf00ea32cc7a&uid=366033559&nid=244+272830480 Page URL
https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension HTTP 308
https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js HTTP 302
https://cdn-ext.spiny.ai/lib/br/tags/v1.0.18/D17/on3/default/bidroll.min.js

Request Chain 177

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/300834140/?random=960820406&cv=9&fst=1662060692528&num=1&label=4Q_iCL2KmIUDENy6uY8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8t0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&tiba=Kentucky%27s%20Chris%20Rodriguez%20set%20to%20face%20multi-game%20suspension%20-%20On3&auid=1536657425.1662060692&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=lAgRY4uUIueF9fgP0vKw0Aw&sscte=1&crd=&pscrd=Ek5DaEFJOExEQm1BWVF0OVRCb2FQNzJMaDJFaVlBM3gzZTV5V1hUaHdOb0NzT1gzS2kwVjZoS09jX2k4ekwxaE5hUkpZajBpNlViYWxxYXcaWkNoRUk4TERCbUFZUTRJS2c4ZkxzXzRuRUFSSXVBTFczMDFkNWppRWQ2RWtobmpER3lwaEpIRzVsLWE1NGFJUG1BdjltNHJwRjJNRE9sWG5GRUVISm9UWkdZZw HTTP 302
https://www.google.com/pagead/1p-conversion/300834140/?random=960820406&cv=9&fst=1662060692528&num=1&label=4Q_iCL2KmIUDENy6uY8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8t0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&tiba=Kentucky%27s%20Chris%20Rodriguez%20set%20to%20face%20multi-game%20suspension%20-%20On3&auid=1536657425.1662060692&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOExEQm1BWVF0OVRCb2FQNzJMaDJFaVlBM3gzZTV5V1hUaHdOb0NzT1gzS2kwVjZoS09jX2k4ekwxaE5hUkpZajBpNlViYWxxYXcaWkNoRUk4TERCbUFZUTRJS2c4ZkxzXzRuRUFSSXVBTFczMDFkNWppRWQ2RWtobmpER3lwaEpIRzVsLWE1NGFJUG1BdjltNHJwRjJNRE9sWG5GRUVISm9UWkdZZw&is_vtc=1&ocp_id=lAgRY4uUIueF9fgP0vKw0Aw&random=4113586177&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/300834140/?random=960820406&cv=9&fst=1662060692528&num=1&label=4Q_iCL2KmIUDENy6uY8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8t0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&tiba=Kentucky%27s%20Chris%20Rodriguez%20set%20to%20face%20multi-game%20suspension%20-%20On3&auid=1536657425.1662060692&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOExEQm1BWVF0OVRCb2FQNzJMaDJFaVlBM3gzZTV5V1hUaHdOb0NzT1gzS2kwVjZoS09jX2k4ekwxaE5hUkpZajBpNlViYWxxYXcaWkNoRUk4TERCbUFZUTRJS2c4ZkxzXzRuRUFSSXVBTFczMDFkNWppRWQ2RWtobmpER3lwaEpIRzVsLWE1NGFJUG1BdjltNHJwRjJNRE9sWG5GRUVISm9UWkdZZw&is_vtc=1&ocp_id=lAgRY4uUIueF9fgP0vKw0Aw&random=4113586177&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 229

https://sb.scorecardresearch.com/cs/36671852/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 295

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNQjtgQFu5pR7wBpt-EBlY&google_cver=1

Request Chain 296

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxEImrtbRS0TsVO1R5O8QgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNQjtgQFu5pR7wBpt-EBlY&google_cver=1

Request Chain 297

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIZn6ltoAACsppHtIY8d6qc&google_cver=1

Request Chain 298

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg1Mzc1MjE1NDY2NTkzMDYwNQ%3D%3D

Request Chain 299

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNQjtgQFu5pR7wBpt-EBlY&google_cver=1

Request Chain 300

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxEImrtbRS0TsVO1R5O8QgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNQjtgQFu5pR7wBpt-EBlY&google_cver=1

Request Chain 301

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIZn6ltoAACsppHtIY8d6qc&google_cver=1

Request Chain 302

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI4MTA2NDYzMjM0MTAzNTMx

Request Chain 321

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESED-Z86IcdpzIkjV6rWH-ZgQ&google_cver=1&google_push=AehlK4BMgBY5TCsy5uMiB4xGtCVlEsWp6uAO921PrmQ7VK1gBENTJELeuI0gqQiMLTBkhC7DHSmztCjHWZOX9SusSqH-tsMO0Deb HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdKRzBUVkwtMjYtNkI3SA==&google_push=AehlK4BMgBY5TCsy5uMiB4xGtCVlEsWp6uAO921PrmQ7VK1gBENTJELeuI0gqQiMLTBkhC7DHSmztCjHWZOX9SusSqH-tsMO0Deb

Request Chain 329

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESED-Z86IcdpzIkjV6rWH-ZgQ&google_cver=1&google_push=AehlK4AP-u0uqdk0CqlrUSCczZp8gtAR9jcsg3c2p8CXt2Mj3rzBvM3HxMRmirl-CS2G_HXskj6ts1JOzQA42aEGkaPwuAs5Dz6i HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdKRzBUVkwtMjYtNkI3SA==&google_push=AehlK4AP-u0uqdk0CqlrUSCczZp8gtAR9jcsg3c2p8CXt2Mj3rzBvM3HxMRmirl-CS2G_HXskj6ts1JOzQA42aEGkaPwuAs5Dz6i

340 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 redirect
t.co/ 482 B
564 B 375ms
122ms Document
text/html 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/redirect?url=https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension&t=1+1660973635168&cn=ZmxleGlibGVfcmVjcw==&sig=40bad6fbc349dda1671e7be1a5d5211a4673f18a&iid=b743bf18de794936848ccf00ea32cc7a&uid=366033559&nid=244+272830480

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 240
content-type: text/html; charset=utf-8
date: Thu, 01 Sep 2022 19:31:27 GMT
expires: Thu, 01 Sep 2022 19:36:28 GMT
server: tsa_o
strict-transport-security: max-age=0
x-connection-hash: 7efd0238e1a1e9f5e6b6b531ada114408013b8ac2495f0660b3a495803245dfd
x-response-time: 113
x-xss-protection: 0

GET
H2

200

Primary Request / Show response
www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Redirect Chain

https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension
https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

731 KB
74 KB

771ms
769ms

Document
text/html

2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Requested by

Host: t.co
URL: https://t.co/redirect?url=https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension&t=1+1660973635168&cn=ZmxleGlibGVfcmVjcw==&sig=40bad6fbc349dda1671e7be1a5d5211a4673f18a&iid=b743bf18de794936848ccf00ea32cc7a&uid=366033559&nid=244+272830480

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

2db7ff033ee630d86f95328dab7d27758ff0df66525ceb1f261af353c3dac4cb

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

Referer: https://t.co/redirect?url=https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension&t=1+1660973635168&cn=ZmxleGlibGVfcmVjcw==&sig=40bad6fbc349dda1671e7be1a5d5211a4673f18a&iid=b743bf18de794936848ccf00ea32cc7a&uid=366033559&nid=244+272830480
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: MISS
cf-ray: 74406d2efefe9158-FRA
content-encoding: br
content-security-policy
content-type: text/html; charset=utf-8
date: Thu, 01 Sep 2022 19:31:30 GMT
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: deny
x-powered-by: Next.js
x-xss-protection: 1

Redirect headers

cf-cache-status: BYPASS
cf-ray: 74406d2a8eb29158-FRA
content-security-policy
date: Thu, 01 Sep 2022 19:31:29 GMT
location: /teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
referrer-policy: same-origin
refresh: 0;url=/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: deny
x-xss-protection: 1

GET
H2 200 c8a357145d65263a.css
www.on3.com/_next/static/css/ 1 KB
813 B 190ms
188ms Stylesheet
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/c8a357145d65263a.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81217d1ff4759a0b3f833ce1744ee804a66304d1412f3941622ac512d98b3751

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"485-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d33eff29158-FRA

GET
H2 200 60415c36a1307964.css
www.on3.com/_next/static/css/ 21 KB
5 KB 666ms
665ms Stylesheet
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/60415c36a1307964.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

624d3ca34f25c5add6ca47b095bd51ac8b2d5f2f5d4a345303d86aacfbaa3faf

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"5422-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d33eff89158-FRA

GET
H2 200 36fe19491de596bf.css
www.on3.com/_next/static/css/ 18 KB
4 KB 198ms
197ms Stylesheet
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/36fe19491de596bf.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c70536bd78fb3998e40369ea295a20d22fd6f078b3113d87c5461b22611369c

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"47ff-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d33effa9158-FRA

GET
H2 200 webpack-d58bd924d3d081c1.js Show response
www.on3.com/_next/static/chunks/ 2 KB
1 KB 257ms
250ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/webpack-d58bd924d3d081c1.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fe6a1411d5c9e8d5818521362a62ec782f874be6b0906ebe73d96f035097562

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"70e-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3438869158-FRA

GET
H2 200 framework-da8f2f2aff8ee407.js Show response
www.on3.com/_next/static/chunks/ 127 KB
42 KB 986ms
979ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/framework-da8f2f2aff8ee407.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98fa566d2e4411bdd53635a3e470ff5b1b189a05b7410125da3ab21e4f6f94f1

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"1fc03-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3438889158-FRA

GET
H2 200 main-d533073c654df987.js Show response
www.on3.com/_next/static/chunks/ 104 KB
31 KB 872ms
865ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb345959413105a14337bf0ae740be7d89af5c8bf73ad01deff9721c95fb0b2

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"19f97-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d34388a9158-FRA

GET
H2 200 _app-5e4107e385cbb000.js Show response
www.on3.com/_next/static/chunks/pages/ 150 KB
45 KB 517ms
510ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/_app-5e4107e385cbb000.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76b2153d8640380ba65ed7ef31953e8bf48339e8775e358c338defe85d7039fc

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"25701-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d34388e9158-FRA

GET
H2 200 e893f787-5343e8f3402f78d7.js Show response
www.on3.com/_next/static/chunks/ 319 KB
86 KB 1159ms
1153ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/e893f787-5343e8f3402f78d7.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2d832b369dcea159af3851c4fe177dfd4933755ec4beff8d9120a4487359a5d

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"4fcff-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3438909158-FRA

GET
H2 200 4229-9d2999962a6bb154.js Show response
www.on3.com/_next/static/chunks/ 8 KB
3 KB 201ms
195ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/4229-9d2999962a6bb154.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

335adf4fd8e378edb0b4800e8fae23f02d0c8a03e3bc0e5160617fea825cccb4

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"1f8d-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3438929158-FRA

GET
H2 200 8483-cc28007d97d686f6.js Show response
www.on3.com/_next/static/chunks/ 21 KB
7 KB 707ms
701ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/8483-cc28007d97d686f6.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25b2eb18870ea6f934fd581dcb35205259a09ed00c67160fa4fd9ccc8b3eb49e

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"5212-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3438949158-FRA

GET
H2 200 8474-85584df9d12390dd.js Show response
www.on3.com/_next/static/chunks/ 10 KB
4 KB 198ms
193ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/8474-85584df9d12390dd.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e27356e2ff763491d74a6546c700b0fbb5e7be3a78b9587fb250b31669ae6d95

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"2638-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3438959158-FRA

GET
H2 200 5790-e7d7485daf5f02b3.js Show response
www.on3.com/_next/static/chunks/ 21 KB
6 KB 708ms
702ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/5790-e7d7485daf5f02b3.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2828dd59b285b2fea5be1067947f7219024b480693aceec5e6580d8819b57948

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"5561-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3438969158-FRA

GET
H2 200 9784-fb15ad3d555503da.js Show response
www.on3.com/_next/static/chunks/ 6 KB
3 KB 196ms
191ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/9784-fb15ad3d555503da.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20854504a533196848905019def6656a9f3fbf6d8ac95b5ac08a8dd1998e33ef

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"1946-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3438989158-FRA

GET
H2 200 583-8d00bd8cf53fe409.js Show response
www.on3.com/_next/static/chunks/ 3 KB
1 KB 210ms
204ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/583-8d00bd8cf53fe409.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aab3f29a0f5f0c23c1818b8d150f6d8a2c14a914f10cda6064a88a2445ae2aa9

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"d9f-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3448ae9158-FRA

GET
H2 200 9229-642ebaaa0e0a17b1.js Show response
www.on3.com/_next/static/chunks/ 35 KB
11 KB 845ms
840ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/9229-642ebaaa0e0a17b1.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

157ba939ab51df172af5c568030a04449b43fd577367c0c7a3f70c3c94faacb8

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"8af6-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3448b19158-FRA

GET
H2 200 6126-b7571bbaf018fe95.js Show response
www.on3.com/_next/static/chunks/ 6 KB
3 KB 203ms
198ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/6126-b7571bbaf018fe95.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06e20d4b3c5614231a23ee2f194f817a3591df0fbb30ab406c33128f3aefc2d6

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"1775-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3448b39158-FRA

GET
H2 200 3955-b09d66d29ecfaf20.js Show response
www.on3.com/_next/static/chunks/ 20 KB
8 KB 712ms
707ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/3955-b09d66d29ecfaf20.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad469548644fdfbd8327536f36f4f782755310c8bdcf835d1a3f17124613680a

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"5039-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3448b49158-FRA

GET
H2 200 3859-9d13979e0f77f8b8.js Show response
www.on3.com/_next/static/chunks/ 20 KB
6 KB 695ms
690ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/3859-9d13979e0f77f8b8.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd6375e19cbd9266bd32a6d562a09d56a79c9e4f73ad4aaa069e78988a2f552f

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"4e25-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3448b59158-FRA

GET
H2 200 6533-818a73a4d6cb9a66.js Show response
www.on3.com/_next/static/chunks/ 38 KB
13 KB 862ms
857ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/6533-818a73a4d6cb9a66.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed59e17fc9beb221da2c288c37ce2b9601cf37aae9a995b744e3b6028c9ca09b

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"9694-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3448b99158-FRA

GET
H2 200 4563-717ccb7fa8c02030.js Show response
www.on3.com/_next/static/chunks/ 142 KB
31 KB 982ms
978ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/4563-717ccb7fa8c02030.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

033d43cc15edb036b6bd952ae40fda9b22bd721492d010d850ef64e6eb97b49d

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"237d2-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3448ba9158-FRA

GET
H2 200 6741-cca3c8355beb0f64.js Show response
www.on3.com/_next/static/chunks/ 27 KB
10 KB 517ms
513ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/6741-cca3c8355beb0f64.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df768be4d86e1ef9d982213969504bcb0b5c9fabceae868c02f6580fd7f8d07

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"6a7f-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3448bc9158-FRA

GET
H2 200 6299-355f3b629b746af2.js Show response
www.on3.com/_next/static/chunks/ 8 KB
3 KB 709ms
705ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/6299-355f3b629b746af2.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67b30ca2ad10f4b0c9bdcd977b10e9c5890a51e7342ce454868ab292eb91adc9

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"1ff1-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3448bf9158-FRA

GET
H2 200 8921-5c3167d332a71283.js Show response
www.on3.com/_next/static/chunks/ 58 KB
19 KB 870ms
866ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/8921-5c3167d332a71283.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35a88aea627cd282b43f20f5b43fc8a34ac20911966b5b4dcc9d57544f75b6b6

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"e7cb-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3448c09158-FRA

GET
H2 200 9733-3a8bf6ae01428e64.js Show response
www.on3.com/_next/static/chunks/ 9 KB
3 KB 266ms
262ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/9733-3a8bf6ae01428e64.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70c6f6b3b081b1a2342846e9afa58c1677ff014c1397fac70e1635eedfce23dc

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"24a9-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3448c19158-FRA

GET
H2 200 5308-ab91fe464603d01b.js Show response
www.on3.com/_next/static/chunks/ 134 KB
47 KB 1065ms
1062ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/5308-ab91fe464603d01b.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35763e61ddd91b97331d329fc5baa480d473c6ec340db7799863d06f91eb042f

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"217f5-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3448c39158-FRA

GET
H2 200 7320-0232b1bc78ff87c9.js Show response
www.on3.com/_next/static/chunks/ 19 KB
6 KB 695ms
692ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/7320-0232b1bc78ff87c9.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16ee43bfe2d05ea2ff3cf964d5e9cf858634126c70fd40b2d872e47651d908cd

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"4dc2-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3448c69158-FRA

GET
H2 200 4294-01505aeb1f59ac39.js Show response
www.on3.com/_next/static/chunks/ 39 KB
12 KB 843ms
839ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/4294-01505aeb1f59ac39.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

428f011c33a496e765f72669a4f10a731364ec415d6d6750c54ec32d53fecbe2

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"9b08-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3448c79158-FRA

GET
H2 200 %5Bslug%5D-13205fe046197f3c.js Show response
www.on3.com/_next/static/chunks/pages/teams/%5Bteam%5D/news/ 699 B
517 B 207ms
204ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/teams/%5Bteam%5D/news/%5Bslug%5D-13205fe046197f3c.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24950f85752bdb73722e26866dedcc90bec35b2bbb650da0cf4ace7e2806fcd1

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"2bb-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3448c99158-FRA

GET
H2 200 _buildManifest.js Show response
www.on3.com/_next/static/PV4GsKKfehJdYeh1ShYBU/ 21 KB
5 KB 699ms
696ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/PV4GsKKfehJdYeh1ShYBU/_buildManifest.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec32243273cec9b7b1ea3f93879622bbf9a7c617689a1664b65913809e3786bc

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"5294-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3448cb9158-FRA

GET
H2 200 _ssgManifest.js Show response
www.on3.com/_next/static/PV4GsKKfehJdYeh1ShYBU/ 77 B
130 B 711ms
708ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/PV4GsKKfehJdYeh1ShYBU/_ssgManifest.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"4d-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3448ce9158-FRA

GET
H2 200 kentucky-logo.png
on3static.com/sites/ 19 KB
20 KB 70ms
19ms Image
image/webp 2606:4700:10::6816:22d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/sites/kentucky-logo.png?v=16

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:22d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11cee3ceb6da4c172316ab6295157fa8ff32cb124861ec55d4b1206e009df35f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 34855
cf-polished: origFmt=png, origSize=39643
cf-ray: 74406d348a9b5b8c-FRA
content-disposition: inline; filename="kentucky-logo.webp"
vary: Accept
content-length: 19758
x-amz-id-2: YiQw76DJSyrVYMgaJvEBTxiQ51aO7BXLBZw/s1rbQLkn1ROdP56c/IccNx5LsgKd1hcAX1z0Psg=
last-modified: Fri, 23 Jul 2021 14:46:20 GMT
server: cloudflare
etag: "bdc0cab37b9f865891cf11244565f92b"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: 78HFH02722P6REQT
cache-control: max-age=691200
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:100,h2pri

GET
H2 200 Jack-PIlgrim.jpg
on3static.com/cdn-cgi/image/height=50,width=50,quality=95,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2021/07/28100314/ 2 KB
2 KB 82ms
30ms Image
image/jpeg 2606:4700:10::6816:22d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=50,width=50,quality=95,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2021/07/28100314/Jack-PIlgrim.jpg

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:22d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c963ac26c8c7fa64ef033c30900ce933aca7015d3ebc61583c697669b0db4f11

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
vary: Accept, Accept-Encoding
content-length: 2237
last-modified: Wed, 28 Jul 2021 15:03:15 GMT
server: cloudflare
etag: "cfpml-gsmq4q5cVSBMAz9s2g:850824db523714b33ed070ea41874f88"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=31536000
cf-resized: internal=ok/m q=0 n=180 c=5 v=2022.8.4 l=2237
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
accept-ranges: bytes
cf-ray: 74406d348a9d5b8c-FRA
cf-bgj: imgq:95,h2pri

GET
H2 200 UKFB22-3538.jpg
on3static.com/cdn-cgi/image/height=417,width=795,quality=95,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/08/03195245/ 210 KB
211 KB 266ms
215ms Image
image/jpeg 2606:4700:10::6816:22d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=417,width=795,quality=95,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/08/03195245/UKFB22-3538.jpg

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:22d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c815150df53566e738dd65e93d88efdaffd586acbfbbb32d6dcdfd700aca270c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
vary: Accept, Accept-Encoding
content-length: 215470
last-modified: Thu, 04 Aug 2022 00:52:46 GMT
server: cloudflare
etag: "cfjMPz03i1DIevBycI8wzH0g:189de07937947e69de3046ce04b9ffe1"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=31536000
cf-resized: internal=ok/h q=0 n=32 c=215 v=2022.8.3 l=215470
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
accept-ranges: bytes
cf-ray: 74406d348a9e5b8c-FRA
cf-bgj: imgq:95,h2pri

GET
H/1.1 200
OK lre.js Show response
player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/ 1 MB
304 KB 85ms
17ms Script
application/javascript 178.79.227.9
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.9 Vienna, Austria, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-9.vie.llnw.net
Software: AmazonS3 /
Resource Hash: 49842c21e5646b4dc63ae0571d1eba6621ca0a28863171ec61f78605d9b318fd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: 17Zuikfb3D907qy5p3X9IJOQtOHRu8OQ
Content-Encoding: gzip
Age: 13919
Content-Length: 310842
x-amz-request-id: VBN6AEXSQWXMBC5V
x-amz-id-2: F43GF3QnVSi12/O2jtrdllqtj88qYnwdJBDqQ/FhJioa9aKZxg/TwDPgB1aSi7i4vHHqiZQEubU=
Last-Modified: Tue, 30 Aug 2022 12:31:33 GMT
Server: AmazonS3
Date: Thu, 01 Sep 2022 19:31:30 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=60
Accept-Ranges: bytes
X-LLID: 1b1c550a97e7728cba4227cef8532b39
Expires: Thu, 01 Sep 2022 15:40:31 GMT

GET
H2 200 email-decode.min.js Show response
www.on3.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
818 B 12ms
11ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Aug 2022 13:16:51 GMT
server: cloudflare
etag: W/"630f5f43-4d7"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 74406d34c9b59158-FRA
vary: Accept-Encoding
expires: Sat, 03 Sep 2022 19:31:30 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 45ms
16ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27ac3f1fe91ac86b8b872b50f5a9212a01a0dcc44119418a1f3aede79dd2b3ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28538
x-xss-protection: 0
server: sffe
etag: "1321 / 853 of 1000 / last-modified: 1662030275"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 01 Sep 2022 19:31:30 GMT

GET
H2

200

bidroll.min.js Show response
cdn-ext.spiny.ai/lib/br/tags/v1.0.18/D17/on3/default/
Redirect Chain

https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
https://cdn-ext.spiny.ai/lib/br/tags/v1.0.18/D17/on3/default/bidroll.min.js

394 KB
120 KB

504ms
504ms

Script
text/javascript

2606:4700:3034::6815:4d81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ext.spiny.ai/lib/br/tags/v1.0.18/D17/on3/default/bidroll.min.js
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: H2
Server: 2606:4700:3034::6815:4d81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff6e7e963415040e42cb3f7bd5b4753f38b696ebbc590b380d991060f1ee9b33

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 30 Aug 2022 22:18:31 GMT
server: cloudflare
etag: W/"3b5d90b357f97e40a1d88b00c0ac1fdc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BdZBejnqf4D7vNHqYRUz3qfSdZbhpKmPYqYmRAauESTIsgMULN0d0uNL5f7egrod%2FAnGB6vOopri69JfB3Ot52dMWJF5TxOlRSLORDB3g3VNOPrSM9mFwoKbGLW0PiETv5zIJlb4JYMeyEd3isdV"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=900, public, must-revalidate
cf-ray: 74406d354a269b1f-FRA
x-amz-cf-id: -yWXvwn4NULRnhiRvMUCX-dAhyKU8Sf0lfaXvV0wIIKXyzoaGJNFyw==

Redirect headers

date: Thu, 01 Sep 2022 19:31:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2MKs4AehQ2UM7ye73DET3RTVP9jUyHMAq5pjl%2BZKpafDDbYvpGhoGRskEpOpkEz41nnCXmI5pgNhrLtVQZ2o6jr1U4u%2Bc5YCsdAlhqfi2Cpwa%2B%2FFbTg4XUBE0HOo%2B%2BzxUDlM42RPclRN5XM%2BWjh"}],"group":"cf-nel","max_age":604800}
location: https://cdn-ext.spiny.ai/lib/br/tags/v1.0.18/D17/on3/default/bidroll.min.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 74406d3519da9b1f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 82ms
54ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
Origin: https://www.on3.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:30 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 74406d350dcd5c0e-FRA

GET
H/1.1 200
OK conf.js Show response
config.anyclip.com/anyclip-widget/config/kentuckysportsradiocom/0011r00002QYAoh_1326/ 22 KB
5 KB 89ms
16ms Script
application/javascript 178.79.227.9
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://config.anyclip.com/anyclip-widget/config/kentuckysportsradiocom/0011r00002QYAoh_1326/conf.js?cb=197495
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.9 Vienna, Austria, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-9.vie.llnw.net
Software: AmazonS3 /
Resource Hash: f65daa511eaa8a9b90e0c7f6b787830522cf844c8e7a405566241327fb1412ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: dGkY27_QZppafxp2m1E6xGUu.nEQReeA
Content-Encoding: gzip
Age: 695
Content-Length: 4294
x-amz-meta-updatedby: yahalom+admin@anyclip.com
x-amz-request-id: ET28NB7GJC2CV0TG
x-amz-id-2: mgRPa+T12xBKkDp/5JpVP2aCtz95tj9ezEZ9PUALiP+ZMubKD1AeHxJBOmISUginRAOCFgxggs4=
Last-Modified: Wed, 31 Aug 2022 14:16:42 GMT
Server: AmazonS3
Date: Thu, 01 Sep 2022 19:31:31 GMT
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=1800
Accept-Ranges: bytes
X-LLID: 0166cb350d2653769414d291e8e3c405

GET
H/1.1 200
OK rules.js Show response
player.anyclip.com/anyclip-widget/lre-widget/sps-flow/ 474 B
936 B 16ms
16ms Script
application/javascript 178.79.227.9
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.anyclip.com/anyclip-widget/lre-widget/sps-flow/rules.js
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.9 Vienna, Austria, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-9.vie.llnw.net
Software: AmazonS3 /
Resource Hash: bf8a3d71354828a837da5f234fdeab608b2e535b11b4851e89d75b1686686635

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: Dnob.rNfaHkFPCA9eGou8IS.DrpBU9EH
Content-Encoding: gzip
Age: 177242
x-amz-meta-sha256: bf8a3d71354828a837da5f234fdeab608b2e535b11b4851e89d75b1686686635
Content-Length: 216
x-amz-request-id: 2B575A414AE4DC7A
x-amz-id-2: vSLogpMDrNBm2IYWcVta1K5bPOfmlqgU3XyVZfmtf8AdaIbQMGMC1MwXj+7MKU4F9xWaVaMycZc=
Last-Modified: Thu, 30 Apr 2020 15:11:24 GMT
Server: AmazonS3
Date: Thu, 01 Sep 2022 19:31:31 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Expires: Tue, 30 Aug 2022 18:18:29 GMT
Cache-Control: public,max-age=60
Accept-Ranges: bytes
X-LLID: 8703be0c6045d5d97df19e852f352dc0
x-amz-meta-s3b-last-modified: 20200430T151051Z

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
180 B 330ms
95ms Image
image/gif 3.214.35.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=66&val=vjs&wnx=0&abc=&ty=wlo&v=0&ext=0&ta=1&lnx=0&us=&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&pt=a
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.35.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-35-174.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
last-modified: Wed, 17 Aug 2022 14:03:12 GMT
server: nginx
accept-ranges: bytes
etag: "62fcf520-23"
content-length: 35
content-type: image/gif

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 330ms
96ms Image
image/gif 3.214.35.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?dom=www.on3.com&cke=true&lan=en-US&plat=Win32&net=-&ver=js4.0.34.1278&dev=desktop&os=Windows&bw=Chrome%2C105&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F105.0.5195.52+Safari%2F537.36&url=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&ty=data&rt=66&us=&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&pt=a
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.35.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-35-174.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
last-modified: Wed, 17 Aug 2022 14:03:12 GMT
server: nginx
accept-ranges: bytes
etag: "62fcf520-23"
content-length: 35
content-type: image/gif

GET
H2 200 k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxKsv4Rn.woff2
fonts.gstatic.com/s/archivo/v18/ 31 KB
31 KB 46ms
21ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivo/v18/k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxKsv4Rn.woff2

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dee9bcb02878b6553e1ecedb49704d5b7f09c8522f3a978eaa91c6b986422626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.on3.com/
Origin: https://www.on3.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 10:55:18 GMT
x-content-type-options: nosniff
age: 117373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31484
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 19:17:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 10:55:18 GMT

GET
H2 200 tss0ApVBdCYD5Q7hcxTE1ArZ0bbwiXxw2d8o.woff2
fonts.gstatic.com/s/archivonarrow/v24/ 17 KB
18 KB 34ms
10ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivonarrow/v24/tss0ApVBdCYD5Q7hcxTE1ArZ0bbwiXxw2d8o.woff2

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a44af82cb5402cd2ec9a35a77d000d824fdb0be38c1cc18948c5c5fa30869e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.on3.com/
Origin: https://www.on3.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 00:24:20 GMT
x-content-type-options: nosniff
age: 500831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17452
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 19:04:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Aug 2023 00:24:20 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2
fonts.gstatic.com/s/merriweather/v30/ 13 KB
13 KB 36ms
12ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75a101a7c3214c232948e4251501543cb799110b868d79c0d5e820add0de292d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.on3.com/
Origin: https://www.on3.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 08:45:04 GMT
x-content-type-options: nosniff
age: 125187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12832
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 08:45:04 GMT

GET
H3 200 k3k6o8UDI-1M0wlSV9XAw6lQkqWY8Q82sJaRE-NWIDdgffTTNDNp8w.woff
fonts.gstatic.com/s/archivo/v18/ 37 KB
37 KB 32ms
14ms Font
font/woff 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivo/v18/k3k6o8UDI-1M0wlSV9XAw6lQkqWY8Q82sJaRE-NWIDdgffTTNDNp8w.woff

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e1ea8dc19e5bed44deb3d511eee45e6739ef7e4ac7dd469d7cb038fd3cff01b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.on3.com/
Origin: https://www.on3.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 16:28:00 GMT
x-content-type-options: nosniff
age: 270211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38096
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 19:27:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 16:28:00 GMT

GET
BLOB 200
OK 896d2361-57b1-4191-a901-0523a6587eca
https://www.on3.com/ 417 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.on3.com/896d2361-57b1-4191-a901-0523a6587eca
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aadceda6ac29f88fdd80f43e6630da80c6f863be565d2205f0c45b1a3066ee2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Length: 417

GET
H3 200 UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuDyfMZs.woff
fonts.gstatic.com/s/inter/v12/ 134 KB
134 KB 9ms
8ms Font
font/woff 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuDyfMZs.woff

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34e907e61cdb760e35e2c70e503f2a15b28346d4b1e081006ed08ecde3b9afbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.on3.com/
Origin: https://www.on3.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 19:10:37 GMT
x-content-type-options: nosniff
age: 346854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137016
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:53:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 19:10:37 GMT

