websites.mygameday.app Open in urlscan Pro
13.55.129.189 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://huntermaf.org.au/
Effective URL:
https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Submission: On July 27 via api (July 27th 2022, 7:21:32 am UTC) from US — Scanned from DE

Summary HTTP 228 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 78 IPs in 9 countries across 48 domains to perform 228 HTTP transactions. The main IP is 13.55.129.189, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is websites.mygameday.app. The Cisco Umbrella rank of the primary domain is 536400.
TLS certificate: Issued by Amazon on June 28th 2022. Valid for: a year.

This is the only time websites.mygameday.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	203.210.102.25 203.210.102.25	24446 (NETREGIST...) (NETREGISTRY-AS-AP NetRegistry Pty Ltd.)
1 1	13.54.240.48 13.54.240.48	16509 (AMAZON-02) (AMAZON-02)
2	13.55.129.189 13.55.129.189	16509 (AMAZON-02) (AMAZON-02)
20	2600:9000:223... 2600:9000:223f:4c00:9:213:6900:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:206... 2600:9000:206e:2200:9:213:6900:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:206... 2600:9000:206e:3000:9:213:6900:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223f:ec00:9:213:6900:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:206... 2600:9000:206e:a400:9:213:6900:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.96.145.246 104.96.145.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:20:... 2606:4700:20::681a:78b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:10:... 2606:4700:10::6816:15d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
4	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
3	152.199.23.151 152.199.23.151	15133 (EDGECAST) (EDGECAST)
5	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:5d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	23.47.212.221 23.47.212.221	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.63.225.143 52.63.225.143	16509 (AMAZON-02) (AMAZON-02)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	52.212.1.11 52.212.1.11	16509 (AMAZON-02) (AMAZON-02)
5	34.251.24.18 34.251.24.18	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.57.153.94 52.57.153.94	16509 (AMAZON-02) (AMAZON-02)
2	34.102.253.54 34.102.253.54	15169 (GOOGLE) (GOOGLE)
1	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7 13	185.89.210.181 185.89.210.181	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2602:803:c004... 2602:803:c004:200::143	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
22	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	52.19.26.128 52.19.26.128	16509 (AMAZON-02) (AMAZON-02)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
15	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	54.200.17.135 54.200.17.135	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	108.138.17.94 108.138.17.94	16509 (AMAZON-02) (AMAZON-02)
1	3.130.97.0 3.130.97.0	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	63.34.67.128 63.34.67.128	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.67 141.95.98.67	16276 (OVH) (OVH)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
6	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE)
10 16	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
6 15	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2.18.168.244 2.18.168.244	16625 (AKAMAI-AS) (AKAMAI-AS)
2	92.123.9.160 92.123.9.160	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
6 7	69.173.144.138 69.173.144.138	() ()
3 5	52.46.128.147 52.46.128.147	() ()
1	2620:1ec:21::14 2620:1ec:21::14	() ()
2 3	52.95.126.160 52.95.126.160	() ()
1	2a00:1288:80:... 2a00:1288:80:807::2	() ()
1	35.71.131.137 35.71.131.137	() ()
1	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a05:d018:d29... 2a05:d018:d29:3605:9ba9:76c9:a8da:3df	() ()
1 1	3.209.155.158 3.209.155.158	() ()
2 2	151.101.2.49 151.101.2.49	() ()
1	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:c4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
228	78

1 203.210.102.25 (Australia) 1 redirects

ASN24446 (NETREGISTRY-AS-AP NetRegistry Pty Ltd., AU)
PTR: awcp025.server-cpanel.com

huntermaf.org.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.54.240.48 (Sydney, Australia) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-54-240-48.ap-southeast-2.compute.amazonaws.com

www.sportingpulse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.55.129.189 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-55-129-189.ap-southeast-2.compute.amazonaws.com

websites.mygameday.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2600:9000:223f:4c00:9:213:6900:93a1 (United States)

ASN16509 (AMAZON-02, US)

www-static.spulsecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206e:2200:9:213:6900:93a1 (United States)

ASN16509 (AMAZON-02, US)

www-static1.spulsecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206e:3000:9:213:6900:93a1 (United States)

ASN16509 (AMAZON-02, US)

www-static2.spulsecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:ec00:9:213:6900:93a1 (United States)

ASN16509 (AMAZON-02, US)

www-static3.spulsecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206e:a400:9:213:6900:93a1 (United States)

ASN16509 (AMAZON-02, US)

www-static4.spulsecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.145.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:15d (United States)

ASN13335 (CLOUDFLARENET, US)

boot.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
refresh.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
intake.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 152.199.23.151 (United States)

ASN15133 (EDGECAST, US)

widget.beop.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:5d8 (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.47.212.221 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-212-221.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.63.225.143 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-63-225-143.ap-southeast-2.compute.amazonaws.com

passport.mygameday.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.1.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-1-11.eu-west-1.compute.amazonaws.com

s.beop.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.251.24.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-24-18.eu-west-1.compute.amazonaws.com

t.beop.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.153.94 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-153-94.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.89.210.181 (Frankfurt am Main, Germany) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.26.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-26-128.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.200.17.135 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-17-135.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-94.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.130.97.0 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-130-97-0.us-east-2.compute.amazonaws.com

prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.67.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-67-128.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.67 (France)

ASN16276 (OVH, FR)
PTR: ns3216533.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.184.194 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.18.18.126 (None, ) 6 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.168.244 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-168-244.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.9.160 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-9-160.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 69.173.144.138 (None, ) 6 redirects

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.128.147 (None, ) 3 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.126.160 (None, ) 2 redirects

ASN- ()

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::2 (None, )

ASN- ()

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:9ba9:76c9:a8da:3df (None, )

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.209.155.158 (None, ) 1 redirects

ASN- ()

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (None, ) 2 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:c4c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	227 KB
32	doubleclick.net 10 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 211 stats.g.doubleclick.net — Cisco Umbrella Rank: 117 googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 296 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	257 KB
28	spulsecdn.net www-static.spulsecdn.net www-static1.spulsecdn.net www-static2.spulsecdn.net www-static3.spulsecdn.net www-static4.spulsecdn.net	256 KB
21	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	496 KB
16	casalemedia.com 6 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 553 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 460	14 KB
15	adnxs.com 7 redirects ib.adnxs.com — Cisco Umbrella Rank: 234 acdn.adnxs.com — Cisco Umbrella Rank: 566 secure.adnxs.com — Cisco Umbrella Rank: 430	29 KB
11	rubiconproject.com 6 redirects ads.rubiconproject.com — Cisco Umbrella Rank: 2162 fastlane.rubiconproject.com — Cisco Umbrella Rank: 516 eus.rubiconproject.com — Cisco Umbrella Rank: 598 pixel.rubiconproject.com token.rubiconproject.com	105 KB
10	beop.io widget.beop.io — Cisco Umbrella Rank: 20450 s.beop.io — Cisco Umbrella Rank: 20696 t.beop.io — Cisco Umbrella Rank: 20685	46 KB
8	amazon-adsystem.com 5 redirects s.amazon-adsystem.com aax-eu.amazon-adsystem.com	6 KB
6	google.com www.google.com — Cisco Umbrella Rank: 10 adservice.google.com — Cisco Umbrella Rank: 96	2 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 668 syndication.twitter.com — Cisco Umbrella Rank: 871	150 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52 region1.google-analytics.com — Cisco Umbrella Rank: 2841	20 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	260 KB
5	pbstck.com boot.pbstck.com — Cisco Umbrella Rank: 9117 cdn.pbstck.com — Cisco Umbrella Rank: 10428 refresh.pbstck.com — Cisco Umbrella Rank: 30058 intake.pbstck.com — Cisco Umbrella Rank: 9202	96 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	155 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 397 mug.criteo.com — Cisco Umbrella Rank: 2751	8 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 3240 google-bidout-d.openx.net — Cisco Umbrella Rank: 3042	607 B
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	20 B
3	gstatic.com fonts.gstatic.com	63 KB
3	mygameday.app websites.mygameday.app — Cisco Umbrella Rank: 536400 passport.mygameday.app	29 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	644 B
2	yahoo.com ads.yahoo.com pr-bh.ybp.yahoo.com	1 KB
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 585 cdn.indexww.com	2 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1361 bcp.crwdcntrl.net — Cisco Umbrella Rank: 841	10 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1450 id5-sync.com — Cisco Umbrella Rank: 546	13 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5701 adservice.google.de — Cisco Umbrella Rank: 8252	1 KB
2	playground.xyz ads.playground.xyz — Cisco Umbrella Rank: 4289	404 B
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 635 eb2.3lift.com — Cisco Umbrella Rank: 400	667 B
2	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 826	8 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	86 KB
2	pingdom.net rum-static.pingdom.net — Cisco Umbrella Rank: 5128 rum-collector-2.pingdom.net — Cisco Umbrella Rank: 4647	3 KB
2	turn.com r.turn.com — Cisco Umbrella Rank: 2958	2 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 303 fonts.googleapis.com — Cisco Umbrella Rank: 72	93 KB
1	ad4m.at ad4m.at — Cisco Umbrella Rank: 2333
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com	385 B
1	adsrvr.org match.adsrvr.org	265 B
1	linkedin.com px.ads.linkedin.com	710 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 622	98 B
1	uidapi.com prod.uidapi.com — Cisco Umbrella Rank: 6155	5 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 615	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 3321	8 KB
1	sharedid.org id.sharedid.org — Cisco Umbrella Rank: 5331	904 B
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 284	725 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 406	9 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 424	2 KB
1	btloader.com btloader.com — Cisco Umbrella Rank: 1186	6 KB
1	sportingpulse.com 1 redirects www.sportingpulse.com	295 B
1	huntermaf.org.au 1 redirects huntermaf.org.au	222 B
228	48

	Domain	Requested by
22	pagead2.googlesyndication.com	websites.mygameday.app eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
21	s0.2mdn.net	eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com websites.mygameday.app s0.2mdn.net
20	www-static.spulsecdn.net	websites.mygameday.app www-static1.spulsecdn.net
16	cm.g.doubleclick.net	10 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com websites.mygameday.app tpc.googlesyndication.com
14	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
13	ib.adnxs.com	7 redirects websites.mygameday.app googleads.g.doubleclick.net acdn.adnxs.com
6	googleads4.g.doubleclick.net	websites.mygameday.app
5	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com
5	googleads.g.doubleclick.net	eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com websites.mygameday.app
5	www.google.com	websites.mygameday.app eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com tpc.googlesyndication.com
5	t.beop.io	widget.beop.io
5	www.googletagmanager.com	websites.mygameday.app www.googletagmanager.com
4	token.rubiconproject.com	4 redirects
4	eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	securepubads.g.doubleclick.net	www.googletagservices.com websites.mygameday.app securepubads.g.doubleclick.net
4	www.googletagservices.com	websites.mygameday.app eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
4	platform.twitter.com	websites.mygameday.app platform.twitter.com
3	aax-eu.amazon-adsystem.com	2 redirects
3	pixel.rubiconproject.com	2 redirects
3	www.facebook.com	connect.facebook.net
3	www.google-analytics.com	www.googletagmanager.com websites.mygameday.app
3	fonts.gstatic.com	fonts.googleapis.com
3	widget.beop.io	websites.mygameday.app widget.beop.io
2	sync-tm.everesttech.net	2 redirects
2	eus.rubiconproject.com	ads.rubiconproject.com eus.rubiconproject.com
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects
2	ads.playground.xyz	websites.mygameday.app
2	s.beop.io	websites.mygameday.app
2	region1.google-analytics.com	www.googletagmanager.com
2	cdn.pbstck.com	websites.mygameday.app
2	syndication.twitter.com	platform.twitter.com websites.mygameday.app
2	tags.tiqcdn.com	websites.mygameday.app tags.tiqcdn.com
2	connect.facebook.net	websites.mygameday.app connect.facebook.net
2	r.turn.com	websites.mygameday.app
2	www-static4.spulsecdn.net	websites.mygameday.app
2	www-static3.spulsecdn.net	websites.mygameday.app
2	www-static2.spulsecdn.net	websites.mygameday.app
2	www-static1.spulsecdn.net	websites.mygameday.app
2	websites.mygameday.app	websites.mygameday.app
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	ad4m.at	ssum-sec.casalemedia.com
1	beacon.lynx.cognitivlabs.com	1 redirects
1	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
1	secure.adnxs.com	ssum-sec.casalemedia.com
1	match.adsrvr.org	ssum-sec.casalemedia.com
1	ads.yahoo.com
1	px.ads.linkedin.com
1	id.rlcdn.com
1	ssum-sec.casalemedia.com	js-sec.indexww.com
1	acdn.adnxs.com	ads.rubiconproject.com
1	js-sec.indexww.com	ads.rubiconproject.com
1	eb2.3lift.com	ads.rubiconproject.com
1	mug.criteo.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	id5-sync.com	websites.mygameday.app
1	bcp.crwdcntrl.net	websites.mygameday.app
1	prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	id.sharedid.org	securepubads.g.doubleclick.net
1	intake.pbstck.com	websites.mygameday.app
1	bam.nr-data.net	js-agent.newrelic.com
1	rum-collector-2.pingdom.net	websites.mygameday.app
1	js-agent.newrelic.com	websites.mygameday.app
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.google.de	websites.mygameday.app
1	stats.g.doubleclick.net	websites.mygameday.app
1	fastlane.rubiconproject.com	websites.mygameday.app
1	htlb.casalemedia.com	websites.mygameday.app
1	tlx.3lift.com	websites.mygameday.app
1	refresh.pbstck.com	websites.mygameday.app
1	cdn.jsdelivr.net	websites.mygameday.app
1	passport.mygameday.app	ajax.googleapis.com
1	fonts.googleapis.com	websites.mygameday.app
1	rum-static.pingdom.net	websites.mygameday.app
1	boot.pbstck.com	websites.mygameday.app
1	btloader.com	websites.mygameday.app
1	ads.rubiconproject.com	websites.mygameday.app
1	ajax.googleapis.com	websites.mygameday.app
1	www.sportingpulse.com	1 redirects
1	huntermaf.org.au	1 redirects
228	86

This site contains links to these domains. Also see Links.

Domain
support.mygameday.app
passport.mygameday.app
www-static2.spulsecdn.net
www.hunteraflmasters.teamapp.com
www.facebook.com
support.sportstg.com
passport.sportstg.com
community.mygameday.app
mygameday.app
interplaymedia.com.au
www.instagram.com
twitter.com
www.youtube.com
www.linkedin.com

Subject Issuer	Validity	Valid
websites.mygameday.app Amazon	`2022-06-28` - `2023-07-27`	a year	crt.sh
*.spulsecdn.net Amazon	`2022-05-29` - `2023-06-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-05` - `2022-09-04`	a year	crt.sh
pbstck.com Cloudflare Inc ECC CA-3	`2022-07-04` - `2023-07-04`	a year	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-02` - `2023-04-01`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.beop.io Gandi Standard SSL CA 2	`2022-03-09` - `2023-03-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
pingdom.net Cloudflare Inc ECC CA-3	`2021-12-14` - `2022-12-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-05` - `2022-08-03`	3 months	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
passport.mygameday.app Amazon	`2022-06-28` - `2023-07-27`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
ads.playground.xyz GTS CA 1D4	`2022-06-18` - `2022-09-16`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.pingdom.net Amazon	`2021-12-07` - `2023-01-05`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
id.sharedid.org Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2022-06-12` - `2022-09-10`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.uidapi.com Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-14` - `2022-12-07`	6 months	crt.sh

This page contains 26 frames:

Primary Page: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Frame ID: 4AF7E1F46BCD5281F2E17DF2024CC8CF
Requests: 106 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html?origin=https%3A%2F%2Fwebsites.mygameday.app
Frame ID: EB142159F32CB7D49C36970B2613EDEF
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.dc05643fdb8d0e2b89e5cc3c1d26d1b5.en.html
Frame ID: 27BAD7D2C3C2022A4FB4FE6BA9092F12
Requests: 2 HTTP requests in this frame

Frame: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AB43D9D49456E91855B23AB34E9F334A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=241352179220929&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df306dbe93fe28e4%26domain%3Dwebsites.mygameday.app%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwebsites.mygameday.app%252Ff5bec9b14d687c%26relation%3Dparent.parent&color_scheme=light&container_width=0&href=https%3A%2F%2Fwebsites.mygameday.app%2Fassoc_page.cgi%3Fclient%3D0-8951-0-0-0%26sID%3D242239%26%26news_task%3DDETAIL%26articleID%3D69083752&layout=box_count&locale=en_US&sdk=joey&show_faces=false&width=45
Frame ID: 771CCA6519D0C3AB6A2D90BAF12D2F19
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/comments.php?app_id=241352179220929&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df21c0b516452aa%26domain%3Dwebsites.mygameday.app%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwebsites.mygameday.app%252Ff5bec9b14d687c%26relation%3Dparent.parent&container_width=550&height=100&href=https%3A%2F%2Fwebsites.mygameday.app%2Fassoc_page.cgi%3Fclient%3D0-8951-0-0-0%26sID%3D242239%26%26news_task%3DDETAIL%26articleID%3D69083752&locale=en_US&sdk=joey&width=550
Frame ID: B2A263CE2DB861BB6DD5158EB93B25FD
Requests: 1 HTTP requests in this frame

Frame: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0E692C93FD366DA409489F9CF5D1EA59
Requests: 15 HTTP requests in this frame

Frame: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BCBB8A4F2E48B9609232BFB2EF082DF4
Requests: 14 HTTP requests in this frame

Frame: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8E4B722C9C792E9FBA4EC0988A4819AE
Requests: 15 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=websites.mygameday.app
Frame ID: 489275815B30801C6A733008FA1CBD49
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNXUOnAj0rXt_-feiGdSGaaQRQTcTSDPraqHUHU1MsnslFwA95OxGZmGi0cQ1WcGsgOHxc06plz6G1tRjp9lvn6qFEAlKiJgmcVqiF-uQwxwDPDcFbGGploadhDwTS38dUqGHSmsmZBAcBLJ4u5tRov0JAZcmCFIklDChNrpGsXJE1d2JwU
Frame ID: 4D76905380E5DF4785DD99A00D816C6D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjqvgIQi7bqAhjr66fPATAB&v=APEucNVmotR92SxEp0QYc3VfwVHHCB9trO2J8j5JE4i-HNyKnYkR3xdmFfYBDr5KSz-QULCxTQfLwcbk1d-TDxo89CJgky-zJfoXA-ZG3G-bOAKyIaFUW_1hXAPoG4tQ0wJDka_qK0XzbhlfJmTVSl4L8WSnIzOd9g8IAWyP8M1I4X1gCDWuG6U
Frame ID: D7580B2B16A7BDD1B99B2B772E758DE6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNWnjltSsA08Mat_67eZEG4EYeOPJezQcyWpAnPfbtQlkJSsalXAHfTLLfIdBRTvQoBLj1oQBimcfQ6JiU8uYTudBxO2cNWXB1Gzav2lMfVJ8vX1zULnNgQvF3pj6F3xB-VeK-QptUfiLm3345RvWT2ug9mQif5IWP32CIMYmn2IL1v7zAo
Frame ID: 70AC8874A941419334106DB58938E0CB
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CDAEA33EFE2C0FE838819FA1C882EF6B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A0C213C0135A36DCFA50F188AE55158B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 62442184575170F4F60B61BD14443642
Requests: 3 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 438A113951392F05D5E955294C253E68
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15339142727432857715/300x600/index.html
Frame ID: 860AB15E52C1030E6FF2B77403E71A21
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9942674822015316743/970x250/index.html
Frame ID: 714D73C3B30FAE29FA0B51A725FC220D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5BBE8C3ECB358A426B6E5A5609566D9B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 76388B76F3D3EC8210E874405F859134
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: E6F43ECBB03D8050416F78E488875A74
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E203683489887B44D02481973E73DD44
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: CCE3DD53C7B993ADD9B8BFD3A9B6A600
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6E34A2E01CD3BAF021066D9106187EBA
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwebsites.mygameday.app%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: BD63D434F8A550C2774BE9B14A86114C
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

News - Hunter AFL Masters - GameDay

Page URL History Show full URLs

http://huntermaf.org.au/ HTTP 301
http://www.sportingpulse.com/assoc_page.cgi?c=1-8951-0-0-0 HTTP 301
http://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0 HTTP 307
https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0 Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

228
Requests

89 %
HTTPS

48 %
IPv6

48
Domains

86
Subdomains

78
IPs

9
Countries

2465 kB
Transfer

5759 kB
Size

26
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: http://support.mygameday.app/
Title: Support

Search URL Search Domain Scan URL

URL: https://passport.mygameday.app//login/?&e=1%3A8951&sp=4&cy=Australia&st=New%20South%20Wales&tt=&pa=login&en=Hunter%20AFL%20Masters&url=http%3A%2F%2Fwebsites.mygameday.app%2Fassoc_page.cgi%3Fc%3D1-8951-0-0-0&apk=UDGNQYh8ehnSTN6kVaX37NTZVEdGZs
Title: Passport

Search URL Search Domain Scan URL

URL: https://passport.mygameday.app//account/

Search URL Search Domain Scan URL

URL: https://passport.mygameday.app//logout/
Title: Sign out

Search URL Search Domain Scan URL

URL: https://www-static2.spulsecdn.net/pics/00/01/71/08/1710809_1_O.jpg

Search URL Search Domain Scan URL

URL: http://www.hunteraflmasters.teamapp.com/
Title: www.hunteraflmasters.teamapp.com

Search URL Search Domain Scan URL

URL: http://www.facebook.com/HunterAFLMasters
Title: www.facebook.com/HunterAFLMasters

Search URL Search Domain Scan URL

URL: http://support.sportstg.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://passport.sportstg.com/account/
Title: Passport

Search URL Search Domain Scan URL

URL: https://community.mygameday.app/p/join.html
Title: GameDay Community

Search URL Search Domain Scan URL

URL: https://mygameday.app/gameday-app
Title: GameDay App

Search URL Search Domain Scan URL

URL: https://mygameday.app/marketplace/
Title: GameDay Marketplace

Search URL Search Domain Scan URL

URL: http://interplaymedia.com.au/publishers/
Title: ADVERTISE

Search URL Search Domain Scan URL

URL: http://mygameday.app/privacy-policy/
Title: PRIVACY POLICY

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GameDayStack

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gamedaystack

Search URL Search Domain Scan URL

URL: https://twitter.com/GameDayStack

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCg7TkeBTQy9328U0YtcGwoA

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/gameday-stack/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://huntermaf.org.au/ HTTP 301
http://www.sportingpulse.com/assoc_page.cgi?c=1-8951-0-0-0 HTTP 301
http://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0 HTTP 307
https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 110

https://oajs.openx.net/esp?url=https%3A%2F%2Fwebsites.mygameday.app%2Fassoc_page.cgi%3Fc%3D1-8951-0-0-0&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwebsites.mygameday.app%2Fassoc_page.cgi%3Fc%3D1-8951-0-0-0&rid=esp&cc=1

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIe8YsU89XAwlA2Og9U_cSQ&google_cver=1

Request Chain 141

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YuDndjWypPsjEGhD5F07vwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFVm1VqoxMEKwmy4AXcB9A4&google_cver=1

Request Chain 142

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPyWmth3tqf3jzIJ7aD2e4s&google_cver=1

Request Chain 143

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIyMTg4NzAyMDI0NTU5MTY0NQ%3D%3D

Request Chain 144

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIe8YsU89XAwlA2Og9U_cSQ&google_cver=1

Request Chain 145

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YuDndjWypPsjEGhD5F07vwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFVm1VqoxMEKwmy4AXcB9A4&google_cver=1

Request Chain 146

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPyWmth3tqf3jzIJ7aD2e4s&google_cver=1

Request Chain 147

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg1Njc4MTIwNzA3ODQ2NDkxMw%3D%3D

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIe8YsU89XAwlA2Og9U_cSQ&google_cver=1

Request Chain 149

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YuDndjWypPsjEGhD5F07vwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFVm1VqoxMEKwmy4AXcB9A4&google_cver=1

Request Chain 150

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPyWmth3tqf3jzIJ7aD2e4s&google_cver=1

Request Chain 151

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAzMTYwNTQ4MzQ1ODQ0NTc5MA%3D%3D

Request Chain 174

https://gum.criteo.com/sid/json?origin=publishertagids&domain=mygameday.app&sn=ChromeSyncframe&so=0&topUrl=websites.mygameday.app&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=FHP3v3w1Uk0zbXBIb3pKd2VCSXlHZ3U3TExnQ0lnaDVQS1BqZ1RvbEhvQXkwd3V6Q3djclpobkc0OHgwSE5rYjAraVNIalJ4UjI0aGk2WUZMSWhqQ0lIWGgyTU1ka0dmTUkzZVRFaWl5YWNKQzViWVVXenVJekJiN1cwVkpTeGpVVUYvcmlka2FTYjJ4N25DVWNxcHUvbDhDbUIrVElyc0w5WGJVNUR5Uk5GVklCNE4yek10czNsdTBCSDA3ZE9ObjRkdHFLcVJlbjFiL1ZCSGhQYTNHU0pyMThqRG5ha3JVeTJ6QTErNWowNHd0am1OQStleEtnVnIvUGpTNThVUlRGaUc3a05YelArSFJtRDJDV2NBbmtIL05aZz09fA&cppv=2

Request Chain 210

https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID HTTP 302
https://ads.playground.xyz/usersync?partner=appnexus&uid=1031605483458445790

Request Chain 215

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDYQIJ6lpH9FqjkG7u8zz-g&google_cver=1

Request Chain 216

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=S5s6wZJERBahCKG4tEOdlQ&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=S5s6wZJERBahCKG4tEOdlQ

Request Chain 217

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYzQTM4MkstTy1MT0FQ

Request Chain 218

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L63A382K-O-LOAP

Request Chain 219

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=12eAgL46Q5SJwsrKcMFTxA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=12eAgL46Q5SJwsrKcMFTxA

Request Chain 220

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L63A382K-O-LOAP&sigv=1&esig=2~ed71e766d7c887f2b248c517c2f9dc277e4c1558

Request Chain 221

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzBkZTYxZTA5ZjQ5ZjY4OTBiOTI4YTg5ZDI2M2I4YmIwMGZjZWJkYQ

Request Chain 223

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuDndjWypPsjEGhD5F07vwAABMQAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuDndjWypPsjEGhD5F07vwAABMQAAAIB&dcc=t

Request Chain 227

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=08ac1605-3f36-4d89-a5c6-b45731393977&expiration=1690442491

Request Chain 228

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YuDnegAB8lIwAQAK HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YuDnegAB8lIwAQAK&gdpr=1&_test=YuDnegAB8lIwAQAK

228 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request assoc_page.cgi Show response
websites.mygameday.app/
Redirect Chain

http://huntermaf.org.au/
http://www.sportingpulse.com/assoc_page.cgi?c=1-8951-0-0-0
http://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

60 KB
18 KB

1262ms
645ms

Document
text/html

13.55.129.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.55.129.189 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-55-129-189.ap-southeast-2.compute.amazonaws.com
Software: Apache /
Resource Hash: 9f4213155317ecb2c2bbf311da42f5b5cf0f11128c4990cac52a415e43122245

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 27 Jul 2022 07:21:23 GMT
expires: 1h
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
server: Apache
vary: Accept-Encoding
x-ua-compatible: IE=Edge,chrome=1

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Non-Authoritative-Reason: HSTS

GET
H2 200 default_1024.css
www-static.spulsecdn.net/css/layouts/ 7 KB
2 KB 155ms
37ms Stylesheet
text/css 2600:9000:223f:4c00:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www-static.spulsecdn.net/css/layouts/default_1024.css
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: f522c035a950993fd706dc4b858536030f2ca2d5b2c5b5ab8ce686e30a35c305

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 03:58:12 GMT
content-encoding: gzip
age: 12192
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
content-length: 1849
access-control-allow-origin: *
last-modified: Mon, 06 May 2019 00:23:03 GMT
server: Apache
etag: "42cfa-1aeb-5882d1a7f27c0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
access-control-allow-headers: Authorization
x-amz-cf-id: krinFmUALRSxfbidarzEqVNcuC0NWGiFa8jjqgzottZnytDa4JNLWA==

GET
H2 200 spstyle.css
www-static1.spulsecdn.net/css/dist/ 84 KB
16 KB 253ms
52ms Stylesheet
text/css 2600:9000:206e:2200:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www-static1.spulsecdn.net/css/dist/spstyle.css?20210827
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:2200:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 64ebf8a953e7d6c2050da828ee008c8da55f02e5f7a34ebf8b3b05851f1eeae4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:44:08 GMT
content-encoding: gzip
age: 2236
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
content-length: 15621
access-control-allow-origin: *
last-modified: Thu, 14 Oct 2021 00:08:35 GMT
server: Apache
etag: "42d3a-14f56-5ce44e13506c0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
via: 1.1 96296f2b3ee1b7cbc3fb127d3383661e.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
access-control-allow-headers: Authorization
x-amz-cf-id: vWbfXycRwACBN52jqGakvvaUZnyoqvndiI-aOCqofILq-3iQn_sjMQ==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 91 KB
92 KB 125ms
38ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 07:16:45 GMT
x-content-type-options: nosniff
age: 86678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93435
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 07:16:45 GMT

GET
H2 200 spjs.js Show response
www-static2.spulsecdn.net/js/ 17 KB
5 KB 193ms
45ms Script
text/javascript 2600:9000:206e:3000:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www-static2.spulsecdn.net/js/spjs.js?20220620
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:3000:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: a4e6a88a087c85108f66e05542a1aeef00c11b34ab145709a9ce8256440baf93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 02:59:29 GMT
content-encoding: gzip
last-modified: Tue, 28 Jun 2022 23:00:50 GMT
server: Apache
age: 15715
etag: "249cd-4352-5e28a01f8cc80"
vary: Accept-Encoding
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
via: 1.1 3dca71b0fde541bcd2caf3756ffbc27a.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-type: text/javascript
content-length: 4631
x-amz-cf-id: pB7GhqRbQAVrVF_8LxUXtbIk1EiHS-KSZFtFB_3mvvUnrAno9r-GVg==