GET
H2 200 memorial-coliseum-renovations-kentucky-womens-basketball-volleyball-gymnastics.png
on3static.com/cdn-cgi/image/height=338,width=600,quality=95,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/09/01123455/ 154 KB
154 KB 27ms
26ms Image
image/jpeg 2606:4700:10::6816:22d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=338,width=600,quality=95,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/09/01123455/memorial-coliseum-renovations-kentucky-womens-basketball-volleyball-gymnastics.png

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:22d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed722a86cf092a526a9ae6453e162af2d12b67b8b22214836ae9e3ca86f183

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
vary: Accept, Accept-Encoding
content-length: 157576
last-modified: Thu, 01 Sep 2022 17:34:56 GMT
server: cloudflare
etag: "cf3xTCxc9dY1HRE6xbauSBkg:b8af8520cc4e7c92f383e832364e56a9"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=31536000
cf-resized: internal=ok/h q=0 n=53 c=109 v=2022.8.4 l=157576
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
accept-ranges: bytes
cf-ray: 74406d39d9095b8c-FRA
cf-bgj: imgq:95,h2pri

GET
H2 200 Chuck-Martin.jpg
on3static.com/cdn-cgi/image/height=338,width=600,quality=95,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/07/26150138/ 63 KB
63 KB 23ms
22ms Image
image/jpeg 2606:4700:10::6816:22d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=338,width=600,quality=95,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/07/26150138/Chuck-Martin.jpg

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:22d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3551b49c00e37fc5002bb590762335b404405b5155940d958f885b69b9cabdf1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
vary: Accept, Accept-Encoding
content-length: 64511
last-modified: Tue, 26 Jul 2022 20:01:39 GMT
server: cloudflare
etag: "cfiFn3G4W4j51VmFvJ5NGPsg:bb05e225858293246d5361d02e5019e0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=31536000
cf-resized: internal=ok/h q=0 n=101 c=52 v=2022.8.4 l=64511
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
accept-ranges: bytes
cf-ray: 74406d39d90a5b8c-FRA
cf-bgj: imgq:95,h2pri

GET
H3 200 pubads_impl_2022082901.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
129 KB 27ms
9ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b98ba65804117309185fd18cda5608fa31f342b3c626715722721ebc93f4231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 15:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132076
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 08:35:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 01 Sep 2023 15:16:48 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 216 B
145 B 60ms
43ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.on3.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07eea6bc48815e92132aadac5a8852e87c62c955dd0349394dd01d8d722873b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 19:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
expires: Thu, 01 Sep 2022 19:31:31 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 161 KB
41 KB 86ms
9ms Script
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a17bf5a5e1a1e1c69faa10ec7a45118181b51ca287bb2374c32798eff7edbb09

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 01 Sep 2022 19:12:41 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront), 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 16:04:10 GMT
server: AmazonS3
age: 1131
etag: W/"a702d6a9b82e18143638cd1f28cbb7a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA6-C1, FRA56-P6
content-encoding: gzip
x-amz-cf-id: CknQCCNTZtb3S9rbsHI5J9w82hdTDcMSujcjDetr-_I-dqFd8qu9Zg==

OPTIONS
H2 200 authorize
trafficmanager.anyclip.com/trafficmanager/api/authorization/ Frame 0
0 325ms
96ms Preflight
text/plain 107.23.86.249
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficmanager.anyclip.com/trafficmanager/api/authorization/authorize
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.86.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-86-249.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.on3.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.on3.com
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 01 Sep 2022 19:31:31 GMT

POST
H2 200 authorize Show response
trafficmanager.anyclip.com/trafficmanager/api/authorization/ 448 B
641 B 98ms
97ms Fetch
text/plain 107.23.86.249
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficmanager.anyclip.com/trafficmanager/api/authorization/authorize
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.86.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-86-249.compute-1.amazonaws.com
Software: /
Resource Hash: da4e327b5d8060bab4783984722b19d4acfd466114396a11793ccee184455d0e

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.on3.com
date: Thu, 01 Sep 2022 19:31:31 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 448
access-control-allow-methods: GET,POST
content-type: text/plain

GET
H2 200 / Show response
ipv4.icanhazip.com/ 11 B
395 B 43ms
15ms XHR
text/plain 104.18.115.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv4.icanhazip.com/
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.115.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36b8897c6aeb82ba1c8c7dcbf03813bf3c193240fda82f6f0bc1fbf79c5fa439

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: *
cf-ray: 74406d3a8e80922c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11

GET
H/1.1 200
OK iiq.js Show response
player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/ 42 KB
10 KB 16ms
16ms Script
application/javascript 178.79.227.9
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/iiq.js
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.9 Vienna, Austria, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-9.vie.llnw.net
Software: AmazonS3 /
Resource Hash: 592d30d69ead4f74ef318ddbba2f40298a2d09a01c25e328bb5b5b76530eb653

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: .CNGZ7z.n6DIwtLGMW2GPHM8M0XtpFwt
Content-Encoding: gzip
Age: 13776
Content-Length: 9464
x-amz-request-id: VBNE4YFBYEYZYNHN
x-amz-id-2: CjY19AC2q0UmCHlUqzA6gXQI4cKISkY0CXgmrh79qcvY98q38vq1R9B4zkWUNA7OnXUhcLKwPEI=
Last-Modified: Tue, 30 Aug 2022 12:31:33 GMT
Server: AmazonS3
Date: Thu, 01 Sep 2022 19:31:31 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=60
Accept-Ranges: bytes
X-LLID: 3fd0479b46285a21cabc494d7208274e
Expires: Thu, 01 Sep 2022 15:42:55 GMT

HEAD
H/1.1 200
OK advertising.js
assets.anyclip.com/anyclip-widget/lre-widget/assets/js/ 0
0 81ms
15ms Fetch
application/javascript 178.79.227.9
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/js/advertising.js
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.9 Vienna, Austria, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-9.vie.llnw.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: yQR7I__mdWlTGiugUbenyyFFuDDzo_a4
Last-Modified: Mon, 10 Dec 2018 11:26:45 GMT
Server: AmazonS3
Age: 13991
Date: Thu, 01 Sep 2022 19:31:31 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=14400
x-amz-meta-s3b-last-modified: 20181210T110233Z
Content-Length: 32
Accept-Ranges: bytes
X-LLID: a3f07d923976a73276dd7701993dc7ea
x-amz-request-id: 5EBKRE206EWJ95AA
x-amz-id-2: uIUaU1evDeHDO/u3dmNN0n7VLBMOR2eF+yi3nD9TU7IBJ3dAVklOCwGeoxQjYbUKvlLreg5c3QE=
Expires: Thu, 01 Sep 2022 19:38:20 GMT

HEAD
H2 200 ima3.js
imasdk.googleapis.com/js/sdkloader/ 0
0 70ms
27ms Fetch
text/javascript 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 01 Sep 2022 19:31:31 GMT

GET
H2 200 362290
vid.springserve.com/vast/ 22 B
0 341ms
101ms Fetch
application/xml 18.204.159.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/362290
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.204.159.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-159-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 01 Sep 2022 19:31:31 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 22
content-type: application/xml;charset=UTF-8

HEAD
H2 200 loader.js
imasdk.googleapis.com/js/sdkloader/ 0
0 64ms
21ms Fetch
text/javascript 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 630
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20087
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 20:45:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Thu, 01 Sep 2022 19:36:01 GMT

HEAD
H2 200 client.js
s0.2mdn.net/instream/video/ 0
0 86ms
22ms Fetch
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Sep 2022 19:31:31 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 376 KB
126 KB 71ms
29ms Script
text/javascript 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128229
x-xss-protection: 0
expires: Thu, 01 Sep 2022 19:31:31 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 98ms
98ms Image
image/gif 3.214.35.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=345&val=1&wnx=0&abc=&ty=iiq&v=0&ext=0&ta=1&lnx=0&us=&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&pt=a
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.35.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-35-174.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
last-modified: Wed, 17 Aug 2022 14:03:12 GMT
server: nginx
accept-ranges: bytes
etag: "62fcf520-23"
content-length: 35
content-type: image/gif

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 97ms
97ms Image
image/gif 3.214.35.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=347&val=0&wnx=0&abc=&ty=blo&v=0&ext=0&ta=1&lnx=0&us=&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&pt=a
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.35.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-35-174.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
last-modified: Wed, 17 Aug 2022 14:03:12 GMT
server: nginx
accept-ranges: bytes
etag: "62fcf520-23"
content-length: 35
content-type: image/gif

GET
H2 200 ProfilesEngineServlet Show response
api.intentiq.com/profiles_engine/ 94 B
800 B 157ms
104ms XHR
text/html 13.32.121.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=2016043915&pt=17&dpn=1&jsver=5.11&iiqidtype=2&iiqpcid=6a576a00-d6ad-4880-8faa-1cd25347b1b2&iiqpciddate=1662060691598&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=true&tsrnd=180_1662060691598&cttl=43200000&rrtt=0&dud=0&abtg=A&iiqppcc=0
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/iiq.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-27.fra60.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: df5d51a0ba09eb972be7f83f97b9943d1e19f982349469e9af1a71f92b2177ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent: https://www.almondnet.com/ip
pragma: no-cache
server: Apache-Coyote/1.1
access-control-max-age: 3600
access-control-allow-methods: POST, GET
content-type: text/html
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id: -jddEhbiRFHOCwokolHFV1ad9aspjxNMOAgy0dUFexYQsiqdZzvi_g==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 403 ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ 0
0 38ms
7ms Image
text/html 52.222.214.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=2016043915&rnd=860587&iiqidtype=2&iiqpcid=6a576a00-d6ad-4880-8faa-1cd25347b1b2&iiqpciddate=1662060691598&tsrnd=376_1662060691599&jsver=5.11
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-6.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H2 200 4670326 Show response
fundingchoicesmessages.google.com/i/ 19 KB
8 KB 78ms
52ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/4670326?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12393bdf1c9691f67337e00bec0cf4e722d6cbbe8daf9d288773634442c5a88f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-XIY3ZgfXK3qprLrj93KnAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-XIY3ZgfXK3qprLrj93KnAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Thu, 01 Sep 2022 19:31:31 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 31ms
10ms XHR
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 1420
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 24 Aug 2022 19:06:24 GMT
server: AmazonS3
date: Thu, 01 Sep 2022 19:12:46 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: j00nsOP_NYg-kXvyYnBZbEisr9DXM76Iq74aU3vp9MPmbMAbnFAa7A==

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 100ms
99ms Image
image/gif 3.214.35.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=519&val=ima&wnx=0&abc=&ty=ami&v=0&ext=0&ta=1&lnx=0&us=&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&pt=a
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.35.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-35-174.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
last-modified: Wed, 17 Aug 2022 14:03:12 GMT
server: nginx
accept-ranges: bytes
etag: "62fcf520-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK play-big.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 650 B
1 KB 47ms
15ms Image
image/svg+xml 178.79.227.9
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/play-big.svg?hash=aea8191608
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.9 Vienna, Austria, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-9.vie.llnw.net
Software: AmazonS3 /
Resource Hash: 3cc9389c9cfdbc0fb7c282c3026c3cd9c11894913f4cf60cf9d1140a1415ad0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: P54LBC7dA7.CKZKZL0usNEXn5r08cUmk
Content-Encoding: gzip
Age: 10527
Content-Length: 405
x-amz-request-id: J40TCTVJY6NKZBGN
x-amz-id-2: fFzdIsbyPOIYHwWJ6E40XeRDSNj1MUdhZ2nCrGRc1bKrHGOZBMhAcb7WWIfAAsOflTq88dBg0eM=
Last-Modified: Tue, 06 Aug 2019 13:18:15 GMT
Server: AmazonS3
Date: Thu, 01 Sep 2022 19:31:31 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Expires: Thu, 01 Sep 2022 20:36:04 GMT
Cache-Control: public,max-age=14400
Accept-Ranges: bytes
X-LLID: cf374898e897e820651af110a3aac57a
x-amz-meta-s3b-last-modified: 20190806T131201Z

GET
H3 200 bridge3.528.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 7828 637 KB
206 KB 50ms
20ms Document
text/html 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 47420
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210604
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 06:21:11 GMT
expires: Fri, 01 Sep 2023 06:21:11 GMT
last-modified: Mon, 29 Aug 2022 20:41:35 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
16 KB 32ms
16ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Sep 2022 19:31:31 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 99ms
98ms Image
image/gif 3.214.35.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=578&val=0&wnx=0&abc=&ty=wre&v=0&ext=0&ta=1&lnx=0&us=&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&pt=a
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.35.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-35-174.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
last-modified: Wed, 17 Aug 2022 14:03:12 GMT
server: nginx
accept-ranges: bytes
etag: "62fcf520-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK lre_playerLogo_1659430300551.png
anyclip-player.s3.amazonaws.com/anyclip-widget/config/kentuckysportsradiocom/0011r00002QYAoh_1326/logo/ 28 KB
29 KB 399ms
161ms Image
image/png 52.216.114.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://anyclip-player.s3.amazonaws.com/anyclip-widget/config/kentuckysportsradiocom/0011r00002QYAoh_1326/logo/lre_playerLogo_1659430300551.png
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.114.123 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 948e524e872153be9acb7f70fe51c83910d3b1c2260778795670417911ad5f8c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 19:31:33 GMT
Last-Modified: Tue, 02 Aug 2022 08:51:41 GMT
Server: AmazonS3
x-amz-request-id: 8B73P757Z7JDR0BK
ETag: "51eaa25f10918e9eff97dc5708a4e378"
Content-Type: image/png
x-amz-version-id: fLnsJQHWkZMBvB141GKsUxMp3588Eo6h
Accept-Ranges: bytes
Content-Length: 29039
x-amz-id-2: F1kdjOmYZZzmDLZhESKnFgRDs+gnt1Xxtt8JytSai2dDMLFMA0QLO4gjfQ1LQ4eEiqunHoCB574=

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 98ms
97ms Image
image/gif 3.214.35.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=592&val=795&wnx=0&abc=&ty=psw&v=0&ext=0&ta=1&lnx=0&us=&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&pt=a
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.35.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-35-174.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
last-modified: Wed, 17 Aug 2022 14:03:12 GMT
server: nginx
accept-ranges: bytes
etag: "62fcf520-23"
content-length: 35
content-type: image/gif

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 98ms
98ms Image
image/gif 3.214.35.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=592&val=448&wnx=0&abc=&ty=psh&v=0&ext=0&ta=1&lnx=0&us=&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&pt=a
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.35.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-35-174.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
last-modified: Wed, 17 Aug 2022 14:03:12 GMT
server: nginx
accept-ranges: bytes
etag: "62fcf520-23"
content-length: 35
content-type: image/gif

OPTIONS
H2 204 comments
api.on3.com/content/v1/ Frame 0
0 717ms
682ms Preflight 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.on3.com/content/v1/comments?post=875311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.on3.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers: x-requested-with
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 74406d3cad689046-FRA
date: Thu, 01 Sep 2022 19:31:32 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 45ms
21ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-193678100-1

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cbe01475f5b639fe1290424cc3f8a04e45dec984e83ec70d6dd9383a213d4262

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42996
x-xss-protection: 0
expires: Thu, 01 Sep 2022 19:31:31 GMT

GET
H2 200 comments Show response
api.on3.com/content/v1/ 84 KB
15 KB 881ms
878ms XHR
application/json 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.on3.com/content/v1/comments?post=875311

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/pages/_app-5e4107e385cbb000.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

505e82faa489975156325b6be4858129b4119de9a521dad097df61ffa1b4a9b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 01 Sep 2022 19:31:33 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=15, s-maxage=30, stale-if-error=30, stale-while-revalidate=30
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 74406d40fbc79046-FRA

GET
H2 200 ksr-header.png
on3static.com/static/ksr/ 472 KB
473 KB 21ms
20ms Image
image/webp 2606:4700:10::6816:22d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/static/ksr/ksr-header.png

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:22d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0aa7f53eba46f4838562e5d4ea8a00dab68011ee8eb11a794541e793af95c288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1395022
cf-polished: origFmt=png, origSize=519393
cf-ray: 74406d3cac6a5b8c-FRA
content-disposition: inline; filename="ksr-header.webp"
vary: Accept
content-length: 483718
x-amz-id-2: LxTMffZpKxU+Wtm512/uPAoE+xlz3Fx4l0stSWSlLtEF3Z3HgnJzZ43g7smXQ8Gi/LVmFe1HZVk=
last-modified: Tue, 29 Jun 2021 18:16:06 GMT
server: cloudflare
etag: "76913569f3229dee6443323090f220e7"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: 3NRRYABNWT25QXB7
cache-control: max-age=691200
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:100,h2pri

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
37 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.on3.com/
Origin: https://www.on3.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 09:14:45 GMT
x-content-type-options: nosniff
age: 37006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37780
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Sep 2023 09:14:45 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 103ms
103ms Image
image/gif 3.214.35.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=728&val=&wnx=0&abc=&ty=cuc&v=0&ext=0&ta=1&lnx=0&us=&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&pt=a
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.35.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-35-174.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
last-modified: Wed, 17 Aug 2022 14:03:12 GMT
server: nginx
accept-ranges: bytes
etag: "62fcf520-23"
content-length: 35
content-type: image/gif

GET
H2 200 5141-cf006b2ae9367adc.js
www.on3.com/_next/static/chunks/ 0
3 KB 761ms
760ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/5141-cf006b2ae9367adc.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"18ff-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3d2aec9158-FRA

GET
H2 200 9352-af20663800abdb59.js
www.on3.com/_next/static/chunks/ 0
3 KB 668ms
667ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/9352-af20663800abdb59.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"2120-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3d2af09158-FRA

GET
H2 200 118-17389a7717e36c11.js
www.on3.com/_next/static/chunks/ 0
5 KB 681ms
681ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/118-17389a7717e36c11.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"36df-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3d2af39158-FRA

GET
H2 200 7148-3fce1b5864683526.js
www.on3.com/_next/static/chunks/ 0
7 KB 718ms
717ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/7148-3fce1b5864683526.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"57ee-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3d2af59158-FRA

GET
H2 200 %5Bteam%5D-5ceb7275de091706.js
www.on3.com/_next/static/chunks/pages/teams/ 0
7 KB 671ms
671ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/teams/%5Bteam%5D-5ceb7275de091706.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"6477-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3d2af69158-FRA

GET
H2 200 5713-a2bc96c961fdbef0.js
www.on3.com/_next/static/chunks/ 0
5 KB 668ms
668ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/5713-a2bc96c961fdbef0.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"4228-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3d2af79158-FRA

GET
H2 200 8199-26f95c151fe9f7f1.js
www.on3.com/_next/static/chunks/ 0
4 KB 205ms
204ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/8199-26f95c151fe9f7f1.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"2828-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3d2af99158-FRA

GET
H2 200 login-279c30bc306cae41.js
www.on3.com/_next/static/chunks/pages/teams/%5Bteam%5D/ 0
602 B 189ms
189ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/teams/%5Bteam%5D/login-279c30bc306cae41.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"33f-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3d2afb9158-FRA

GET
H2 200 4583-94a939ddb101910f.js
www.on3.com/_next/static/chunks/ 0
6 KB 679ms
678ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/4583-94a939ddb101910f.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"3d44-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3d2aff9158-FRA

GET
H2 200 3176-9c60e0401a08cc1d.js
www.on3.com/_next/static/chunks/ 0
3 KB 182ms
182ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/3176-9c60e0401a08cc1d.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"2384-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3d2b049158-FRA

GET
H2 200 7020-41618005e52fc303.js
www.on3.com/_next/static/chunks/ 0
4 KB 670ms
670ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/7020-41618005e52fc303.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"2b72-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3d3b149158-FRA

GET
H2 200 4686-a2b4233abbd9ec2b.js
www.on3.com/_next/static/chunks/ 0
8 KB 680ms
680ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/4686-a2b4233abbd9ec2b.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"5b82-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3d3b159158-FRA

GET
H2 200 join-6721e594aa154939.js
www.on3.com/_next/static/chunks/pages/teams/%5Bteam%5D/ 0
688 B 693ms
692ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/teams/%5Bteam%5D/join-6721e594aa154939.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"3ff-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3d3b179158-FRA

GET
H2 200 3248-0c130c2971e304df.js
www.on3.com/_next/static/chunks/ 0
3 KB 747ms
747ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/3248-0c130c2971e304df.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"2232-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3d3b1a9158-FRA

GET
H2 200 %5Bslug%5D-603bad6c1a12feac.js
www.on3.com/_next/static/chunks/pages/user/ 0
5 KB 678ms
678ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/user/%5Bslug%5D-603bad6c1a12feac.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"3b5a-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d3d3b1b9158-FRA

POST
H2 200 playlist Show response
trafficmanager.anyclip.com/trafficmanager/api/v2/player/ 10 KB
2 KB 103ms
103ms Fetch
application/json 107.23.86.249
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficmanager.anyclip.com/trafficmanager/api/v2/player/playlist?
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.86.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-86-249.compute-1.amazonaws.com
Software: /
Resource Hash: 6f9f570e468d17f3258aa5af0d61033be07930e31235de168ad721757de04e84

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: gzip
vary: accept-encoding
access-control-allow-methods: GET,POST
content-type: application/json
access-control-allow-origin: https://www.on3.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 97ms
97ms Image
image/gif 3.214.35.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=881&val=0&wnx=0&abc=&ty=prq&v=0&ext=0&ta=1&lnx=0&us=&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&pt=a
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.35.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-35-174.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
last-modified: Wed, 17 Aug 2022 14:03:12 GMT
server: nginx
accept-ranges: bytes
etag: "62fcf520-23"
content-length: 35
content-type: image/gif

OPTIONS
H2 200 playlist
trafficmanager.anyclip.com/trafficmanager/api/v2/player/ Frame 0
0 97ms
97ms Preflight
text/plain 107.23.86.249
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficmanager.anyclip.com/trafficmanager/api/v2/player/playlist?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.86.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-86-249.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.on3.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.on3.com
allow: HEAD,POST,GET,OPTIONS
content-length: 24
content-type: text/plain
date: Thu, 01 Sep 2022 19:31:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 201 KB
72 KB 54ms
37ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D6C0XT55DS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-193678100-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2203c8266d65b5c2234deed2775d66c066c3c5529aa1d6c40c039476c8c66796

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73647
x-xss-protection: 0
expires: Thu, 01 Sep 2022 19:31:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 34ms
9ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-193678100-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1772
date: Thu, 01 Sep 2022 19:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 01 Sep 2022 21:02:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 153 KB
57 KB 44ms
30ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-300834140&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-193678100-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d940ae889a8f0570034bab35e16b244f2fce08df63203c7c8d20c53dba0b66e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58614
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Sep 2022 19:31:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 39ms
25ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-193678100-3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-193678100-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f2640748fb059e5a60808cc8bdc9cca5fcf22d6861e3ddd743297b63a6712070

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41955
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 19:09:51 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Sep 2022 19:31:32 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 95ms
15ms Preflight
text/plain 213.19.147.43
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 Beverwijk, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.on3.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.on3.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Thu, 01 Sep 2022 19:31:32 GMT

OPTIONS
H2 204 auction
pbs.nextmillmedia.com/openrtb2/ Frame 0
0 332ms
97ms Preflight 34.234.47.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs.nextmillmedia.com/openrtb2/auction
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.47.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-47-166.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.on3.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
date: Thu, 01 Sep 2022 19:31:32 GMT
expires: 0
pragma: no-cache
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 204 auction
pbs.nextmillmedia.com/openrtb2/ Frame 0
0 329ms
95ms Preflight 34.234.47.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs.nextmillmedia.com/openrtb2/auction
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.47.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-47-166.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.on3.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
date: Thu, 01 Sep 2022 19:31:32 GMT
expires: 0
pragma: no-cache
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 204 auction
pbs.nextmillmedia.com/openrtb2/ Frame 0
0 330ms
96ms Preflight 34.234.47.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs.nextmillmedia.com/openrtb2/auction
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.47.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-47-166.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.on3.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
date: Thu, 01 Sep 2022 19:31:32 GMT
expires: 0
pragma: no-cache
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 204 auction
pbs.nextmillmedia.com/openrtb2/ Frame 0
0 330ms
96ms Preflight 34.234.47.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs.nextmillmedia.com/openrtb2/auction
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.47.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-47-166.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.on3.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
date: Thu, 01 Sep 2022 19:31:32 GMT
expires: 0
pragma: no-cache
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 204 auction
pbs.nextmillmedia.com/openrtb2/ Frame 0
0 330ms
97ms Preflight 34.234.47.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs.nextmillmedia.com/openrtb2/auction
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.47.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-47-166.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.on3.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
date: Thu, 01 Sep 2022 19:31:32 GMT
expires: 0
pragma: no-cache
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
309 B 9ms
9ms XHR
text/plain 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.on3.com&pubid=f616a11b-a2f7-4850-88be-2e2d60ff82f7
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 16:17:50 GMT
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
server: Server
age: 11622
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.on3.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: p07mZ4C6JB6LhZtBFm9O6gL4_Az7gvwudkJhraUvmqjXLlIohQGrFQ==

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
154 B 57ms
13ms XHR
text/plain 35.157.194.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.194.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-194-177.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.on3.com
date: Thu, 01 Sep 2022 19:31:32 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
155 B 54ms
10ms XHR
text/plain 35.157.194.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.194.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-194-177.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.on3.com
date: Thu, 01 Sep 2022 19:31:32 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
154 B 63ms
20ms XHR
text/plain 35.157.194.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.194.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-194-177.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.on3.com
date: Thu, 01 Sep 2022 19:31:32 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
154 B 59ms
17ms XHR
text/plain 35.157.194.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.194.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-194-177.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.on3.com
date: Thu, 01 Sep 2022 19:31:32 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
154 B 58ms
16ms XHR
text/plain 35.157.194.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.194.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-194-177.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.on3.com
date: Thu, 01 Sep 2022 19:31:32 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
154 B 60ms
18ms XHR
text/plain 35.157.194.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.194.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-194-177.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.on3.com
date: Thu, 01 Sep 2022 19:31:32 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
159 B 56ms
20ms XHR
text/plain 213.19.147.43
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 Beverwijk, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.on3.com
pragma: no-cache
date: Thu, 01 Sep 2022 19:31:32 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST hb
ssc.33across.com/api/v1/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
699 B 63ms
10ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 19:31:32 GMT
X-Proxy-Origin: 81.95.5.42; 81.95.5.42; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a80aebb4-81b1-40ba-a68a-24485fda0c94
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.on3.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 331ms
219ms XHR
text/plain 185.64.190.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.on3.com
date: Thu, 01 Sep 2022 19:31:31 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
818 B 89ms
54ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU9VA2T2
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 290fefe2593a264f40d7afeceb6810aa862279f9ec2b81ef4cac24350fb927d2

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
600 B 89ms
12ms XHR
application/json 52.59.9.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.27.0&referrer=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&tmax=5000

Requested by

Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.9.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-9-89.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:32 GMT
accept-ch: sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness
x-auction-status: 12, 12, 12, 12, 12, 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 144ms
20ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969571017878182a4f188116d50015&pos=kentucky_mpu_top&cmd=bid&secure=1
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 4b65c2058756241bc9f3c231ddb064b1c6036ad8c0ed315b47200c5cb312cad4

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.on3.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 143ms
19ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969571017878182a4f188116d50015&pos=kentucky_mpu_middle&cmd=bid&secure=1
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 7a578ec69141ab5a90907994ba8037d2a5d37e5b085e81bd8c4ae4dc9b24083c

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.on3.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
290 B 141ms
18ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969571017878182a4f188116d50015&pos=kentucky_leader_bottom&cmd=bid&secure=1
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: c0f97f6a944f7f322e0b0b59d7c0b35ffdc16895381fbd15af9f7447a72c04ec

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.on3.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 142ms
19ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969571017878182a4f188116d50015&pos=kentucky_mpu_inc&cmd=bid&secure=1
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 651f8981b161db88e228d521b07c1092e5f577ba3a321b0398430aabddfd7884

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.on3.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 141ms
18ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969571017878182a4f188116d50015&pos=kentucky_mpu_inc&cmd=bid&secure=1
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 25f558dbb7b572a116a6dbf7b768bf561b92a8051a0993255429e1f9476a023f

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.on3.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 385ms
262ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969571017878182a4f188116d50015&pos=kentucky_mpu_bottom&cmd=bid&secure=1
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e55787b3edc7db7ee2a6218f4793a4b355eb314c01f3b96efd9861e03783a8aa

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.on3.com
access-control-allow-credentials: true
content-length: 62

POST
H2 204 auction Show response
pbs.nextmillmedia.com/openrtb2/ 0
344 B 407ms
219ms XHR
text/plain 34.234.47.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs.nextmillmedia.com/openrtb2/auction
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.47.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-47-166.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:32 GMT
x-prebid: pbs-go/unknown
vary: Origin
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

POST
H2 204 auction Show response
pbs.nextmillmedia.com/openrtb2/ 0
344 B 333ms
141ms XHR
text/plain 34.234.47.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs.nextmillmedia.com/openrtb2/auction
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.47.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-47-166.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:32 GMT
x-prebid: pbs-go/unknown
vary: Origin
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

POST
H2 204 auction Show response
pbs.nextmillmedia.com/openrtb2/ 0
345 B 308ms
120ms XHR
text/plain 34.234.47.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs.nextmillmedia.com/openrtb2/auction
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.47.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-47-166.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:32 GMT
x-prebid: pbs-go/unknown
vary: Origin
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

POST
H2 204 auction Show response
pbs.nextmillmedia.com/openrtb2/ 0
344 B 324ms
136ms XHR
text/plain 34.234.47.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs.nextmillmedia.com/openrtb2/auction
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.47.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-47-166.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:32 GMT
x-prebid: pbs-go/unknown
vary: Origin
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

POST
H2 204 auction Show response
pbs.nextmillmedia.com/openrtb2/ 0
344 B 420ms
232ms XHR
text/plain 34.234.47.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs.nextmillmedia.com/openrtb2/auction
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.47.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-47-166.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:32 GMT
x-prebid: pbs-go/unknown
vary: Origin
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
643 B 143ms
28ms XHR
application/json 72.251.249.14
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.27.0
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 36fb646f58061cf7e31a7bc54d8fbc93d484f1a7a9364d786ba8b0bbb8b80d0c

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 01 Sep 2022 19:31:32 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.on3.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 181ms
101ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23942&site_id=398058&zone_id=2230680&size_id=15&rf=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=5b7d0f5d-aff3-4bbd-b4a7-a90d081f9d6f&l_pb_bid_id=6912de0d0b2a20f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7179579934382201
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9c246e2806e9f17897aa1dd0e6283c006f3625ab67c555b32da9a88b6c488e55

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 19:31:32 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.on3.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 180ms
99ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23942&site_id=398058&zone_id=2230680&size_id=15&rf=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=f50fed71-289b-4697-8bc4-6f6be0ee3e5d&l_pb_bid_id=70cda85dc2a0e29&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7632742002484829
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 25339ab4cd9d8e0223b188303cdfabef07a6c600e6820ecc68334bbc9e5497b5

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 19:31:32 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.on3.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
1 KB 387ms
306ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23942&site_id=398058&zone_id=2230680&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=9f3817e3-de5a-4c99-9d8b-0de36975a9b8&l_pb_bid_id=710629c5b2bff5e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1740255766292378
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c5dc90120490376068ec1f2d17dbd0db47f9266dac5e119df9f0f30186522b3b