GET
H2 200 jquery.colorbox-min.js Show response
www-static3.spulsecdn.net/js/ 10 KB
5 KB 152ms
38ms Script
text/javascript 2600:9000:223f:ec00:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www-static3.spulsecdn.net/js/jquery.colorbox-min.js
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ec00:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 3a90d251808875f911e778292b74e171fda5b06912fadb8f2eba81729c2dfbdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 04:41:43 GMT
content-encoding: gzip
last-modified: Mon, 06 May 2019 00:23:04 GMT
server: Apache
age: 10095
etag: "24a7d-2675-5882d1a8e6a00"
vary: Accept-Encoding
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: text/javascript
content-length: 4273
x-amz-cf-id: rJ7f2PZwHsW-W8JJbuWMfMLMmr-abuQF36d40fuwhGoig8eb7sS2lw==

GET
H2 200 jquery.innerfade.js Show response
www-static4.spulsecdn.net/js/ 5 KB
2 KB 245ms
46ms Script
text/javascript 2600:9000:206e:a400:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www-static4.spulsecdn.net/js/jquery.innerfade.js
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:a400:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 22f11d72c4c2c8d08b1b745e2ad121064249aaf88dc676cfc6bb80c35bc58c1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 01:13:24 GMT
content-encoding: gzip
last-modified: Mon, 06 May 2019 00:23:04 GMT
server: Apache
age: 22080
etag: "24ca6-13be-5882d1a8e6a00"
vary: Accept-Encoding
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
via: 1.1 d13056936a303c282faeee607951588a.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-type: text/javascript
content-length: 1504
x-amz-cf-id: sXDuILpbRjZ7-vdTW49IsGv1SQTA0RbkDrsjXq1aRVhp1Trn3rvJyA==

GET
H2 200 thickbox.js Show response
www-static3.spulsecdn.net/js/ 12 KB
4 KB 155ms
41ms Script
text/javascript 2600:9000:223f:ec00:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www-static3.spulsecdn.net/js/thickbox.js
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ec00:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 2430ebc2d719e863a80918aa4613cfe8b7257a1a2de45d16081d6a04244c5a45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 04:33:09 GMT
content-encoding: gzip
last-modified: Thu, 20 Feb 2020 23:18:24 GMT
server: Apache
age: 10095
etag: "24a51-2e19-59f0a1f1c7000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: text/javascript
content-length: 3731
x-amz-cf-id: -gA1Ah5JmTaA1FdT2nJKI_pr80XQ-TOAge2ETZcx69lVSSgwdQxhcg==

GET
H2 200 thickbox.css
www-static4.spulsecdn.net/css/ 4 KB
2 KB 244ms
45ms Stylesheet
text/css 2600:9000:206e:a400:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www-static4.spulsecdn.net/css/thickbox.css
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:a400:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 310d5a788fc1f70e3caba3d17f111344cbe5463b7fbc3913bc8b74dcf5531c67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 04:06:47 GMT
content-encoding: gzip
age: 11677
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
content-length: 1090
access-control-allow-origin: *
last-modified: Mon, 06 May 2019 00:23:03 GMT
server: Apache
etag: "24830-1015-5882d1a7f27c0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
via: 1.1 d13056936a303c282faeee607951588a.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
access-control-allow-headers: Authorization
x-amz-cf-id: ymkrBuqa_ju5NBBZOEn7Sts_cdV9eOHGUU5snuXYwtPsNw1F8r9Usg==

GET
H2 200 17664_interplay_sportstg.js Show response
ads.rubiconproject.com/prebid/ 299 KB
90 KB 209ms
52ms Script
text/javascript 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/17664_interplay_sportstg.js
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9bd7819a1d6660f82f6b95860db5e1cee94af3c96ae8c0b12f5289559b6e901a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:24 GMT
content-encoding: gzip
last-modified: Thu, 21 Jul 2022 00:58:59 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
content-length: 91485
expires: Wed, 27 Jul 2022 07:21:24 GMT

GET
H2 200 tag Show response
btloader.com/ 12 KB
6 KB 146ms
59ms Script
application/javascript 2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=6578225833050112&upapi=true
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b6c80e285c29ee2445d1a8ccf4180f1b94a4ba2ff7251706b1b8ef8c8f94aff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:24 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2575
content-length: 5577
last-modified: Wed, 27 Jul 2022 06:37:34 GMT
server: cloudflare
etag: "b55cf90139ec5c79d3a2b0025b0b5e24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qef5mqEe159q6mMpgvkLqfME1unLNE9At0DigKUqlvTfv47DN3%2BmrXM9bal7cYF%2B59VPlyzitwruyvgdYGHJsFIhdGSFkM7fP3ishUtzLWQGGvbtkxm1UWNTy2hrc%2B5lTdteJIS1T4JdWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
via: 1.1 google
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400, no-transform
accept-ranges: bytes
cf-ray: 73139e37ae7f690a-FRA

GET
H2 200 2af43cb2-95fc-4dc8-8ecd-3ddacdf333f7 Show response
boot.pbstck.com/v1/tag/ 2 KB
968 B 178ms
84ms Script
application/javascript 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://boot.pbstck.com/v1/tag/2af43cb2-95fc-4dc8-8ecd-3ddacdf333f7
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 691912995b85981c0666d26bf36897d14dcfca89bbfe2db2e93926d7be72deb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Jul 2022 07:21:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=120
cf-ray: 73139e37afe5bb8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 desktop.min.css
websites.mygameday.app/css/ 50 KB
10 KB 299ms
298ms Stylesheet
text/css 13.55.129.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://websites.mygameday.app/css/desktop.min.css?20210826
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.55.129.189 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-55-129-189.ap-southeast-2.compute.amazonaws.com
Software: Apache /
Resource Hash: 04c43527d971927ba2a3a639ae208f21c6b5b3c1eb7f079ebcd772a8e6e92fa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:24 GMT
content-encoding: gzip
last-modified: Thu, 14 Oct 2021 00:08:35 GMT
server: Apache
etag: "24865-c91d-5ce44e13506c0"
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
accept-ranges: bytes
content-type: text/css
content-length: 10246

GET
H2 200 beacon_call.js Show response
r.turn.com/server/ 2 KB
1 KB 166ms
44ms Script
text/javascript 2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://r.turn.com/server/beacon_call.js?b2=bVAWKkd91bmcOLEEIZy3YQhG1XDOxGTOcEBd8n769xMGb0DeKLo2hQpYg4ntOeUUUd95BUAXCVHPLA6t1TElSA
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 79926c3ae7267be53d75d90825e3a01f49ddc553fe4b949ee40e5a7f724ab364

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:23 GMT
content-encoding: gzip
expires: Fri, 29 Jul 2022 07:21:24 GMT
cache-control: public, max-age=172800, must-revalidate
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
vary: accept-encoding
content-type: text/javascript;charset=UTF-8

GET
H2 200 1710809_1_S.jpg
www-static.spulsecdn.net/pics/00/01/71/08/ 14 KB
15 KB 53ms
47ms Image
image/jpeg 2600:9000:223f:4c00:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-static.spulsecdn.net/pics/00/01/71/08/1710809_1_S.jpg
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: f282b302b54548f13a9057846c920b30519a4d4b7f4a5160347d2f7990827889

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 05:20:41 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
last-modified: Mon, 19 Mar 2012 22:59:55 GMT
server: Apache
age: 7243
etag: "58a354d-38af-4bba0844330c0"
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/jpeg
content-length: 14511
x-amz-cf-id: uZkwF0YvyxiZQvRzQjuLQ2zO8PMhmxGMlJxlXM457xt89K2Tb5s5og==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 200ms
38ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D6) /
Resource Hash: ccaf59e06eb4f607fdedb30b166d8ab31ae2f92eaf4a2f998504204f1a2bf526

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 07:21:24 GMT
Content-Encoding: gzip
Age: 420
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 29212
x-tw-cdn: VZ
Last-Modified: Tue, 19 Jul 2022 20:07:06 GMT
Server: ECS (frb/67D6)
Etag: "3b16e031477759af620cd0de990c6783+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 1710809_1_M.jpg
www-static2.spulsecdn.net/pics/00/01/71/08/ 29 KB
29 KB 89ms
83ms Image
image/jpeg 2600:9000:206e:3000:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-static2.spulsecdn.net/pics/00/01/71/08/1710809_1_M.jpg
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:3000:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 0102ffc65da6faf5bed8f19605ac97a7f7b4744c9d3883e36b4d5516b6f29252

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 05:14:24 GMT
via: 1.1 3dca71b0fde541bcd2caf3756ffbc27a.cloudfront.net (CloudFront)
last-modified: Sat, 19 Jan 2019 05:04:57 GMT
server: Apache
age: 7620
etag: "58a5e5d-7358-57fc891a2376e"
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 29528
x-amz-cf-id: CuRKbdRkKlhkhNCCLK8IWtJkhNxloK_Jqs9KYP5FTGkgLyP0x3Ww4g==

GET
H2 200 sdk.js Show response
widget.beop.io/ 4 KB
3 KB 215ms
37ms Script
application/javascript 152.199.23.151
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.beop.io/sdk.js

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.23.151 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FE1) /

Resource Hash

0d70bbfb11363ce757317814f00d07369dff17b53bd66f397d5bcb3ce07d7adf

Security Headers

Name	Value
Content-Security-Policy	frame-src ;script-src 'unsafe-inline' .pingdom.net www.youtube.com platform.twitter.com .instagram.com .beop.io .beopinion.com js.stripe.com service.mtcaptcha.com service2.mtcaptcha.com;font-src .beop.io .beopinion.com;frame-ancestors .beop.io *.beopinion.com

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: frame-src *;script-src 'unsafe-inline' *.pingdom.net www.youtube.com platform.twitter.com *.instagram.com *.beop.io *.beopinion.com js.stripe.com service.mtcaptcha.com service2.mtcaptcha.com;font-src *.beop.io *.beopinion.com;frame-ancestors *.beop.io *.beopinion.com
content-encoding: gzip
etag: "10e8-Kk0LQU7vCvRF42B/doETeVObplw+gzip"
age: 220
x-cache: HIT
content-length: 2273
x-ocdn-accept-language: de
last-modified: Wed, 27 Jul 2022 07:17:44 GMT
server: ECAcc (frc/8FE1)
date: Wed, 27 Jul 2022 07:21:24 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
expires: Wed, 27 Jul 2022 07:26:24 GMT

GET
H2 200 footer.7dae20ee.css
www-static.spulsecdn.net/css/ 5 KB
2 KB 37ms
37ms Stylesheet
text/css 2600:9000:223f:4c00:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www-static.spulsecdn.net/css/footer.7dae20ee.css
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 4da5e6820b5232e3f9eefe8320ed63ac84ec4d40f4ab53b17872f1763c2d07cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:45:39 GMT
content-encoding: gzip
age: 2189
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
content-length: 1405
access-control-allow-origin: *
last-modified: Fri, 04 Jun 2021 00:02:22 GMT
server: Apache
etag: "24822-1366-5c3e567ebff80"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
access-control-allow-headers: Authorization
x-amz-cf-id: k166vplodpFhPQtsXIsTT97mQ75xwIntQayl1Agx_GFl2piEKdar7g==

GET
H2 200 footer_action_website.png
www-static.spulsecdn.net/images/ 2 KB
2 KB 55ms
50ms Image
image/png 2600:9000:223f:4c00:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-static.spulsecdn.net/images/footer_action_website.png
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: c3d3d6b1f4e6c1a6579bffaaf7829e025de699890c31fce512064d0eded1c16b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 05:25:51 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
last-modified: Wed, 02 Jun 2021 00:50:47 GMT
server: Apache
age: 6933
etag: "42fca-798-5c3bdd96407c0"
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
content-length: 1944
x-amz-cf-id: hpQPTpaoQzobyx_AfzRbI9dFWm0g-7MePEAs1D9G8mAFoajigOYu-A==

GET
H2 200 footer_action_support.png
www-static.spulsecdn.net/images/ 4 KB
4 KB 57ms
52ms Image
image/png 2600:9000:223f:4c00:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-static.spulsecdn.net/images/footer_action_support.png
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 515d906c4b9ee9efa9f25ccf986dd1454cf162ce01e8609c911941330a3d6a1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:01:11 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
last-modified: Wed, 02 Jun 2021 00:50:47 GMT
server: Apache
age: 4813
etag: "43950-f84-5c3bdd96407c0"
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
content-length: 3972
x-amz-cf-id: xOjzqAAkQJgA500xZHgt2CNDoHr_dpbg6SeAYruWi5DRPeZD-Z_i6A==

GET
H2 200 footer_action_passport.png
www-static.spulsecdn.net/images/ 2 KB
2 KB 53ms
49ms Image
image/png 2600:9000:223f:4c00:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-static.spulsecdn.net/images/footer_action_passport.png
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 95925b60671c7b3c3af7bba5e3a6ad71bbe833aff7cca4f1e92c1063e97a101c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 02:18:18 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
last-modified: Wed, 02 Jun 2021 00:50:47 GMT
server: Apache
age: 18186
etag: "42db0-782-5c3bdd96407c0"
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
content-length: 1922
x-amz-cf-id: sg228Cd62U8Kx5R3XPTJmfsiBQ5bqex42c3r5W7kKLp8EfiKM7sG9w==

GET
H2 200 tdriver_2_1_617.jpg
www-static.spulsecdn.net/pics/tdrivers/ 10 KB
10 KB 126ms
121ms Image
image/jpeg 2600:9000:223f:4c00:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-static.spulsecdn.net/pics/tdrivers/tdriver_2_1_617.jpg
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 4279f3c8cfb4cf8c010714d2d4852fc1d07214de32a61e194a1dcdb20a5b2d3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 04:41:43 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
last-modified: Fri, 25 Jun 2021 10:25:57 GMT
server: Apache
age: 9581
etag: "2db0851-269f-5c59490b89d33"
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/jpeg
content-length: 9887
x-amz-cf-id: pPUmHYhu61CSLdM6cCHe5T0li99UL6UerAjOxa7mfT6GckB1RUUTjQ==

GET
H2 200 tdriver_2_2_617.jpg
www-static.spulsecdn.net/pics/tdrivers/ 90 KB
91 KB 84ms
79ms Image
image/jpeg 2600:9000:223f:4c00:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-static.spulsecdn.net/pics/tdrivers/tdriver_2_2_617.jpg
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: eeb6d4979f806687dfaec638ec07bf40c9fdc78e8d4809fb9c41da572ef8636f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 04:41:43 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
last-modified: Fri, 25 Jun 2021 10:25:57 GMT
server: Apache
age: 9581
etag: "2db0852-169d1-5c59490b94914"
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/jpeg
content-length: 92625
x-amz-cf-id: bJq4bwsiTeEznQ3DRu7jZZxBVicxxypmPjMRPC2IHRz0GX7hzZVl8Q==

GET
H2 200 tdriver_2_3_617.jpg
www-static.spulsecdn.net/pics/tdrivers/ 8 KB
8 KB 123ms
119ms Image
image/jpeg 2600:9000:223f:4c00:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-static.spulsecdn.net/pics/tdrivers/tdriver_2_3_617.jpg
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: ca06420d27dd552ca50ff6503c7c2f2eef79c2f20a3eed29858e4af9226b2e93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 04:41:43 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
last-modified: Fri, 25 Jun 2021 10:25:57 GMT
server: Apache
age: 9581
etag: "2db0853-2009-5c59490bb0e36"
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/jpeg
content-length: 8201
x-amz-cf-id: M-p0YGcRX2lIuTNojUzN9rNKWMFxMctg5ddGpl6XlO5FHO4ZEy1gQQ==

GET
H2 200 social_facebook.png
www-static.spulsecdn.net/images/ 410 B
842 B 43ms
39ms Image
image/png 2600:9000:223f:4c00:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-static.spulsecdn.net/images/social_facebook.png
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: a86d622b4c639bbc841d7162c49f3073a7871c270679371d9f079ad261e32d02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 02:18:18 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
last-modified: Wed, 02 Jun 2021 00:50:47 GMT
server: Apache
age: 18186
etag: "42f5b-19a-5c3bdd96407c0"
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
content-length: 410
x-amz-cf-id: xF6i2F8cEX-gTRgVM4CCxPLv3-OvXGAoxyruOa8mwYl5p3t7LSIRdA==

GET
H2 200 social_insta.png
www-static.spulsecdn.net/images/ 1 KB
2 KB 123ms
120ms Image
image/png 2600:9000:223f:4c00:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-static.spulsecdn.net/images/social_insta.png
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 1429e3019386f32fb47024e8d34a24e7563eebfb8dd415218c547efda9dbc34b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:43:01 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
last-modified: Wed, 02 Jun 2021 00:50:47 GMT
server: Apache
age: 2303
etag: "4349f-4f8-5c3bdd96407c0"
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
content-length: 1272
x-amz-cf-id: 9JgmzBaud8UadrU4XpdUOSr8NJR6eCXPTDOe5ibPaFPQea3q-qyHtw==

GET
H2 200 social_twitter.png
www-static.spulsecdn.net/images/ 951 B
1 KB 128ms
124ms Image
image/png 2600:9000:223f:4c00:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-static.spulsecdn.net/images/social_twitter.png
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: a0fc0615075a9950b2ab5311e7f9adcf27f8dc177c639aa4cd683b14087417ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 05:25:50 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
last-modified: Wed, 02 Jun 2021 00:50:47 GMT
server: Apache
age: 6933
etag: "42f7b-3b7-5c3bdd96407c0"
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
content-length: 951
x-amz-cf-id: qnP82PKkQR6p7O-AH0nd5b6CpFFU2la4nLv29TyBCubG9bWf610jdQ==

GET
H2 200 social_youtube.png
www-static.spulsecdn.net/images/ 745 B
1 KB 127ms
124ms Image
image/png 2600:9000:223f:4c00:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-static.spulsecdn.net/images/social_youtube.png
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: a74ec6c3372b17eb68484fa2617af769f7e8c415eb33e5ee174cd8a43c5edaa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 05:25:51 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
last-modified: Wed, 02 Jun 2021 00:50:47 GMT
server: Apache
age: 6933
etag: "434c3-2e9-5c3bdd96407c0"
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
content-length: 745
x-amz-cf-id: pknC48wMJ6N5P9cMfzlSihjcFnxBMdPZHVaeRW6mBUBxUs3Fx26hLg==

GET
H2 200 social_linkedin.png
www-static.spulsecdn.net/images/ 698 B
1 KB 125ms
122ms Image
image/png 2600:9000:223f:4c00:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-static.spulsecdn.net/images/social_linkedin.png
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 5214903223bfb08d9933a91d4907e2fa046512a2bfac522c94e7de50c21c74d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 02:18:18 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
last-modified: Wed, 02 Jun 2021 00:50:47 GMT
server: Apache
age: 18186
etag: "42dea-2ba-5c3bdd96407c0"
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
content-length: 698
x-amz-cf-id: D7EA6PervfvhgmLwxuxuQW84Rp5_3L-lVv--Tgi0lVg6lqdBeFsIoQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 200 KB
71 KB 181ms
93ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8YRJC1Z8WF

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5669b803aa15242be0bf9ef58e01dd6c01f2efa1260fbeda256dacdec8bc93fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:24 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72664
x-xss-protection: 0
expires: Wed, 27 Jul 2022 07:21:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
42 KB 219ms
132ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-141267029-4

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed0d5b8744e974398b940fbc68d194a96b2a9cc6db593f97d46b6e9e14a374b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:24 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42710
x-xss-protection: 0
expires: Wed, 27 Jul 2022 07:21:24 GMT

GET
H2 200 desktop.js Show response
www-static.spulsecdn.net/js/ 2 KB
1 KB 37ms
37ms Script
text/javascript 2600:9000:223f:4c00:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www-static.spulsecdn.net/js/desktop.js?20200729
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: a3acfa22721ab750c4483386b25daeb09e95d51dc9af834b56918584c671f101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 03:32:37 GMT
content-encoding: gzip
last-modified: Wed, 29 Jul 2020 23:04:31 GMT
server: Apache
age: 13774
etag: "248db-99b-5ab9c9411ddc0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: text/javascript
content-length: 701
x-amz-cf-id: hHduoYKmfXgfXSsX1gmSK1SsB9A60PUbPS_mI7gRgE9LH13rQOX9nw==

GET
H2 200 prum.min.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 135ms
43ms Script
application/javascript 2606:4700:10::ac43:5d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/prum.min.js
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:5d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c19455754ead9313cc2221c64f1c66e8378501d8099bdcb3d90bb0b1a170b5ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 14:01:38 GMT
server: cloudflare
age: 3689
etag: W/"609a8e42-1849"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=43200
cf-ray: 73139e37bb5b9213-FRA

GET
H2 200 style-print-2012.css
www-static1.spulsecdn.net/css/ 300 B
752 B 47ms
45ms Stylesheet
text/css 2600:9000:206e:2200:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www-static1.spulsecdn.net/css/style-print-2012.css
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:2200:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 6bbe67a6ea0c70d5ae78875dbf122816804f266fcf252a8c5c7bef6fce93c9ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 03:31:10 GMT
content-encoding: gzip
age: 13814
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
content-length: 205
access-control-allow-origin: *
last-modified: Mon, 06 May 2019 00:23:03 GMT
server: Apache
etag: "2484f-12c-5882d1a7f27c0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
via: 1.1 96296f2b3ee1b7cbc3fb127d3383661e.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
access-control-allow-headers: Authorization
x-amz-cf-id: d5rpSbsVvfCvmXQwLIvgL-NiruDdbUkSTZYpPUKUxgEB3jyr5nCQ-g==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 132ms
45ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65d10f647ca2ffef2513c48c1910bb738b4b254c57820e9b3c4c0dfdcc2cef8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28352
x-xss-protection: 0
server: sffe
etag: "1285 / 593 of 1000 / last-modified: 1658873259"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Jul 2022 07:21:24 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 90 KB
35 KB 137ms
51ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TP7SRLT

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ff72319068659cf7954eed64039bf89309da00c4d8ec69c551665e4d0acf9ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35797
x-xss-protection: 0
last-modified: Wed, 27 Jul 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Jul 2022 07:21:24 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 130ms
47ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,400;0,500;0,600;1,400&display=swap

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/css/desktop.min.css?20210826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9bbc964f42b95ca98f88388333b57798b103bf76784818307f8f3c0c464e3e31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 Jul 2022 07:21:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 27 Jul 2022 07:21:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Jul 2022 07:21:24 GMT

GET
H2 200 beacon
r.turn.com/r/ 43 B
398 B 52ms
51ms Image
image/gif 2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/beacon?&b2=bVAWKkd91bmcOLEEIZy3YQhG1XDOxGTOcEBd8n769xMGb0DeKLo2hQpYg4ntOeUUUd95BUAXCVHPLA6t1TElSA&jsb=1&cid=&rnd=0.47453824411863077
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:24 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 gameday_global.png
www-static.spulsecdn.net/brand/images/ 2 KB
2 KB 120ms
119ms Image
image/png 2600:9000:223f:4c00:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-static.spulsecdn.net/brand/images/gameday_global.png
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: f68459bb45feb6164fbf99936aa4f09a05845f992aca4dff26ba9be8207b68cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 05:42:07 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
last-modified: Wed, 02 Jun 2021 00:50:47 GMT
server: Apache
age: 5956
etag: "63ca5-6fb-5c3bdd96407c0"
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
content-length: 1787
x-amz-cf-id: Bd3OldK4bDhMF6xiTlPZPKV4TRi29dAolAO3-cCdaV0QrL8sXrwkaA==

GET
H2 200 green.jpg
www-static.spulsecdn.net/pics/headers/18/ 8 KB
8 KB 120ms
120ms Image
image/jpeg 2600:9000:223f:4c00:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-static.spulsecdn.net/pics/headers/18/green.jpg
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 4b37b192d439da20850f06ffe2691531b9388f226897a73643cb32e699952d47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 08:30:02 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2010 06:02:49 GMT
server: Apache
age: 82282
etag: "2ca9d2a-1f5a-494987d8a5440"
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/jpeg
content-length: 8026
x-amz-cf-id: v1kE-r_OB_r_aredVJW5n6oCVW3A3MTfgM-UitkVc8rq2TOmBcvwtQ==

GET
H2 200 7cHqv4kjgoGqM7E30-8s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
22 KB 121ms
37ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E30-8s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,400;0,500;0,600;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://websites.mygameday.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 22:12:37 GMT
x-content-type-options: nosniff
age: 32927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21796
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:35:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 22:12:37 GMT

GET
H2 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 170ms
86ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,400;0,500;0,600;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://websites.mygameday.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 22:12:32 GMT
x-content-type-options: nosniff
age: 32932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21144
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 22:12:32 GMT

GET
H2 200 DINWeb-Bold.woff
www-static.spulsecdn.net/fonts/ 30 KB
30 KB 122ms
46ms Font
font/x-woff 2600:9000:223f:4c00:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www-static.spulsecdn.net/fonts/DINWeb-Bold.woff
Requested by: Host: www-static1.spulsecdn.net
URL: https://www-static1.spulsecdn.net/css/dist/spstyle.css?20210827
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: c9bdaf142f4297a030c4b66658fe0ce07d731f87d12eac45c424254f42ed7163

Request headers

Referer: https://www-static1.spulsecdn.net/
Origin: https://websites.mygameday.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 03:58:13 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
last-modified: Mon, 06 May 2019 00:23:03 GMT
server: Apache
age: 12191
etag: "24ce9-7744-5882d1a7f27c0"
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: font/x-woff
content-length: 30532
x-amz-cf-id: cYUI1c63C4WeRULxeHU39MTHg96qQuirWBCtQWkTD4KBESKrY1seZQ==

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 122ms
38ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ba4c56b1402aaab313f855711ba242f1168aae3dea89683b319c15af0f120343

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: nrcT2Femno60KVdvcGMw4w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: xKauQul34l0qz5aTU7aDQUTLIF1JDe4cGEu+Y4QtshRmdJbAKmnqJZBHOi7gRIMlvbdEPEusml9ve8gEwFoMmA==
x-fb-trip-id: 686109401
x-fb-content-md5: a1229dae901ea21ab4f9e88ba2195a02
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 27 Jul 2022 07:21:24 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "b1e07d51c938c94615f3093e1eaf1ac8"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 27 Jul 2022 07:38:22 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/newsltd/sportingpulse/prod/ 21 KB
8 KB 178ms
53ms Script
application/x-javascript 23.47.212.221
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/sportingpulse/prod/utag.js
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.47.212.221 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-212-221.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 87cdd3534cb3bae0dd132848ca27f72709a52dd8ad30f09aabc9854f61e4c282

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:24 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 01:03:53 GMT
server: AkamaiNetStorage
etag: "41d283ab7b414708b637d262bd1fe6ba:1602637433.397805"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 7467
expires: Wed, 27 Jul 2022 07:26:24 GMT

GET
H2 200 search.png
www-static.spulsecdn.net/images/ 804 B
1 KB 88ms
87ms Image
image/png 2600:9000:223f:4c00:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-static.spulsecdn.net/images/search.png
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 12b5ba52d815da3811d2bc9f88d11a497753192d9910f0d64ce0fe1a325dbfbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 04:46:56 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
last-modified: Wed, 02 Jun 2021 00:50:47 GMT
server: Apache
age: 9268
etag: "43490-324-5c3bdd96407c0"
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
content-length: 804
x-amz-cf-id: 8PqbD2GMggzoZ5ZyTYdJfhAXSHkny5AxYWcUoSrWo8j-wkRgvPyz1Q==

GET
H2 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/ 20 KB
21 KB 122ms
72ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,400;0,500;0,600;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://websites.mygameday.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 22:12:47 GMT
x-content-type-options: nosniff
age: 32917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20960
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:18:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 22:12:47 GMT

GET
H2 200 / Show response
passport.mygameday.app//PassportSession/ 84 B
217 B 903ms
299ms Script
application/x-javascript 52.63.225.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://passport.mygameday.app//PassportSession/?callback=jQuery182013560785055677105_1658906484146&_=1658906484378
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.63.225.143 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-63-225-143.ap-southeast-2.compute.amazonaws.com
Software: Apache /
Resource Hash: 3953ff0333f905c50fbb2d0594b86f311c14f4ea2e8246ccfa201cd75079f60e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:25 GMT
content-encoding: gzip
server: Apache
content-length: 93
vary: Accept-Encoding
content-type: application/x-javascript

GET
H2 200 loadingAnimation.gif
www-static.spulsecdn.net/images/ 6 KB
6 KB 71ms
70ms Image
image/gif 2600:9000:223f:4c00:9:213:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-static.spulsecdn.net/images/loadingAnimation.gif
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:9:213:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: e69abd7e0cc82f336e61fea889e406ecbbeb7ece1df960231b7a9ba0d1dd1676

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 03:44:57 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
last-modified: Mon, 06 May 2019 00:23:04 GMT
server: Apache
age: 12987
etag: "4395d-16fe-5882d1a8e6a00"
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OTPi OUR BUS IND PHY ONL UNI COM NAV DEM STA"
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/gif
content-length: 5886
x-amz-cf-id: UuIRa1BR1nz6sh-SF7ckfzgGR5ELpWK1UuJ0w2OyvKfMSMqcyZamhQ==

GET
H/1.1 200
OK widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html Show response
platform.twitter.com/widgets/ Frame EB14 320 KB
104 KB 37ms
37ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html?origin=https%3A%2F%2Fwebsites.mygameday.app
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668A) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://websites.mygameday.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 645121
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Wed, 27 Jul 2022 07:21:24 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 19 Jul 2022 20:05:03 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/668A)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 settings Show response
syndication.twitter.com/ Frame EB14 580 B
540 B 237ms
148ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=3256a1ac7605984b45bafbba22d0282a311ef773

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html?origin=https%3A%2F%2Fwebsites.mygameday.app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

a502f79cb5fa985d8b516eeb3b2ce66e500731cd1999e64b3bb1cb035e784f66

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-response-time: 111
date: Wed, 27 Jul 2022 07:21:24 GMT
content-encoding: gzip
last-modified: Wed, 27 Jul 2022 07:21:24 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: cdbc67b3ec87dd69f5f046170df117db1191afcc79fbcc916db0b82c4115112c
content-length: 260

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 296 KB
84 KB 78ms
37ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=605ed47afdb5f56d7469b327465ffa55

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e406975d2e1dcdee8ce196a83c46210544c75f6a8f8e0d234b7d47dc57caceb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://websites.mygameday.app/
Origin: https://websites.mygameday.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: LMD7t6c/TDB3aCGKPwsOUg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85850
x-fb-rlafr: 0
x-fb-debug: XJszr9O+baOBukefDKEd8SGEaBtTolc35OPKF7Xdq9AiBlOpFpHPG19Kb/XH+o7TmZ/Q4Ua1UWF7cFJSxVfdbQ==
x-fb-content-md5: 2740f738bac52bc911aebbdb731a2d78
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 27 Jul 2022 07:21:24 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "cd6bbc20023fb333fdc404e355156f07"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 26 Jul 2023 22:42:59 GMT