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 19:31:32 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.on3.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 159ms
77ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23942&site_id=398058&zone_id=2230680&size_id=15&rf=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=b8dd540a-4e3c-47d9-80fe-7a58de1c271f&l_pb_bid_id=72ba1022e323bea&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5701760640922207
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3122219dc28aee00dfbaddc1cf791affd1921ff20232d61a4ff011b09e51d635

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 19:31:32 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.on3.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 175ms
63ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23942&site_id=398058&zone_id=2230680&size_id=15&rf=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=c49f7904-23aa-42cb-ba30-30035013e9d1&l_pb_bid_id=738bf3c06f94f21&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.10205360099564298
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1f065ff11d1a329ff6b38b3cb50c8beda7e50948cee74f061007d3dd14466115

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 19:31:32 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.on3.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 238ms
124ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23942&site_id=398058&zone_id=2230680&size_id=15&rf=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=6cc5b188-c41a-4cbc-88a1-fb768df689cc&l_pb_bid_id=74c11fb3e1f8937&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7398300425609547
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c8f945bbe6afa1bcb1599471a69ece8facf97605f636abffc3655abf71a63132

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 19:31:32 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.on3.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 prebid Show response
exchange.postrelease.com/ 0
390 B 127ms
38ms XHR
application/json 3.248.135.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.postrelease.com/prebid?ntv_ptd=1137694,1137695,1137697,1137696&ntv_pb_rid=7549e1a2061be99&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoibXB1X3RvcCIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdXX19fSx7ImFkVW5pdENvZGUiOiJtcHVfbWlkZGxlIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF1dfX19LHsiYWRVbml0Q29kZSI6Im1wdV9pbmMtMSIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdXX19fSx7ImFkVW5pdENvZGUiOiJtcHVfaW5jLTIiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXV19fX0seyJhZFVuaXRDb2RlIjoibXB1X2JvdHRvbS0xIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF1dfX19XX0=&ntv_dbr=eyJtcHVfdG9wIjowLCJtcHVfbWlkZGxlIjowLCJtcHVfaW5jLTEiOjAsIm1wdV9pbmMtMiI6MCwibXB1X2JvdHRvbS0xIjowfQ==&ntv_url=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.135.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-135-230.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://www.on3.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
content-length: 20
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
490 B 52ms
52ms XHR
text/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&pid=girFDij64jsJl&cb=0&ws=1600x1200&v=22.8.221912&t=5000&slots=%5B%7B%22sd%22%3A%22mpu_top%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22mpu_middle%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22leader_bottom-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x66%22%5D%7D%2C%7B%22sd%22%3A%22mpu_inc-1%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22mpu_inc-2%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22mpu_bottom-1%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%5D&pubid=f616a11b-a2f7-4850-88be-2e2d60ff82f7&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.4.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-4-10.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: QTXKE3QVGJG03FH2C5H8
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.on3.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: dTVIvCqJf3CNukhkHhYtRMuS06tAIxa_j7Bth4dFBIC8ukQWgZ2G4w==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 36ms
18ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=782572054&t=pageview&_s=1&dl=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&dp=%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&ul=en-us&de=UTF-8&dt=Kentucky%27s%20Chris%20Rodriguez%20set%20to%20face%20multi-game%20suspension%20-%20On3&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBAAUABAAAAAC~&jid=1020835439&gjid=593279586&cid=81929316.1662060692&tid=UA-193678100-1&_gid=553851485.1662060692&_r=1&gtm=2ou8t0&cd1=jackpilgrim&cd2=74&cd3=%2Fteams%2F%5Bteam%5D%2Fnews%2F%5Bslug%5D&cd4=undefined&cd5=875311&cd6=kentucky-wildcats&cd7=KSR&cd8=24&cd9=Team&cd10=undefined&cd11=web&cd12=78&cd13=article&cd14=guest&cd15=guest&z=1797175172

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 20ms
18ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=782572054&t=pageview&_s=1&dl=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&dp=%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&ul=en-us&de=UTF-8&dt=Kentucky%27s%20Chris%20Rodriguez%20set%20to%20face%20multi-game%20suspension%20-%20On3&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAAUABAAAAAC~&jid=444182260&gjid=1715002295&cid=81929316.1662060692&tid=UA-193678100-3&_gid=553851485.1662060692&_r=1&gtm=2ou8t0&cd1=jackpilgrim&cd2=74&cd3=%2Fteams%2F%5Bteam%5D%2Fnews%2F%5Bslug%5D&cd4=undefined&cd5=875311&cd6=kentucky-wildcats&cd7=KSR&cd8=24&cd9=Team&cd10=undefined&cd11=web&cd12=78&cd13=article&cd14=guest&cd15=guest&z=1830396025

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 153 KB
57 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-300834140&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-193678100-3&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dffa57823d8d543d3d6e70cd70ac0f96925cc5a42c8429687052ea7a7b7c7333

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58600
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Sep 2022 19:31:32 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 235ms
185ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-300834140&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15690
x-xss-protection: 0
server: cafe
etag: 13194339052015637803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Sep 2022 19:31:32 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
344 B 54ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-D6C0XT55DS&gtm=2oe8t0&_p=782572054&cid=81929316.1662060692&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662060692&sct=1&seg=0&dl=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&dt=Kentucky%27s%20Chris%20Rodriguez%20set%20to%20face%20multi-game%20suspension%20-%20On3&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D6C0XT55DS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
436 B 73ms
28ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-193678100-3&cid=81929316.1662060692&jid=444182260&gjid=1715002295&_gid=553851485.1662060692&_u=6GDAAUABAAAAAC~&z=1752273960

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 01 Sep 2022 19:31:32 GMT
content-type: text/plain
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 73ms
29ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-193678100-1&cid=81929316.1662060692&jid=1020835439&gjid=593279586&_gid=553851485.1662060692&_u=4GBAAUAAAAAAAC~&z=693442413

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 01 Sep 2022 19:31:32 GMT
content-type: text/plain
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 100ms
98ms Image
image/gif 3.214.35.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=1104&val=%7B%22userAgent%22%3A%7B%22allow%22%3Atrue%2C%22software%22%3A%7B%22nameCode%22%3A%22chrome%22%2C%22ver%22%3A%22105%22%7D%2C%22os%22%3A%7B%22nameCode%22%3A%22windows%22%2C%22ver%22%3A%2210%22%7D%2C%22hw%22%3A%7B%22type%22%3A%22computer%22%2C%22subType%22%3Anull%7D%7D%7D&wnx=0&abc=&ty=prs&v=0&ext=0&ta=1&lnx=0&us=&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&pt=a
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.35.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-35-174.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
last-modified: Wed, 17 Aug 2022 14:03:12 GMT
server: nginx
accept-ranges: bytes
etag: "62fcf520-23"
content-length: 35
content-type: image/gif

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 102ms
100ms Image
image/gif 3.214.35.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=1105&val=0&wnx=0&abc=&ty=pll&v=0&ext=0&ta=1&lnx=0&us=&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&pt=a
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.35.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-35-174.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
last-modified: Wed, 17 Aug 2022 14:03:12 GMT
server: nginx
accept-ranges: bytes
etag: "62fcf520-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK b1d774a6-b.png
cdn9.anyclip.com/271/ 902 KB
902 KB 411ms
325ms Image
binary/octet-stream 178.79.227.9
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn9.anyclip.com/271/b1d774a6-b.png?wid=0011r00002QYAoh_1326
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.9 Vienna, Austria, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-9.vie.llnw.net
Software: AmazonS3 /
Resource Hash: 371d10a217f495bdbb9959cf71f48c97f072bc1183ad91d625e1b8c1ee8fe481

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 19:31:33 GMT
Last-Modified: Thu, 01 Sep 2022 16:31:03 GMT
Server: AmazonS3
x-amz-request-id: 8B7EGKDZR25NR3BK
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-LLID: 6fccaf6af14c9d064d331be61157ddf8
Content-Length: 923167
x-amz-id-2: Ysx5fOEyA2Pzsw+XnaOdim+T1q8/GcT8iQLES+abQ/omLautrscczhgzdLOvDdLrj9NqeCCE+70=

GET
H/1.1 200
OK 4ccd7e61-b.jpg
cdn9.anyclip.com/271/ 73 KB
74 KB 429ms
343ms Image
binary/octet-stream 178.79.227.9
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn9.anyclip.com/271/4ccd7e61-b.jpg?wid=0011r00002QYAoh_1326
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.9 Vienna, Austria, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-9.vie.llnw.net
Software: AmazonS3 /
Resource Hash: bade19fc10d0d6a7c5ccfa0cb9db5ec98dec1a184b6d18e9f88ea3538bbc092d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 19:31:33 GMT
Last-Modified: Thu, 01 Sep 2022 18:01:37 GMT
Server: AmazonS3
x-amz-request-id: 8B7CW8T6YGGZHGQB
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-LLID: 641ce3e74cc267f134113a2c86ff6d17
Content-Length: 74958
x-amz-id-2: GPRrBUbn+xfEnu8GbpRJbl7js87mwYUN7vwVv/RXNV8Q1lW5jQHUnCl8YFgaVBk9GJrls/QAssN43DQc5em9IQ==

GET
H/1.1 200
OK c2b31dab-e.png
cdn9.anyclip.com/271/ 543 KB
543 KB 384ms
298ms Image
binary/octet-stream 178.79.227.9
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn9.anyclip.com/271/c2b31dab-e.png?wid=0011r00002QYAoh_1326
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.9 Vienna, Austria, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-9.vie.llnw.net
Software: AmazonS3 /
Resource Hash: e57788ad1c693c42e5744ac97fd1e84bdfbf2b3e999cab81cd84f55b4e5bb6e3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 19:31:33 GMT
Last-Modified: Thu, 01 Sep 2022 13:32:04 GMT
Server: AmazonS3
x-amz-request-id: 8B7BBCT6JPT02RRD
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-LLID: 0948842f9e4e9f68ae367a9b33ef75cb
Content-Length: 556083
x-amz-id-2: BfePuIbju1DaT0IH81J1IHMnKqo6UfjwySvrzd5GRbJm68e/tiQqWLf2EhS/pQlp1odj7+LM3l4=

GET
H/1.1 200
OK 45c5432a-3.jpeg
cdn9.anyclip.com/271/ 302 KB
302 KB 400ms
314ms Image
binary/octet-stream 178.79.227.9
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn9.anyclip.com/271/45c5432a-3.jpeg?wid=0011r00002QYAoh_1326
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.9 Vienna, Austria, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-9.vie.llnw.net
Software: AmazonS3 /
Resource Hash: a5fe322c373d047bc1459febafc81a034c7f008a14d103f990b0a5c87b90efdb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 19:31:33 GMT
Last-Modified: Thu, 01 Sep 2022 16:30:54 GMT
Server: AmazonS3
x-amz-request-id: 8B76NCNYB30HXC5Y
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-LLID: a8ab879ebabb2e53b4d650c0794df945
Content-Length: 309041
x-amz-id-2: a4Uuf7WXro4uQf2JmvVBuGAP78WCKjhgJfSdNSmvh4dpH1BemLoj4HfD4HZ7F9Q0KP9/zk08CtQ=

GET
H/1.1 200
OK 2527060f-d.png
cdn9.anyclip.com/271/ 1 MB
1 MB 441ms
355ms Image
binary/octet-stream 178.79.227.9
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn9.anyclip.com/271/2527060f-d.png?wid=0011r00002QYAoh_1326
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.9 Vienna, Austria, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-9.vie.llnw.net
Software: AmazonS3 /
Resource Hash: 48013b3e67c864558d10af99fe8e1c1240722f57534f426c319c527c343335e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 19:31:33 GMT
Last-Modified: Thu, 01 Sep 2022 18:02:02 GMT
Server: AmazonS3
x-amz-request-id: 8B73Y01Q7RPCDYAR
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-LLID: 7527543f536c7f0a4078b7b29cd00f30
Content-Length: 1276784
x-amz-id-2: 7RpT/6wsMdaDu4iuElhWF79fILQ+4LNP78aVf4Sn8OfYhkR+9eU045F6+QD24uKFnWcvD5wU5Xs=

GET
H/1.1 200
OK 7b380f4f-8.png
cdn9.anyclip.com/271/ 807 KB
807 KB 385ms
299ms Image
binary/octet-stream 178.79.227.9
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn9.anyclip.com/271/7b380f4f-8.png?wid=0011r00002QYAoh_1326
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.9 Vienna, Austria, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-9.vie.llnw.net
Software: AmazonS3 /
Resource Hash: 3226f605e371ebadf3cda1022766bb6a0b1d08887f84d779f56bed5b08e93249

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 19:31:33 GMT
Last-Modified: Thu, 01 Sep 2022 15:03:07 GMT
Server: AmazonS3
x-amz-request-id: 8B76CF4KTKD1639G
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-LLID: 2e3fea39ddb5bad04b5ad9047d8e6637
Content-Length: 826470
x-amz-id-2: R442u5IDhgXYk8morqbVltjH8AOcuNYV2/E+O2QpgVzIH35ya0q0OhclZDpV/WjpZXYKIMjOTV8=

GET
H/1.1 200
OK dfc6cb2d-4.jpg
cdn9.anyclip.com/271/ 480 KB
480 KB 300ms
300ms Image
binary/octet-stream 178.79.227.9
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn9.anyclip.com/271/dfc6cb2d-4.jpg?wid=0011r00002QYAoh_1326
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.9 Vienna, Austria, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-9.vie.llnw.net
Software: AmazonS3 /
Resource Hash: a8b39528ffe4c56898fc9ae1baf29548f3378a34159a76efbcd048ac1645e542

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 19:31:34 GMT
Last-Modified: Thu, 01 Sep 2022 15:03:47 GMT
Server: AmazonS3
x-amz-request-id: D3CX2F0QTMH8A92E
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-LLID: 3f45b4239324ebedbeb39354f8f04ae7
Content-Length: 491507
x-amz-id-2: ee4AHK1cvUJZ53Ajp5d0i54sRRGkyaHk8G0aqzbSlFNejclD7k/v6v12jdN/WQcVJT2DNSiHdNg=

GET
H/1.1 200
OK 08a6249b-a.png
cdn9.anyclip.com/271/ 739 KB
739 KB 261ms
261ms Image
binary/octet-stream 178.79.227.9
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn9.anyclip.com/271/08a6249b-a.png?wid=0011r00002QYAoh_1326
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.9 Vienna, Austria, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-9.vie.llnw.net
Software: AmazonS3 /
Resource Hash: d3cd503225b012f50d1755c4bffbfd86691eb85d5b38b07ff0bc8ed13063fc76

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 19:31:33 GMT
Last-Modified: Thu, 01 Sep 2022 08:41:24 GMT
Server: AmazonS3
x-amz-request-id: JYH9G4YXB532JB3J
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-LLID: 379f2587f67b8ff6f0d820a82fe1c747
Content-Length: 756271
x-amz-id-2: DjGKt2Y0noIrwOPjpIYiSu9IEvtvaZe+J/Db/AvhoosEP3aSowuJjBdEGyXT7W5CZkiohplE5Xc=

GET
H/1.1 200
OK 2793bf31-1.png
cdn9.anyclip.com/271/ 1 MB
1 MB 290ms
290ms Image
binary/octet-stream 178.79.227.9
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn9.anyclip.com/271/2793bf31-1.png?wid=0011r00002QYAoh_1326
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.9 Vienna, Austria, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-9.vie.llnw.net
Software: AmazonS3 /
Resource Hash: 077a80e348b662c8f3745df2b9e989403e9a4799cbef2201dead425270a4549e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 19:31:34 GMT
Last-Modified: Thu, 01 Sep 2022 15:02:01 GMT
Server: AmazonS3
x-amz-request-id: D3CJ2JVV6495K0X1
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-LLID: f43d55f1ff1afa3f71787f4a64f09b1c
Content-Length: 1217792
x-amz-id-2: DKFXHkv+h0+tlQi9gwDhV1e9v4tkFVLklNHB5CNJgyy4gjuo/3j0mNDf2X7k9Y5iPGwn8hLvZ4E=

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 99ms
99ms Image
image/gif 3.214.35.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=nawuy2znlfeuewdso4yxqscrjvitg5sc&inx=0&rt=1121&val=&wnx=1&abc=&ty=pli&v=0&ext=0&ta=1&lnx=0&us=&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&pt=a
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.35.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-35-174.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
last-modified: Wed, 17 Aug 2022 14:03:12 GMT
server: nginx
accept-ranges: bytes
etag: "62fcf520-23"
content-length: 35
content-type: image/gif

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 99ms
99ms Image
image/gif 3.214.35.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=nawuy2znlfeuewdso4yxqscrjvitg5sc&inx=0&rt=1123&val=&wnx=2&abc=&ty=pli&v=0&ext=0&ta=1&lnx=0&us=&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&pt=a
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.35.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-35-174.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
last-modified: Wed, 17 Aug 2022 14:03:12 GMT
server: nginx
accept-ranges: bytes
etag: "62fcf520-23"
content-length: 35
content-type: image/gif

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 65B3 161 KB
41 KB 11ms
10ms Script
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a17bf5a5e1a1e1c69faa10ec7a45118181b51ca287bb2374c32798eff7edbb09

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 01 Sep 2022 19:12:41 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront), 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 16:04:10 GMT
server: AmazonS3
age: 1132
etag: W/"a702d6a9b82e18143638cd1f28cbb7a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA6-C1, FRA56-P6
content-encoding: gzip
x-amz-cf-id: S4k2sm0VSs3smFCYGDxCw8zvOFfXC0Ie_XRmpdOCFDNQG7Ro7MYcjA==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/300834140/ 2 KB
2 KB 80ms
53ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/300834140/?random=1662060692523&cv=9&fst=1662060692523&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8t0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&tiba=Kentucky%27s%20Chris%20Rodriguez%20set%20to%20face%20multi-game%20suspension%20-%20On3&auid=1536657425.1662060692&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c25d4326ada81c95c6bdabdef9dedc21e2ad8bb305bd52c9c88083071efc466d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1111
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/300834140/ 3 KB
1 KB 80ms
55ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/300834140/?random=1662060692526&cv=9&fst=1662060692526&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8t0&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F%3BauthorName%3Djackpilgrim%3BauthorId%3D74%3BpathName%3D%2Fteams%2F%5Bteam%5D%2Fnews%2F%5Bslug%5D%3Bcategory%3Dundefined%3BcontentId%3D875311%3BteamName%3Dkentucky-wildcats%3BsiteName%3DKSR%3BsiteKey%3D24%3BsiteType%3DTeam%3Buser%3Dundefined%3Bplatform%3Dweb%3BcategoryKey%3D78%3BpageType%3Darticle%3BuserStatus%3Dguest%3BsubStatus%3Dguest&frm=0&url=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&tiba=Kentucky%27s%20Chris%20Rodriguez%20set%20to%20face%20multi-game%20suspension%20-%20On3&auid=1536657425.1662060692&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

062146d92bdcd6c3610fda358c89e4771ccfe5579a0bc4b38afb86924afda245

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1283
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/300834140/ 2 KB
1 KB 41ms
21ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/300834140/?random=1662060692528&cv=9&fst=1662060692528&num=1&label=4Q_iCL2KmIUDENy6uY8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8t0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&tiba=Kentucky%27s%20Chris%20Rodriguez%20set%20to%20face%20multi-game%20suspension%20-%20On3&auid=1536657425.1662060692&gtm_ee=1&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

687d9355520fe83c9dfda8ff57e990ad7269f69d516de3c1058c9fb106201e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1441
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 65B3 6 KB
3 KB 8ms
8ms XHR
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 1421
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 24 Aug 2022 19:06:24 GMT
server: AmazonS3
date: Thu, 01 Sep 2022 19:12:46 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: aMcpbu_-vzNf4XWFENBMpCFO2M7ElNCCkmTdHKRoUmPtJKDxN41gTg==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 65B3 0
307 B 13ms
13ms XHR
text/plain 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.on3.com&pubid=171208af-037d-48f1-af92-1c24c2ee644a
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 15:03:10 GMT
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
server: Server
age: 16101
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.on3.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: t7M4_9QrrMbQOexypuGQwpI138K-y16_oFsr0iBD-B68OXnoerkKQA==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame 65B3 23 B
488 B 45ms
45ms XHR
text/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.4.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-4-10.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: M9RQ0B8HF2XEBNV2TKFA
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.on3.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: JkTftu55rI6zYGOj28V0ikNRCokl71xytth66g-r8sN9Rvf4CFSDhQ==

GET
H3

200

/
www.google.de/pagead/1p-conversion/300834140/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/300834140/?random=960820406&cv=9&fst=1662060692528&num=1&label=4Q_iCL2KmIUDENy6uY8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
https://www.google.com/pagead/1p-conversion/300834140/?random=960820406&cv=9&fst=1662060692528&num=1&label=4Q_iCL2KmIUDENy6uY8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
https://www.google.de/pagead/1p-conversion/300834140/?random=960820406&cv=9&fst=1662060692528&num=1&label=4Q_iCL2KmIUDENy6uY8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...

42 B
64 B

48ms
29ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/300834140/?random=960820406&cv=9&fst=1662060692528&num=1&label=4Q_iCL2KmIUDENy6uY8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8t0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&tiba=Kentucky%27s%20Chris%20Rodriguez%20set%20to%20face%20multi-game%20suspension%20-%20On3&auid=1536657425.1662060692&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOExEQm1BWVF0OVRCb2FQNzJMaDJFaVlBM3gzZTV5V1hUaHdOb0NzT1gzS2kwVjZoS09jX2k4ekwxaE5hUkpZajBpNlViYWxxYXcaWkNoRUk4TERCbUFZUTRJS2c4ZkxzXzRuRUFSSXVBTFczMDFkNWppRWQ2RWtobmpER3lwaEpIRzVsLWE1NGFJUG1BdjltNHJwRjJNRE9sWG5GRUVISm9UWkdZZw&is_vtc=1&ocp_id=lAgRY4uUIueF9fgP0vKw0Aw&random=4113586177&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:32 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/300834140/?random=960820406&cv=9&fst=1662060692528&num=1&label=4Q_iCL2KmIUDENy6uY8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8t0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&tiba=Kentucky%27s%20Chris%20Rodriguez%20set%20to%20face%20multi-game%20suspension%20-%20On3&auid=1536657425.1662060692&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOExEQm1BWVF0OVRCb2FQNzJMaDJFaVlBM3gzZTV5V1hUaHdOb0NzT1gzS2kwVjZoS09jX2k4ekwxaE5hUkpZajBpNlViYWxxYXcaWkNoRUk4TERCbUFZUTRJS2c4ZkxzXzRuRUFSSXVBTFczMDFkNWppRWQ2RWtobmpER3lwaEpIRzVsLWE1NGFJUG1BdjltNHJwRjJNRE9sWG5GRUVISm9UWkdZZw&is_vtc=1&ocp_id=lAgRY4uUIueF9fgP0vKw0Aw&random=4113586177&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 101ms
100ms Image
image/gif 3.214.35.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=nawuy2znlfeuewdso4yxqscrjvitg5sc&inx=0&rt=1357&val=ad%3Dhttps%253A%252F%252Fmarketplace.anyclip.com%252Fv1%252Fwaterfall%253Fsti%253DkdA2jH4BdAdaDOL-kBsc%2526w%253D795%2526h%253D448%2526v%253D0%2526cb%253D374752060%2526pid%253Dkentuckysportsradiocom%2526sid%253DFXmb7y5r2dvPfMThtkTj76LUquQ9bgog%2526cid%253Dnawuy2znlfeuewdso4yxqscrjvitg5sc%2526wid%253D0011r00002QYAoh_1326%2526dom%253Don3.com%2526abc%253D%2526geo%253DDE%2526dev%253D1%2526bw%253Dchrome%2526os%253Dwindows%2526ip%253D81.95.5.42%2526url%253Dhttps%25253A%25252F%25252Fwww.on3.com%25252Fteams%25252Fkentucky-wildcats%25252Fnews%25252Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%25252F%2526gdpr%253D%2526consent%253D%2526schain%253D1.0%252C1%2521anyclip.com%252C0011r00002QYAohAAH%252C1%252C%252C%252C%2526us_privacy%253D%2526utm%253D%2526pl%253Da%2526ima%253D4%2526clipPlayCounter%253D2%2526tid%253D%2524%255Btid%255D%2526amznbid%253D%2526amzniid%253D%2526ua%253DMozilla%25252F5.0%252520%2528Windows%252520NT%25252010.0%25253B%252520Win64%25253B%252520x64%2529%252520AppleWebKit%25252F537.36%252520%2528KHTML%25252C%252520like%252520Gecko%2529%252520Chrome%25252F105.0.5195.52%252520Safari%25252F537.36%2526domain%253Don3.com%2526page%253D%2524%255Bpage%255D%2526itemid%253D%2524%255Bitemid%255D%2526zone%253D%2524%255Bzone%255D%2526permutive%253D%2524%255Bpermutive%255D%2526key_custom3%253D%2524%255Bcma1%255D%2526gpt%253D%2524%255Bgpt%255D%26mavs%3D0%26rqcm%3D1%26ast%3D-1%26smb%3D1%26sid%3DFXmb7y5r2dvPfMThtkTj76LUquQ9bgog%26imaw%3D0%26amd%3D1%26sf%3D0%26page_url%3Dhttps%253A%252F%252Fwww.on3.com%252Fteams%252Fkentucky-wildcats%252Fnews%252Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%252F%26wf%3D1%26iiq%3D1%26iiq_pid%3D2016043915%26iiq_t%3D3000&wnx=2&abc=&ty=arq&v=0&ext=0&ta=1&lnx=0&us=&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&pt=a&anx=1&arx=1&crt=0&s=0&aty=vid&tty=ac&rol=mid&sti=kdA2jH4BdAdaDOL-kBsc
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.35.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-35-174.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
last-modified: Wed, 17 Aug 2022 14:03:12 GMT
server: nginx
accept-ranges: bytes
etag: "62fcf520-23"
content-length: 35
content-type: image/gif

GET
H2 200 events
marketplace.anyclip.com/v1/ 0
38 B 349ms
109ms Image
text/plain 50.16.128.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marketplace.anyclip.com/v1/events?cid=nawuy2znlfeuewdso4yxqscrjvitg5sc&inx=0&rt=1358&val=&wnx=2&abc=&ty=frq&v=0&ext=0&ta=1&lnx=0&us=&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&pt=a&anx=1&arx=1&crt=0&s=0&aty=vid&tty=ac&rol=mid&sti=kdA2jH4BdAdaDOL-kBsc
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.128.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-128-157.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-length: 0

GET
H2 200 events
marketplace.anyclip.com/v1/ 0
37 B 353ms
114ms Image
text/plain 50.16.128.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marketplace.anyclip.com/v1/events?cid=nawuy2znlfeuewdso4yxqscrjvitg5sc&inx=0&rt=1358&val=&wnx=2&abc=&ty=wfr&v=0&ext=0&ta=1&lnx=0&us=&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&pt=a&anx=1&arx=1&crt=0&s=0&aty=vid&tty=ac&rol=mid&sti=kdA2jH4BdAdaDOL-kBsc
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.128.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-128-157.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-length: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 84ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.on3.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/300834140/ 42 B
548 B 50ms
22ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/300834140/?random=1662060692523&cv=9&fst=1662058800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&tiba=Kentucky%27s%20Chris%20Rodriguez%20set%20to%20face%20multi-game%20suspension%20-%20On3&async=1&fmt=3&is_vtc=1&random=379966486&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/300834140/ 42 B
548 B 55ms
28ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/300834140/?random=1662060692523&cv=9&fst=1662058800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&tiba=Kentucky%27s%20Chris%20Rodriguez%20set%20to%20face%20multi-game%20suspension%20-%20On3&async=1&fmt=3&is_vtc=1&random=379966486&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/300834140/ 42 B
64 B 42ms
22ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/300834140/?random=1662060692526&cv=9&fst=1662058800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8t0&sendb=1&data=event%3Dpage_view%3Bpage_path%3D%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F%3BauthorName%3Djackpilgrim%3BauthorId%3D74%3BpathName%3D%2Fteams%2F%5Bteam%5D%2Fnews%2F%5Bslug%5D%3Bcategory%3Dundefined%3BcontentId%3D875311%3BteamName%3Dkentucky-wildcats%3BsiteName%3DKSR%3BsiteKey%3D24%3BsiteType%3DTeam%3Buser%3Dundefined%3Bplatform%3Dweb%3BcategoryKey%3D78%3BpageType%3Darticle%3BuserStatus%3Dguest%3BsubStatus%3Dguest&frm=0&url=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&tiba=Kentucky%27s%20Chris%20Rodriguez%20set%20to%20face%20multi-game%20suspension%20-%20On3&async=1&fmt=3&is_vtc=1&random=1545199171&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/300834140/ 42 B
108 B 35ms
34ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/300834140/?random=1662060692526&cv=9&fst=1662058800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8t0&sendb=1&data=event%3Dpage_view%3Bpage_path%3D%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F%3BauthorName%3Djackpilgrim%3BauthorId%3D74%3BpathName%3D%2Fteams%2F%5Bteam%5D%2Fnews%2F%5Bslug%5D%3Bcategory%3Dundefined%3BcontentId%3D875311%3BteamName%3Dkentucky-wildcats%3BsiteName%3DKSR%3BsiteKey%3D24%3BsiteType%3DTeam%3Buser%3Dundefined%3Bplatform%3Dweb%3BcategoryKey%3D78%3BpageType%3Darticle%3BuserStatus%3Dguest%3BsubStatus%3Dguest&frm=0&url=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&tiba=Kentucky%27s%20Chris%20Rodriguez%20set%20to%20face%20multi-game%20suspension%20-%20On3&async=1&fmt=3&is_vtc=1&random=1545199171&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7828 0
327 B 457ms
130ms Ping
image/gif 2a00:1450:4028:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l7jg0tq1&c=6770310097304&slotId=3385155048652&fb=ima_html5-lima&sdkv=h.3.528.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=2.0&vmfc=1&vhc=0&ghmsh_eids=44731964%2C44750822%2C44752052%2C44754420%2C44760950%2C44765701
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4028:809::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame F96C 55 KB
20 KB 30ms
30ms Script
text/javascript 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82fa3bfda70106507e30ed360a21f48281f689ddd8cfe416483cc970249a6dad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 631
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20087
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 20:45:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Thu, 01 Sep 2022 19:36:01 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 97ms
96ms Image
image/gif 3.214.35.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=nawuy2znlfeuewdso4yxqscrjvitg5sc&inx=0&rt=1495&val=&wnx=2&abc=&ty=alo&v=0&ext=0&ta=1&lnx=0&us=&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&pt=a&anx=1&arx=1&crt=0&s=0&aty=vid&tty=ac&rol=mid&sti=kdA2jH4BdAdaDOL-kBsc
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.35.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-35-174.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
last-modified: Wed, 17 Aug 2022 14:03:12 GMT
server: nginx
accept-ranges: bytes
etag: "62fcf520-23"
content-length: 35
content-type: image/gif

GET
H2 200 5713-a2bc96c961fdbef0.js Show response
www.on3.com/_next/static/chunks/ 16 KB
5 KB 34ms
33ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/5713-a2bc96c961fdbef0.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86e77300b7d6f389e8d2e17247cff3caa828ec705ed2939be3776486fad424a2