GET
H2 200 pubads_impl_2022072101.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
129 KB 138ms
37ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

d3112ae98e17f0ef1646d3c2a0dc0d89260387d4575be3f7a73d16dc1b6af5b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1315
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131903
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 08:37:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Jul 2023 06:59:29 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 124 B
736 B 145ms
47ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=websites.mygameday.app

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

49b51f1235ecba1e9e1b21948741ac3de37a4a8e8f22f7db959a4aff828ea72f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Jul 2022 07:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0
expires: Wed, 27 Jul 2022 07:21:24 GMT

GET
H2 200 index-monitoring-99a757f.js Show response
cdn.pbstck.com/ 186 KB
51 KB 143ms
50ms XHR
application/javascript 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbstck.com/index-monitoring-99a757f.js
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13c3a168e07c10ca3db80605cdf6f5195507de06b7b5d3ca79f1e4b3f6e00433

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:24 GMT
content-encoding: br
cf-cache-status: HIT
age: 141879
x-guploader-uploadid: ADPycdtEr1nYJMCrq6755tsu_SJKaapMSAsI99laLDfJuacnu3T1J3XEASUNySw8atG6W0ZHIunyemxhHwDWIOBnrQi-Dg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 04 Jul 2022 13:37:30 GMT
server: cloudflare
etag: W/"138f34b7ca481c4dc482458e73244ba9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=iOZfgw==, md5=E480t8pIHE3EgkWOcyRLqQ==
x-goog-generation: 1656941850180915
access-control-allow-origin: *
content-type: application/javascript
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, immutable
x-goog-stored-content-length: 51569
cf-ray: 73139e38ed4b9247-FRA
expires: Mon, 01 Aug 2022 15:00:09 GMT

GET
H2 200 index-refresh-99a757f.js Show response
cdn.pbstck.com/ 153 KB
43 KB 141ms
48ms XHR
application/javascript 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbstck.com/index-refresh-99a757f.js
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c781c3b20201e3576a2af27828b9f886b1bddca93d599f2950c08667c7d2a043

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:24 GMT
content-encoding: br
cf-cache-status: HIT
age: 139300
x-guploader-uploadid: ADPycdtPGxIZqaCfiFYblsOPiczvvy7rQvVtjpKi1x9H6zeH89l6NDDohmUcAvOJFG2mLwFUH_TngSTN16OV4BhW5Hzy
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 04 Jul 2022 13:37:33 GMT
server: cloudflare
etag: W/"d595c4542d059b31c67e944dbc7746d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=aJ6Prw==, md5=1ZXEVC0FmzHGfpRNvHdG1w==
x-goog-generation: 1656941853292169
access-control-allow-origin: *
content-type: application/javascript
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, immutable
x-goog-stored-content-length: 43174
cf-ray: 73139e38ed4c9247-FRA
expires: Mon, 01 Aug 2022 15:58:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 200 KB
71 KB 62ms
61ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8YRJC1Z8WF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP7SRLT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d8aeb9173d48761d6c7776cdefea774c187377a1d30225b42a28ccdead7da43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:24 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72777
x-xss-protection: 0
expires: Wed, 27 Jul 2022 07:21:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 50ms
50ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-141267029-4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP7SRLT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9db6cbd7259b5f855d7f8d0fbe7e984aab0f2d31953bf61e630590d4a57f9e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:24 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41664
x-xss-protection: 0
expires: Wed, 27 Jul 2022 07:21:24 GMT

GET
H2 200 8cdea80cc4922c6071ce.js Show response
widget.beop.io/en/public/chunks/9.6.92/ 53 KB
15 KB 42ms
42ms Script
application/javascript 152.199.23.151
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.beop.io/en/public/chunks/9.6.92/8cdea80cc4922c6071ce.js

Requested by

Host: widget.beop.io
URL: https://widget.beop.io/sdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.23.151 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E87) /

Resource Hash

dbc32f33967798a78d4d23797bcac666b28f0c1c6ccafb52ab501b8f1f7f746c

Security Headers

Name	Value
Content-Security-Policy	frame-src ;script-src 'unsafe-inline' .pingdom.net www.youtube.com platform.twitter.com .instagram.com .beop.io .beopinion.com js.stripe.com service.mtcaptcha.com service2.mtcaptcha.com;font-src .beop.io .beopinion.com;frame-ancestors .beop.io *.beopinion.com

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: frame-src *;script-src 'unsafe-inline' *.pingdom.net www.youtube.com platform.twitter.com *.instagram.com *.beop.io *.beopinion.com js.stripe.com service.mtcaptcha.com service2.mtcaptcha.com;font-src *.beop.io *.beopinion.com;frame-ancestors *.beop.io *.beopinion.com
content-encoding: gzip
etag: "d244-lQ8gtEKa9AporFfupyxjWmoH7Bs+gzip"
age: 41513
x-cache: HIT
content-length: 15033
x-ocdn-accept-language: de
last-modified: Tue, 26 Jul 2022 19:49:31 GMT
server: ECAcc (frc/8E87)
date: Wed, 27 Jul 2022 07:21:24 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jul 2023 07:21:23 GMT

GET
H2 200 1dfbd520bddca2914fe1.js Show response
widget.beop.io/en/public/chunks/9.6.92/ 99 KB
27 KB 41ms
41ms Script
application/javascript 152.199.23.151
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.beop.io/en/public/chunks/9.6.92/1dfbd520bddca2914fe1.js

Requested by

Host: widget.beop.io
URL: https://widget.beop.io/sdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.23.151 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F83) /

Resource Hash

ec7871e30a38e7d72192f08166affae1b9a37d7f0eae0c6abaa580b2171cc7e8

Security Headers

Name	Value
Content-Security-Policy	frame-src ;script-src 'unsafe-inline' .pingdom.net www.youtube.com platform.twitter.com .instagram.com .beop.io .beopinion.com js.stripe.com service.mtcaptcha.com service2.mtcaptcha.com;font-src .beop.io .beopinion.com;frame-ancestors .beop.io *.beopinion.com

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: frame-src *;script-src 'unsafe-inline' *.pingdom.net www.youtube.com platform.twitter.com *.instagram.com *.beop.io *.beopinion.com js.stripe.com service.mtcaptcha.com service2.mtcaptcha.com;font-src *.beop.io *.beopinion.com;frame-ancestors *.beop.io *.beopinion.com
content-encoding: gzip
etag: "18a73-oXw8b9yfzlAkJEykPXSxImeqQj8+gzip"
age: 41513
x-cache: HIT
content-length: 27505
x-ocdn-accept-language: de
last-modified: Tue, 26 Jul 2022 19:49:31 GMT
server: ECAcc (frc/8F83)
date: Wed, 27 Jul 2022 07:21:24 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jul 2023 07:21:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-141267029-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1164
date: Wed, 27 Jul 2022 07:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 27 Jul 2022 09:02:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
352 B 130ms
44ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8YRJC1Z8WF&gtm=2oe7p0&_p=1030006238&_z=ccd.v9B&cid=1229237347.1658906485&ul=en-us&sr=1600x1200&_s=1&sid=1658906484&sct=1&seg=0&dl=https%3A%2F%2Fwebsites.mygameday.app%2Fassoc_page.cgi%3Fc%3D1-8951-0-0-0&dt=News%20-%20Hunter%20AFL%20Masters%20-%20GameDay&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8YRJC1Z8WF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://websites.mygameday.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/webp

POST
H2 200 serve Show response
s.beop.io/ 2 KB
1 KB 169ms
60ms XHR
application/json 52.212.1.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.beop.io/serve?nuid=406e3ac7-af8e-4951-a19c-706e1132838d&sdk_version=9.6.92
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.1.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-1-11.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 6bd4d835e9ec69631e36060587a7af0c4b60cff4581256428eec139e3accdfad

Request headers

Accept: application/json
Referer: https://websites.mygameday.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://websites.mygameday.app
date: Wed, 27 Jul 2022 07:21:24 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.20.0
access-control-allow-method: POST
content-type: application/json

OPTIONS
H2 200 serve
s.beop.io/ Frame 0
0 181ms
55ms Preflight
application/json 52.212.1.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.beop.io/serve?nuid=406e3ac7-af8e-4951-a19c-706e1132838d&sdk_version=9.6.92
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.1.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-1-11.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://websites.mygameday.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-method: POST
access-control-allow-origin: https://websites.mygameday.app
content-length: 0
content-type: application/json
date: Wed, 27 Jul 2022 07:21:24 GMT
server: nginx/1.20.0

POST
H2 204 i
t.beop.io/ 0
143 B 203ms
55ms Ping
text/plain 34.251.24.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.beop.io/i?_ck=222369a170eb171341c533f10753ff37
Requested by: Host: widget.beop.io
URL: https://widget.beop.io/en/public/chunks/9.6.92/1dfbd520bddca2914fe1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.24.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-24-18.eu-west-1.compute.amazonaws.com
Software: http-kit /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://websites.mygameday.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://websites.mygameday.app
date: Wed, 27 Jul 2022 07:21:24 GMT
access-control-allow-credentials: true
server: http-kit
access-control-expose-headers

POST
H2 204 i
t.beop.io/ 0
144 B 202ms
54ms Ping
text/plain 34.251.24.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.beop.io/i?_ck=9a863e6a1776d234d5829d19e0d5eda7
Requested by: Host: widget.beop.io
URL: https://widget.beop.io/en/public/chunks/9.6.92/1dfbd520bddca2914fe1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.24.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-24-18.eu-west-1.compute.amazonaws.com
Software: http-kit /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://websites.mygameday.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://websites.mygameday.app
date: Wed, 27 Jul 2022 07:21:24 GMT
access-control-allow-credentials: true
server: http-kit
access-control-expose-headers

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 121ms
44ms XHR
application/json 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220727

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64f865873cdb7cfe81c1a2c9adbdf46c19d86f0141bf70e1ecc39108696de661

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://websites.mygameday.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Jul 2022 07:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15624
x-jsd-version: 1.0.1413
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19129-FRA, cache-iad-kiad7000052-IAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"66c-55o7E2d75m1SWNLsqQdcZjNG+HI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPVldAESYrn2t3N6vwr8piA4BDknzdlX%2F%2FoOCRvvh1C27YNq6E7CRDEsv4oH38Qn73Ntp%2FVYlAfGkLBfCmyATyTPnLbcYXNADUt%2Fhg7hjS2i%2FYPmBJjdglw9H0au4R%2BVislP9TVHnpRdoL7IW%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 73139e39a945902a-FRA
access-control-expose-headers: *

GET
H2 200 2af43cb2-95fc-4dc8-8ecd-3ddacdf333f7.json Show response
refresh.pbstck.com/ 436 B
558 B 133ms
123ms XHR
application/json 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refresh.pbstck.com/2af43cb2-95fc-4dc8-8ecd-3ddacdf333f7.json
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e30d2153c36eb79856f9e18a5ba0a6dad03734bd08e1c289f32f77dba462aa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:24 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: REVALIDATED
x-amz-request-id: CJD2HZA35B88PJT6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 7m0H7NLqznc9CIcBiXkZBe6pu2Uz7pMuq6g5iR+SO62gIjhgW5oBmtkDiClzxNtImuqXkQh0sh8=
last-modified: Tue, 19 Jul 2022 08:56:36 GMT
server: cloudflare
etag: W/"16383c9d42b51f6b3e125601f9d73a01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 73139e39ae3b9247-FRA

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 181ms
76ms Fetch
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=241352179220929&input_token&origin=1&redirect_uri=https%3A%2F%2Fwebsites.mygameday.app%2Fassoc_page.cgi%3Fc%3D1-8951-0-0-0&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=605ed47afdb5f56d7469b327465ffa55

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: uxHs3y32KTmbMBpG61QpCO/UxpmxJ+ud5JE3acVVpQrBnNx89YsDcLBExoI7FMWIsezTI6cMGMpyGTz4jLBb4g==
fb-s: unknown
date: Wed, 27 Jul 2022 07:21:24 GMT
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://websites.mygameday.app
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 48ms
48ms Script
application/x-javascript 23.47.212.221
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/sportingpulse/202010140103&cb=1658906484743
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/sportingpulse/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.47.212.221 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-212-221.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:24 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Wed, 27 Jul 2022 07:31:24 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
527 B 142ms
39ms XHR
application/json 52.57.153.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.11.0&referrer=https%3A%2F%2Fwebsites.mygameday.app%2Fassoc_page.cgi%3Fc%3D1-8951-0-0-0&tmax=1500

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.153.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-153-94.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://websites.mygameday.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:24 GMT
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width
x-auction-status: 5
content-type: application/json; charset=utf-8
access-control-allow-origin: https://websites.mygameday.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 prebid Show response
ads.playground.xyz/host-config/ 0
344 B 200ms
97ms XHR
text/plain 34.102.253.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.playground.xyz/host-config/prebid?v=2
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.253.54 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 54.253.102.34.bc.googleusercontent.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://websites.mygameday.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Jul 2022 07:21:24 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://websites.mygameday.app
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: 2e65039c-0316-4ef4-ac8e-de6c574d7694

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
643 B 164ms
70ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=484620&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2254a1a8672aca52%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwebsites.mygameday.app%2Fassoc_page.cgi%3Fc%3D1-8951-0-0-0%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%226.11.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2262fd83e6bb010f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22484620%22%2C%22dfp_ad_unit_code%22%3A%22%2F135062774%2Fsportstg.masthead%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22484620%22%2C%22dfp_ad_unit_code%22%3A%22%2F135062774%2Fsportstg.masthead%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22484620%22%2C%22dfp_ad_unit_code%22%3A%22%2F135062774%2Fsportstg.masthead%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F135062774%2Fsportstg.masthead%22%7D%7D%2C%7B%22id%22%3A%229233fa8f6a7fe7%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22484620%22%2C%22dfp_ad_unit_code%22%3A%22%2F135062774%2Fsportstg.desktop.top%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22484620%22%2C%22dfp_ad_unit_code%22%3A%22%2F135062774%2Fsportstg.desktop.top%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F135062774%2Fsportstg.desktop.top%22%7D%7D%2C%7B%22id%22%3A%2211c3c29109fd076%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22484620%22%2C%22dfp_ad_unit_code%22%3A%22%2F135062774%2Fsportstg.desktop.bottom%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22484620%22%2C%22dfp_ad_unit_code%22%3A%22%2F135062774%2Fsportstg.desktop.bottom%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F135062774%2Fsportstg.desktop.bottom%22%7D%7D%2C%7B%22id%22%3A%22137594771325ee4%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22484620%22%2C%22dfp_ad_unit_code%22%3A%22%2F135062774%2Fsportstg.mobile.top%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F135062774%2Fsportstg.mobile.top%22%7D%7D%2C%7B%22id%22%3A%2214f92ef566fd90e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22484620%22%2C%22dfp_ad_unit_code%22%3A%22%2F135062774%2Fsportstg.mobile.bottom%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F135062774%2Fsportstg.mobile.bottom%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef72fdc86270b0226a5018efba5f4d5742587b4c578f10567eb3d758e78fd124

Request headers

Referer: https://websites.mygameday.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Jul 2022 07:21:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXdVSM%2FpgzrcdW7Zwn%2Fm1Rcpy6qKNhWTs2CS9m7HNMcBFZmpwZHx1pWpON62VNsgw2MSfszEAp0o2Lx8MgGSUQpAe6XUGuyVsrhE7CAb3v%2BGrlIxTXwdu6mdNgqwdLNmFDvA7P8t"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://websites.mygameday.app
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 73139e3a9947bc04-FRA
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
714 B 168ms
46ms XHR
application/json 185.89.210.181
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.181 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://websites.mygameday.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 07:21:24 GMT
X-Proxy-Origin: 80.255.7.104; 80.255.7.104; 939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: ca99d4c0-6b94-48f2-a078-6689dafed64f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://websites.mygameday.app
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 810 B
3 KB 548ms
213ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17664&site_id=309408&zone_id=1565356%3B1565358%3B1565360%3B1565362%3B1565364&size_id=2%3B15%3B15%3B15%3B15&alt_size_ids=55%2C57%3B10%3B10%3B%3B&rf=https%3A%2F%2Fwebsites.mygameday.app%2Fassoc_page.cgi%3Fc%3D1-8951-0-0-0&tg_i.aupname=%2F135062774%2Fsportstg.masthead%26div-1%3B%2F135062774%2Fsportstg.desktop.top%26div-2%3B%2F135062774%2Fsportstg.desktop.bottom%26div-3%3B%2F135062774%2Fsportstg.mobile.top%26div-4%3B%2F135062774%2Fsportstg.mobile.bottom%26div-5&tg_i.pbadslot=%2F135062774%2Fsportstg.masthead%3B%2F135062774%2Fsportstg.desktop.top%3B%2F135062774%2Fsportstg.desktop.bottom%3B%2F135062774%2Fsportstg.mobile.top%3B%2F135062774%2Fsportstg.mobile.bottom&tk_flint=dmpbjs_v6.11.0&x_source.tid=77b1687e-8992-4016-974a-4c4e1bf98af6%3Bffb546b4-471a-4d08-b176-be4c59c89489%3Bbce6bd54-35a5-4d82-86ac-ddbf2628b8bc%3Bab814a50-d80b-42e2-b68f-4dc3613f7727%3Bc131b937-a07b-43d0-81f2-6d8eed9345fe&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=5&rand=0.8874309171551866
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6960da3d7f6c83343c3890d0e1333f3a8776bb1bd8bccd28bc7e05d17f2d1812

Request headers

Referer: https://websites.mygameday.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 07:21:25 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://websites.mygameday.app
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 810
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK button.fed83577e235944f1c02f314fdfd94dd.js Show response
platform.twitter.com/js/ 7 KB
3 KB 37ms
36ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.fed83577e235944f1c02f314fdfd94dd.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D6) /
Resource Hash: dd73aaa40aaa3f68485ce0099ab91f2db304523f542b95da68397340d58d5c4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 07:21:24 GMT
Content-Encoding: gzip
Age: 645123
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 2359
x-tw-cdn: VZ
Last-Modified: Tue, 19 Jul 2022 20:04:46 GMT
Server: ECS (frb/67D6)
Etag: "c1233079fb145bc77c712143fa5dcd65+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 120ms
44ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1030006238&t=pageview&_s=1&dl=https%3A%2F%2Fwebsites.mygameday.app%2Fassoc_page.cgi%3Fc%3D1-8951-0-0-0&ul=en-us&de=UTF-8&dt=News%20-%20Hunter%20AFL%20Masters%20-%20GameDay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDAAUABAAAAAC~&jid=907108539&gjid=1317287581&cid=1229237347.1658906485&tid=UA-141267029-4&_gid=847437257.1658906485&_r=1&gtm=2ou7p0&z=1871719005

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://websites.mygameday.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://websites.mygameday.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 111ms
37ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1030006238&t=event&_s=2&dl=https%3A%2F%2Fwebsites.mygameday.app%2Fassoc_page.cgi%3Fc%3D1-8951-0-0-0&ul=en-us&de=UTF-8&dt=News%20-%20Hunter%20AFL%20Masters%20-%20GameDay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=dimension3&_u=4CDAAUABAAAAAC~&jid=&gjid=&cid=1229237347.1658906485&tid=UA-141267029-4&_gid=847437257.1658906485&cd3=australian%20football&gtm=2ou7p0&z=408393917

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 15:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 58572
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tweet_button.dc05643fdb8d0e2b89e5cc3c1d26d1b5.en.html Show response
platform.twitter.com/widgets/ Frame 27BA 37 KB
14 KB 37ms
37ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.dc05643fdb8d0e2b89e5cc3c1d26d1b5.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D6) /
Resource Hash: ffe1fc548e8d8c0e937c360cdb0d8ad6fa1a293dc72fe52325d1e3f95524a125

Request headers

Referer: https://websites.mygameday.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 645120
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 13674
Content-Type: text/html; charset=utf-8
Date: Wed, 27 Jul 2022 07:21:24 GMT
Etag: "836d4ee21a1d9b1817c4d6170a2173a3+gzip"
Last-Modified: Tue, 19 Jul 2022 20:04:55 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67D6)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
334 B 146ms
145ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwebsites.mygameday.app%2Fassoc_page.cgi%3Fc%3D1-8951-0-0-0%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1658906484862%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%226da0b7085cc99%3A1658260301864%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=3256a1ac7605984b45bafbba22d0282a311ef773

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 108
pragma: no-cache
last-modified: Wed, 27 Jul 2022 07:21:24 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: cdbc67b3ec87dd69f5f046170df117db1191afcc79fbcc916db0b82c4115112c
x-transaction: 9fb5bde38bb88e28
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 27BA 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 142ms
48ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-141267029-4&cid=1229237347.1658906485&jid=907108539&gjid=1317287581&_gid=847437257.1658906485&_u=4CDAAUAAAAAAAC~&z=462627782

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://websites.mygameday.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 27 Jul 2022 07:21:25 GMT
content-type: text/plain
access-control-allow-origin: https://websites.mygameday.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 i
t.beop.io/ 0
143 B 55ms
54ms Ping
text/plain 34.251.24.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.beop.io/i?_ck=4753794df0f3495226baace1e95a044c
Requested by: Host: widget.beop.io
URL: https://widget.beop.io/en/public/chunks/9.6.92/1dfbd520bddca2914fe1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.24.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-24-18.eu-west-1.compute.amazonaws.com
Software: http-kit /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://websites.mygameday.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://websites.mygameday.app
date: Wed, 27 Jul 2022 07:21:25 GMT
access-control-allow-credentials: true
server: http-kit
access-control-expose-headers

POST
H2 204 i
t.beop.io/ 0
143 B 55ms
55ms Ping
text/plain 34.251.24.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.beop.io/i?_ck=da434ee5c53cfb5624088bb93babec7a
Requested by: Host: widget.beop.io
URL: https://widget.beop.io/en/public/chunks/9.6.92/1dfbd520bddca2914fe1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.24.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-24-18.eu-west-1.compute.amazonaws.com
Software: http-kit /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://websites.mygameday.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://websites.mygameday.app
date: Wed, 27 Jul 2022 07:21:25 GMT
access-control-allow-credentials: true
server: http-kit
access-control-expose-headers

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 148ms
63ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-141267029-4&cid=1229237347.1658906485&jid=907108539&_u=4CDAAUAAAAAAAC~&z=1951652162

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 149ms
64ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-141267029-4&cid=1229237347.1658906485&jid=907108539&_u=4CDAAUAAAAAAAC~&z=1951652162

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 167ms
46ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=websites.mygameday.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Jul 2022 07:21:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 166ms
46ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=websites.mygameday.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Jul 2022 07:21:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 100 KB
42 KB 1008ms
932ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2472861887385552&correlator=1278131903276974&eid=31064225%2C42531607%2C31062931&output=ldjh&gdfp_req=1&vrg=2022072101&ptt=17&impl=fifs&iu_parts=135062774%2Csportstg.masthead%2Csportstg.desktop.top%2Csportstg.desktop.bottom%2Csportstg.anchor&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=970x250%7C970x90%7C728x90%2C300x600%7C300x250%2C300x600%7C300x250%2C1x1&ifi=1&adks=4267387573%2C1191671391%2C4217473537%2C3491839706&sfv=1-0-38&ecs=20220727&ists=1&fas=0%2C0%2C0%2C1&fsapi=false&prev_scp=pos%3Dtop%7Cpos%3Dtop%7Cpos%3Dbottom%7C&eri=1&cust_params=sport%3Dafl%26page_type%3Dsport_home%26lga%3D%26ages%3D%26minage%3D%26maxage%3D%26meanage%3D%26mcc%3D%26comp_gender%3D%26clubid%3D%26leagueid%3D8951%26leaguename%3DHunter%2520AFL%2520Masters%26pc%3D%26clubname%3D%26URL%3Dwebsites.mygameday.app%26env%3Dlive&sc=1&cookie_enabled=1&abxe=1&dt=1658906485366&lmt=1658906485&dlt=1658906483882&idt=871&adxs=315%2C982%2C982%2C-9&adys=0%2C452%2C452%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C-1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwebsites.mygameday.app%2Fassoc_page.cgi%3Fc%3D1-8951-0-0-0&frm=20&vis=1&psz=1600x-1%7C302x20%7C302x20%7C0x-1&msz=1600x-1%7C302x0%7C302x0%7C0x-1&fws=516%2C4%2C4%2C2&ohw=1600%2C302%2C302%2C0&ga_vid=1229237347.1658906485&ga_sid=1658906485&ga_hid=1030006238&ga_fc=true&cbidsp=CnMIARIJCgJpeBCqASACEgkKAml4EKsBIAISCQoCaXgQqwEgAhIPCghhcHBuZXh1cxCtASACEg4KB3J1Ymljb24QqwQgAhgCIiQ3N2IxNjg3ZS04OTkyLTQwMTYtOTc0YS00YzRlMWJmOThhZjYqAggDQNwL~CmgIARIJCgJpeBCrASACEgkKAml4EKwBIAISDwoIYXBwbmV4dXMQrQEgAhIOCgdydWJpY29uEKsEIAIYAiIkZmZiNTQ2YjQtNDcxYS00ZDA4LWIxNzYtYmU0YzU5Yzg5NDg5KgIIA0DcCw..~CmgIARIJCgJpeBCsASACEgkKAml4EKwBIAISDwoIYXBwbmV4dXMQrQEgAhIOCgdydWJpY29uEKsEIAIYAiIkYmNlNmJkNTQtMzVhNS00ZDgyLTg2YWMtZGRiZjI2MjhiOGJjKgIIA0DcCw..~

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

0dfc6a248555f050b5d255b29f2f32b6ea72970ba15f516123f59141b0dbc227

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42789
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://websites.mygameday.app
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AB43 6 KB
4 KB 200ms
44ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://websites.mygameday.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Jul 2022 07:21:25 GMT
expires: Thu, 27 Jul 2023 07:21:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022072101.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 112ms
37ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022072101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

f1d760c1ce0a632fc16adab88f286afeb1c477d8a11f4c942721a2cdda649a8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 11:28:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 503557
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13567
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 08:37:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 21 Jul 2023 11:28:48 GMT

GET
H2 200 nr-1071.min.js Show response
js-agent.newrelic.com/ 23 KB
9 KB 128ms
38ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1071.min.js
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "a1a545c95f313a230157b47dca555c25"
x-amz-request-id: E2CJN5V9SREG4G4Q
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 9086
x-amz-id-2: Og4u3sX7SFAJCTh5ItVvTVula6RDVoVw2DOB98y7/Faxsk4+Bzqh3hUBaobzzWbhVK22o6IYlIY=
x-served-by: cache-hhn4073-HHN
last-modified: Wed, 28 Feb 2018 23:33:31 GMT
server: AmazonS3
x-timer: S1658906486.797378,VS0,VE0
date: Wed, 27 Jul 2022 07:21:25 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 231

GET
H3 200 like.php Show response
www.facebook.com/plugins/ Frame 771C 0
20 B 124ms
76ms Document
text/html 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?action=like&app_id=241352179220929&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df306dbe93fe28e4%26domain%3Dwebsites.mygameday.app%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwebsites.mygameday.app%252Ff5bec9b14d687c%26relation%3Dparent.parent&color_scheme=light&container_width=0&href=https%3A%2F%2Fwebsites.mygameday.app%2Fassoc_page.cgi%3Fclient%3D0-8951-0-0-0%26sID%3D242239%26%26news_task%3DDETAIL%26articleID%3D69083752&layout=box_count&locale=en_US&sdk=joey&show_faces=false&width=45

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=605ed47afdb5f56d7469b327465ffa55

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://websites.mygameday.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 27 Jul 2022 07:21:25 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: gxBTN9teV454GP0VU+RF3Ig/1aIgOHbrVIJPdlpi72ModL3JjWjr744T0P5NzWGN9G7om/Pz7raj61v57xdPKA==
x-xss-protection: 0

GET
H3 200 comments.php
www.facebook.com/plugins/ Frame B2A2 0
0 118ms
75ms Document
text/html 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/comments.php?app_id=241352179220929&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df21c0b516452aa%26domain%3Dwebsites.mygameday.app%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwebsites.mygameday.app%252Ff5bec9b14d687c%26relation%3Dparent.parent&container_width=550&height=100&href=https%3A%2F%2Fwebsites.mygameday.app%2Fassoc_page.cgi%3Fclient%3D0-8951-0-0-0%26sID%3D242239%26%26news_task%3DDETAIL%26articleID%3D69083752&locale=en_US&sdk=joey&width=550

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=605ed47afdb5f56d7469b327465ffa55

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://websites.mygameday.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 27 Jul 2022 07:21:25 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: s6etus556Pew3vc1ioBd4d2h1ajqjd34fkK/TK9cmwhdsKNtuKqldppNqbvgd1qYG9tJEAgxydg6wcAkVF8E9Q==
x-frame-options: DENY
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 137ms
52ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022072101&st=env

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f3e88c9176b21a33dc9e038a4ca9b412500a93ea50c5ab8408c99e21468d32a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Jul 2022 07:21:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10959
x-xss-protection: 0

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 275ms
55ms XHR
text/plain 52.19.26.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=533de351abe53d8c3a7b23c6&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=2019&cE=2620&dLE=2019&dLS=2004&fS=2004&hS=2314&rE=-1&rS=-1&reS=2620&resS=3265&resE=3267&uEE=-1&uES=-1&dL=3269&dI=3747&dCLES=3747&dCLEE=3768&dC=5074&lES=5074&lEE=5090&s=nt&title=News%20-%20Hunter%20AFL%20Masters%20-%20GameDay&path=https%3A%2F%2Fwebsites.mygameday.app%2Fassoc_page.cgi&ref=&sId=xk6o4eo7&sST=1658906485&sIS=1&rV=0&v=1.4.1
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.26.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-26-128.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Wed, 27 Jul 2022 07:21:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1 200
OK 2e1dd6bc62 Show response
bam.nr-data.net/1/ 49 B
725 B 366ms
273ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/2e1dd6bc62?a=91759834&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=5208&ref=https://websites.mygameday.app/assoc_page.cgi&be=3538&fe=5074&dc=3766&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1658906480613,%22n%22:0,%22f%22:2004,%22dn%22:2004,%22dne%22:2019,%22c%22:2019,%22s%22:2314,%22ce%22:2620,%22rq%22:2620,%22rp%22:3265,%22rpe%22:3267,%22dl%22:3269,%22di%22:3747,%22ds%22:3747,%22de%22:3768,%22dc%22:5074,%22l%22:5074,%22le%22:5090%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 07:21:26 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 73139e411f2d920d-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 1787ms
1704ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Jul 2022 07:21:27 GMT