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
cf-polished: origSize=16936
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"4228-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d41ac0a9158-FRA
cf-bgj: minify

GET
H2 200 8199-26f95c151fe9f7f1.js Show response
www.on3.com/_next/static/chunks/ 10 KB
4 KB 44ms
42ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/8199-26f95c151fe9f7f1.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35ea138c5373da578057edde5832ab1118299984f8e13939a0308c4b491b275f

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
cf-polished: origSize=10280
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"2828-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d41ac0b9158-FRA
cf-bgj: minify

GET
H2 200 login-279c30bc306cae41.js Show response
www.on3.com/_next/static/chunks/pages/teams/%5Bteam%5D/ 780 B
578 B 41ms
40ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/teams/%5Bteam%5D/login-279c30bc306cae41.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cd394f5f2605e7ef0abb3cbb8c9d7afef2a4bcf111db085fda134980b51c8c8

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
cf-polished: origSize=831
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"33f-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d41ac0c9158-FRA
cf-bgj: minify

GET
H2 200 191059b8a3910414.css Show response
www.on3.com/_next/static/css/ 11 KB
3 KB 368ms
367ms Fetch
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/191059b8a3910414.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c51c490021d97dadc1df41d6d0be6223455272df00818d6330a2a05414e9a3a1

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"2d73-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d41ac0d9158-FRA

GET
H2 200 4583-94a939ddb101910f.js Show response
www.on3.com/_next/static/chunks/ 15 KB
6 KB 41ms
38ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/4583-94a939ddb101910f.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14663ff38461145cc7d58eb435da0fb3ceb9f9b67be8942656cf9ce94224c439

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
cf-polished: origSize=15684
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"3d44-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d41ac119158-FRA
cf-bgj: minify

GET
H2 200 3176-9c60e0401a08cc1d.js Show response
www.on3.com/_next/static/chunks/ 9 KB
3 KB 39ms
36ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/3176-9c60e0401a08cc1d.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c543d1202cfe7ac6477f6e3dde18eb9efa50ce7ae85691813e148f47ce1d478

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
cf-polished: origSize=9092
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"2384-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d41ac149158-FRA
cf-bgj: minify

GET
H2 200 7020-41618005e52fc303.js Show response
www.on3.com/_next/static/chunks/ 11 KB
4 KB 32ms
29ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/7020-41618005e52fc303.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1452c618842ddbc700e7f13efdf5176cc526201a4eec1aad3cdf73fec75e2b0f

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
cf-polished: origSize=11122
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"2b72-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d41ac189158-FRA
cf-bgj: minify

GET
H2 200 4686-a2b4233abbd9ec2b.js Show response
www.on3.com/_next/static/chunks/ 23 KB
8 KB 39ms
37ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/4686-a2b4233abbd9ec2b.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

758b91e91d2f01d491349f280724fee28e3072ed75be33a31748f0b60792dce1

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
cf-polished: origSize=23426
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"5b82-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d41ac1a9158-FRA
cf-bgj: minify

GET
H2 200 join-6721e594aa154939.js Show response
www.on3.com/_next/static/chunks/pages/teams/%5Bteam%5D/ 973 B
644 B 42ms
39ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/teams/%5Bteam%5D/join-6721e594aa154939.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

446571eb2c954f1347c40dae633a14ed64f86f211d859bac68889990ae137acb

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
cf-polished: origSize=1023
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"3ff-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d41ac1c9158-FRA
cf-bgj: minify

GET
H2 200 848003e952a10397.css Show response
www.on3.com/_next/static/css/ 8 KB
2 KB 661ms
659ms Fetch
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/848003e952a10397.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06e5fc7bba65723c797a3f8dc04aa0faf191594293bcde2b8c0066d1c7494a17

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"1fb7-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d41ac159158-FRA

GET
H/1.1 200
OK lreprx.js Show response
player.anyclip.com/lreprx/js/v1/src/ Frame F96C 101 KB
23 KB 19ms
19ms Script
application/javascript 178.79.227.9
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fmarketplace.anyclip.com%2Fv1%2Fwaterfall%3Fsti%3DkdA2jH4BdAdaDOL-kBsc%26w%3D795%26h%3D448%26v%3D0%26cb%3D374752060%26pid%3Dkentuckysportsradiocom%26sid%3DFXmb7y5r2dvPfMThtkTj76LUquQ9bgog%26cid%3Dnawuy2znlfeuewdso4yxqscrjvitg5sc%26wid%3D0011r00002QYAoh_1326%26dom%3Don3.com%26abc%3D%26geo%3DDE%26dev%3D1%26bw%3Dchrome%26os%3Dwindows%26ip%3D81.95.5.42%26url%3Dhttps%253A%252F%252Fwww.on3.com%252Fteams%252Fkentucky-wildcats%252Fnews%252Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%252F%26gdpr%3D%26consent%3D%26schain%3D1.0%2C1!anyclip.com%2C0011r00002QYAohAAH%2C1%2C%2C%2C%26us_privacy%3D%26utm%3D%26pl%3Da%26ima%3D4%26clipPlayCounter%3D2%26tid%3D%24%5Btid%5D%26amznbid%3D%26amzniid%3D%26ua%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F105.0.5195.52%2520Safari%252F537.36%26domain%3Don3.com%26page%3D%24%5Bpage%5D%26itemid%3D%24%5Bitemid%5D%26zone%3D%24%5Bzone%5D%26permutive%3D%24%5Bpermutive%5D%26key_custom3%3D%24%5Bcma1%5D%26gpt%3D%24%5Bgpt%5D&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&imaw=0&wf=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.9 Vienna, Austria, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-9.vie.llnw.net
Software: AmazonS3 /
Resource Hash: 37bc652619c0bcf7680db6867c2b0cd1fb19b85ad14d8bbd880cbb2991f40c2c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: ZjhjXSR5KKvqXOt40FK4Q1Cat3luHIw3
Content-Encoding: gzip
Age: 8843
Content-Length: 22900
x-amz-request-id: 4YBD9HVYDKBW6JHQ
x-amz-id-2: CKfFsBGnbhK2dOOKlRVLHCnLRrryM4nX+WlVG12abn+qH/xNaDLiPTG8etCp1yNwFNg3vOKMPCE=
Last-Modified: Tue, 30 Aug 2022 14:32:31 GMT
Server: AmazonS3
Date: Thu, 01 Sep 2022 19:31:32 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=60
Accept-Ranges: bytes
X-LLID: 050734b0e83f6cdc002edcfdfeb7d490
Expires: Thu, 01 Sep 2022 17:05:09 GMT

GET
H2 200 v3 Show response
js.stripe.com/ 326 KB
80 KB 103ms
28ms Script
text/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/4583-94a939ddb101910f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

10337690e33b727fa60fa5d7410fe831b6c53c39007dcc7a0becccd229775907

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 21
x-cache: Hit from cloudfront
date: Thu, 01 Sep 2022 19:31:11 GMT
via: 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
last-modified: Thu, 01 Sep 2022 18:29:24 GMT
server: Cloudfront
etag: W/"7cd828014a55704f455f9fbe533089ac"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: GuGTl418JBYq1Z8DM-ZBnlQ_cUu1B-Zgepd_SW5nYvVQn612QhbIuQ==

GET
H2 200 3248-0c130c2971e304df.js Show response
www.on3.com/_next/static/chunks/ 9 KB
3 KB 29ms
28ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/3248-0c130c2971e304df.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2319350d2db064f0107ea1c3a93d423418ab15a817ada171ce43eeefb792535

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
cf-polished: origSize=8754
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"2232-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d41fccb9158-FRA
cf-bgj: minify

GET
H2 200 %5Bslug%5D-603bad6c1a12feac.js Show response
www.on3.com/_next/static/chunks/pages/user/ 15 KB
5 KB 22ms
21ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/user/%5Bslug%5D-603bad6c1a12feac.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0998e01d3af476cb0bb563158fe61dd16432941c3b3c400e33bcde7b695f9b0

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
cf-polished: origSize=15194
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"3b5a-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d41fccf9158-FRA
cf-bgj: minify

GET
H2 200 9dd9757a53b5fd89.css Show response
www.on3.com/_next/static/css/ 15 KB
4 KB 179ms
178ms Fetch
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/9dd9757a53b5fd89.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9eac73c03c237d641f81b557aa646e18834c0566cbe0dfb7e1d977981579241

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"3c7b-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d41fcc79158-FRA

GET
H2 200 5141-cf006b2ae9367adc.js Show response
www.on3.com/_next/static/chunks/ 6 KB
3 KB 24ms
20ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/5141-cf006b2ae9367adc.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e5587c6d8ae7bf0cfebfc9bd81107efc3836c4030e3e4ec671a5a4bbb8c77c7

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
cf-polished: origSize=6399
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"18ff-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d420cf99158-FRA
cf-bgj: minify

GET
H2 200 9352-af20663800abdb59.js Show response
www.on3.com/_next/static/chunks/ 8 KB
3 KB 24ms
20ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/9352-af20663800abdb59.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b66213fdcb432436a3d2e0eef3eed1f05225b55d265bf0256d58bc4853215ee7

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
cf-polished: origSize=8480
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"2120-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d420cfa9158-FRA
cf-bgj: minify

GET
H2 200 118-17389a7717e36c11.js Show response
www.on3.com/_next/static/chunks/ 14 KB
5 KB 27ms
23ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/118-17389a7717e36c11.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f5031cf24d3d8b1ad9eae7cd9228832d92b1dc4d09fb43c0e5c3bdc1f1967c4

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
cf-polished: origSize=14047
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"36df-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d420cfc9158-FRA
cf-bgj: minify

GET
H2 200 7148-3fce1b5864683526.js Show response
www.on3.com/_next/static/chunks/ 22 KB
7 KB 22ms
18ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/7148-3fce1b5864683526.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69e23d2a2eedd8c72539f2cfc0055a8fec31fc7f5b864c677ccbdb04aeb7535d

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
cf-polished: origSize=22510
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"57ee-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d420cfd9158-FRA
cf-bgj: minify

GET
H2 200 %5Bteam%5D-5ceb7275de091706.js Show response
www.on3.com/_next/static/chunks/pages/teams/ 25 KB
7 KB 25ms
22ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/teams/%5Bteam%5D-5ceb7275de091706.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e1c12f1744eec6ccf155b17e421dd15260278dd88a3b96f20f30dfe8797fe16

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
cf-polished: origSize=25719
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"6477-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d420cfe9158-FRA
cf-bgj: minify

GET
H2 200 60415c36a1307964.css Show response
www.on3.com/_next/static/css/ 21 KB
5 KB 21ms
18ms Fetch
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/60415c36a1307964.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8b9c4a15ecda17415ed37c2ebe7bec2afb5fd6bda103ffb44ae22e563fd73ac

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1
cf-polished: origSize=21538
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"5422-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d420cf59158-FRA
cf-bgj: minify

GET
H2 200 30c59d3fce950812.css Show response
www.on3.com/_next/static/css/ 23 KB
6 KB 662ms
659ms Fetch
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/30c59d3fce950812.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-d533073c654df987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f264075a7d402a0ee2db22c76b0adf0d5691be23039b0ec3ec681f13077c88f

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 01 Sep 2022 17:25:12 GMT
server: cloudflare
x-frame-options: deny
etag: W/"5dcf-182fa15d8c0"
x-download-options: noopen
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-security-policy
cf-ray: 74406d420cf79158-FRA

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame F96C 376 KB
125 KB 27ms
26ms Script
text/javascript 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fmarketplace.anyclip.com%2Fv1%2Fwaterfall%3Fsti%3DkdA2jH4BdAdaDOL-kBsc%26w%3D795%26h%3D448%26v%3D0%26cb%3D374752060%26pid%3Dkentuckysportsradiocom%26sid%3DFXmb7y5r2dvPfMThtkTj76LUquQ9bgog%26cid%3Dnawuy2znlfeuewdso4yxqscrjvitg5sc%26wid%3D0011r00002QYAoh_1326%26dom%3Don3.com%26abc%3D%26geo%3DDE%26dev%3D1%26bw%3Dchrome%26os%3Dwindows%26ip%3D81.95.5.42%26url%3Dhttps%253A%252F%252Fwww.on3.com%252Fteams%252Fkentucky-wildcats%252Fnews%252Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%252F%26gdpr%3D%26consent%3D%26schain%3D1.0%2C1!anyclip.com%2C0011r00002QYAohAAH%2C1%2C%2C%2C%26us_privacy%3D%26utm%3D%26pl%3Da%26ima%3D4%26clipPlayCounter%3D2%26tid%3D%24%5Btid%5D%26amznbid%3D%26amzniid%3D%26ua%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F105.0.5195.52%2520Safari%252F537.36%26domain%3Don3.com%26page%3D%24%5Bpage%5D%26itemid%3D%24%5Bitemid%5D%26zone%3D%24%5Bzone%5D%26permutive%3D%24%5Bpermutive%5D%26key_custom3%3D%24%5Bcma1%5D%26gpt%3D%24%5Bgpt%5D&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&imaw=0&wf=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128229
x-xss-protection: 0
expires: Thu, 01 Sep 2022 19:31:32 GMT

GET
H2 200 waterfall Show response
marketplace.anyclip.com/v1/ Frame F96C 2 KB
1 KB 470ms
265ms Fetch
application/json 50.16.128.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://marketplace.anyclip.com/v1/waterfall?sti=kdA2jH4BdAdaDOL-kBsc&w=795&h=448&v=0&cb=374752060&pid=kentuckysportsradiocom&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&cid=nawuy2znlfeuewdso4yxqscrjvitg5sc&wid=0011r00002QYAoh_1326&dom=on3.com&abc=&geo=DE&dev=1&bw=chrome&os=windows&ip=81.95.5.42&url=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&amznbid=&amzniid=
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fmarketplace.anyclip.com%2Fv1%2Fwaterfall%3Fsti%3DkdA2jH4BdAdaDOL-kBsc%26w%3D795%26h%3D448%26v%3D0%26cb%3D374752060%26pid%3Dkentuckysportsradiocom%26sid%3DFXmb7y5r2dvPfMThtkTj76LUquQ9bgog%26cid%3Dnawuy2znlfeuewdso4yxqscrjvitg5sc%26wid%3D0011r00002QYAoh_1326%26dom%3Don3.com%26abc%3D%26geo%3DDE%26dev%3D1%26bw%3Dchrome%26os%3Dwindows%26ip%3D81.95.5.42%26url%3Dhttps%253A%252F%252Fwww.on3.com%252Fteams%252Fkentucky-wildcats%252Fnews%252Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%252F%26gdpr%3D%26consent%3D%26schain%3D1.0%2C1!anyclip.com%2C0011r00002QYAohAAH%2C1%2C%2C%2C%26us_privacy%3D%26utm%3D%26pl%3Da%26ima%3D4%26clipPlayCounter%3D2%26tid%3D%24%5Btid%5D%26amznbid%3D%26amzniid%3D%26ua%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F105.0.5195.52%2520Safari%252F537.36%26domain%3Don3.com%26page%3D%24%5Bpage%5D%26itemid%3D%24%5Bitemid%5D%26zone%3D%24%5Bzone%5D%26permutive%3D%24%5Bpermutive%5D%26key_custom3%3D%24%5Bcma1%5D%26gpt%3D%24%5Bgpt%5D&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&imaw=0&wf=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.128.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-128-157.compute-1.amazonaws.com
Software: /
Resource Hash: 500ea233947fd55ac0cdc510b5cac674c2e02b6ae1cebf4354781f47e0927958

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: https://www.on3.com
date: Thu, 01 Sep 2022 19:31:33 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 959
access-control-allow-methods: GET
content-type: application/json

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 99ms
99ms Image
image/gif 3.214.35.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=nawuy2znlfeuewdso4yxqscrjvitg5sc&inx=0&rt=1582&val=1.1.30_235_prod&wnx=2&abc=&ty=xlo&v=0&ext=0&ta=1&lnx=0&us=&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&pt=a&sti=kdA2jH4BdAdaDOL-kBsc
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.35.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-35-174.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
last-modified: Wed, 17 Aug 2022 14:03:12 GMT
server: nginx
accept-ranges: bytes
etag: "62fcf520-23"
content-length: 35
content-type: image/gif

GET
H3 200 bridge3.528.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame E845 637 KB
206 KB 23ms
22ms Document
text/html 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 47421
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210604
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 06:21:11 GMT
expires: Fri, 01 Sep 2023 06:21:11 GMT
last-modified: Mon, 29 Aug 2022 20:41:35 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ Frame F96C 44 KB
16 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Sep 2022 19:31:32 GMT

GET
H2 200 events
marketplace.anyclip.com/v1/ Frame F96C 0
37 B 117ms
116ms Image
text/plain 50.16.128.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marketplace.anyclip.com/v1/events?ty=arq&sti=kdA2jH4BdAdaDOL-kBsc&dti=l4iMqYEBlB2wT2eMP4c6&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&v=0&cid=nawuy2znlfeuewdso4yxqscrjvitg5sc&abc=&dev=1&dom=on3.com&bw=chrome&os=windows&cpm=4
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.128.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-128-157.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:33 GMT
content-length: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame F96C 107 B
122 B 40ms
21ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.on3.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 19:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 99ms
99ms Image
image/gif 3.214.35.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=nawuy2znlfeuewdso4yxqscrjvitg5sc&inx=0&rt=2054&val=&wnx=2&abc=&ty=xil&v=0&ext=0&ta=1&lnx=0&us=&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&pt=a
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.35.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-35-174.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:33 GMT
last-modified: Wed, 17 Aug 2022 14:03:12 GMT
server: nginx
accept-ranges: bytes
etag: "62fcf520-23"
content-length: 35
content-type: image/gif

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E845 156 B
977 B 448ms
393ms XHR
text/xml 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21939239661%2C22647169314%2Fapl%2Fac1984%2Fvast5target&description_url=on3.com&tfcd=0&npa=0&sz=400x300&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4330568929861385&vpa=auto&vpmute=0&sdkv=h.3.528.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=3926586068&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&sid=9B3C1479-BDA0-4B69-A084-D8D0978158DF&nel=0&eid=31061774%2C44754420%2C44760950%2C44765701&ref=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&url=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&top=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&loc=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&dlt=1662060692711&idt=405&dt=1662060693349&cookie_enabled=1&scor=2783666980771641&ged=ve4_td0_tt0_pd0_la0_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 u-440qyriQwlOrhSvowK_l5OeA.woff
fonts.gstatic.com/s/merriweather/v30/ 72 KB
72 KB 11ms
11ms Font
font/woff 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5OeA.woff

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d13ad9513eac3c6ed7451b79ca1d4ab6a0a36eae1c4ac9f98ed70a13c4753ce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.on3.com/
Origin: https://www.on3.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 08:46:58 GMT
x-content-type-options: nosniff
age: 125075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74096
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 08:46:58 GMT

GET
H2 200 avatar.png
on3static.com/cdn-cgi/image/height=48,width=48/static/on3/ 532 B
751 B 23ms
19ms Image
image/png 2606:4700:10::6816:22d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=48,width=48/static/on3/avatar.png

Requested by

Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:22d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

285cdac13f4a93c4e1f445057f7ba9bf0572611a012abc9fb115e6f249fc0d10

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
vary: Accept, Accept-Encoding
content-length: 532
last-modified: Fri, 23 Jul 2021 13:45:14 GMT
server: cloudflare
etag: "cfUpDGfevt_wk6TZY8NzBXOg:43b7db52f356b2fb3b79d3b908de2134"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=691200
cf-resized: internal=ok/h q=0 n=152 c=12 v=2022.8.0 l=532
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
accept-ranges: bytes
cf-ray: 74406d4739595b8c-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 events
marketplace.anyclip.com/v1/ Frame F96C 0
37 B 113ms
113ms Image
text/plain 50.16.128.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marketplace.anyclip.com/v1/events?ty=arq&sti=kdA2jH4BdAdaDOL-kBsc&dti=rHKMqYEBvkyXq-6V3szC&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&v=0&cid=nawuy2znlfeuewdso4yxqscrjvitg5sc&abc=&dev=1&dom=on3.com&bw=chrome&os=windows&cpm=4
Requested by: Host: www.on3.com
URL: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.128.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-128-157.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:33 GMT
content-length: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame F96C 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.on3.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 19:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E845 156 B
142 B 417ms
399ms XHR
text/xml 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C22647169314%2Fapl%2Fac1984%2Fvast5target&description_url=http%3A%2F%2Fon3.com&tfcd=0&npa=0&sz=400x300&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4299340251027890&vpa=auto&vpmute=0&sdkv=h.3.528.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=3926586068&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&sid=9B3C1479-BDA0-4B69-A084-D8D0978158DF&nel=0&eid=31061774%2C44754420%2C44760950%2C44765701&ref=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&url=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&top=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&loc=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&dlt=1662060692711&idt=405&dt=1662060693957&cookie_enabled=1&scor=418943154179608&ged=ve4_td1_tt1_pd1_la1000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m-outer-2a0f7db50009238158f4274fa211fa55.html Show response
js.stripe.com/v3/ Frame 3414 186 B
1 KB 11ms
11ms Document
text/html 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-2a0f7db50009238158f4274fa211fa55.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

80583de98e5b41831986362db5e185b094a0bb376d1926aa16341ff21a018a4c

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2060
cache-control: max-age=31536000
content-length: 186
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 01 Sep 2022 18:57:15 GMT
etag: "2a0f7db50009238158f4274fa211fa55"
last-modified: Thu, 01 Sep 2022 17:56:04 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
x-amz-cf-id: YDtJ26sLMRF2x1jl2FYsBaEsZykrDX6qfgU6MEhrDAsnb7-F2NE6Lw==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 rum Show response
www.on3.com/cdn-cgi/ 0
78 B 29ms
28ms XHR
text/plain 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
content-type: application/json

Response headers

date: Thu, 01 Sep 2022 19:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.on3.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 74406d4ade4f9158-FRA
vary: Origin

POST
H2 200 rum Show response
www.on3.com/cdn-cgi/ 0
221 B 27ms
17ms XHR
text/plain 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.on3.com/teams/kentucky-wildcats/news/kentuckys-chris-rodriguez-set-to-face-multi-game-suspension/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
content-type: application/json

Response headers

date: Thu, 01 Sep 2022 19:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.on3.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 74406d4afe7a9158-FRA
vary: Origin

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 52ms
21ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f62054be93b9f30643e209e390ae4299eb0501d1d89d9c8a3c6ee496ea9bd99c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26683
x-xss-protection: 0
pragma: public
x-fb-debug: SDEyudtynmSfgFADhBOKv0RajR0fZ69ocsjamAmQZMxnR0e1luZKGYgnPkEnR/f6suKX/0kgrb8UwggEPOLyRg==
x-fb-trip-id: 2071890597
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 01 Sep 2022 19:31:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/36671852/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

10ms
9ms

Script
application/javascript

13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Protocol: H2
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:26:37 GMT
content-encoding: gzip
etag: W/"5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 298
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: iRzLfA81qMU96xmn9fvv0aL__CT-v76rVxCXMySrriKC3dqoL_PUww==

Redirect headers

location: /internal-cs/default/beacon.js
date: Thu, 01 Sep 2022 19:31:34 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 0
x-amz-cf-id: NbGow4Unc0VO967drDw35CX_yqL9ecpTg-jgloq6piMnrqmJ5I7NRQ==
x-cache: Miss from cloudfront

POST
H2 200 csp-report
q.stripe.com/ Frame 3414 0
570 B 571ms
181ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 01 Sep 2022 19:31:34 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 3414 0
571 B 570ms
180ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 01 Sep 2022 19:31:34 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-900a76d673da7dda0f4c2eb5c9c54cdd.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3414 526 B
1022 B 9ms
9ms Script
text/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-900a76d673da7dda0f4c2eb5c9c54cdd.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-2a0f7db50009238158f4274fa211fa55.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-2a0f7db50009238158f4274fa211fa55.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
via: 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 18
x-cache: Hit from cloudfront
date: Thu, 01 Sep 2022 19:31:17 GMT
content-length: 526
last-modified: Thu, 01 Sep 2022 17:56:03 GMT
server: Cloudfront
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: L4VQaV_Cy3fesydHfMTo0K_mo_kkb_GifxYMjV4cvwv90EYRtGAJyQ==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 46E3 930 B
1 KB 93ms
33ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-900a76d673da7dda0f4c2eb5c9c54cdd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 197
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 01 Sep 2022 19:31:34 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 251
x-content-type-options: nosniff
x-request-id: c0f3cd51-69e1-492d-b53d-b490825ad2e5
x-served-by: cache-hhn4033-HHN
x-timer: S1662060694.323870,VS0,VE0

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 9ms
9ms Image
text/plain 13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=36671852&cs_it=b2&cv=3.8.0.210223&ns__t=1662060694275&ns_c=UTF-8&c7=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&c8=Kentucky%27s%20Chris%20Rodriguez%20set%20to%20face%20multi-game%20suspension%20-%20On3&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:34 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: qVppkqrC6ryM6URt_n7QnJXyFblVsef1IsKdo758LyJC20FpXLAa9Q==
x-cache: Miss from cloudfront

GET
H3 200 356775472752325 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 108ms
86ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/356775472752325?v=2.9.78&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2db7c93db8ff6a6d1ae4d349735cd82dd6a0684aca3599d3ad2818c3bfd4e6fe

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: qHei89ffdlrKkXzQEG2CcmfOqiOQ+zzDf5Pf5oRwGnvHZbpLCFA2C6TnLuGtRMtxsjz+CI5wLnlrIBblMCvkKg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 01 Sep 2022 19:31:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 46E3 0
345 B 461ms
198ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:34 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 19
x-robots-tag: none
content-length: 0
x-content-type-options: nosniff
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 46E3 86 KB
16 KB 14ms
13ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 53
x-cache: HIT
content-length: 16031
x-request-id: 38ffd47c-e94a-4833-a963-c5de08fd96dc
x-served-by: cache-hhn4033-HHN
server: Fastly
x-timer: S1662060694.366776,VS0,VE0
date: Thu, 01 Sep 2022 19:31:34 GMT
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 92

GET
H2 200 events
marketplace.anyclip.com/v1/ Frame F96C 0
37 B 114ms
114ms Image
text/plain 50.16.128.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marketplace.anyclip.com/v1/events?ty=arq&sti=kdA2jH4BdAdaDOL-kBsc&dti=g8Bem34BGT3pD1fjDLac&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&v=0&cid=nawuy2znlfeuewdso4yxqscrjvitg5sc&abc=&dev=1&dom=on3.com&bw=chrome&os=windows&cpm=2.155151844024658
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.128.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-128-157.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:34 GMT
content-length: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame F96C 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.on3.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 19:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E845 8 KB
1 KB 73ms
73ms XHR
text/xml 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F127641337%2C22647169314%2FAdPoddingon3.com1326&description_url=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&env=vp&tfcd=0&correlator=1260375052561129&gdfp_req=1&output=xml_vmap1&sz=640x480&unviewed_position_start=1&ad_rule=1&npa=0&gdpr_consent=_755&gdpr&cust_params=domainname%3Don3.com%26clipid%3Dnawuy2znlfeuewdso4yxqscrjvitg5sc%26sid%3DFXmb7y5r2dvPfMThtkTj76LUquQ9bgog%26tid%3D%24%5Btid%5D%26sti%3DkdA2jH4BdAdaDOL-kBsc%26dti%3Dg8Bem34BGT3pD1fjDLac%26viewability%3D0%26sspblockurl%3D&vpa=auto&vpmute=0&sdkv=h.3.528.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=3926586068&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&sid=9B3C1479-BDA0-4B69-A084-D8D0978158DF&nel=0&eid=31061774%2C44754420%2C44760950%2C44765701&ref=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&url=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&top=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&loc=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&dlt=1662060692711&idt=405&dt=1662060694500&cookie_enabled=1&scor=748598400444842&ged=ve4_td1_tt1_pd1_la1000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

91575a10850122a65400a7dc02db99e7f4c9ecf40afff5ac6cea4d106f20009c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1241
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 46E3 156 B
522 B 562ms
180ms XHR
application/json 52.11.0.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.0.105 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-0-105.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