POST
H2 204 auction Show response
intake.pbstck.com/v1/intake/ 0
65 B 83ms
69ms XHR
text/plain 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/auction?sId=460e3c24&tId=2af43cb2-95fc-4dc8-8ecd-3ddacdf333f7&c=5&ctr=DE
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://websites.mygameday.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 27 Jul 2022 07:21:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 73139e411fbf9247-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

POST
H2 204 i
t.beop.io/ 0
143 B 55ms
55ms Ping
text/plain 34.251.24.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.beop.io/i?_ck=0d2448c55958b972086c27968c4a07b5
Requested by: Host: widget.beop.io
URL: https://widget.beop.io/en/public/chunks/9.6.92/1dfbd520bddca2914fe1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.24.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-24-18.eu-west-1.compute.amazonaws.com
Software: http-kit /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://websites.mygameday.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://websites.mygameday.app
date: Wed, 27 Jul 2022 07:21:26 GMT
access-control-allow-credentials: true
server: http-kit
access-control-expose-headers

GET
H2 200 pubcid.min.js Show response
id.sharedid.org/lib/ 732 B
904 B 652ms
203ms Script
application/javascript 54.200.17.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/lib/pubcid.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.200.17.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-200-17-135.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:26 GMT
cache-control: public, max-age=86400
last-modified: Wed, 6 Jul 2022 18:15:43 GMT
accept-ranges: bytes
content-length: 732
vary: accept-encoding
content-type: application/javascript

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 144ms
37ms Script
application/javascript 34.102.146.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 04:35:34 GMT
content-encoding: gzip
age: 1046752
x-guploader-uploadid: ADPycdtOeWvsDFPiWsWQ9evx4YNQGTd8nY_VAUfr8nrF_l5_DYpV_n0fBRS6CyfSjINRA5AOcNv0zYTnrujHlQUIkYJQ2w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation: 1622140251693895
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 15 Jul 2023 04:35:34 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 43 KB
13 KB 167ms
59ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52a33c96540ea9ed4ec2e42da30d88c9a0861adff13cfe0802816a2e8437f934

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:26 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 2326
x-amz-server-side-encryption: AES256
x-amz-request-id: QENKWXXX6SR2CJ4E
x-amz-id-2: UzRZ4VVr2fXB3O3IRgTB59iA1dS3FBenVK7acwPTGQl7B7SbYye1gm57tynMP68BcMXzwVBKEtw=
last-modified: Mon, 25 Jul 2022 12:03:52 GMT
server: cloudflare
etag: W/"6454592057d67f2dcb1543eb930ae68e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 73139e44bfca9223-FRA

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 194ms
86ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

87d1e7ad2a41d2f0f66fa148506e7cabecbb0d052423047d02637790b3a11296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:26 GMT
content-encoding: gzip
last-modified: Fri, 08 Jul 2022 20:59:28 GMT
server: nginx
etag: W/"62c89ab0-9d48"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Jul 2022 07:21:26 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 29 KB
9 KB 148ms
41ms Script
text/javascript 108.138.17.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-94.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 094b946adc39ade08f6d927ea066c8fef3ba6ee5c12919873172315ef7428e92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 05:20:02 GMT
content-encoding: gzip
etag: W/"2fa1275c04d6208db458c1ec8559f92d"
last-modified: Tue, 19 Jul 2022 18:12:40 GMT
server: AmazonS3
age: 7286
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: XJ0nCOy_IX0HPFYsjats1YuFPAU4Yynj2_fdCxAemHewlorx0SDcXw==

GET
H2 200 uid2-sdk-0.0.1b.js Show response
prod.uidapi.com/static/js/ 4 KB
5 KB 472ms
129ms Script
application/javascript 3.130.97.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.97.0 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-97-0.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:26 GMT
cache-control: public, max-age=86400
last-modified: Tue, 17 May 2022 17:30:07 GMT
accept-ranges: bytes
content-length: 4559
vary: accept-encoding
content-type: application/javascript

GET
H3 200 container.html Show response
eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0E69 6 KB
3 KB 115ms
38ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://websites.mygameday.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Jul 2022 07:21:25 GMT
expires: Thu, 27 Jul 2023 07:21:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BCBB 6 KB
3 KB 117ms
40ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://websites.mygameday.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Jul 2022 07:21:25 GMT
expires: Thu, 27 Jul 2023 07:21:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8E4B 6 KB
3 KB 118ms
42ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://websites.mygameday.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Jul 2022 07:21:25 GMT
expires: Thu, 27 Jul 2023 07:21:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwebsites.mygameday.app%2Fassoc_page.cgi%3Fc%3D1-8951-0-0-0&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwebsites.mygameday.app%2Fassoc_page.cgi%3Fc%3D1-8951-0-0-0&rid=esp&cc=1

85 B
103 B

189ms
150ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwebsites.mygameday.app%2Fassoc_page.cgi%3Fc%3D1-8951-0-0-0&rid=esp&cc=1
Protocol: H3
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 8c8e65ab155f7acc6336c69a4ba38e552106f6ed4c64c99fa0ec1803f24fec51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:26 GMT
via: 1.1 google
etag: W/"55-50mS0xv1SS2yf5Ja8a1W6OTv+j8"
x-powered-by: Express
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://websites.mygameday.app
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Wed, 27 Jul 2022 07:21:26 GMT
via: 1.1 google
access-control-allow-origin: https://websites.mygameday.app
x-powered-by: Express
vary: Origin
location: /esp?url=https%3A%2F%2Fwebsites.mygameday.app%2Fassoc_page.cgi%3Fc%3D1-8951-0-0-0&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 20 B
313 B 180ms
55ms XHR
application/json 63.34.67.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.67.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-67-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer: https://websites.mygameday.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:26 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://websites.mygameday.app
expires: 0
cache-control: no-cache
x-server: 10.45.7.101
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 20
x-consent: absent

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
331 B 131ms
38ms XHR
text/plain 141.95.98.67
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.67 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216533.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://websites.mygameday.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://websites.mygameday.app
date: Wed, 27 Jul 2022 07:21:25 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4892 15 KB
6 KB 466ms
49ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=websites.mygameday.app

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://websites.mygameday.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 27 Jul 2022 07:21:26 GMT
server-processing-duration-in-ticks: 2219
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4D76 624 B
976 B 134ms
49ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNXUOnAj0rXt_-feiGdSGaaQRQTcTSDPraqHUHU1MsnslFwA95OxGZmGi0cQ1WcGsgOHxc06plz6G1tRjp9lvn6qFEAlKiJgmcVqiF-uQwxwDPDcFbGGploadhDwTS38dUqGHSmsmZBAcBLJ4u5tRov0JAZcmCFIklDChNrpGsXJE1d2JwU

Requested by

Host: eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
URL: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Jul 2022 07:21:26 GMT
expires: Wed, 27 Jul 2022 07:21:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0E69 79 KB
33 KB 197ms
112ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLyJB3jK-zuWkcu1IQmSEj1FqMFh7hnnea780Vfh8pF7EUWBbexdW_MYCKqR9ZFnD_OiGXTWiycrmppp9oGycRVgGBXw&cry=1&dbm_d=AKAmf-CCFrwQTps1ntq9qL_ru_96LjvgNB03g18M3pBkQcFpUJIgqWJ8fX2Yx0jJcxxi5qTwAakmGLdkGaJ5x9y3MRtojUi1rGbwhv2RH85Pjvpo5fHnq4jvlAED-E8Vn6F0BYgE4bKbIxMtKNoMVGlSw5yXlPPMehhsD_BYGp2UYIkjFiQ2rjh64lp-plZ4FDdRVgc2B0DTbzKbcpAjP-9mZ1y5ckSgBVSzeRUaFjkbU-yp-QMjEoQTXUV8BPl4nssSTpLxSqRxZKsyjNu2SdFnOq1RDYOKuD3zPUf4aE6KRFaSDb7-bNMjUyDl8yu000Pj8pz2_gm_XqYZsOy4iJVVIQr2vH2KmAUkcf4MYe6prsNrKbRv5JN_fLG0D6PK9uI421n6TgIQWl2U3kuiFx7jmaz2SE_PhmVtB8T82uBaizSzh-W6C1VVGP4xB3JiidBM_WpZ7Q4HLAhs-N-OpCj4qtorWXwaIOwjEzNpDjnYOEsNasFEqa2EPLIyp7w2n2WColl3e7i1fINGRPEeeoGIA09hKV8sn_rqljb0UbvbqIUd-GCo--DoM70OOQb04LC-Hu_fn8qXqR129fwgvxaUJJHHYS0Qs0fx73hcr2_r3Gc2ImtVFr-yimsSCK70RUUo1RnkRf0RwkDQfx41ZQyqY5XX4weq5WVGanFdQ6ijj67U7CVkEXghVjqLD84boUCNbWW0cWyl42guacuAjzaxC5vRDPYz9CgvfymRWjyanNhx6FRTVEggNtZgfr4ZcM-xKfp042ifc7TTPeycTM3lehs_PnG5a42QQOzgRVglj2i6bhDyOkiDZMUR82y2He1sc3SqHkfHZHfGI4sHxI3sHvIKGqGG9ruUe9ZTGdNs1s5Mq1b6S8fWN1UWbtsAuoMRJoYcncHPsjglDThzRoNDCDc1YXJsQ5VaB_kviXhW4huqMnrBGmeGVIi31Ji53z-z9eF7x60l-lRJLDAxRTl8LNB7JL9MuqadfHQxF-9nw3fzyjTVl_hIaNFwBZ83nlRFo63KAu1vKxVR2VFmIl4w38Rw1snNN8BKknEtvqEUwXivrkv0mj5QJptTk5I9iidQ2bKXsfrZsAigQ3GKFeWDtBU5PpkAHHJGOK7hYQsZSrFsYz1DDUMzP79uWGcXg4aH31qpJvl3Ajj3vyWPA4c641kgjev9s45-unRFoOtj-p7ifw52u0Upx5FDf1HWM26k9raKwVr0weg9qZSeSuV3ZH80luevHkpvGb_GVJV6a-7gfvpkSb2_pgZs4eUHE0FUTJ3bB3HzvhtoyyrxZihT9hOdV6C9EIUTnBf4RHByhEafVxul7VVxU52gIWEbWaG8CItAJ97fhBqL4ueJ8QB3hnea218nm_5baOe1N9tjHIKODLxjDpTBBEpdmrR4xtZeUMGHMswIXkLmQrglvODkGtHvSbK52hQYyRerx2jJs5XCznTTF-P1D2RRPnf96h4orhEJX_2MqgBrq83GJ9A7GHL2CaqRFPgUlVA1BZ_yTphWShi6ZTD4iSN4j_7p1x8iNZ5S6mBHc0KY0c3hrvgGeM7MCtbZ9y0ns_jHExutFJw4YA76vR8jvxFn66_qnD16tDXkqdL-5S9Si8OZqdsHuLhfFiLdMsX9rXBht6tNzwkkCekb2l4NuVVf9kew7Ze8ESg3IGGNoaVaP1gglNYCUfl5tN8EK-qRc1UI-kwW8A70hqQAW38LWke-RvHw1ZtldSRrpjmA-LI72Ru43m6TdViCcWCliPq-lhNwwSkDaKPJdaOE_8TOkQ6Fm54kIkdlitJvhEVVW0V_TB0UNjSCR-86IrxKH7kpqPsKJgWUEdawWxCgdd8ssud5wqw4c0cCsyohruhjLZIQ6qbkLPqqPhfR2Uzm2-f8XD6FiNDR7j-TiJT_yzVIcMuyMkToPja3TF2MsT-DOg69zgtAFtERIimDw-nEcF-m6HsYm3fKPMOppX8TuY-TIm569VohKJ42XzJ-otWpodp2zW2D23F_l7kL7oQSbiEtV-iiZkIMcwZQiWx-Xgv6mXEC_ATL_UbNu2V3toVb1cl6o9YQABc6KDFdYxJwcD5TFeO1YsqmyUsLVDXJNErAGVIx4mlQF_qVgJLLxx0soEoW4xx2RaZzvuoj_66cFwqBC_7SCKo42PDGEaguZUwFgFKa_6K5QJ6tkYBsgOP5mDTMkv21776KJQ_ud-OZAz2GE1MB3O0pi2gWhPScFMYWdYgyOJ1Osoi3-qR5UHETP6TKeYkHJlCPF6WS-i0cn7_Iwqesn0MOaROO9ZvcBb81N29y3qN9PR0cwJIPWrS4lLvdqjjZ8Z-C4FOQeMxNR7SlSKIqV_SXOF4VNy48AyP3fBWB6_IqEW-eaf8PAvPozliKOxo0KCCLpRIsmJJPfwPU0Py5EBM04acz_rS6KhzKP9wpXgwr9hEm8DYCakuWuNWBPBmQ5e-1vEgd8TC111v1lkx4h6WmMeL2Ccm4V-w13ONfB7_Mm50Hd3bq-BrSG8CL_n-Y15DUboP4E1d-HWgRyp999tuAn1pD7kuFbo7kGKL60nNd18ih4RS2iVYOuk-B8bDFecnrKQnUFxxtEid9f41AZQkyYemZx2NOr-XfLpLqd8Wwz6S4SydvB7bw35ONEJbnC1dEq02bPvAVNGB7AhqUeJRZZZHjka4dg-OKUDPBaH7xR-fA5WLHdyISdwgFKO5HU9hlZSBkYDYZEWQ4-euqJDi5SkCN4xaRQDQ7aUaEa15xhNS7OaSlQQW7a831iMUmfbt20wmqIwVNLugTxv3f1ByUV2Dwq59moPkW7QlIjhamEyb7CmnxzEXroUxvzfyzLDa1xyDHBqcop26w2011KqiFlYXaYISG3KfAd8yfPhMGUgaXDEDu-BTrMw7dmq_gqB-5A4TlT0HWlCHoQ4x_nqzK5xt6Wdjd2f7DtmgYzuz6u_4Td0XIbgGz1PDUaDbwIWA7b2K1MM8n_CJBkfzn6ylOwY--AWmP8EYQuAoKw-IHY_LtzY0HLZUqpq_uIbK1oItQjbuohhLCwaMIa1Izh-6JCMtFkqqG8rHLYi8_RdON6EFUNsuk_xFvz4pVQbA245lf5KrH3VqPksUpD9oH5ynPqZLDgyUm5crjDHdQQ2pqV0Doh8SvXzsvEMnT8qKpE0z5Q4pL0JSfmHthHbDLOoxUiI96wk00kLg5Y2Bz1exb_RokVCI1ISLQ4B5RTNQX1NEGcBR3oPPGXORotEul83SzQzJJ-0-baxE&cid=CAASJ-RoDSGu48fEqS7Tn8pnwGnOg2Z6xrvADoGHdTzm7bX7g4mqEIwSUQ&rfl=1%2Chttps%253A%252F%252Fwebsites.mygameday.app%252F%240

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf505ddc9b1925cc42a5a98d9b029016bc49dc15c9dd5be4e2614cdaa8d3a174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33576
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E69 42 B
63 B 148ms
71ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ANUFYiqi-z5uPQGxWs9iyXVBzuBr3Yv1cb101o_UnafwVyHNte1gAfIRVLVtB8yLGcJiDSErZdojsmwK1QnakQPWi4Bjz8LC2dMW37H8gDktCmKRw