5667f59f55f95993e2e876c9f54f9a63d381e7327c8e2edf5bc75300bd8d4249

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 01 Sep 2022 19:31:34 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 events
marketplace.anyclip.com/v1/ Frame F96C 0
37 B 115ms
114ms Image
text/plain 50.16.128.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marketplace.anyclip.com/v1/events?ty=alo&sti=kdA2jH4BdAdaDOL-kBsc&dti=g8Bem34BGT3pD1fjDLac&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&v=0&cid=nawuy2znlfeuewdso4yxqscrjvitg5sc&abc=&dev=1&dom=on3.com&bw=chrome&os=windows&cpm=2.155151844024658
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.128.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-128-157.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:34 GMT
content-length: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E845 156 B
142 B 59ms
58ms XHR
text/xml 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F127641337%2FAdPoddingon3.com1326&sz=640x480&ciu_szs&cust_params=domainname%3Don3.com%26clipid%3Dnawuy2znlfeuewdso4yxqscrjvitg5sc%26sid%3DFXmb7y5r2dvPfMThtkTj76LUquQ9bgog%26tid%3D%24%5Btid%5D%26sti%3DkdA2jH4BdAdaDOL-kBsc%26dti%3Dg8Bem34BGT3pD1fjDLac%26viewability%3D0%26sspblockurl%3D&url=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.52%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&bumper=before&min_ad_duration=0&max_ad_duration=10000&vrid=1163304&sb=1&sid=9B3C1479-BDA0-4B69-A084-D8D0978158DF&adk=3926586068&cookie_enabled=1&correlator=1260375052561129&dlt=1662060692711&dt=1662060694595&gdpr&gdpr_consent=_755&ged=ve4_td2_tt2_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491&idt=405&is_amp=0&loc=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&npa=false&omid_p=Google1%2Fh.3.528.0&osd=2&ptt=20&ref=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&scor=748598400444842&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=31061774%2C44754420%2C44760950%2C44765701&hl=en&frm=0&sdki=44d&sdkv=h.3.528.0&sdr=1&vpa=auto&vpmute=0&nel=0&afvsz=450x50%2C468x60%2C480x70%2C728x90&cnc=22647169314&kfa=0&tfcd=0&ctv=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E845 156 B
142 B 284ms
283ms XHR
text/xml 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F127641337%2FAdPoddingon3.com1326&sz=640x480&ciu_szs&cust_params=domainname%3Don3.com%26clipid%3Dnawuy2znlfeuewdso4yxqscrjvitg5sc%26sid%3DFXmb7y5r2dvPfMThtkTj76LUquQ9bgog%26tid%3D%24%5Btid%5D%26sti%3DkdA2jH4BdAdaDOL-kBsc%26dti%3Dg8Bem34BGT3pD1fjDLac%26viewability%3D0%26sspblockurl%3D&url=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.52%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&min_ad_duration=0&max_ad_duration=31000&vrid=1163304&sid=9B3C1479-BDA0-4B69-A084-D8D0978158DF&adk=3926586068&cookie_enabled=1&correlator=1260375052561129&dlt=1662060692711&dt=1662060694661&gdpr&gdpr_consent=_755&ged=ve4_td2_tt2_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491&idt=405&is_amp=0&loc=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&npa=false&omid_p=Google1%2Fh.3.528.0&osd=2&ptt=20&ref=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&scor=748598400444842&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=31061774%2C44754420%2C44760950%2C44765701&hl=en&frm=0&sdki=44d&sdkv=h.3.528.0&sdr=1&vpa=auto&vpmute=0&nel=0&afvsz=450x50%2C468x60%2C480x70%2C728x90&cnc=22647169314&kfa=0&tfcd=0&ctv=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E845 156 B
142 B 53ms
52ms XHR
text/xml 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F127641337%2FAdPoddingon3.com1326&sz=640x480&ciu_szs&cust_params=domainname%3Don3.com%26clipid%3Dnawuy2znlfeuewdso4yxqscrjvitg5sc%26sid%3DFXmb7y5r2dvPfMThtkTj76LUquQ9bgog%26tid%3D%24%5Btid%5D%26sti%3DkdA2jH4BdAdaDOL-kBsc%26dti%3Dg8Bem34BGT3pD1fjDLac%26viewability%3D0%26sspblockurl%3D&url=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.52%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=2&lip=true&min_ad_duration=0&max_ad_duration=30000&vrid=1163304&sid=9B3C1479-BDA0-4B69-A084-D8D0978158DF&adk=3926586068&cookie_enabled=1&correlator=1260375052561129&dlt=1662060692711&dt=1662060694951&gdpr&gdpr_consent=_755&ged=ve4_td2_tt2_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491&idt=405&is_amp=0&loc=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&npa=false&omid_p=Google1%2Fh.3.528.0&osd=2&ptt=20&ref=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&scor=748598400444842&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=31061774%2C44754420%2C44760950%2C44765701&hl=en&frm=0&sdki=44d&sdkv=h.3.528.0&sdr=1&vpa=auto&vpmute=0&nel=0&afvsz=450x50%2C468x60%2C480x70%2C728x90&cnc=22647169314&kfa=0&tfcd=0&ctv=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E845 156 B
142 B 49ms
49ms XHR
text/xml 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F127641337%2FAdPoddingon3.com1326&sz=640x480&ciu_szs&cust_params=domainname%3Don3.com%26clipid%3Dnawuy2znlfeuewdso4yxqscrjvitg5sc%26sid%3DFXmb7y5r2dvPfMThtkTj76LUquQ9bgog%26tid%3D%24%5Btid%5D%26sti%3DkdA2jH4BdAdaDOL-kBsc%26dti%3Dg8Bem34BGT3pD1fjDLac%26viewability%3D0%26sspblockurl%3D&url=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.52%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&bumper=after&min_ad_duration=0&max_ad_duration=10000&vrid=1163304&sb=1&sid=9B3C1479-BDA0-4B69-A084-D8D0978158DF&adk=3926586068&cookie_enabled=1&correlator=1260375052561129&dlt=1662060692711&dt=1662060695009&gdpr&gdpr_consent=_755&ged=ve4_td2_tt2_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491&idt=405&is_amp=0&loc=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&npa=false&omid_p=Google1%2Fh.3.528.0&osd=2&ptt=20&ref=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&scor=748598400444842&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=31061774%2C44754420%2C44760950%2C44765701&hl=en&frm=0&sdki=44d&sdkv=h.3.528.0&sdr=1&vpa=auto&vpmute=0&nel=0&afvsz=450x50%2C468x60%2C480x70%2C728x90&cnc=22647169314&kfa=0&tfcd=0&ctv=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK iiq.js Show response
player.anyclip.com/lreprx/js/v1/src/ Frame F96C 42 KB
10 KB 19ms
19ms Script
application/javascript 178.79.227.9
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.anyclip.com/lreprx/js/v1/src/iiq.js
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fmarketplace.anyclip.com%2Fv1%2Fwaterfall%3Fsti%3DkdA2jH4BdAdaDOL-kBsc%26w%3D795%26h%3D448%26v%3D0%26cb%3D374752060%26pid%3Dkentuckysportsradiocom%26sid%3DFXmb7y5r2dvPfMThtkTj76LUquQ9bgog%26cid%3Dnawuy2znlfeuewdso4yxqscrjvitg5sc%26wid%3D0011r00002QYAoh_1326%26dom%3Don3.com%26abc%3D%26geo%3DDE%26dev%3D1%26bw%3Dchrome%26os%3Dwindows%26ip%3D81.95.5.42%26url%3Dhttps%253A%252F%252Fwww.on3.com%252Fteams%252Fkentucky-wildcats%252Fnews%252Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%252F%26gdpr%3D%26consent%3D%26schain%3D1.0%2C1!anyclip.com%2C0011r00002QYAohAAH%2C1%2C%2C%2C%26us_privacy%3D%26utm%3D%26pl%3Da%26ima%3D4%26clipPlayCounter%3D2%26tid%3D%24%5Btid%5D%26amznbid%3D%26amzniid%3D%26ua%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F105.0.5195.52%2520Safari%252F537.36%26domain%3Don3.com%26page%3D%24%5Bpage%5D%26itemid%3D%24%5Bitemid%5D%26zone%3D%24%5Bzone%5D%26permutive%3D%24%5Bpermutive%5D%26key_custom3%3D%24%5Bcma1%5D%26gpt%3D%24%5Bgpt%5D&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&imaw=0&wf=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.9 Vienna, Austria, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-9.vie.llnw.net
Software: AmazonS3 /
Resource Hash: fc90d08e0688535c640a1d604c6e10eee2188d9c02714789fc0a6919be5a0041

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: F4jrLLYkdH53OKYp4IA1NwnoYofqtCiT
Content-Encoding: gzip
Age: 8847
Content-Length: 9459
x-amz-request-id: 4YB9X73N0V0FFBQS
x-amz-id-2: l/4JCh2PBeI37POmb0MtgPi/L0AYdvdL5TX9MKJ/+5/UteCxzYS0g/Z3PpNscVb9FYvkBg2U+HA=
Last-Modified: Tue, 30 Aug 2022 14:32:31 GMT
Server: AmazonS3
Date: Thu, 01 Sep 2022 19:31:35 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=60
Accept-Ranges: bytes
X-LLID: e99240a8e8780ec63154c0abd4808948
Expires: Thu, 01 Sep 2022 17:05:08 GMT

GET
H/1.1 200
OK prebid.js Show response
player.anyclip.com/lreprx/js/v1/src/ Frame F96C 480 KB
149 KB 43ms
16ms Script
application/javascript 178.79.227.9
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.anyclip.com/lreprx/js/v1/src/prebid.js
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fmarketplace.anyclip.com%2Fv1%2Fwaterfall%3Fsti%3DkdA2jH4BdAdaDOL-kBsc%26w%3D795%26h%3D448%26v%3D0%26cb%3D374752060%26pid%3Dkentuckysportsradiocom%26sid%3DFXmb7y5r2dvPfMThtkTj76LUquQ9bgog%26cid%3Dnawuy2znlfeuewdso4yxqscrjvitg5sc%26wid%3D0011r00002QYAoh_1326%26dom%3Don3.com%26abc%3D%26geo%3DDE%26dev%3D1%26bw%3Dchrome%26os%3Dwindows%26ip%3D81.95.5.42%26url%3Dhttps%253A%252F%252Fwww.on3.com%252Fteams%252Fkentucky-wildcats%252Fnews%252Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%252F%26gdpr%3D%26consent%3D%26schain%3D1.0%2C1!anyclip.com%2C0011r00002QYAohAAH%2C1%2C%2C%2C%26us_privacy%3D%26utm%3D%26pl%3Da%26ima%3D4%26clipPlayCounter%3D2%26tid%3D%24%5Btid%5D%26amznbid%3D%26amzniid%3D%26ua%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F105.0.5195.52%2520Safari%252F537.36%26domain%3Don3.com%26page%3D%24%5Bpage%5D%26itemid%3D%24%5Bitemid%5D%26zone%3D%24%5Bzone%5D%26permutive%3D%24%5Bpermutive%5D%26key_custom3%3D%24%5Bcma1%5D%26gpt%3D%24%5Bgpt%5D&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&imaw=0&wf=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.9 Vienna, Austria, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-9.vie.llnw.net
Software: AmazonS3 /
Resource Hash: ca4fc4fd910f2db3c0b8e9d1b7de96df499321207e7e90b2745fef4de3d4d0d3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: gIOtwuBCNywQw7.uqDn8jyWmCE_FHQjm
Content-Encoding: gzip
Age: 8846
Content-Length: 152213
x-amz-request-id: 4YB1YB8V12R4EYDV
x-amz-id-2: 5f58ddUXmZwVsFMwb5SCO/JCLDTCNlz3GNz1N6LmwFIjiJPUvwNUyySwzP0ChQUG3zhWo93keXQ=
Last-Modified: Tue, 30 Aug 2022 14:32:31 GMT
Server: AmazonS3
Date: Thu, 01 Sep 2022 19:31:35 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=60
Accept-Ranges: bytes
X-LLID: 03f80b8c6eac101ba236ddcba57bbbe5
Expires: Thu, 01 Sep 2022 17:05:09 GMT

GET
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame F96C 36 B
558 B 283ms
27ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=476141&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%221dd4ee790e6c1f%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F%22%2C%22domain%22%3A%22on3.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22on3.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.9.0%22%2C%22userIds%22%3A%5B%22pubProvidedId%22%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22RVsyF38B5vSrw48_vhrf%22%2C%22adunitcode%22%3A%22RVsyF38B5vSrw48_vhrf%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2221dedddf5a1f34%22%2C%22ext%22%3A%7B%22siteID%22%3A%22476141%22%2C%22tid%22%3A%22485ce92d-da5c-4947-8020-538573bb5bc9%22%2C%22sid%22%3A%22795x448%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22minduration%22%3A0%2C%22maxduration%22%3A200%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%5D%2C%22api%22%3A%5B2%5D%2C%22startdelay%22%3A0%2C%22playbackmethod%22%3A%5B3%5D%2C%22protocols%22%3A%5B2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22placement%22%3A1%2C%22playerSize%22%3A%5B%5B795%2C448%5D%5D%2C%22w%22%3A795%2C%22h%22%3A448%7D%2C%22bidfloor%22%3A1.5%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22anyclip.com%22%2C%22sid%22%3A%220011r00002QYAohAAH%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b07868e2b0923a4218cc25425c6cd7ad8f5a71f3a558ffcbd532d422cec03ef9

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6pRu4f4e7ZAaaQ7SiKQvlK10a2lNTDGU8sDihBoiAOANCEudvzHYwZMfOQyljqszYwXK7EoTWwZYB6EOYmT9Yq2KFjkFus95xEEh7%2Fkv6RHEYPhk6lG0kXdzcIt33GRKobcHs5c"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.on3.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 74406d525b145c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame F96C 0
57 B 61ms
60ms XHR
text/plain 185.64.190.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.on3.com
date: Thu, 01 Sep 2022 19:31:33 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 events
marketplace.anyclip.com/v1/ Frame F96C 0
37 B 113ms
112ms Image
text/plain 50.16.128.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marketplace.anyclip.com/v1/events?ty=arq&sti=kdA2jH4BdAdaDOL-kBsc&dti=FcLE_X4BGT3pD1fjbjYO&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&v=0&cid=nawuy2znlfeuewdso4yxqscrjvitg5sc&abc=&dev=1&dom=on3.com&bw=chrome&os=windows&floor=1.5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.128.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-128-157.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:35 GMT
content-length: 0

GET
H2 200 events
marketplace.anyclip.com/v1/ Frame F96C 0
37 B 113ms
113ms Image
text/plain 50.16.128.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marketplace.anyclip.com/v1/events?ty=arq&sti=kdA2jH4BdAdaDOL-kBsc&dti=RVsyF38B5vSrw48_vhrf&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&v=0&cid=nawuy2znlfeuewdso4yxqscrjvitg5sc&abc=&dev=1&dom=on3.com&bw=chrome&os=windows&floor=1.5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.128.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-128-157.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:35 GMT
content-length: 0

GET
H2 200 events
marketplace.anyclip.com/v1/ Frame F96C 0
37 B 118ms
117ms Image
text/plain 50.16.128.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marketplace.anyclip.com/v1/events?ty=arq&sti=kdA2jH4BdAdaDOL-kBsc&dti=q9Bbm34BdAdaDOL-U1Ld&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&v=0&cid=nawuy2znlfeuewdso4yxqscrjvitg5sc&abc=&dev=1&dom=on3.com&bw=chrome&os=windows&cpm=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.128.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-128-157.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:35 GMT
content-length: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame F96C 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.on3.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 19:31:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 657454 Show response
vid.springserve.com/vast/ Frame E845 3 KB
2 KB 303ms
102ms XHR
application/xml 18.204.159.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/657454?ima=4&w=795&h=448&url=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&cb=374752060&widgetid=0011r00002QYAoh_1326&lob=&clipid=nawuy2znlfeuewdso4yxqscrjvitg5sc&key_custom1=^w=0011r00002QYAoh_1326^c=nawuy2znlfeuewdso4yxqscrjvitg5sc^i=2^ab=^v=0^p=kentuckysportsradiocom&key_custom2=^d=on3.com^u=^dv=1^co=DE^pl=a&gdpr=&consent=&viewability=0&schain=1.0,1!anyclip.com,0011r00002QYAohAAH,1,,,&us_privacy=&domain=on3.com&amznbid-rn=$[amznbid-rn]&amzniid=&key_custom3=$[cma1]
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.204.159.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-159-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f4a9edabc19ddf9bc17c45c94c1a3cc2b5a5baac49acbe8a293fb03052ad96f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: https://imasdk.googleapis.com
date: Thu, 01 Sep 2022 19:31:35 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-encoding: gzip
content-type: application/xml;charset=UTF-8

GET
H2 200 events
marketplace.anyclip.com/v1/ Frame F96C 0
37 B 114ms
114ms Image
text/plain 50.16.128.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marketplace.anyclip.com/v1/events?ty=alo&sti=kdA2jH4BdAdaDOL-kBsc&dti=q9Bbm34BdAdaDOL-U1Ld&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&v=0&cid=nawuy2znlfeuewdso4yxqscrjvitg5sc&abc=&dev=1&dom=on3.com&bw=chrome&os=windows&cpm=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.128.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-128-157.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:35 GMT
content-length: 0

POST
H3 204 csi
csi.gstatic.com/ Frame E845 0
17 B 249ms
128ms Ping
image/gif 2a00:1450:4028:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l7jg0ui5&c=6770310097304&slotId=3385155048652&fb=ima_html5-lima&sdkv=h.3.528.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=3.0&ghmsh_eids=31061774%2C44754420%2C44760950%2C44765701&vmfc=1&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4028:809::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:35 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame FE71 55 KB
20 KB 21ms
20ms Script
text/javascript 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82fa3bfda70106507e30ed360a21f48281f689ddd8cfe416483cc970249a6dad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 634
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20087
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 20:45:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Thu, 01 Sep 2022 19:36:01 GMT

GET
H2 200 vpaid_6d8da985.js Show response
vpaid.springserve.com/production/ Frame FE71 506 KB
89 KB 77ms
10ms Script
application/javascript 2600:9000:2156:2000:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2000:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e8003ad291ba3bd8691f5b0754b18daa4f89147dd3f27f204c651cd8d5fbf8f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:44:33 GMT
content-encoding: br
last-modified: Thu, 28 Jul 2022 16:39:44 GMT
server: AmazonS3
age: 355623
etag: W/"9026fbc1fc8aafffe9b6d2458d235a3a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: rXFLBzooTKfx3hjoB8-ryFs-zeHw34xgFESvv3BV61eEiaJSIMbJOA==

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame FE71 19 B
699 B 10ms
10ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 19:31:35 GMT
X-Proxy-Origin: 81.95.5.42; 81.95.5.42; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4ae9d97b-fa48-4019-af70-ac2c0f4327de
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.on3.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 i Show response
vid-io-iad.springserve.com/vd/ Frame FE71 0
148 B 441ms
101ms XHR
text/plain 18.207.62.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-iad.springserve.com/vd/i?suuid=4aae1ebf&ps_id=657454&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_6d8da985.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.62.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-62-173.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.on3.com
date: Thu, 01 Sep 2022 19:31:36 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
access-control-allow-methods: GET, OPTIONS

POST csi
csi.gstatic.com/ Frame E845 0
0

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 97ms
96ms Image
image/gif 3.214.35.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=nawuy2znlfeuewdso4yxqscrjvitg5sc&inx=0&rt=5201&val=An+unexpected+error+occurred+within+the+VPAID+creative.+Refer+to+the+inner+error+for+more+info.+%7C%7C+Error%3A+END_OF_CYCLE&wnx=2&abc=&ty=aer&v=0&ext=0&ta=1&lnx=0&us=&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&pt=a&anx=1&arx=1&crt=0&s=0&aty=vid&tty=ac&rol=mid&sti=kdA2jH4BdAdaDOL-kBsc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.35.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-35-174.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:36 GMT
last-modified: Wed, 17 Aug 2022 14:03:12 GMT
server: nginx
accept-ranges: bytes
etag: "62fcf520-23"
content-length: 35
content-type: image/gif

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 40ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.on3.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 19:31:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.on3.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 19:31:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 470 KB
48 KB 1142ms
1142ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1977865778251879&correlator=172171021140069&hxva=1&scor=4237609873979204&eid=31068458%2C44771143&output=ldjh&gdfp_req=1&vrg=2022082901&ptt=17&impl=fifs&iu_parts=4670326%2Cdw-ott%2Carticle&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=300x250%2C300x250%2C300x250&ifi=1&adks=2310559973%2C2036410406%2C2001643284&sfv=1-0-38&fsapi=false&prev_scp=pos%3Dtop%26amznbid%3D2%26amznp%3D2%7Cpos%3Dmiddle%26amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=ptype%3Darticle%26referrer%3Ddirect%26team%3Dkentucky-wildcats%26siteType%3DTeam%26userStatus%3Dguest%26siteKey%3D24%26contentId%3D875311%26authorId%3D74%26categoryKey%3D78&sc=1&cookie_enabled=1&abxe=1&dt=1662060697191&lmt=1662060697&dlt=1662060690532&idt=1115&adxs=1170%2C1170%2C573&adys=441%2C716%2C1502&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&frm=20&vis=1&psz=300x525%7C300x525%7C795x2082&msz=300x250%7C300x250%7C795x270&fws=512%2C512%2C4&ohw=0%2C0%2C990&ga_vid=81929316.1662060692&ga_sid=1662060697&ga_hid=782572054&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d68eac6a71cc42c7b4cac44d2cb1b2a588c892c61d423abeccf78b929bed47f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48732
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.on3.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 429 B
263 B 50ms
49ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1977865778251879&correlator=4309342801077202&hxva=1&scor=4237609873979204&eid=31068458%2C44771143&output=ldjh&gdfp_req=1&vrg=2022082901&ptt=17&impl=fifs&iu_parts=4670326%2Cdw-ott%2Carticle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=4x4&ifi=4&adks=1138901854&sfv=1-0-38&fsapi=false&eri=1&cust_params=ptype%3Darticle%26referrer%3Ddirect%26team%3Dkentucky-wildcats%26siteType%3DTeam%26userStatus%3Dguest%26siteKey%3D24%26contentId%3D875311%26authorId%3D74%26categoryKey%3D78&sc=1&cookie_enabled=1&abxe=1&dt=1662060697201&lmt=1662060697&dlt=1662060690532&idt=1115&adxs=0&adys=30763&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&frm=20&vis=1&psz=1600x30762&msz=1600x0&fws=0&ohw=0&ga_vid=81929316.1662060692&ga_sid=1662060697&ga_hid=782572054&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d6491065c42b0fa01e12e39c3a56e3f25dc2106cbfdec3730cc74e9b720aaf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 82ms
56ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a34b591c444fabd1f896f4c10c7b73eb854b5d11f6d834ef15a5f5001a8cfec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 19:31:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10942
x-xss-protection: 0

GET
H2 200 container.html Show response
3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D571 6 KB
4 KB 83ms
15ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 19:31:37 GMT
expires: Fri, 01 Sep 2023 19:31:37 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 38ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-D6C0XT55DS&gtm=2oe8t0&_p=782572054&cid=81929316.1662060692&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1662060692&sct=1&seg=1&dl=https%3A%2F%2Fwww.on3.com%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&dt=Kentucky%27s%20Chris%20Rodriguez%20set%20to%20face%20multi-game%20suspension%20-%20On3&en=page_view&_ee=1&ep.page_path=%2Fteams%2Fkentucky-wildcats%2Fnews%2Fkentuckys-chris-rodriguez-set-to-face-multi-game-suspension%2F&ep.authorName=jackpilgrim&ep.authorId=74&ep.pathName=%2Fteams%2F%5Bteam%5D%2Fnews%2F%5Bslug%5D&ep.category=undefined&ep.contentId=875311&ep.teamName=kentucky-wildcats&ep.siteName=KSR&ep.siteKey=24&ep.siteType=Team&ep.user=undefined&ep.platform=web&ep.categoryKey=78&ep.pageType=article&ep.userStatus=guest&ep.subStatus=guest&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D6C0XT55DS&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 53ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 19:31:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0E47 13 KB
5 KB 26ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7503
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 17:26:34 GMT
expires: Fri, 01 Sep 2023 17:26:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4CBF 783 B
533 B 18ms
17ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4ed89fe8184fb56378693190c131544f888702e791df8f336ddaa5be6330556b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wzfMsUME-hl-BRy-08Xhrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-wzfMsUME-hl-BRy-08Xhrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 19:31:37 GMT
expires: Thu, 01 Sep 2022 19:31:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4CBF 0
0 41ms
40ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082901&jk=1977865778251879&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js Show response
pagead2.googlesyndication.com/bg/ Frame 0E47 36 KB
16 KB 9ms
9ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

2510ed81c525ffb3948c9e103bc6d56f036e45346a0d4c6e481602c223c74ba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15893
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Sep 2023 18:54:42 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0E47 0
10 B 9ms
8ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Zs-Ytg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 97ms
97ms Image
image/gif 3.214.35.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=6522&val=0&wnx=0&abc=&ty=crf&v=0&ext=0&ta=1&lnx=0&us=&sid=FXmb7y5r2dvPfMThtkTj76LUquQ9bgog&pid=kentuckysportsradiocom&wid=0011r00002QYAoh_1326&pt=a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.35.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-35-174.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:37 GMT
last-modified: Wed, 17 Aug 2022 14:03:12 GMT
server: nginx
accept-ranges: bytes
etag: "62fcf520-23"
content-length: 35
content-type: image/gif

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
45ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022082901&jk=1977865778251879&bg=!Li2lLWnNAAZTikH4c4o7ACkAdvg8Wls4IxoP-ELjuYHOgfLVyquhiwVlX81L7riQU27Gw9My1NQZgAIAAABOUgAAAAJoAQeZAp2tz7SXF4Q0nDFQmCJgHUN3MeyRGunLarU7QVOH5tkyrSA-1fTKip4FDRe0QLEeNNfc_1XYo75XJ9OXVhISrW0_9ER0vHG5UTYSKWC3LSxnCCaPI3gP7TaNxzT0_BQoHGnAjcCBAFODS4pcpiTgSsS-SoAYtOQPMg8QnjgI0vEjOE2d5xN2c_s_cN6hmhXni82X2xObw6Ur37766amI_cQKajddtevx6f0OvGmuZJvWA4NU8vAM7CRx44bk0t3alx5oEjdOvNab8RUKwy3RTFT7lwqwuaHBY-fpydMGKiUXFuvTpg7ZUCt9qlY9swScH9P1DMSKmZ7SqfVaqAsdfc5sbhRYMYWzbCi-I9YqPBHvADObxzAJZGbeMtFHuQv4J-TTLbXh81B_ZzpgXz8K-qtXVe-XTwrdBVr2Qb5BqKp2INX6dsf6pzKsO59mCFvLIuqmErVu0mJy_4zrtD0J9gWpKx10D1pUnGOePBlRrFAm5w-4C6BKSPFJI34AJgzu-3PK8DoRYuW3voK7yNGZA8a6o0-VRir15nBuFhm0UxKux4X1UsgltXbmBeTXmokOkntx91hyPFzNlYmkP2mr97yrRk_dn_ZhW1s3kbsvvxFWCgRQbhGNRAfoTK32Mr_yxf9mO5VVf8WGzGgBR-pYtARCU26uDF0kQBb0qD1vs8wb0zVtUvcaBNvvOyHfr9kKB3PMunyyC3GGlSC5Aji-RXe4GimqouJzPc5hZzCvA7KM95TYsanhJtZCVX5CabEN2JZ_N5phNzSmF6fssJxwKsBPSKFdzCD2AUhbcV-_rLW8UrO_jcFr7COqBxHbDhxuj65UthxWxzY0RjJanu1N1CXYygmz4wKit--XmtV1ojw8OFvszGmmg1msqRqDWUU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 container.html Show response
3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 59C2 6 KB
3 KB 26ms
9ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 19:31:37 GMT
expires: Fri, 01 Sep 2023 19:31:37 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0D34 6 KB
3 KB 19ms
8ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 19:31:37 GMT
expires: Fri, 01 Sep 2023 19:31:37 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 217E 624 B
297 B 76ms
50ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeO4gEQ7NyYlQIYlOm3xAEwAQ&v=APEucNWpqx7A-pr32nZA77qGZhA3wvOk_mrkXl-MadGo4PRgenukePgq38mt2vPy0aIEOP28dVWEjrQlNtPOt2XrKtwA7gnE_AsHPn69L06PbLR3mOK_pUHdzBzp7ej3a4bFQ-4EyahCI1W5xqp0cOqciNwzztl6KhhCnDkQAtAzVU-nHDiIZLU

Requested by

Host: 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
URL: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 19:31:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0D34 79 KB
33 KB 85ms
61ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMhMtQLVBen-_1orR7-M3F13R7Yo2bD3S-FHrNgusXKDvwSlaLXTPDHD9wP_ReGKKD8ztAZvTOEQQdKvXbKgC37LkvL1lyor24ddWQU1mGcrIgNN3-iT_zqBw5XgvBUMWN5JgvDWo7hzg7Y9k2RXPVhT19tA&dbm_d=AKAmf-Afuutv1l5kpdSy_LUMtCKcagpatDTFOIqWfQvICS-pLI1U8d2fcL0-9x8iRqpbTHrXE1qKV-MTbrkwk9D6GJVT1fjVH_RisXgPz0a61Aa6ZId5DyHVm9r6UKTuwvzC2oMfgvEIVtf56dYI5PZtSIbNT3jf7GgCkckdzLZjtyfyAzVC_YK6JV7p_PeOW1mmglNUSrXwx_oQo1wEnwJmLMfJ1KiqVRTJ6S6rCjODyb0L3-dk9X4g8e9WElIbCRzOXqO8tDoj_vasyvNj4Qy3AXgOJv8ReyaIxJvj5sHcLARlfRkyfLq0wv-WRsyPSakANv7-HVBhmf85Ujhz42_PziKBJMjje_HDYsw-AMWyQvgwW2TvPgcSNtTRhUaGuFnP6bnqjQlchQvR7QV3bW8DVT01i7Ifr2KkAou1DSCUuO-GlsBFIQLDymSqN7f103DRRoKYnuE8J8NKpQj-7_w3aIdWzNHFDZvVUttyuxDoyDlyIjJd21YXWBOQP2PkF71SgeW6xsKV3Kws98eD-oqriuaVztSrvOczUjLbR5NO32sD2PqzB13Frb6owNI-AHd6jzCxlO44C9e2fiPYoLBnf3pUJSDwp7YtkbGCc7IRz4FLVB9uYTYhQoYAzSwyR5FtzU41OFqvtoRHEBvQNAYTH_T5XDTPXEsh-3zTE-UEz8MBf-p1cfRnh6-X0dxAupi5nEGU6PczgnxlCe-OS7s5QYal1KpcnBux68lBcyTNDTuRafWnkE7SoCIIRwiUrwhjYxmuc_1ahDxHsIIBb_TVKgZxg79ph-Z8EmLQWC7Qd63Wrnq4TaXK3x-EmZJY-wdFUSr6Ax3py6g2kSZ_bAP9BQca4MQDuX8vxOePTQ2Ri897emaO9jmqPmvUYuRBb6jMatgYkTxwNcxb0Sj4cZGfO2FHORvbjg0tDKHUa-G1E77a03dFEc_iLqQWjF1Ek3nMdhJFttOF34OllHlih-mmrHp-Gmxrj9atPyV2Q2rxISMIHs9qipszitaFnSkp7CD2JKAPzGCWmv8tk-M6idHzifzOMWPbx5OxyqxR1nVDlhWcamG94pjbgu0u-ej9Np2RXfTuCe4D30T2HX5jTbT_ENoP7GFo9OcyUO5YJVV1zBkkK-vyaTjWTAHceD71hzz8WLDPw-9-khfvdtZAiP4SBzlVb32ZTHkHixQe9pQqBRC2OtthntDBM7cqeC3Lum11wnKi_l_qsce5VF2l3yz7bbjCtxHrMrtxbHyaE8Yj9gAwIzYMPzMdyFL_mCZBZd4Za6OmgFMEkxvx8xQzQbxC8fPlDuTwzTVeyAXljxjAyXJbKb3-NNWXKEBD5cLbA_Y2vuewzEWcsQBHMzgt99mxnXYy9kOaIAxk5VGe0EIwA4-IrSDr7imG60YhOaEB3KaX7yJ0wsFym-pdg-WKx-axCILjZMD6CBjkSN8Jmba5wIOZzg4zW_rpa7NFwiOOT1986YA6Drkxs3s28u1comeVAomBNmHgdizAiPnRDUMpP5BWFWjV5NMBH31TYnoUiJnciEnWS0jKlUZnVmlRqOvqP7Fuu2BAQR2c2Nm9jnNhNxlN2r2JHPynk7pP4Z09XGFohb-3EagSKjl2v-33xx6kk1DJB5rpfa0-2GazK8lwz3Tm_WQrlejWfGJdH7Abq3_-oWaqMRRISlf65EgNhRZ-6ka_XPZDCfbpeC7xRUMmTMZuQhqiMAj5g69X5CCK-NVsDwcJDCPk_4dsjbdwKYPXfgD7OTT0zO92YMv4PHDAo1g0PnUVj5zRM0W6bSZsDpHVPuwuwwrgP9ppMqK0LFDJtWoS0DoEHh2-4KjV3nvUIr-z4WL_eQAqb-8qqV2Z3x6Xdqt2JLuU1uZPuFCcOvNc_Hf8lHANGKyM6MyB2oIqe6qJtaSTDa12X4nM1cvZmMfrHn1W3P0NqoWI0IcOuP_uJu6pl5BIZlPBDiiuhfMXLNrTmJ27bDaxdQPrcsYK8M0j12yTyq5k_Ym9R13wfaTiOKkLcLFmpFs3eb_9uL8oaj2eqXCtP-vIXCn-VfFxnknzxnWM0SLGl6qOp0ogdFyPreSRfXEJJRcVOHLLpXqDA7-J8eq_66loOCSZA30XQO5vWpvohYFTrpLfOP7vZep0_wWbnUw8lfmlmmWCqAmq7ea7m8KsuTYL-haW-_X2L8lw_2YnVuDaGfhYoEd8U4KA1zMIlMT-PljRHFPmWIyb4FIKC7XgavSejqxtOsPgVt0wmvW5_Nupi423kAg2jBArIKbGwhav1VUMZcchdzyJlp_WY5ykA7FS_bWmiKNiLxGnAebl5rtiYiyXMfuwvMSfbylNP-ofcx07eVhNCwu2npfti77AGVh-HtNFLsJcpLH_tkBhK5lO1HQSOgQDb72QhiTmAunMXXnt9oI5huiZRrzepcw4H7zw5wrktRDp0qlJQzjLO959I1aPay53ZNETe9zUaeB9Gjs48HAira9mNugPucAh6tWKLGRcS2F1Mgsk7t7WhrNa6bHwDgBmJEpO4KmcvEIztEwmrqs5sZ-9PYKDXIqBHz_VHLyHESvWRpenM3WNWmAG6DZhTrVoEQzSks3DanZIzKpV89k67R7ECwRALlAJuwnuFlkjlKJ_uos5sH25tqgW8EjfII_CoOTl8aY1-Q5XG5kWCC0teL_FpaOe0TOWIVwQHA5StpRA4TWAQvmqK-qmXjg5NCPAHhEL7KaKElHHu9TCptjKqk4i7mOxDp2zIpuXqv13V4MEIskKlO3I5xXqxqcPR2itrW5yWBpmxbgebgCpeukFYV8fQuhk8q9BKgqIHmHUAmIVM8nzCCjQgjGFMhfYUD5h-HKmkiO91hSSC99mloi7vUnwgd6QNp49ZNYyKZuBGYev0ytX7lT5bo0nEPKdNitLhblAJ9j706cWYt3GONUkfk87fhcYDvZdWo202-xBwj5mBjFmyW7WD_KRsHZ2lq_C10JphIWluZdpuUFOCOhUHvlo7xnhdsw05Ly9gh_qUgk8yErIunzJqQ2Ph0y1wfQOs6e60YJah7mvrPOxwbDL2msTYCBQag8lEh5PkRWlW6D0qQCnCMxGPrvseOvrtBQBkYg18tIG9lApBKHZe_jz4E-Va9FhGtWB1Qw5WAVjk-h27zL9qKbt8ib-1x6HWpDvAriOa_6BCVTMIrO7ayyGln6kU1Piy53ADMmaZEFfpf9xzuEn7kipNnY4BABrWz98CFq4L57HO-g-j6bSYHwdmoEBh703_eEQBdk&cid=CAASJeRobj8UuUUjU83SKa_BI5xhVb6BIM_gfN1fRJ7fFAaaZLw4AII&rfl=1%2Chttps%253A%252F%252Fwww.on3.com%242%2Chttps%253A%252F%252F3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52c00b8b0b7abeb741a3dd1699d4f2c8167a45555f1fa4333f4a2b4bd7b46618

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33983
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D34 42 B
63 B 45ms
44ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CP55wuUb7b7H9VxwYi6w7rNpzvzPYRjmy4foVZZGcQTecHorjF8B-NEVfMfeD1_Rj7E47c4CVlu2JqdzbPpv19DWKpMgI6w-sIg2cHPYDwJHX7W5c

Requested by

Host: 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
URL: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 0D34 3 KB
1 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
URL: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:11:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Sep 2022 19:11:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 0D34 17 KB
7 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
URL: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Sep 2022 19:18:36 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0D34 0
0 20ms
19ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS7X91hJO2inNBG-GAAqnkQTOc4dRGV2UZB8DBbWvPLbO2r2ziS0dOm6nhqUb0ugqVK71sRyhAjuCkUSCdEXSG9TzyfcA
Requested by: Host: 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
URL: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0D34 142 KB
44 KB 62ms
31ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
URL: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 19:31:38 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A35E 624 B
297 B 74ms
54ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeO4gEQ7NyYlQIYlOm3xAEwAQ&v=APEucNUQTtEJuQ8VFonn20-rD6JZNFmaIVEKBmNNLHS1cIE6ovmJVRw7Kkm5Z2Jcpv1WB6lw-Z5W9CJDbYLhKL5M1xNXGVMhD-uyJs1EedQ5oSPj663vkwWMnH_7Z9_b7sIfGzCd6QNDlTzH2IN4_9gRGZzdcl6x3MLqBKdFVtxAF4SwBiqT144

Requested by

Host: 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
URL: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 19:31:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 59C2 79 KB
33 KB 88ms
69ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsekHMtZzix0gBpaAXcH9oLPW7mgSb0DsHLsqSQwJ4pW6x0YMYfbLHLxvYgcViQn0Tob2uK5Y0q0mxYSP77x9bcsQqSRLQrCBYl-K-Nq820AOllf-6K-73lhyLaZQZsE5jLUTAuTrJYyMZAVGX69AzOHECEw&dbm_d=AKAmf-B97jP0tVN8W2cIYnrFi79hG-I5DEnk73s8XP302D9q-NpESkPfidktVMFxmJmwE3nbFotjnHLhTsEUwX2rCVM6Ep2grh5CbvUUBN9LcLbvVfjeUg40TSOQRI-5y33mdeHUS7_7MuSKXhw1lY5gE_5Bb1fxuh3cnFVpghih2WKLSje7UCNFpAzQApYhUoje09PBqjGQpQy5vpVw5-H6zW9SWYPSk8BYFXBVcgJgYIJ8JmvxfZiyzytHzAQCCDqToaXFgnVvNEIshkK7JOLUg3Rr9whUdEcQqmQ6y2XFsozSt7UtdAKtQghZJilRmXexcmRDhPvpC35Nrca4irjmzAdsY5EatyACSMQrj4d34Qa8N7ZV8rvk2CoxlGnItm-lVznFa5SnKTTz996_T1DLbaJ5c2-PBQdHRsdWqcvRnfW93ROs8PPxsdXtrdPQwibl8xqsU18wj7P9vUWG-GBQY6O_h0RoRQZWu2l12cVor6LR2TpO-GmjtBWvHv9iQV59feA8rCPVC5NvXoNFMQpgAhfvm_0oydm8DdwlzGhold_GnlJWJjWvnIWKmcJF28ylclModI5kOBZ_GGeiBJt2D1p5TmwyPct-s6Dicb0fAvriR6nlvAXeR8RzF7Qu9XS3gaMxItTy7qTvbtkHY3EUJHQX0VLqdU4rHgPcNEMGZgUEYuaX0WyX66d_JRn5yFtmBeKDmnSxgKL4FtwswqSjtyieRNwlblkUWfDsQ_kMMHTrGGH2Yj25haDhuVd-XiN-3BjpLf-TeXHnk9oZEdfTCnpGhKySQCffBOlSrWZEjhgMTyX4FW81oj7jEFybY2e9gvenz50pdA8QYBe0BYFElEnxEbmzMnkB1yBm9WJaAtgBZgNTz55tDFbNgkutBFEAxkeDkda3o9OCH0DBTT-t1cnodesQOwV03CY2s1GCEaI42ignMC8Sq6pKqAskYkIFZDT9mXWiI7gvSfpJkBQHN80aWz5Q6swtujChYjbVd71HgZoSJuyoOZR4_DP6lvKs4WF5_OZNfB0jEdWMucHm57ulKZQgOh7g7d802FM9Eg3T_2IuzAWpD5WznRF8Iu1joCiDgzL7PdEtb_dM1_q84uQB6Y5NsXzyou7W-kKW3C1FxXDKCHVS5-nBPKyJtsqSTn-TNuVHewQQRvirkUZ0TEhKf35FaCo1lQ64aLmGltljxWjw3CdL7pJURqWFzaLElOboUkCCcel23inDqyL5C-VKqqzagEWa-vFLMFYD98bItJa1tjmGPuUf8uh2ePxa780VpHCkYmpihHuevx_J2p1s17iIGsV0Q72lF50Fp99qUxCLrM4J84kjiwKfh0US8wFORhT9nMJ3EESKN2Niy6pZCnxcqa8f1xMwoQtITUZLbVR1iYZ6QnlmMNDECVbVmSO_z1l4SBOWukEUJAV3xt0CW_R6pS6cyI9ElIc01uqrw75SDiemLrJ6OoGCDQfY9HtnnrcAq6gSiciVhBskVi_-9vGLvh3YaQ1F1XRm-hU1wLKqiPNk_2TaQNjhm1L_hYqLiByb-aIJViKEwG1bICMqf-bciOMSfLzpAG96qBkZfpgjtEXfchKe5cA1zTssnOz4jxOOSregBkOlejE5UqL0I-Qzj-C5eASNCuJy_Pgd2dReB2ZTqLwagcWwfZ4df2igvVRzR6RaV-eOyQy7ac-GSktfLh61A2Ya3KCLJNzTQutO1wI2QeFRcHZlbOrUM-QF-cwlcW4Dl7eb_42S_7Cj7qnnLw6ceCkrNBU0VyI565gEYuvJcKjbi2fxzneqDJFEVDCPPgvk45vu7XYUdsGEzE0qzdwzuqiF56PwOI-krTdnN98zMrQnyi0KBm-pBICCwnPXwTjAebhfwBuDVSiEizR6ONYRfRJfEYxmHoPEAc2TV623EYt4Yv5XAj0TTCK1_DfIhHT01IeMA9w-BQenhaNqfnM9yeuGZ7HcFlCop2XOPNmIL1xafrLql1g0xtAtcXdcLW02VgdL9Deay8iCgqG2MFZM1o432GS1OdbbHTsQi3kSxT66_IvtuRaVn2vLlYa1oG_CBoHw39GmpSQUMW3WCaiB7PX7IfToTie0LPqydld2x4jRWCCvTIhOx1o2hEn2DxAqBIfNT5V85_UHTpCmavaJGbOBXCYfCdKuaVPzcBlv1LdYy_kVszwCN72IVuUC-qhxf8IjGQaEVScjp1W2I_2HcpO6ZNnvzluuWWd2Ze4aqzPLZllQOTe8mngmG40rc9BTubZsLuqwUPnWsgn33nVkuTodFd0aqIAA7arqYyF9ye8l4OsW_QK9fsBtDqnWdmMuOct65kOUMJ3u3xsDhzDc8PsLbcAAIZxEbRIXqOB9tWcTQst5nc6VKWTzH3FeplJK_tZvhASjxU06YqMqRpSJER8psczOwa0xRnJl26eaLbItp2gqFjjTPfIgakH2pMAd4JPhymc543pLfnqDXVYX-sOxQ6PiR0u6oJr43f3TGYgKUA1AGU8yNvFHmY_vcq33phmSZ5NGJp2nVw1klc2RGhWDg5OoCv4pkA4ywKvl5r2xgumxnSECPS5JiP5jLbHr5mzFl0NXMUtUcTOePAiZPK2-lctaK4iPFRRLZVZ4VBCanQDtpPUw1H8h1rsUrRPCKJCQNRl76N7WgnvqBaoYOUk1S8LP4k9qQ5EpJxpi_aQE09HOQh1F7urA5-vE-_5M559iXutKf6am4P1gtd3IgBEKchYJIdglCY94jaj0AVmJv0VMJjOTvV2oxLGUsPIL7pPL-5tnbQnYWy8jQTuGIGSohwCc8FRqKnpR0iPha_LLp4kX5aENtSNefpc0_SRUjfZ5LA2BjCrXtNsP57KIZC-QOUGuSd-_NItNCEiWfzlLGYoOQOp3gwkZTNLav0FFo3WCW6l_LcfE4N1kjQofszy4cf_EiRxxRobOT4LoUYtzHEv8AJWJV_DaGiFxq6jonW7d5VtjiWgJJaPofFl57IxlzmFk5mf2Sx8eM_g9jTuR2y-KvWiMcanOtD14eEREcANN5NdUXz4pyLWamEp6GX4AWA-GzaBvJ00mnNAuICSRqvPzhoz1MlRCh-sKszesVcuZsyliyVyBxjSRxIbdQOImSD1tTJ9_8afAxZFOzgpgu1ibO1vrcf0OKrxWbenwE6zsBYPKgbuMQhtb6MiB_W807aySyLI4InRAW__DI6cdStzwgEyy5DGr5bhf6Lz1OLnLR5pGxJbX_ulG-REgDcDdbfRd0YEdOcDbVrw&cid=CAASJeRojjAYSPeRvyymY7lQyaJ3W7vGQH_ioIIYwJjtl3YbTbX8N7Y&rfl=1%2Chttps%253A%252F%252Fwww.on3.com%242%2Chttps%253A%252F%252F3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7584ed6e4753f20d4a945de5954e44b9dcc5eb5c8fc49bd221f1d400e432322e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34161
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 59C2 42 B
63 B 48ms
46ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DcW_ctTbgYjEBXlU4fQltvA3Ulc0QyRYRcX0jWUbx3LM2PyFB1gtmL1Ja6I-fcLnlLb5Qjof1d-RWHipB4M9xRMuSTGSLAXlcwc10DKvUqE0fXng0

Requested by

Host: 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
URL: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 59C2 3 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
URL: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:11:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Sep 2022 19:11:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 59C2 17 KB
7 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
URL: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Sep 2022 19:18:36 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 59C2 0
0 40ms
39ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRwrGF06ZuiZ6kExbErXCLS9hMu1MMIzqTiqgU4h8rzN8OjPbAOy0THYd8WPfbrmVyRo3jLBSxLYrxz7qZoJkpzOg534g
Requested by: Host: 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
URL: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 59C2 142 KB
44 KB 90ms
64ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
URL: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 19:31:38 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 217E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNQjtgQFu5pR7wBpt-EBlY&google_cver=1

43 B
846 B

49ms
33ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNQjtgQFu5pR7wBpt-EBlY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeO4gEQ7NyYlQIYlOm3xAEwAQ&v=APEucNWpqx7A-pr32nZA77qGZhA3wvOk_mrkXl-MadGo4PRgenukePgq38mt2vPy0aIEOP28dVWEjrQlNtPOt2XrKtwA7gnE_AsHPn69L06PbLR3mOK_pUHdzBzp7ej3a4bFQ-4EyahCI1W5xqp0cOqciNwzztl6KhhCnDkQAtAzVU-nHDiIZLU
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray: 74406d66bc725c7a-FRA
pragma: no-cache
date: Thu, 01 Sep 2022 19:31:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdZmeycC1746adohB3WKrd%2F7j%2FEGGn%2BkPvVKSryhzNmsalJknY1rVt0ZaXtCJbvo6u2QBBK1%2BO9CAPxaf1s%2BussPzwj1%2FgZNPQNyRzKvbXbYivX%2BzB3gsSCFQKMSx8g3awozt0tL6QCoAg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNQjtgQFu5pR7wBpt-EBlY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 217E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxEImrtbRS0TsVO1R5O8QgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNQjtgQFu5pR7wBpt-EBlY&google_cver=1

43 B
847 B

31ms
29ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNQjtgQFu5pR7wBpt-EBlY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeO4gEQ7NyYlQIYlOm3xAEwAQ&v=APEucNWpqx7A-pr32nZA77qGZhA3wvOk_mrkXl-MadGo4PRgenukePgq38mt2vPy0aIEOP28dVWEjrQlNtPOt2XrKtwA7gnE_AsHPn69L06PbLR3mOK_pUHdzBzp7ej3a4bFQ-4EyahCI1W5xqp0cOqciNwzztl6KhhCnDkQAtAzVU-nHDiIZLU
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray: 74406d676d715c7a-FRA
pragma: no-cache
date: Thu, 01 Sep 2022 19:31:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55s45wk1o2EUam08Z5HPgYq7CI1h8AoEbj%2B3miKvDJh2R24H7K62dtFWAZQarRwBCCfk2gjPNa%2FojZO3rqMJl5krBA%2Bk78LvqIkp1j7%2BEAOHvjm1Bomy%2Bhq%2B1lNYyu%2B2FWuPIy7uAklH8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNQjtgQFu5pR7wBpt-EBlY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 217E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIZn6ltoAACsppHtIY8d6qc&google_cver=1

43 B
1009 B

13ms
13ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIZn6ltoAACsppHtIY8d6qc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeO4gEQ7NyYlQIYlOm3xAEwAQ&v=APEucNWpqx7A-pr32nZA77qGZhA3wvOk_mrkXl-MadGo4PRgenukePgq38mt2vPy0aIEOP28dVWEjrQlNtPOt2XrKtwA7gnE_AsHPn69L06PbLR3mOK_pUHdzBzp7ej3a4bFQ-4EyahCI1W5xqp0cOqciNwzztl6KhhCnDkQAtAzVU-nHDiIZLU

Protocol

HTTP/1.1

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 19:31:38 GMT
X-Proxy-Origin: 81.95.5.42; 81.95.5.42; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5aa8a279-132e-4b23-8e5d-da84961002c5
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIZn6ltoAACsppHtIY8d6qc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 217E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg1Mzc1MjE1NDY2NTkzMDYwNQ%3D%3D

170 B
188 B

38ms
18ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg1Mzc1MjE1NDY2NTkzMDYwNQ%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 19:31:38 GMT
X-Proxy-Origin: 81.95.5.42; 81.95.5.42; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 758dae9d-05d9-46d1-af0e-7ef6be5a71e6
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg1Mzc1MjE1NDY2NTkzMDYwNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A35E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNQjtgQFu5pR7wBpt-EBlY&google_cver=1

43 B
843 B

38ms
34ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNQjtgQFu5pR7wBpt-EBlY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeO4gEQ7NyYlQIYlOm3xAEwAQ&v=APEucNUQTtEJuQ8VFonn20-rD6JZNFmaIVEKBmNNLHS1cIE6ovmJVRw7Kkm5Z2Jcpv1WB6lw-Z5W9CJDbYLhKL5M1xNXGVMhD-uyJs1EedQ5oSPj663vkwWMnH_7Z9_b7sIfGzCd6QNDlTzH2IN4_9gRGZzdcl6x3MLqBKdFVtxAF4SwBiqT144
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray: 74406d66bc735c7a-FRA
pragma: no-cache
date: Thu, 01 Sep 2022 19:31:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zkkP4h1PdNE6uQOYTq2uPZQOrfahfpOTTBobsjxlaCzaEP61i%2FmMaRYmPLEQyAA1LwDu3SE3NMOhqaAHIgGRt7h%2BnVgwn%2BoiMWIlYcxO5tSVa23S28%2Fi2YJZCI4Jb7VdrRPSh8BCvww8A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNQjtgQFu5pR7wBpt-EBlY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A35E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxEImrtbRS0TsVO1R5O8QgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNQjtgQFu5pR7wBpt-EBlY&google_cver=1

43 B
837 B

45ms
43ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNQjtgQFu5pR7wBpt-EBlY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeO4gEQ7NyYlQIYlOm3xAEwAQ&v=APEucNUQTtEJuQ8VFonn20-rD6JZNFmaIVEKBmNNLHS1cIE6ovmJVRw7Kkm5Z2Jcpv1WB6lw-Z5W9CJDbYLhKL5M1xNXGVMhD-uyJs1EedQ5oSPj663vkwWMnH_7Z9_b7sIfGzCd6QNDlTzH2IN4_9gRGZzdcl6x3MLqBKdFVtxAF4SwBiqT144
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray: 74406d676d725c7a-FRA
pragma: no-cache
date: Thu, 01 Sep 2022 19:31:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cDTyOc2ua4dY5w7gnABuC5Ps0v0b2mUoonJdGx0rAbwZCKnjOEnm2berwnAo3umxoWz8W9Hv00%2FcnnHWXjwNYFfvIZjLTq0fL7ZKqQn0NPydrnToJd8urPvzzc26vresEURrJoaED3Jow%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNQjtgQFu5pR7wBpt-EBlY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A35E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIZn6ltoAACsppHtIY8d6qc&google_cver=1

43 B
1009 B

17ms
16ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIZn6ltoAACsppHtIY8d6qc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeO4gEQ7NyYlQIYlOm3xAEwAQ&v=APEucNUQTtEJuQ8VFonn20-rD6JZNFmaIVEKBmNNLHS1cIE6ovmJVRw7Kkm5Z2Jcpv1WB6lw-Z5W9CJDbYLhKL5M1xNXGVMhD-uyJs1EedQ5oSPj663vkwWMnH_7Z9_b7sIfGzCd6QNDlTzH2IN4_9gRGZzdcl6x3MLqBKdFVtxAF4SwBiqT144

Protocol

HTTP/1.1

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 19:31:38 GMT
X-Proxy-Origin: 81.95.5.42; 81.95.5.42; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 15f5cc53-f4ca-4808-9bd1-a295a5953dec
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIZn6ltoAACsppHtIY8d6qc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A35E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI4MTA2NDYzMjM0MTAzNTMx

170 B
188 B

38ms
19ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI4MTA2NDYzMjM0MTAzNTMx

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 19:31:38 GMT
X-Proxy-Origin: 81.95.5.42; 81.95.5.42; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6fe0f8be-290a-4166-a397-fca6054c2fdd
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI4MTA2NDYzMjM0MTAzNTMx
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 0D34 106 KB
37 KB 30ms
10ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
Origin: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 16:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9364
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Sep 2022 16:55:34 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame 0D34 8 KB
3 KB 12ms
12ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMhMtQLVBen-_1orR7-M3F13R7Yo2bD3S-FHrNgusXKDvwSlaLXTPDHD9wP_ReGKKD8ztAZvTOEQQdKvXbKgC37LkvL1lyor24ddWQU1mGcrIgNN3-iT_zqBw5XgvBUMWN5JgvDWo7hzg7Y9k2RXPVhT19tA&dbm_d=AKAmf-Afuutv1l5kpdSy_LUMtCKcagpatDTFOIqWfQvICS-pLI1U8d2fcL0-9x8iRqpbTHrXE1qKV-MTbrkwk9D6GJVT1fjVH_RisXgPz0a61Aa6ZId5DyHVm9r6UKTuwvzC2oMfgvEIVtf56dYI5PZtSIbNT3jf7GgCkckdzLZjtyfyAzVC_YK6JV7p_PeOW1mmglNUSrXwx_oQo1wEnwJmLMfJ1KiqVRTJ6S6rCjODyb0L3-dk9X4g8e9WElIbCRzOXqO8tDoj_vasyvNj4Qy3AXgOJv8ReyaIxJvj5sHcLARlfRkyfLq0wv-WRsyPSakANv7-HVBhmf85Ujhz42_PziKBJMjje_HDYsw-AMWyQvgwW2TvPgcSNtTRhUaGuFnP6bnqjQlchQvR7QV3bW8DVT01i7Ifr2KkAou1DSCUuO-GlsBFIQLDymSqN7f103DRRoKYnuE8J8NKpQj-7_w3aIdWzNHFDZvVUttyuxDoyDlyIjJd21YXWBOQP2PkF71SgeW6xsKV3Kws98eD-oqriuaVztSrvOczUjLbR5NO32sD2PqzB13Frb6owNI-AHd6jzCxlO44C9e2fiPYoLBnf3pUJSDwp7YtkbGCc7IRz4FLVB9uYTYhQoYAzSwyR5FtzU41OFqvtoRHEBvQNAYTH_T5XDTPXEsh-3zTE-UEz8MBf-p1cfRnh6-X0dxAupi5nEGU6PczgnxlCe-OS7s5QYal1KpcnBux68lBcyTNDTuRafWnkE7SoCIIRwiUrwhjYxmuc_1ahDxHsIIBb_TVKgZxg79ph-Z8EmLQWC7Qd63Wrnq4TaXK3x-EmZJY-wdFUSr6Ax3py6g2kSZ_bAP9BQca4MQDuX8vxOePTQ2Ri897emaO9jmqPmvUYuRBb6jMatgYkTxwNcxb0Sj4cZGfO2FHORvbjg0tDKHUa-G1E77a03dFEc_iLqQWjF1Ek3nMdhJFttOF34OllHlih-mmrHp-Gmxrj9atPyV2Q2rxISMIHs9qipszitaFnSkp7CD2JKAPzGCWmv8tk-M6idHzifzOMWPbx5OxyqxR1nVDlhWcamG94pjbgu0u-ej9Np2RXfTuCe4D30T2HX5jTbT_ENoP7GFo9OcyUO5YJVV1zBkkK-vyaTjWTAHceD71hzz8WLDPw-9-khfvdtZAiP4SBzlVb32ZTHkHixQe9pQqBRC2OtthntDBM7cqeC3Lum11wnKi_l_qsce5VF2l3yz7bbjCtxHrMrtxbHyaE8Yj9gAwIzYMPzMdyFL_mCZBZd4Za6OmgFMEkxvx8xQzQbxC8fPlDuTwzTVeyAXljxjAyXJbKb3-NNWXKEBD5cLbA_Y2vuewzEWcsQBHMzgt99mxnXYy9kOaIAxk5VGe0EIwA4-IrSDr7imG60YhOaEB3KaX7yJ0wsFym-pdg-WKx-axCILjZMD6CBjkSN8Jmba5wIOZzg4zW_rpa7NFwiOOT1986YA6Drkxs3s28u1comeVAomBNmHgdizAiPnRDUMpP5BWFWjV5NMBH31TYnoUiJnciEnWS0jKlUZnVmlRqOvqP7Fuu2BAQR2c2Nm9jnNhNxlN2r2JHPynk7pP4Z09XGFohb-3EagSKjl2v-33xx6kk1DJB5rpfa0-2GazK8lwz3Tm_WQrlejWfGJdH7Abq3_-oWaqMRRISlf65EgNhRZ-6ka_XPZDCfbpeC7xRUMmTMZuQhqiMAj5g69X5CCK-NVsDwcJDCPk_4dsjbdwKYPXfgD7OTT0zO92YMv4PHDAo1g0PnUVj5zRM0W6bSZsDpHVPuwuwwrgP9ppMqK0LFDJtWoS0DoEHh2-4KjV3nvUIr-z4WL_eQAqb-8qqV2Z3x6Xdqt2JLuU1uZPuFCcOvNc_Hf8lHANGKyM6MyB2oIqe6qJtaSTDa12X4nM1cvZmMfrHn1W3P0NqoWI0IcOuP_uJu6pl5BIZlPBDiiuhfMXLNrTmJ27bDaxdQPrcsYK8M0j12yTyq5k_Ym9R13wfaTiOKkLcLFmpFs3eb_9uL8oaj2eqXCtP-vIXCn-VfFxnknzxnWM0SLGl6qOp0ogdFyPreSRfXEJJRcVOHLLpXqDA7-J8eq_66loOCSZA30XQO5vWpvohYFTrpLfOP7vZep0_wWbnUw8lfmlmmWCqAmq7ea7m8KsuTYL-haW-_X2L8lw_2YnVuDaGfhYoEd8U4KA1zMIlMT-PljRHFPmWIyb4FIKC7XgavSejqxtOsPgVt0wmvW5_Nupi423kAg2jBArIKbGwhav1VUMZcchdzyJlp_WY5ykA7FS_bWmiKNiLxGnAebl5rtiYiyXMfuwvMSfbylNP-ofcx07eVhNCwu2npfti77AGVh-HtNFLsJcpLH_tkBhK5lO1HQSOgQDb72QhiTmAunMXXnt9oI5huiZRrzepcw4H7zw5wrktRDp0qlJQzjLO959I1aPay53ZNETe9zUaeB9Gjs48HAira9mNugPucAh6tWKLGRcS2F1Mgsk7t7WhrNa6bHwDgBmJEpO4KmcvEIztEwmrqs5sZ-9PYKDXIqBHz_VHLyHESvWRpenM3WNWmAG6DZhTrVoEQzSks3DanZIzKpV89k67R7ECwRALlAJuwnuFlkjlKJ_uos5sH25tqgW8EjfII_CoOTl8aY1-Q5XG5kWCC0teL_FpaOe0TOWIVwQHA5StpRA4TWAQvmqK-qmXjg5NCPAHhEL7KaKElHHu9TCptjKqk4i7mOxDp2zIpuXqv13V4MEIskKlO3I5xXqxqcPR2itrW5yWBpmxbgebgCpeukFYV8fQuhk8q9BKgqIHmHUAmIVM8nzCCjQgjGFMhfYUD5h-HKmkiO91hSSC99mloi7vUnwgd6QNp49ZNYyKZuBGYev0ytX7lT5bo0nEPKdNitLhblAJ9j706cWYt3GONUkfk87fhcYDvZdWo202-xBwj5mBjFmyW7WD_KRsHZ2lq_C10JphIWluZdpuUFOCOhUHvlo7xnhdsw05Ly9gh_qUgk8yErIunzJqQ2Ph0y1wfQOs6e60YJah7mvrPOxwbDL2msTYCBQag8lEh5PkRWlW6D0qQCnCMxGPrvseOvrtBQBkYg18tIG9lApBKHZe_jz4E-Va9FhGtWB1Qw5WAVjk-h27zL9qKbt8ib-1x6HWpDvAriOa_6BCVTMIrO7ayyGln6kU1Piy53ADMmaZEFfpf9xzuEn7kipNnY4BABrWz98CFq4L57HO-g-j6bSYHwdmoEBh703_eEQBdk&cid=CAASJeRobj8UuUUjU83SKa_BI5xhVb6BIM_gfN1fRJ7fFAaaZLw4AII&rfl=1%2Chttps%253A%252F%252Fwww.on3.com%242%2Chttps%253A%252F%252F3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:22:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 523
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Sep 2022 19:22:55 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 0D34 30 KB
12 KB 11ms
11ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:29:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11778
x-xss-protection: 0
server: cafe
etag: 15541287485089275602
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Sep 2022 19:29:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 59C2 106 KB
37 KB 23ms
11ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
Origin: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 16:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9364
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Sep 2022 16:55:34 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame 59C2 8 KB
3 KB 9ms
9ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsekHMtZzix0gBpaAXcH9oLPW7mgSb0DsHLsqSQwJ4pW6x0YMYfbLHLxvYgcViQn0Tob2uK5Y0q0mxYSP77x9bcsQqSRLQrCBYl-K-Nq820AOllf-6K-73lhyLaZQZsE5jLUTAuTrJYyMZAVGX69AzOHECEw&dbm_d=AKAmf-B97jP0tVN8W2cIYnrFi79hG-I5DEnk73s8XP302D9q-NpESkPfidktVMFxmJmwE3nbFotjnHLhTsEUwX2rCVM6Ep2grh5CbvUUBN9LcLbvVfjeUg40TSOQRI-5y33mdeHUS7_7MuSKXhw1lY5gE_5Bb1fxuh3cnFVpghih2WKLSje7UCNFpAzQApYhUoje09PBqjGQpQy5vpVw5-H6zW9SWYPSk8BYFXBVcgJgYIJ8JmvxfZiyzytHzAQCCDqToaXFgnVvNEIshkK7JOLUg3Rr9whUdEcQqmQ6y2XFsozSt7UtdAKtQghZJilRmXexcmRDhPvpC35Nrca4irjmzAdsY5EatyACSMQrj4d34Qa8N7ZV8rvk2CoxlGnItm-lVznFa5SnKTTz996_T1DLbaJ5c2-PBQdHRsdWqcvRnfW93ROs8PPxsdXtrdPQwibl8xqsU18wj7P9vUWG-GBQY6O_h0RoRQZWu2l12cVor6LR2TpO-GmjtBWvHv9iQV59feA8rCPVC5NvXoNFMQpgAhfvm_0oydm8DdwlzGhold_GnlJWJjWvnIWKmcJF28ylclModI5kOBZ_GGeiBJt2D1p5TmwyPct-s6Dicb0fAvriR6nlvAXeR8RzF7Qu9XS3gaMxItTy7qTvbtkHY3EUJHQX0VLqdU4rHgPcNEMGZgUEYuaX0WyX66d_JRn5yFtmBeKDmnSxgKL4FtwswqSjtyieRNwlblkUWfDsQ_kMMHTrGGH2Yj25haDhuVd-XiN-3BjpLf-TeXHnk9oZEdfTCnpGhKySQCffBOlSrWZEjhgMTyX4FW81oj7jEFybY2e9gvenz50pdA8QYBe0BYFElEnxEbmzMnkB1yBm9WJaAtgBZgNTz55tDFbNgkutBFEAxkeDkda3o9OCH0DBTT-t1cnodesQOwV03CY2s1GCEaI42ignMC8Sq6pKqAskYkIFZDT9mXWiI7gvSfpJkBQHN80aWz5Q6swtujChYjbVd71HgZoSJuyoOZR4_DP6lvKs4WF5_OZNfB0jEdWMucHm57ulKZQgOh7g7d802FM9Eg3T_2IuzAWpD5WznRF8Iu1joCiDgzL7PdEtb_dM1_q84uQB6Y5NsXzyou7W-kKW3C1FxXDKCHVS5-nBPKyJtsqSTn-TNuVHewQQRvirkUZ0TEhKf35FaCo1lQ64aLmGltljxWjw3CdL7pJURqWFzaLElOboUkCCcel23inDqyL5C-VKqqzagEWa-vFLMFYD98bItJa1tjmGPuUf8uh2ePxa780VpHCkYmpihHuevx_J2p1s17iIGsV0Q72lF50Fp99qUxCLrM4J84kjiwKfh0US8wFORhT9nMJ3EESKN2Niy6pZCnxcqa8f1xMwoQtITUZLbVR1iYZ6QnlmMNDECVbVmSO_z1l4SBOWukEUJAV3xt0CW_R6pS6cyI9ElIc01uqrw75SDiemLrJ6OoGCDQfY9HtnnrcAq6gSiciVhBskVi_-9vGLvh3YaQ1F1XRm-hU1wLKqiPNk_2TaQNjhm1L_hYqLiByb-aIJViKEwG1bICMqf-bciOMSfLzpAG96qBkZfpgjtEXfchKe5cA1zTssnOz4jxOOSregBkOlejE5UqL0I-Qzj-C5eASNCuJy_Pgd2dReB2ZTqLwagcWwfZ4df2igvVRzR6RaV-eOyQy7ac-GSktfLh61A2Ya3KCLJNzTQutO1wI2QeFRcHZlbOrUM-QF-cwlcW4Dl7eb_42S_7Cj7qnnLw6ceCkrNBU0VyI565gEYuvJcKjbi2fxzneqDJFEVDCPPgvk45vu7XYUdsGEzE0qzdwzuqiF56PwOI-krTdnN98zMrQnyi0KBm-pBICCwnPXwTjAebhfwBuDVSiEizR6ONYRfRJfEYxmHoPEAc2TV623EYt4Yv5XAj0TTCK1_DfIhHT01IeMA9w-BQenhaNqfnM9yeuGZ7HcFlCop2XOPNmIL1xafrLql1g0xtAtcXdcLW02VgdL9Deay8iCgqG2MFZM1o432GS1OdbbHTsQi3kSxT66_IvtuRaVn2vLlYa1oG_CBoHw39GmpSQUMW3WCaiB7PX7IfToTie0LPqydld2x4jRWCCvTIhOx1o2hEn2DxAqBIfNT5V85_UHTpCmavaJGbOBXCYfCdKuaVPzcBlv1LdYy_kVszwCN72IVuUC-qhxf8IjGQaEVScjp1W2I_2HcpO6ZNnvzluuWWd2Ze4aqzPLZllQOTe8mngmG40rc9BTubZsLuqwUPnWsgn33nVkuTodFd0aqIAA7arqYyF9ye8l4OsW_QK9fsBtDqnWdmMuOct65kOUMJ3u3xsDhzDc8PsLbcAAIZxEbRIXqOB9tWcTQst5nc6VKWTzH3FeplJK_tZvhASjxU06YqMqRpSJER8psczOwa0xRnJl26eaLbItp2gqFjjTPfIgakH2pMAd4JPhymc543pLfnqDXVYX-sOxQ6PiR0u6oJr43f3TGYgKUA1AGU8yNvFHmY_vcq33phmSZ5NGJp2nVw1klc2RGhWDg5OoCv4pkA4ywKvl5r2xgumxnSECPS5JiP5jLbHr5mzFl0NXMUtUcTOePAiZPK2-lctaK4iPFRRLZVZ4VBCanQDtpPUw1H8h1rsUrRPCKJCQNRl76N7WgnvqBaoYOUk1S8LP4k9qQ5EpJxpi_aQE09HOQh1F7urA5-vE-_5M559iXutKf6am4P1gtd3IgBEKchYJIdglCY94jaj0AVmJv0VMJjOTvV2oxLGUsPIL7pPL-5tnbQnYWy8jQTuGIGSohwCc8FRqKnpR0iPha_LLp4kX5aENtSNefpc0_SRUjfZ5LA2BjCrXtNsP57KIZC-QOUGuSd-_NItNCEiWfzlLGYoOQOp3gwkZTNLav0FFo3WCW6l_LcfE4N1kjQofszy4cf_EiRxxRobOT4LoUYtzHEv8AJWJV_DaGiFxq6jonW7d5VtjiWgJJaPofFl57IxlzmFk5mf2Sx8eM_g9jTuR2y-KvWiMcanOtD14eEREcANN5NdUXz4pyLWamEp6GX4AWA-GzaBvJ00mnNAuICSRqvPzhoz1MlRCh-sKszesVcuZsyliyVyBxjSRxIbdQOImSD1tTJ9_8afAxZFOzgpgu1ibO1vrcf0OKrxWbenwE6zsBYPKgbuMQhtb6MiB_W807aySyLI4InRAW__DI6cdStzwgEyy5DGr5bhf6Lz1OLnLR5pGxJbX_ulG-REgDcDdbfRd0YEdOcDbVrw&cid=CAASJeRojjAYSPeRvyymY7lQyaJ3W7vGQH_ioIIYwJjtl3YbTbX8N7Y&rfl=1%2Chttps%253A%252F%252Fwww.on3.com%242%2Chttps%253A%252F%252F3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:22:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 523
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Sep 2022 19:22:55 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 59C2 30 KB
12 KB 11ms
8ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:29:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11778
x-xss-protection: 0
server: cafe
etag: 15541287485089275602
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Sep 2022 19:29:59 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0D34 41 KB
15 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
URL: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 560441
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Aug 2023 07:50:57 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 43B4 1 KB
749 B 8ms
7ms Document
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
URL: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17974
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 14:32:04 GMT
etag: 48472445140208031
expires: Fri, 02 Sep 2022 14:32:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0D34 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccc1b36da1f863035781ebd0c15b895737c74d960ac2cc17691c135a267f39ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 59C2 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
URL: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 560441
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Aug 2023 07:50:57 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A142 1 KB
749 B 8ms
7ms Document
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
URL: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17974
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 14:32:04 GMT
etag: 48472445140208031
expires: Fri, 02 Sep 2022 14:32:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 59C2 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b23ef8806716cd3c65af554d12fc92bd4ca5b7dbe3a50e9ae2a232e04f3f6575

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7739 22 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 560441
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 Aug 2022 07:50:57 GMT
expires: Sat, 26 Aug 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 2022-Spring-Refresh-programmatic-DE-300x250.html Show response
s0.2mdn.net/sadbundle/8270229051994701042/ Frame 8501 6 KB
2 KB 11ms
10ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8270229051994701042/2022-Spring-Refresh-programmatic-DE-300x250.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75534a2872bdb493c846f5aec9514300967cb04d485b6f1561ea8a42f113cb70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 538756
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2214
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 26 Aug 2022 13:52:22 GMT
expires: Sat, 26 Aug 2023 13:52:22 GMT
last-modified: Tue, 03 May 2022 13:17:31 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0D34 0
64 B 100ms
58ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstJaENIXI-7BqmlLwFOiFeqObyeptmH4jV5_Q6cfVA1ycQio-txtwrFFVs_nGFSulvrXDxTx3KpfL3qcihMQnUym-RCXGB3zc0XdVnYRxWbWb3077sbQFZrEhauxJcz57MT24kBpMK1sgToreLcydElkNuptwddU8WzkSdKGDc-J0i76fAn9DQtDXNADDdOl3-DibxgO18ovpcARe-D61O6OPNR7fVk-uzh7QmjZXQBGq7Z5p_wHP_byc4UJoyvcLyB09kM8v0-CPoDHHfur7-R7tZ3vy4beqjD6w50Oa541j9WBZgKP1pOtAyIU5Yw-RNvqffq6g3FNdWc30-eB_lc4akv0ec_Rs9S6yeslYPLVuoGMQtVAPKX9X6qh117KqMPwaXVHyhv7H9yuAFfhJdFsTJUgMlOTaX3FEBJINMpyryDbL1VfU8b2H6uhV6jZwC8bAXvC2GP8kkDez8QURbhEO_NDaHU8Gnepwolc6chSTr6aonyWnF8r3D7vX8PDxZGtkC0Q36VsDRhWhfv1icvl2PquRm44tG0m5c5fg61yUd9N58azjmNRNvJIAJjN1CqG7vR7cTwvspuafbiNdeKna_QYJWA7EyiP3BRg4rqHw83AXvX1WLcoPzkc-whYkw1z2yWlJUHAwgFEnTsvHadLrg5ob3Gu6l4UnPGr-5X28YyQOtiyCMpxovq5Q7mCJJFDiQKwSySnGhDJrhpt26nafX8oky0n77VJ8VHhReo7IaafbS4wfHBAodAZ_1Y8YI68z8SpZuFBSbssBH3QrPyIYfTDMm2Rr-7B1vQRCffN2w-J1yDVbNz2WOaPxqfL2fItM-bE4WNOcHMbHM_Ex69biizVMOUUkH-JJbn6REi3GqbNpBnIkKUzR4hg4ALmHlUp_hP4j0g7Pa3XHKnpcoTv7NWspN7-_0y25Jc5n13oirbIjwTB-iQafoGbOUHueqdwwc11RAT56vnqgRXEfQKpA_DL-8QFw5-Pnn9qA56csMjlHTbe0PKO2d4l1OH_q13gbrQ-ruLUtKb0b9GOcnZlyAXd5Qhb1KxqEWOwJXdazK9m1VybcSwcWoBdul2CNpQDtuMcXZ_rLfPJLJafzDSW7yH79cBNNs5Yh4w72Vq7YG0jtXcT6eYLGkj1fbn8HEqXg1nfBr-wu4cE2aCZHfoSGdA0lCA3UpuCh8tNJuF8WXNSZ2iml4FAMjNs7Tpfntf1QNq1Bi24A9iAkU4jWDomuOacq47LUj3xi9B2V51vDc&sai=AMfl-YQDG-ap54AuJLU1BKE00vW3h25PzMGXQ3X7nJkYT2-GMtZzSywdzwH9BoRHPdMFaMhJj5zQbCZbVgcUmN0UoXA-b5vgdIGdFE_lAM0_swwUnFkOaUAsc870t-d2ze8hK472DztxYhgZsXKdCpEaQX8kzJWt00BrrZFpkVJ9-sIksv6293Ijnrr7QQGCQXMK7aeLCpsr6mMmJhctbySU2jtnLNpvesijyxcX_yscru7dCdJAVA&sig=Cg0ArKJSzAwvth2vvdu3EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=128&cbvp=1&cstd=124&cisv=r20220831.08283&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 01 Sep 2022 19:31:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 2022-Spring-Refresh-programmatic-DE-300x250.html Show response
s0.2mdn.net/sadbundle/2932139913943983440/ Frame 3946 6 KB
2 KB 11ms
10ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2932139913943983440/2022-Spring-Refresh-programmatic-DE-300x250.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75534a2872bdb493c846f5aec9514300967cb04d485b6f1561ea8a42f113cb70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 94239
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2214
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 17:20:59 GMT
expires: Thu, 31 Aug 2023 17:20:59 GMT
last-modified: Tue, 03 May 2022 13:21:19 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 59C2 0
622 B 95ms
57ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsukRUZYV_xU5VpIMXJn4tltaMNo0FffwA-IdB6WSJIJFKjDIVJ_KUH0yqtdX97i1e6l8hvIZyi_BG2gPs6_40EfDl2bAeNjLLeM1Ksf7mjZ559A0KWFr9G63f_v0v66vBSTIbKvgcVd5oRXlY2O6fzk8mgeIGlPuNvhilaIu4AHST41txLsJovMyibhgyZ4_cTHvR08IpdjFG0swCvIQk5sSLSJgKwNIsPV9bZLT55CJITrd-xgto6tOpnMTNYrZ9JPw2byxWb2L6EgILND26bl7iUKPp7foGGKYmpuyY2ymqPP6s9_RtZeKPzCohJm1W_zpIis_QRrLLpPeCWOwEUzsv38qU63ZeUdzdtW4GFof9qD0i5f35RsWDmWhwv3-JYGAHxaWdO0mXRBdy9ycyyCLXSVMxTaGtT_GUCD2MIkda5DvPmc0LxLwu-Up4VX-HE-7VCrxdBmsNULy9WOMjD7pekv9CyWmL1oVETKlS7Ed4iLl_zc--RwjYIH6piDJjuQp0l2Hm8W_1v3DGLZ9XFOfBuDobPEa-k-WFRsRmNu6lf_9ceD1m7uMYQ7mNCNwqXQzjJvl69zSjN_hSWqUBw4rCWB4CjzH3hLfYxiYEFufwgCXyERO8I9MH8WfJn_er42SMa2CusJ5ibwq5U8NoO7yDDlnmTxAIxoJpxgE9ikiFMU9S0-YHWnbCt6UckmUusTAZKemkILpZqeOhIVL9u0NqZqu4mP-KjwJoHVCAeGVEw1ze16VpeFRtpIrzklgcU0GN7LDtQjzt8FahLZOWGYvCgEAY6UbG96qlth77xZsk5pQYoBMqoc1K25x-UWpjD3zgatfQHfTGYJghqrdJukPWGeASI_7lFe1ViwPMX0apkg0Rd3CLbf9tmNAdIHO__bklpY-mD4LF0YhgVXmulh0-BjtuScmgvgDJcZwpk-Nw3RD4Y2O1JaCJ3cLjXt16-VlkuDRXfDPlStTsRcuy-QG6y0F7pzpWhJz0Gy03gJyQXhA1jB85Z7KHt875BuEvVig5v-GapT9SGXx52CJ1qrzMS4FNbq1wzxL-HQVfH1RWDrkHpEvwVUWC3jVwf4TK5eVmaSH1UNA60jljgbKIbDyd9l2UHTBlhvLEeZfndpQupFEe6oPI4NhhOXwkkF5Wav7PSZUc512QNGKfLO4kPutt5TIyRQb-FUYwWlnqV4A2koerLgtn5uUBjkjUlN3x9JUUwN804obyoi3duNjw_Z5A9ZA7xeLjwy30Zo0Q&sai=AMfl-YQvfTOuypkBN4K-0_XezZ6oNB1Wxxd8x94Jf9n9dcJ6TC6lybGsuACyUCSKuHKi3oxUU-GmrVX8_sDFuI2mWfxrwgBDTAq7U-R7iXw4-JeDllR-eXYPuB2t44FW4rpR3AqGn5uvmJ9cVTqM612bVylRO2hlvWORgT6H1HVt1CDaU3NH2ggDSGLUnPgIoR8RB9ek0D-paz8CQT9pvVpo-ZY4K7e9QH5xMsSvP6GoADcSE274WQ&sig=Cg0ArKJSzGQZAYwki7uKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=125&cbvp=1&cstd=123&cisv=r20220831.55713&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 01 Sep 2022 19:31:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 dpixel
cms.quantserve.com/ Frame 43B4 35 B
463 B 65ms
13ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHzCCE0XHafNDuR6JQHPhUQ&google_cver=1&google_push=AehlK4Dt0rH_0FpnCGVr6CEODUR_-RskPgKJumYdrR_D12PirV6QobF41IEsXrPulxpi5Tx_0F6VccPW2OZIFsTrUTAWqWN6xXVS

Requested by

Host: 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
URL: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:38 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 43B4
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESED-Z86IcdpzIkjV6rWH-ZgQ&google_cver=1&google_push=AehlK4BMgBY5TCsy5uMiB4xGtCVlEsWp6uAO921PrmQ7VK1gBENTJELeuI0gqQiMLTBkhC7DHSm...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdKRzBUVkwtMjYtNkI3SA==&google_push=AehlK4BMgBY5TCsy5uMiB4xGtCVlEsWp6uAO921PrmQ7VK1gBENTJELeuI0gqQiMLTBkhC7DHSmztCjHWZOX9SusSqH-tsMO0Deb

170 B
188 B

25ms
24ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdKRzBUVkwtMjYtNkI3SA==&google_push=AehlK4BMgBY5TCsy5uMiB4xGtCVlEsWp6uAO921PrmQ7VK1gBENTJELeuI0gqQiMLTBkhC7DHSmztCjHWZOX9SusSqH-tsMO0Deb

Requested by

Host: 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
URL: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdKRzBUVkwtMjYtNkI3SA==&google_push=AehlK4BMgBY5TCsy5uMiB4xGtCVlEsWp6uAO921PrmQ7VK1gBENTJELeuI0gqQiMLTBkhC7DHSmztCjHWZOX9SusSqH-tsMO0Deb
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 43B4 0
12 B 22ms
19ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ISgMrXTS63Vn4AtdpjNqwcu6DSkKSTlgUD4Ho

Requested by

Host: 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
URL: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 8501 236 KB
63 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8270229051994701042/2022-Spring-Refresh-programmatic-DE-300x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8270229051994701042/2022-Spring-Refresh-programmatic-DE-300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Sep 2022 19:31:38 GMT

GET
H3 200 2022-Spring-Refresh-programmatic-DE-300x250.js Show response
s0.2mdn.net/sadbundle/8270229051994701042/ Frame 8501 61 KB
12 KB 12ms
10ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8270229051994701042/2022-Spring-Refresh-programmatic-DE-300x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8270229051994701042/2022-Spring-Refresh-programmatic-DE-300x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2f7c6b160131c7d76f1d99580aa9d3a16dcc285d32aa4c6151952d7b0265944

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8270229051994701042/2022-Spring-Refresh-programmatic-DE-300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 13:52:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 538756
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12433
x-xss-protection: 0
last-modified: Tue, 03 May 2022 13:17:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Aug 2023 13:52:22 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 105E 22 KB
8 KB 10ms
10ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 560441
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 Aug 2022 07:50:57 GMT
expires: Sat, 26 Aug 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 3946 236 KB
63 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2932139913943983440/2022-Spring-Refresh-programmatic-DE-300x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2932139913943983440/2022-Spring-Refresh-programmatic-DE-300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Sep 2022 19:31:38 GMT

GET
H3 200 2022-Spring-Refresh-programmatic-DE-300x250.js Show response
s0.2mdn.net/sadbundle/2932139913943983440/ Frame 3946 57 KB
12 KB 12ms
12ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2932139913943983440/2022-Spring-Refresh-programmatic-DE-300x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2932139913943983440/2022-Spring-Refresh-programmatic-DE-300x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7970d8e75d3fdc2dfde7ae5c67c1b09e0600caf0fefd138fb7022abd39b4ae2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2932139913943983440/2022-Spring-Refresh-programmatic-DE-300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 13:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 539625
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12218
x-xss-protection: 0
last-modified: Tue, 03 May 2022 13:21:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Aug 2023 13:37:53 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame A142 35 B
461 B 53ms
14ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHzCCE0XHafNDuR6JQHPhUQ&google_cver=1&google_push=AehlK4DkIeUpAjF7e8QDOWIUaPOw24nZDWXYjEmB6HNG6Q_vEjtPjUWqpyGGR7uZ2dJozZb9v6G81sDRlJOFrQhfDycJvgIeAyg

Requested by

Host: 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
URL: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:38 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A142
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESED-Z86IcdpzIkjV6rWH-ZgQ&google_cver=1&google_push=AehlK4AP-u0uqdk0CqlrUSCczZp8gtAR9jcsg3c2p8CXt2Mj3rzBvM3HxMRmirl-CS2G_HXskj6...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdKRzBUVkwtMjYtNkI3SA==&google_push=AehlK4AP-u0uqdk0CqlrUSCczZp8gtAR9jcsg3c2p8CXt2Mj3rzBvM3HxMRmirl-CS2G_HXskj6ts1JOzQA42aEGkaPwuAs5Dz6i

170 B
188 B

23ms
23ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdKRzBUVkwtMjYtNkI3SA==&google_push=AehlK4AP-u0uqdk0CqlrUSCczZp8gtAR9jcsg3c2p8CXt2Mj3rzBvM3HxMRmirl-CS2G_HXskj6ts1JOzQA42aEGkaPwuAs5Dz6i

Requested by

Host: 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
URL: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdKRzBUVkwtMjYtNkI3SA==&google_push=AehlK4AP-u0uqdk0CqlrUSCczZp8gtAR9jcsg3c2p8CXt2Mj3rzBvM3HxMRmirl-CS2G_HXskj6ts1JOzQA42aEGkaPwuAs5Dz6i
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A142 0
12 B 175ms
173ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IPIzKDa-cSvtLKo4V3dfu5eism3zO3yDaWJEI

Requested by

Host: 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
URL: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 19:31:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 woHX-vsUocJZKT3Xlr8m3oSeq6S0iuLiA_v8-B2MNhs.js Show response
pagead2.googlesyndication.com/bg/ Frame 7739 36 KB
15 KB 13ms
12ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/woHX-vsUocJZKT3Xlr8m3oSeq6S0iuLiA_v8-B2MNhs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

c281d7fafb14a1c259293dd796bf26de849eaba4b48ae2e203fbfcf81d8c361b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 11:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15802
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Sep 2023 11:30:40 GMT

GET
H3 200 JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js Show response
pagead2.googlesyndication.com/bg/ Frame 105E 36 KB
16 KB 20ms
14ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

2510ed81c525ffb3948c9e103bc6d56f036e45346a0d4c6e481602c223c74ba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15893
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Sep 2023 18:54:42 GMT

GET
H3 200 _1.png
s0.2mdn.net/sadbundle/8270229051994701042/images/ Frame 8501 48 KB
48 KB 13ms
12ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8270229051994701042/images/_1.png?1650468424620

Requested by

Host: 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
URL: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3764072a48834a5c2de20cd0c7ccefdf7ee1c634ee1a0178d5a8903b9a54302a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8270229051994701042/2022-Spring-Refresh-programmatic-DE-300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 13:52:02 GMT
x-content-type-options: nosniff
age: 538776
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48880
x-xss-protection: 0
last-modified: Tue, 03 May 2022 13:17:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Aug 2023 13:52:02 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0D34 0
26 B 68ms
46ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstJaENIXI-7BqmlLwFOiFeqObyeptmH4jV5_Q6cfVA1ycQio-txtwrFFVs_nGFSulvrXDxTx3KpfL3qcihMQnUym-RCXGB3zc0XdVnYRxWbWb3077sbQFZrEhauxJcz57MT24kBpMK1sgToreLcydElkNuptwddU8WzkSdKGDc-J0i76fAn9DQtDXNADDdOl3-DibxgO18ovpcARe-D61O6OPNR7fVk-uzh7QmjZXQBGq7Z5p_wHP_byc4UJoyvcLyB09kM8v0-CPoDHHfur7-R7tZ3vy4beqjD6w50Oa541j9WBZgKP1pOtAyIU5Yw-RNvqffq6g3FNdWc30-eB_lc4akv0ec_Rs9S6yeslYPLVuoGMQtVAPKX9X6qh117KqMPwaXVHyhv7H9yuAFfhJdFsTJUgMlOTaX3FEBJINMpyryDbL1VfU8b2H6uhV6jZwC8bAXvC2GP8kkDez8QURbhEO_NDaHU8Gnepwolc6chSTr6aonyWnF8r3D7vX8PDxZGtkC0Q36VsDRhWhfv1icvl2PquRm44tG0m5c5fg61yUd9N58azjmNRNvJIAJjN1CqG7vR7cTwvspuafbiNdeKna_QYJWA7EyiP3BRg4rqHw83AXvX1WLcoPzkc-whYkw1z2yWlJUHAwgFEnTsvHadLrg5ob3Gu6l4UnPGr-5X28YyQOtiyCMpxovq5Q7mCJJFDiQKwSySnGhDJrhpt26nafX8oky0n77VJ8VHhReo7IaafbS4wfHBAodAZ_1Y8YI68z8SpZuFBSbssBH3QrPyIYfTDMm2Rr-7B1vQRCffN2w-J1yDVbNz2WOaPxqfL2fItM-bE4WNOcHMbHM_Ex69biizVMOUUkH-JJbn6REi3GqbNpBnIkKUzR4hg4ALmHlUp_hP4j0g7Pa3XHKnpcoTv7NWspN7-_0y25Jc5n13oirbIjwTB-iQafoGbOUHueqdwwc11RAT56vnqgRXEfQKpA_DL-8QFw5-Pnn9qA56csMjlHTbe0PKO2d4l1OH_q13gbrQ-ruLUtKb0b9GOcnZlyAXd5Qhb1KxqEWOwJXdazK9m1VybcSwcWoBdul2CNpQDtuMcXZ_rLfPJLJafzDSW7yH79cBNNs5Yh4w72Vq7YG0jtXcT6eYLGkj1fbn8HEqXg1nfBr-wu4cE2aCZHfoSGdA0lCA3UpuCh8tNJuF8WXNSZ2iml4FAMjNs7Tpfntf1QNq1Bi24A9iAkU4jWDomuOacq47LUj3xi9B2V51vDc&sai=AMfl-YQDG-ap54AuJLU1BKE00vW3h25PzMGXQ3X7nJkYT2-GMtZzSywdzwH9BoRHPdMFaMhJj5zQbCZbVgcUmN0UoXA-b5vgdIGdFE_lAM0_swwUnFkOaUAsc870t-d2ze8hK472DztxYhgZsXKdCpEaQX8kzJWt00BrrZFpkVJ9-sIksv6293Ijnrr7QQGCQXMK7aeLCpsr6mMmJhctbySU2jtnLNpvesijyxcX_yscru7dCdJAVA&sig=Cg0ArKJSzAwvth2vvdu3EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=281&vt=11&dtpt=153&dett=3&cstd=124&cisv=r20220831.08283&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 19:31:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 _1.png
s0.2mdn.net/sadbundle/2932139913943983440/images/ Frame 3946 56 KB
56 KB 11ms
11ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2932139913943983440/images/_1.png?1650319976864

Requested by

Host: 3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
URL: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ef8be666e2e01669d95258508136cea0f1b3f6966038c1d5abdbd8f14767fe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2932139913943983440/2022-Spring-Refresh-programmatic-DE-300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 13:37:02 GMT
x-content-type-options: nosniff
age: 539676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56991
x-xss-protection: 0
last-modified: Tue, 03 May 2022 13:21:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Aug 2023 13:37:02 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 59C2 0
26 B 51ms
50ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsukRUZYV_xU5VpIMXJn4tltaMNo0FffwA-IdB6WSJIJFKjDIVJ_KUH0yqtdX97i1e6l8hvIZyi_BG2gPs6_40EfDl2bAeNjLLeM1Ksf7mjZ559A0KWFr9G63f_v0v66vBSTIbKvgcVd5oRXlY2O6fzk8mgeIGlPuNvhilaIu4AHST41txLsJovMyibhgyZ4_cTHvR08IpdjFG0swCvIQk5sSLSJgKwNIsPV9bZLT55CJITrd-xgto6tOpnMTNYrZ9JPw2byxWb2L6EgILND26bl7iUKPp7foGGKYmpuyY2ymqPP6s9_RtZeKPzCohJm1W_zpIis_QRrLLpPeCWOwEUzsv38qU63ZeUdzdtW4GFof9qD0i5f35RsWDmWhwv3-JYGAHxaWdO0mXRBdy9ycyyCLXSVMxTaGtT_GUCD2MIkda5DvPmc0LxLwu-Up4VX-HE-7VCrxdBmsNULy9WOMjD7pekv9CyWmL1oVETKlS7Ed4iLl_zc--RwjYIH6piDJjuQp0l2Hm8W_1v3DGLZ9XFOfBuDobPEa-k-WFRsRmNu6lf_9ceD1m7uMYQ7mNCNwqXQzjJvl69zSjN_hSWqUBw4rCWB4CjzH3hLfYxiYEFufwgCXyERO8I9MH8WfJn_er42SMa2CusJ5ibwq5U8NoO7yDDlnmTxAIxoJpxgE9ikiFMU9S0-YHWnbCt6UckmUusTAZKemkILpZqeOhIVL9u0NqZqu4mP-KjwJoHVCAeGVEw1ze16VpeFRtpIrzklgcU0GN7LDtQjzt8FahLZOWGYvCgEAY6UbG96qlth77xZsk5pQYoBMqoc1K25x-UWpjD3zgatfQHfTGYJghqrdJukPWGeASI_7lFe1ViwPMX0apkg0Rd3CLbf9tmNAdIHO__bklpY-mD4LF0YhgVXmulh0-BjtuScmgvgDJcZwpk-Nw3RD4Y2O1JaCJ3cLjXt16-VlkuDRXfDPlStTsRcuy-QG6y0F7pzpWhJz0Gy03gJyQXhA1jB85Z7KHt875BuEvVig5v-GapT9SGXx52CJ1qrzMS4FNbq1wzxL-HQVfH1RWDrkHpEvwVUWC3jVwf4TK5eVmaSH1UNA60jljgbKIbDyd9l2UHTBlhvLEeZfndpQupFEe6oPI4NhhOXwkkF5Wav7PSZUc512QNGKfLO4kPutt5TIyRQb-FUYwWlnqV4A2koerLgtn5uUBjkjUlN3x9JUUwN804obyoi3duNjw_Z5A9ZA7xeLjwy30Zo0Q&sai=AMfl-YQvfTOuypkBN4K-0_XezZ6oNB1Wxxd8x94Jf9n9dcJ6TC6lybGsuACyUCSKuHKi3oxUU-GmrVX8_sDFuI2mWfxrwgBDTAq7U-R7iXw4-JeDllR-eXYPuB2t44FW4rpR3AqGn5uvmJ9cVTqM612bVylRO2hlvWORgT6H1HVt1CDaU3NH2ggDSGLUnPgIoR8RB9ek0D-paz8CQT9pvVpo-ZY4K7e9QH5xMsSvP6GoADcSE274WQ&sig=Cg0ArKJSzGQZAYwki7uKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=310&vt=11&dtpt=185&dett=3&cstd=123&cisv=r20220831.55713&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 19:31:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7739 0
20 B 47ms
46ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJZ4PmggRY6r0H9rDx_APtqiWGAAAAAA4AeAEAg&bg=!4-Cl4KTNAAaXrHhMt6w7ACkAdvg8WrahY_hMcUgn6oFkBnpmsDwfr54VZcY8LSPloSEfISuMg39xkAIAAAD3UgAAAAJoAQeZAuo14O7gxBlrdJwXXanDIpcUIPAiTPyfhw-ftq5a_l75USKRsMGF_1mxuCNt-I9dxFomQ_BAuCDk3bBwWD1sPWHvja4zPde6-F4ZmgcUvaGyyImaOiAwWddV3fXsy3J4pDhAduqcIfKDIcciHfWkP3-KuCzNmHMld_6OUYxumQM-5eMs6q6IH2XXQjOsTlGDzSYmPiMqEsDsLWo0OtdlHYCCgkIayUNAYDq6BHnV_GUcoS6l77OJNtCZJTxC8_IndLD74reGJuFoyflRrOHPdzoxkfpPxyyk7pdga4JyyVkt8ndg6kQBUjTNkX7peeFlKHhWwhx35bqKotqNnQsV0MXfIZ1LcI4nDdGcVXTXKZRs7TZPB_uyQhpdXM9Ursdj413CUkr1jPJJMjAHOIynsk8cO9cp9eRzlOwVsNCZ-aF7zBBpqdPT66ZRMicaGC6hxn164yTy8xIRyTLGBYOo_hMiQ6fhXmfMooEVQ-NGcnDhpEWJYAWYDnUIFO1YpWdi1a6zUx0L3fMYcQ8MOR_Zqwu-zFy5mrerI1WNSY1DQc0fbzSOARPbfQYy-iQxzmXS1Hx_kCbtabRKY9TvvtUG1bvFByUdg9BkLPD-u-jaGbYmbzLPnCH2vMRLKzJJENqhXvg2KXp19LzdCxQJRcfdtCag3ityLHjEaftmHEp66yOXDnlO15miUntP_hqqdskr9nwEBTWj8DwoBW-xevdGAX6tmwq_xIZ3HHKXmPf-5v-WGjrsSaTiooket5xKkgcKX7yG851_STPT_jZ0_ZYD_q3mvycUVTk-gsK-kHB7LxyZUgaI-PHNy9YVtUwXjFlzHb8tcfwbIum02k-xkywVu-ajpdDL9y-ZowlZu5xEbPC2d_Mwd-nzFOY6BHXvpgYXjSOZxZTreQl0t902SgC9LYvKp80TJ6o3sb22DeJK9XRwG7r9mnrT92U0eP_LLwROwpvTwUunxExCBOlFL-OFD6zzkjlzFu2KKweAYQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 105E 0
20 B 45ms
45ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdqrxmggRY4rjH9fmgQfmvqigAgAAAAA4AeAEAg&bg=!CgmlCU3NAAZTikH4c4o7ACkAdvg8Wm2youQha_gBbqIaUXRNXwKaKmBNKXoew1Ghjj1e4H18VvPY9AIAAADQUgAAAAJoAQcKAJ_Gzj00-Oaw0Ki341GCI2H8WlZuvj5dSPYs9woxa1zaG7HUWrtHkxDaPMiQxmjWhGMxvUYWCri0uXNW-C9c2UHFD5R8RLXGBXJkIA5RQQ3aOC9ysFwMCRwYIiXgXUXIZSd0hDiGMAYvxE1RPv1dXWpjpYsdXKeGn45xSXyKJGYDnNa8AojYMVjk3m1uOE35SSdy6bTazAjvUoyQiEsxw3-ZAup7ipliVPACdcIi1ikaRUqxA8VcuM05m3OicYjY1tnJzUKA62YJYcFMyARNjkjfWPV-lDFuzf7tXikZp-AmCnTWPnutO2Qp3-owIyipt3igrK9RczFu-KAE06z_Bv6KPKK8l52eUj0PhWj7j-W6i6zJUoTRuvWje_tvIkB6ZoAbjwdK8Ndx89W7_ElJ7ooVGpSULCq35deDzhVy-YvAnbHphkA6NDJte5mnmgXCydt1b-_iH6gwhad3bc8vg7XwzRC8Pzlt6WIIRmRlttmUn6yxlKU9WJtXzSD_kZ6Nn6_yxLVAPRszflOOGe8JnSGq9YuONJCPxxKd3A5cb2MA-cpo2lsXM27jIomNOBJzN9z4Iaah2y5ot84kb_Kjy6utfOY1KLphN_pcU4Vhljf71GfhDsVu6bkHNhWbf5_eNi4hZgZyYoV-o53IMZUSyR7pDjhMd2eHdIUVu9zgGcvGYOYIV6MTX4R6pFkkB-Mb33Uo7LXaXD0kquUO8SLb9MTwFZaWwmsLw1lzh2Tm44-rXhHvZ0OXXX_l9v-a49LUejVPGPZQakvDapjUoqkMYEO7j6A0OrtQ1qV1qZt8un7R4S4HaNYHMt4yOqrncdqJGm_XYCOFgc11uZ7HjIb74NxlMEQNStTUqGQctQ08trtO84D5dvaw5BSy7Skpgtvk12cgepPvLD_7zVvOwr_IqXg1F6_BJxGw8tZ_ZmOO07oiiHhLf5ajeJJX1-dWBftViXHCPmdVqwyYwmdeIGwMriN_Fc9nhLYHeNlqp4Gc_Uxn4zmYCRPQvU6lhOeO-cNDmTC_-OddW1HgEvpY50xLeBZk9IYJFozACI6DlhX6JWqAAxnPgKw72U7QFTFtc_GXhguF_M00Hk9vM5IFM7VTMc_k-Kv_W7udJN666PvfM5gM_BFRDbryyMPhtLVQft9TrpU8sAHqSWiKlxR5xE2DFwZXpMIZvgIRLIlfCv3Gj1BoSe7a-DtFVFZ8p_N5jA

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0D34 42 B
64 B 65ms
50ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst7Y-sgTJ4ROjgVTCZoVJypBdKQQMEFlIkXNlWqqxr6m6TXVae9Z-AD0x4Kz0QO4yYudUYcwX_KOHvF11e9iy18ShZ7jmGBH_HCRBfX43Lq9SYTo3MccBlyC7Jo9VrNH-jQkaKGuw&sai=AMfl-YR8gq1Vj0lEjtPPuFNxWKrBcQ0y09XcWY6K8qIYvStWjXMlSpqCeS8aTmzFlFb3JuZIP2vAKJfdcdAqDuBiptfke5GGUrL9PCGVOss8EeOSbb4U8K3R9-JFNdq7&sig=Cg0ArKJSzFBSnKnl2_ZGEAE&cid=CAASJeRobj8UuUUjU83SKa_BI5xhVb6BIM_gfN1fRJ7fFAaaZLw4AII&id=lidar2&mcvt=1000&p=716,1170,966,1470&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2036410406&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662060698373&rpt=274&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 59C2 42 B
64 B 49ms
49ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuy0uMC0mF6-05XuYkV8E7xBp2VGLj-dXOoGezp4KumCI85Jx4otb0cFDwkigYsiqTcPo8ryRPS6fcawYodOsZ7tGHqG-lx0Zl5cR79xtkOzBw7oCNBjabdPYxKGFhE8B3cHzfK_g&sai=AMfl-YSdj23qvR24a976BDWLF3Sp-OZ_iptk1oVbugaNvJ1eeH3vdmJpab9fXEu-JMcWW7lwkMocvi7YbCRAd4NO8zIsTuP9e4ARCuMQC5ldvDuqVzC7hNbGCWFC8nxM&sig=Cg0ArKJSzM1hYxyDYmWnEAE&cid=CAASJeRojjAYSPeRvyymY7lQyaJ3W7vGQH_ioIIYwJjtl3YbTbX8N7Y&id=lidar2&mcvt=1000&p=441,1170,691,1470&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2310559973&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662060698366&rpt=326&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 19:31:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=bXKemeewir7iD1aKlKyvbs

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=aup7uWewmr7iD1aKlKyvbs

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=aYKYhmewer7iD1aKlKyvbs

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=by3OEWewqr7iD1aKlKyvbs

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=by3OEWewqr7iD1aKlKyvbs

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=c2AysYewmr7iD1aKlKyvbs

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l7jg0wjz&c=6770310097304&slotId=3385155048652&fb=ima_html5-lima&sdkv=h.3.528.0&mrd=4&aab=1&itv=1&uet=2&met.4=err.l7jg0x1k&aec=901&rec=loaded-1%7Cshow_ad-1%7Cerror-1

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pbs.nextmillmedia.com/openrtb2	1970-01-20 05:42:27	Name: nmm-ss-cps-usr Value: 1
pbs.nextmillmedia.com/openrtb2	1970-01-20 05:42:27	Name: nmm-ss-cps-usr-exp Value: "2022-09-02 19:31:32"
.t.co/	1970-01-20 15:11:15	Name: muc Value: a782e16b-bb99-45e7-b9b0-2922b45e83e3
www.on3.com/	1970-01-20 15:17:00	Name: ac_cclang Value:
.intentiq.com/	1970-01-20 15:17:00	Name: IQver Value: 1.9
www.on3.com/	1970-01-20 06:24:12	Name: ac_user_id Value: acndnzlm7v109ujc44fe5540ed3d38bcca6c352d964a69f37d809b2ba3564b2b80f822753c143d8
.on3.com/	1970-01-20 05:42:27	Name: _gid Value: GA1.2.553851485.1662060692
.on3.com/	1970-01-20 05:41:00	Name: _gat_gtag_UA_193678100_1 Value: 1
.on3.com/	1970-01-20 05:41:00	Name: _gat_gtag_UA_193678100_3 Value: 1
.on3.com/	1970-01-20 07:50:36	Name: _gcl_au Value: 1.1.1536657425.1662060692
.on3.com/	1970-01-20 15:17:00	Name: _ga Value: GA1.1.81929316.1662060692
.on3.com/	1970-01-20 15:17:00	Name: _ga_D6C0XT55DS Value: GS1.1.1662060692.1.1.1662060692.0.0.0
.rubiconproject.com/	1970-01-20 14:26:36	Name: khaos Value: L7JG0TVL-26-6B7H
.rubiconproject.com/	1970-01-20 14:26:36	Name: audit Value: 1\|SDziDG3X/EjgYuKNOK9B814C1LCtWBX9mfsNIvv6Qtp0kTU4st2MuVNX4fJrjsUoz0yTAsWqIWzAUJ+gL7gixdDu7Ii+wRSpUN+/nvRkaHE=
.doubleclick.net/	1970-01-20 15:02:36	Name: IDE Value: AHWqTUnH_Jy9oCuEzZbQrRNOAWp3XsRa-VkrueLIrXdri5Gu7efcRUGsQlB5OOM2Hdk
m.stripe.com/	1970-01-20 15:17:00	Name: m Value: 3aade40a-bd6b-4aa5-b220-c70d18b6271b4c6d61
.www.on3.com/	1970-01-20 14:26:36	Name: __stripe_mid Value: b37d885b-608b-48e1-8c41-221e1439e3eaf0a79b
.www.on3.com/	1970-01-20 05:41:02	Name: __stripe_sid Value: 6da150cc-8f2c-43a7-8f09-c2075fe546ccb4c433
www.on3.com/	1970-01-20 06:24:12	Name: _pbjs_userid_consent_data Value: 3524755945110770
.springserve.com/	1970-01-20 14:25:10	Name: ssid Value: 845d0628-2736-4983-b144-c2b693f97109
.springserve.com/	1970-01-20 14:25:10	Name: sst Value: 1662060695703
.on3.com/	1970-01-20 15:02:36	Name: __gads Value: ID=abdc469787b0e28c:T=1662060697:S=ALNI_MY_dTsT7zGJfwmrkSyRNVumWFBMlg
.adnxs.com/	1970-01-20 07:50:36	Name: uuid2 Value: 128106463234103531
.casalemedia.com/	1970-01-20 14:26:36	Name: CMID Value: YxEImrtbRS0TsVO1R5O8QgAA
.casalemedia.com/	1970-01-20 07:50:36	Name: CMPS Value: 5178
.casalemedia.com/	1970-01-20 07:50:36	Name: CMPRO Value: 5178
.adnxs.com/	1970-01-20 07:50:36	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTw?=+0M!@wnfH8K6pQK`!5=E<L5?%K<1fO_H/nD#xa`a@NYZsy>/2u[?Acbm!/?`xybpRzqF1`b^AM)r3OZ
.casalemedia.com/	1970-01-20 07:50:36	Name: CMTS Value: 1215
.quantserve.com/	1970-01-20 07:50:36	Name: d Value: EEEBCQH_JoEA
.quantserve.com/	1970-01-20 15:11:15	Name: mc Value: 6311089a-cae20-13aa2-c85fc

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=2016043915&rnd=860587&iiqidtype=2&iiqpcid=6a576a00-d6ad-4880-8faa-1cd25347b1b2&iiqpciddate=1662060691598&tsrnd=376_1662060691599&jsver=5.11 Message: Failed to load resource: the server responded with a status of 403 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js(Line 5) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-XOU7NzoZzbiSQ73LLUcLcsi2NsMis8YLjkv74phwfSk='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js(Line 5) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-N1vBqICO3CogtDLyI+BumBsC/rnTT1WCYKpTdJXzUz8='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js(Line 5) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-wSVXDG81fU6tG+231JrLDbxTVXz/BlZSCsF3j2+TvMw='), or a nonce ('nonce-...') is required to enable inline execution.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3f7701a03f8eff0f395524472dd0e4bd.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
anyclip-player.s3.amazonaws.com
ap.lijit.com
api.intentiq.com
api.on3.com
assets.anyclip.com
btlr.sharethrough.com
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
cdn-ext.spiny.ai
cdn9.anyclip.com
cm.g.doubleclick.net
cms.quantserve.com
config.anyclip.com
connect.facebook.net
csi.gstatic.com
dsum-sec.casalemedia.com
exchange.postrelease.com
fastlane.rubiconproject.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
imasdk.googleapis.com
ipv4.icanhazip.com
js.stripe.com
m.stripe.com
m.stripe.network
marketplace.anyclip.com
on3static.com
pagead2.googlesyndication.com
pbs.nextmillmedia.com
pixel.anyclip.com
pixel.rubiconproject.com
player.anyclip.com
prebid.media.net
pubads.g.doubleclick.net
q.stripe.com
region1.google-analytics.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssc.33across.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync.intentiq.com
t.co
targeting.unrulymedia.com
tlx.3lift.com
tpc.googlesyndication.com
trafficmanager.anyclip.com
vid-io-iad.springserve.com
vid.springserve.com
vpaid.springserve.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.on3.com
csi.gstatic.com
ssc.33across.com
104.18.115.97
104.18.18.126
104.18.19.126
104.244.42.69
107.23.86.249
108.138.4.10
108.138.7.103
13.32.121.27
13.32.121.72
142.250.185.162
142.250.185.226
142.250.185.98
142.250.186.130
151.101.192.176
178.79.227.9
18.204.159.191
18.207.62.173
185.64.190.77
2001:4860:4802:32::36
213.19.147.43
2600:9000:2156:2000:15:6f6c:b180:93a1
2602:803:c003:200::51
2606:4700:10::6816:22d7
2606:4700:10::6816:42d2
2606:4700:3034::6815:4d81
2606:4700:440e::6812:2fe6
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:801::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:829::2006
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:400c:c0c::9c
2a00:1450:400e:80c::200a
2a00:1450:4028:809::2003
2a03:2880:f007:8:face:b00c:0:1
3.214.35.174
3.248.135.230
34.107.148.139
34.234.47.166
35.157.194.177
35.157.246.167
37.252.172.250
50.16.128.157
52.11.0.105
52.216.114.123
52.222.214.6
52.59.9.89
54.187.159.182
69.173.144.139
72.251.249.14
033d43cc15edb036b6bd952ae40fda9b22bd721492d010d850ef64e6eb97b49d
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
062146d92bdcd6c3610fda358c89e4771ccfe5579a0bc4b38afb86924afda245
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06e20d4b3c5614231a23ee2f194f817a3591df0fbb30ab406c33128f3aefc2d6
06e5fc7bba65723c797a3f8dc04aa0faf191594293bcde2b8c0066d1c7494a17
077a80e348b662c8f3745df2b9e989403e9a4799cbef2201dead425270a4549e
07eea6bc48815e92132aadac5a8852e87c62c955dd0349394dd01d8d722873b0
0a34b591c444fabd1f896f4c10c7b73eb854b5d11f6d834ef15a5f5001a8cfec
0aa7f53eba46f4838562e5d4ea8a00dab68011ee8eb11a794541e793af95c288
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
10337690e33b727fa60fa5d7410fe831b6c53c39007dcc7a0becccd229775907
11cee3ceb6da4c172316ab6295157fa8ff32cb124861ec55d4b1206e009df35f
12393bdf1c9691f67337e00bec0cf4e722d6cbbe8daf9d288773634442c5a88f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1452c618842ddbc700e7f13efdf5176cc526201a4eec1aad3cdf73fec75e2b0f
14663ff38461145cc7d58eb435da0fb3ceb9f9b67be8942656cf9ce94224c439
157ba939ab51df172af5c568030a04449b43fd577367c0c7a3f70c3c94faacb8
16ee43bfe2d05ea2ff3cf964d5e9cf858634126c70fd40b2d872e47651d908cd
1b98ba65804117309185fd18cda5608fa31f342b3c626715722721ebc93f4231
1df768be4d86e1ef9d982213969504bcb0b5c9fabceae868c02f6580fd7f8d07
1ef8be666e2e01669d95258508136cea0f1b3f6966038c1d5abdbd8f14767fe6
1f065ff11d1a329ff6b38b3cb50c8beda7e50948cee74f061007d3dd14466115
20854504a533196848905019def6656a9f3fbf6d8ac95b5ac08a8dd1998e33ef
2203c8266d65b5c2234deed2775d66c066c3c5529aa1d6c40c039476c8c66796
24950f85752bdb73722e26866dedcc90bec35b2bbb650da0cf4ace7e2806fcd1
2510ed81c525ffb3948c9e103bc6d56f036e45346a0d4c6e481602c223c74ba5
25339ab4cd9d8e0223b188303cdfabef07a6c600e6820ecc68334bbc9e5497b5
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25b2eb18870ea6f934fd581dcb35205259a09ed00c67160fa4fd9ccc8b3eb49e
25f558dbb7b572a116a6dbf7b768bf561b92a8051a0993255429e1f9476a023f
27ac3f1fe91ac86b8b872b50f5a9212a01a0dcc44119418a1f3aede79dd2b3ca
2828dd59b285b2fea5be1067947f7219024b480693aceec5e6580d8819b57948
285cdac13f4a93c4e1f445057f7ba9bf0572611a012abc9fb115e6f249fc0d10
290fefe2593a264f40d7afeceb6810aa862279f9ec2b81ef4cac24350fb927d2
2db7c93db8ff6a6d1ae4d349735cd82dd6a0684aca3599d3ad2818c3bfd4e6fe
2db7ff033ee630d86f95328dab7d27758ff0df66525ceb1f261af353c3dac4cb
2fb345959413105a14337bf0ae740be7d89af5c8bf73ad01deff9721c95fb0b2
3122219dc28aee00dfbaddc1cf791affd1921ff20232d61a4ff011b09e51d635
3226f605e371ebadf3cda1022766bb6a0b1d08887f84d779f56bed5b08e93249
335adf4fd8e378edb0b4800e8fae23f02d0c8a03e3bc0e5160617fea825cccb4
34e907e61cdb760e35e2c70e503f2a15b28346d4b1e081006ed08ecde3b9afbf
3551b49c00e37fc5002bb590762335b404405b5155940d958f885b69b9cabdf1
35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8
35763e61ddd91b97331d329fc5baa480d473c6ec340db7799863d06f91eb042f
35a88aea627cd282b43f20f5b43fc8a34ac20911966b5b4dcc9d57544f75b6b6
35ea138c5373da578057edde5832ab1118299984f8e13939a0308c4b491b275f
36b8897c6aeb82ba1c8c7dcbf03813bf3c193240fda82f6f0bc1fbf79c5fa439
36fb646f58061cf7e31a7bc54d8fbc93d484f1a7a9364d786ba8b0bbb8b80d0c
371d10a217f495bdbb9959cf71f48c97f072bc1183ad91d625e1b8c1ee8fe481
3764072a48834a5c2de20cd0c7ccefdf7ee1c634ee1a0178d5a8903b9a54302a
37bc652619c0bcf7680db6867c2b0cd1fb19b85ad14d8bbd880cbb2991f40c2c
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34
3c70536bd78fb3998e40369ea295a20d22fd6f078b3113d87c5461b22611369c
3cc9389c9cfdbc0fb7c282c3026c3cd9c11894913f4cf60cf9d1140a1415ad0a
3cd394f5f2605e7ef0abb3cbb8c9d7afef2a4bcf111db085fda134980b51c8c8
3f5031cf24d3d8b1ad9eae7cd9228832d92b1dc4d09fb43c0e5c3bdc1f1967c4
3fe6a1411d5c9e8d5818521362a62ec782f874be6b0906ebe73d96f035097562
428f011c33a496e765f72669a4f10a731364ec415d6d6750c54ec32d53fecbe2
446571eb2c954f1347c40dae633a14ed64f86f211d859bac68889990ae137acb
48013b3e67c864558d10af99fe8e1c1240722f57534f426c319c527c343335e1
49842c21e5646b4dc63ae0571d1eba6621ca0a28863171ec61f78605d9b318fd
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b65c2058756241bc9f3c231ddb064b1c6036ad8c0ed315b47200c5cb312cad4
4d6491065c42b0fa01e12e39c3a56e3f25dc2106cbfdec3730cc74e9b720aaf0
4ed89fe8184fb56378693190c131544f888702e791df8f336ddaa5be6330556b
500ea233947fd55ac0cdc510b5cac674c2e02b6ae1cebf4354781f47e0927958
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
505e82faa489975156325b6be4858129b4119de9a521dad097df61ffa1b4a9b8
52c00b8b0b7abeb741a3dd1699d4f2c8167a45555f1fa4333f4a2b4bd7b46618
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5667f59f55f95993e2e876c9f54f9a63d381e7327c8e2edf5bc75300bd8d4249
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
592d30d69ead4f74ef318ddbba2f40298a2d09a01c25e328bb5b5b76530eb653
5c543d1202cfe7ac6477f6e3dde18eb9efa50ce7ae85691813e148f47ce1d478
5e5587c6d8ae7bf0cfebfc9bd81107efc3836c4030e3e4ec671a5a4bbb8c77c7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624d3ca34f25c5add6ca47b095bd51ac8b2d5f2f5d4a345303d86aacfbaa3faf
651f8981b161db88e228d521b07c1092e5f577ba3a321b0398430aabddfd7884
67b30ca2ad10f4b0c9bdcd977b10e9c5890a51e7342ce454868ab292eb91adc9
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
687d9355520fe83c9dfda8ff57e990ad7269f69d516de3c1058c9fb106201e7b
69e23d2a2eedd8c72539f2cfc0055a8fec31fc7f5b864c677ccbdb04aeb7535d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e1ea8dc19e5bed44deb3d511eee45e6739ef7e4ac7dd469d7cb038fd3cff01b
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
6f9f570e468d17f3258aa5af0d61033be07930e31235de168ad721757de04e84
70c6f6b3b081b1a2342846e9afa58c1677ff014c1397fac70e1635eedfce23dc
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75534a2872bdb493c846f5aec9514300967cb04d485b6f1561ea8a42f113cb70
7584ed6e4753f20d4a945de5954e44b9dcc5eb5c8fc49bd221f1d400e432322e
758b91e91d2f01d491349f280724fee28e3072ed75be33a31748f0b60792dce1
75a101a7c3214c232948e4251501543cb799110b868d79c0d5e820add0de292d
76b2153d8640380ba65ed7ef31953e8bf48339e8775e358c338defe85d7039fc
7970d8e75d3fdc2dfde7ae5c67c1b09e0600caf0fefd138fb7022abd39b4ae2f
7a578ec69141ab5a90907994ba8037d2a5d37e5b085e81bd8c4ae4dc9b24083c
7f264075a7d402a0ee2db22c76b0adf0d5691be23039b0ec3ec681f13077c88f
80583de98e5b41831986362db5e185b094a0bb376d1926aa16341ff21a018a4c
81217d1ff4759a0b3f833ce1744ee804a66304d1412f3941622ac512d98b3751
82fa3bfda70106507e30ed360a21f48281f689ddd8cfe416483cc970249a6dad
86e77300b7d6f389e8d2e17247cff3caa828ec705ed2939be3776486fad424a2
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8e1c12f1744eec6ccf155b17e421dd15260278dd88a3b96f20f30dfe8797fe16
8e8003ad291ba3bd8691f5b0754b18daa4f89147dd3f27f204c651cd8d5fbf8f
91575a10850122a65400a7dc02db99e7f4c9ecf40afff5ac6cea4d106f20009c
948e524e872153be9acb7f70fe51c83910d3b1c2260778795670417911ad5f8c
98fa566d2e4411bdd53635a3e470ff5b1b189a05b7410125da3ab21e4f6f94f1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c246e2806e9f17897aa1dd0e6283c006f3625ab67c555b32da9a88b6c488e55
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0998e01d3af476cb0bb563158fe61dd16432941c3b3c400e33bcde7b695f9b0
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a17bf5a5e1a1e1c69faa10ec7a45118181b51ca287bb2374c32798eff7edbb09
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2319350d2db064f0107ea1c3a93d423418ab15a817ada171ce43eeefb792535
a44af82cb5402cd2ec9a35a77d000d824fdb0be38c1cc18948c5c5fa30869e77
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a5fe322c373d047bc1459febafc81a034c7f008a14d103f990b0a5c87b90efdb
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8b39528ffe4c56898fc9ae1baf29548f3378a34159a76efbcd048ac1645e542
aab3f29a0f5f0c23c1818b8d150f6d8a2c14a914f10cda6064a88a2445ae2aa9
aadceda6ac29f88fdd80f43e6630da80c6f863be565d2205f0c45b1a3066ee2b
ad469548644fdfbd8327536f36f4f782755310c8bdcf835d1a3f17124613680a
b07868e2b0923a4218cc25425c6cd7ad8f5a71f3a558ffcbd532d422cec03ef9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23ef8806716cd3c65af554d12fc92bd4ca5b7dbe3a50e9ae2a232e04f3f6575
b66213fdcb432436a3d2e0eef3eed1f05225b55d265bf0256d58bc4853215ee7
b9eac73c03c237d641f81b557aa646e18834c0566cbe0dfb7e1d977981579241
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bade19fc10d0d6a7c5ccfa0cb9db5ec98dec1a184b6d18e9f88ea3538bbc092d
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bf8a3d71354828a837da5f234fdeab608b2e535b11b4851e89d75b1686686635
c0f97f6a944f7f322e0b0b59d7c0b35ffdc16895381fbd15af9f7447a72c04ec
c25d4326ada81c95c6bdabdef9dedc21e2ad8bb305bd52c9c88083071efc466d
c281d7fafb14a1c259293dd796bf26de849eaba4b48ae2e203fbfcf81d8c361b
c51c490021d97dadc1df41d6d0be6223455272df00818d6330a2a05414e9a3a1
c5dc90120490376068ec1f2d17dbd0db47f9266dac5e119df9f0f30186522b3b
c815150df53566e738dd65e93d88efdaffd586acbfbbb32d6dcdfd700aca270c
c8f945bbe6afa1bcb1599471a69ece8facf97605f636abffc3655abf71a63132
c963ac26c8c7fa64ef033c30900ce933aca7015d3ebc61583c697669b0db4f11
ca4fc4fd910f2db3c0b8e9d1b7de96df499321207e7e90b2745fef4de3d4d0d3
cbe01475f5b639fe1290424cc3f8a04e45dec984e83ec70d6dd9383a213d4262
ccc1b36da1f863035781ebd0c15b895737c74d960ac2cc17691c135a267f39ff
cd6375e19cbd9266bd32a6d562a09d56a79c9e4f73ad4aaa069e78988a2f552f
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d13ad9513eac3c6ed7451b79ca1d4ab6a0a36eae1c4ac9f98ed70a13c4753ce0
d3cd503225b012f50d1755c4bffbfd86691eb85d5b38b07ff0bc8ed13063fc76
d68eac6a71cc42c7b4cac44d2cb1b2a588c892c61d423abeccf78b929bed47f2
d8b9c4a15ecda17415ed37c2ebe7bec2afb5fd6bda103ffb44ae22e563fd73ac
d940ae889a8f0570034bab35e16b244f2fce08df63203c7c8d20c53dba0b66e5
da4e327b5d8060bab4783984722b19d4acfd466114396a11793ccee184455d0e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dee9bcb02878b6553e1ecedb49704d5b7f09c8522f3a978eaa91c6b986422626
df5d51a0ba09eb972be7f83f97b9943d1e19f982349469e9af1a71f92b2177ed
dffa57823d8d543d3d6e70cd70ac0f96925cc5a42c8429687052ea7a7b7c7333
e27356e2ff763491d74a6546c700b0fbb5e7be3a78b9587fb250b31669ae6d95
e2d832b369dcea159af3851c4fe177dfd4933755ec4beff8d9120a4487359a5d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e55787b3edc7db7ee2a6218f4793a4b355eb314c01f3b96efd9861e03783a8aa
e57788ad1c693c42e5744ac97fd1e84bdfbf2b3e999cab81cd84f55b4e5bb6e3
e7ed722a86cf092a526a9ae6453e162af2d12b67b8b22214836ae9e3ca86f183
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
ec32243273cec9b7b1ea3f93879622bbf9a7c617689a1664b65913809e3786bc
ed59e17fc9beb221da2c288c37ce2b9601cf37aae9a995b744e3b6028c9ca09b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2640748fb059e5a60808cc8bdc9cca5fcf22d6861e3ddd743297b63a6712070
f2f7c6b160131c7d76f1d99580aa9d3a16dcc285d32aa4c6151952d7b0265944
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f4a9edabc19ddf9bc17c45c94c1a3cc2b5a5baac49acbe8a293fb03052ad96f1
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11
f62054be93b9f30643e209e390ae4299eb0501d1d89d9c8a3c6ee496ea9bd99c
f65daa511eaa8a9b90e0c7f6b787830522cf844c8e7a405566241327fb1412ad
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
fc90d08e0688535c640a1d604c6e10eee2188d9c02714789fc0a6919be5a0041
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
ff6e7e963415040e42cb3f7bd5b4753f38b696ebbc590b380d991060f1ee9b33

www.on3.com Open in urlscan Pro 2606:4700:10::6816:42d2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

340 Requests

94 %HTTPS

42 %IPv6

40 Domains

66 Subdomains

59 IPs

8 Countries

11216 kBTransfer

19767 kBSize

30 Cookies

16 Outgoing links

Page URL History

Redirected requests

340 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.on3.com Open in urlscan Pro
2606:4700:10::6816:42d2 Public Scan

Screenshot
Live screenshot

Full Image

340
Requests

94 %
HTTPS

42 %
IPv6

40
Domains

66
Subdomains

59
IPs

8
Countries

11216 kB
Transfer

19767 kB
Size

30
Cookies

340 HTTP transactions
2 data transactions