Requested by

Host: eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
URL: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/ Frame 0E69 3 KB
1 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/window_focus_fy2021.js

Requested by

Host: eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
URL: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Aug 2022 06:45:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0E69 138 KB
42 KB 153ms
74ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
URL: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5ce8ecc153c4e51d77a8480af2c1ceeb0c94a94f30b78d23151cacef80e6e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43394
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658749242091060"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Jul 2022 07:21:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/ Frame 0E69 17 KB
8 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
URL: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b13b8f89a79c883eb205b34adf7ea6afad13e4e7834f0487a3e9335dcaf09d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7476
x-xss-protection: 0
server: cafe
etag: 17790590548613106194
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Aug 2022 07:02:52 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0E69 0
0 126ms
45ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTb7fBdkz2dMaezETS-A4SmmHMCAcBx6j5Tbnl1owW0ymP1Wcgma9Tv5LLmw3V2QJoCxcjfYyEbezY52Bqztgz-O0r3KA
Requested by: Host: eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
URL: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D758 624 B
560 B 128ms
50ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjqvgIQi7bqAhjr66fPATAB&v=APEucNVmotR92SxEp0QYc3VfwVHHCB9trO2J8j5JE4i-HNyKnYkR3xdmFfYBDr5KSz-QULCxTQfLwcbk1d-TDxo89CJgky-zJfoXA-ZG3G-bOAKyIaFUW_1hXAPoG4tQ0wJDka_qK0XzbhlfJmTVSl4L8WSnIzOd9g8IAWyP8M1I4X1gCDWuG6U

Requested by

Host: eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
URL: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Jul 2022 07:21:26 GMT
expires: Wed, 27 Jul 2022 07:21:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220725/r20110914/ Frame BCBB 23 KB
9 KB 105ms
37ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220725/r20110914/abg_lite_fy2021.js

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e5725866cc62a4f528fb8d7dd1d4c7827832f9d229077f3e747fbf511230bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9370
x-xss-protection: 0
server: cafe
etag: 6407886451032183137
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Aug 2022 07:12:53 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220725/r20110914/elements/html/ Frame BCBB 6 KB
3 KB 112ms
44ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220725/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 05:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2628
x-xss-protection: 0
server: cafe
etag: 1103433747108554897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Aug 2022 05:37:21 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BCBB 0
622 B 178ms
81ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu_n_HRYoK6jnK5tHzqn4qaVt382XAt6n27FWQq2KbU6Y3kWJcFABY34qhHAy2-l-emTUoWCkBKVRWrh0SK27CORPp3wIKlZ2TL91WPXiWRkE4xtIGgaw1avHmkwA8u_cV9a7_4NDR2tW_pj_2qHuE7ua8lncAJOAL9MZL8XBpnMnaU2cmuEpZCeUmyLgvlUFCfIjgUvXhjWHWRQ8eSdJY4gC9kYmRlVUPOrSMYlCSa6Ewv-dW5-IQ9G9o79F1dXafsQSyBOxc9iBgFTopZMRESvNMPhif3Q1vG1jJlPKdg12HHli73YGCE2uY5prkbUj-Dj10ckw_KIW1riFc6JgFmEKS-4O8nhxCMd_czP5JtkJZA5PyuKiVkk7wo7uchTH2eE5wqA4779v7z7FBPyns57Bt4rwzEABknSV-hjRy27dDAgDOrWfA87tOX1yb2gvi4qtXIpDov466O_C9YvEDqzKlpK4O8a8PIoKbQjgf19U09-D3C6j3sx9gtaMfU7euHNujnCR48YFTiXHnOYDtyIB1Kh3klWmhlsQfcOtY3UN4L2V_4HpsU3g2LBrKwNcyfku11Hh0nzGaVgzYiZhpFe0U4kluNMRIPOG59TE9-l9fsivw6qS4oYVTlzlwP_BzB1RgUjrmNVT9tl0fapZfgCWV02b0w3fiHt55QPNKV1rQFGgJdCCpKgytTTeSQVcTUlBJfy5IPMAkxOLf_b0NIBzHdIeVQFf6-Q4lXV39wLQVfmLo_sKcRwCxtkQTCm3oG5P7Cb-nq8QuH6-alUphaEEwTnGPD3mPJuwzrgYY0oEAKYZbIkwkLfe-TdbKk6RfgAF9xZSfC0VWvX1NFZDRPFg4kBpeJLHzyyXnNNHEbPtGkqqlFVeMMXx9IPZh__b0JPiYZZCZBWiP7edPNxE99RU-etY3_N4AVcrrTUB17da0Ab0glhmHIyLE7qPHZ_uirwGA5oSYv3XbRO3KWDNN-AAT74_BSpytvl2mra0ZVbzFk7dwM79DGro7eAiT2d5HG4ij9R36BbjnwJC3N01KnTHx-FNe-Zcsh8gGqo-t19ef8qrgBHG--t8yi_duZ6DPPf7iRnk90QeLOvGdxC9e4aUpgR7sFcTMX8a4bHLwMb4Zp1f3cviChSMINyPw3dGcKq9fBVzp76YzktjuYL06ZLCf8SwgW57pKI_13IzO1o3JcjQuHTz955PQh7gQqhqF1hRRqcV8kBQ&sai=AMfl-YTUDjMXGNFXkVzIazJYveOEJQR8d1GuoNJF1l_-AYDScDY8X0t0zn6LYX9gprLgs-gAiUbJVZfvEiYzU4dTKwYeC0I2R4B1V_E94jA8bB5dQg-h-56tFoc9dNMePkMkavAagakmRAejex3BUtJRc1g2uuHRDr4zgABxLQpbuL0dUhek-lWlQF78nY_Ac9UyM9ZPl-YxkJu70RJenGMLDcxfnn5CynQ2J9LEMH8HCQhwCzWZzxKAXPsqQc4rzV76v2faL1Ilv0cva4OR5SYS-QK8ca8B0AwcdTNbhOJrZy_0Dw6-zYa2UlfV8bjHVCROROrP9ws9W4xgMppOzwezQYoCcGQfGxZ5oVDaDB3MreLNbljwZcbFFDplvxChugnFTlqkRoebXmO2vqA&sig=Cg0ArKJSzP6X2GxR0HvhEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220725.69135&adurl=

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 27 Jul 2022 07:21:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BCBB 41 KB
15 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 09:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jul 2023 09:42:41 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BCBB 42 B
63 B 137ms
71ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-APhupcI9C9drdiz8oBgpUttR_UmDedeiKoIX9_hB9cfBvoNzFqBKiRTI6oH8eHvRRI9srNb_4f9F0vEX476i0SOKN2cbBLDn3TacWd8WexqwRF4SI

Requested by

Host: eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
URL: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/ Frame BCBB 3 KB
1 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/window_focus_fy2021.js

Requested by

Host: eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
URL: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Aug 2022 06:45:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BCBB 138 KB
42 KB 154ms
88ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
URL: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5ce8ecc153c4e51d77a8480af2c1ceeb0c94a94f30b78d23151cacef80e6e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43394
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658749242091060"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Jul 2022 07:21:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/ Frame BCBB 17 KB
7 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
URL: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b13b8f89a79c883eb205b34adf7ea6afad13e4e7834f0487a3e9335dcaf09d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7476
x-xss-protection: 0
server: cafe
etag: 17790590548613106194
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Aug 2022 07:02:52 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BCBB 0
0 114ms
45ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTZ9mRuXTZU7G-3q_unyQhTEmf8pTQKp9i7jLuCWG_a25Yc5umBFpfRIfIzXLK43UWsPKQIsmXnDH8Ku1Wd0bwp6hb9Aw
Requested by: Host: eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
URL: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 4610463312043938164
s0.2mdn.net/simgad/ Frame BCBB 131 KB
132 KB 147ms
37ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/4610463312043938164

Requested by

Host: eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
URL: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

238621d3b08808f7d6764dc53e53c87b5b5189f38e30cd581802fa39220e6d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:24:51 GMT
x-content-type-options: nosniff
age: 3395
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134127
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 07:44:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jul 2023 06:24:51 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 70AC 624 B
560 B 119ms
49ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNWnjltSsA08Mat_67eZEG4EYeOPJezQcyWpAnPfbtQlkJSsalXAHfTLLfIdBRTvQoBLj1oQBimcfQ6JiU8uYTudBxO2cNWXB1Gzav2lMfVJ8vX1zULnNgQvF3pj6F3xB-VeK-QptUfiLm3345RvWT2ug9mQif5IWP32CIMYmn2IL1v7zAo

Requested by

Host: eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
URL: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Jul 2022 07:21:26 GMT
expires: Wed, 27 Jul 2022 07:21:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8E4B 79 KB
33 KB 148ms
79ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqSwHtWjnnumB9CIfeSUksefOozT_vXHA-cd9eRBQ45qif24QabEDZ0P6CcuY8jo5zg9-cNfzmEoVKzUDRlPuwkDRWRQ&cry=1&dbm_d=AKAmf-DY9glhUsBJL0ZNRr_s79wzozt106hTYU8-5zogHBP-w-FO1xTD1VAe2JCRWRTr_yZB_MQTV-72uQmjuivapS9nqPGoRNMQt0drP3oNC65cM6qm2qQE830UxwaHhRv18IC3nIPOVIYFOuOW3ef-bVSKM4a-PamkYtxVD3n2c2kv873XdO91GYswDzlyRIkQoLhD-JD3RnvNV8zjrgN7eAnM3Z31svyld613AIWupquizUvrV8tL-4mOg-1iI5gsTcHMdRJJFCpYf5kK07hbbaZNTOMVDze9oO6dLNrv_8glZ6c1CIyUOn-CepWl_6EMaJamU6cTqPEv0Kz60vZq9l85nBqbV_de8DJTSHgj37kg-SSwnCKuemXpvtlSVFOtAkMB-28uuk49W6KgpTvxaZANfxcH4CAK4dlxNIWY-zhjlwzbl3xheK5cf8CzzJmtR4esiuvyOALd9dILEGWIo3HHtCdhK7rqEqfSeJkMrcJvDLCRyBcUf6BCBtmqc5eWljs2GCCwmrUsJnewIJc-1DuE4txywaGXSldhDhL_OIVtInb8exxN5SsBe6N7wsPQxKM9LbhJmoSYcVMHicZ2XdI2oyuqgilikn8bJRqC97A0togG6Hi41iTG_IGP99EaK8aafF_uxQJ3fui_ig9Sr3BmKI1E3Y6DzJUPIYM4Ft33Ios5pMh-bLib6hJzPhs5cGsAFHjsAjamoa8g_zC0MvjCZJ-SG4b-ySdJ52X8Ejds8w9rE1byHO_Z2TfvQTTdtWoaakJK6IkwsWRKfbI712w6y_acnv5oVl8jYZmO8tEleog71hkmh3p0kjPAn2SoqJ8BQl0d_wBZDxYLlmswe0nlh2-5bw1DvM0tb563T0DfC_K8IX9ShrXp7rPcTePdN2cW0WUx6b1wxE5KSZgAM4ygF12zP-6kURc0QPDGI5p28OobwoRy4gGRye8jv641JD3NIDrXDTho-xEFgssKjDtYLXvnFnOGwtVVUp5s2545l4GnEHlUN-JG3VCOybV2N-81509tSHe0SPKbkmExv5SmmHQeYiUhkv82mjyPf2RTzRnFzEilAoMtHP_jVfOFZELIDnW6g3x_dGr2A5C98hP3WiZdtV6gKQu9Zptwp_UXUstNd3ZFtPkRQtwdEZ7rq64BwLp60jehhDjTKjzCm791ZHnKCKFIxqmL_5oclt7t0HD-TiHrGhj9Q0kRGCjGkPx6FqctLGRD4WeQOGLWqOzeVx1i6JslsbbHPsbmGzNM55dMILuY1j6_u4Aqd2MXN5EriIbPFcIPaqTKSggZ_lZHVs_A-SUhfXtOReNb90S7fWfU-NpO5VpeFI6FjkT2k8TZSlDwQWDtUfdsYLw5Q7TPVFrrlida5YMMX-KM_fytAmSXd13f4wjPL3qtmM8O8oGXD508cfRHtz_RjlIyiNG_YiYEfHK_WESkQ0TGepNBW-eSnGiRJkbrsOmW0BB7qGSoRHQZPJyUNwfDHIRn08VjjGmTDcarqoV-c981La9Ny1XzuIUrhGtMw-vUZCILMNN7q6L6qNM2Bpfn0CC7rZYm-ZF35xkvoaV2paQxfqLow9dEtEGkTzd8pTOsqR9UP3NCauuwRpixmuZQKcVLUy0vY2wdUC2U7XN-UI0r9m7g1YWFJwr5qJ-fXdTGIBlf30ERMgYIlpTaS_TYLx7SAhid6O_oJWaqVQQVeGoLXXhH4s_Ml6Ig73UVSB-KALYkji-CTU6YW9O2InlE8coalNLhbUFXd1_C93dwi0VJiRK2uM1bFgeKIyub4dwCLYnAMdky-aydO9oWt5NFRRVs4FSCfoC-Vs0A0g-UCcbPdjadC89m0rzGW4NOv_cSktbF-25lpPsP7eMZUpNG0hI0A3zw1pwBL1r1JFSSeftO_cesRfI9rr6oZiQazNs46vL8HUoDsZYl4wWBJ0wj-J8RoGxisR0DgohCgxKCFWFFBx2OBXvnOIiRi9_EJTFg9ZZA7k_4cK6-o7HS15xvKvnymcfFi7x2z07QIICQ0kWj48k5_4BaaBbpY8xK453bCXIp49ay1DVrDOD9mAO1pXlViaVD_Ul3yAyWzE1DWm_D9Q8uDU_F_8IEKY-Jzy-lcCu99lldPid_nSF1lhV4SPnelPGZ77-7uKT8LnsnLH_b6eC0kEnYLuYMUHiDApIMmRJVbVbUPzUIJ0KjOEQTkpFHhNl8TRCnae_Bdsg7ZldgXUkYwRfA-fi7TLEHznU6DWSrId6tEt1BVi_Pr5XMTNowpGlTWC0pgFAFzvUSlFBvlsD3wjL-nLetQcBwS3gpGG7uWGK0sbLtdyRYwPjLMeDYxflUoxjTweBloFqpFFmMAOy2pz8AwZA0YZBlDoCT09tzWN2idHpTLijSpTSTQe41yQY__C0QJQ7Si5AkmbaAaGG3G1ruTJ_PsVMW7hUtJk6yWH9WkhiYx_Y_BZzSVrjb8IDeAWelhdfnR2yzioKZTCmjMeoPSVVArEfE246ypBGaAXiXM5vDMU2LwLZPhCCE6AT8Sa93vB4-qfhWiSZoHvMWa61SdS6Jwt0Dxzq-ZepyuMwgZFXcZNxvQMADH1tXVBBe42gfF3EHLH6kXpVih9JHfZO8UUIdEk1PKpCD8dcDL6q99OVIj-n7X_vxZBk6KdyQYcx2aY3m4iBgC4L42nXvcSctLZhGPYcCFsogsB7fILtUkd5-UMkwtx2iJ5DoVLYehw-qdQNm5i_m7clpjOo6nYkUufjKq63UwXct67D9y7ZTkL2Fz9nRVGP5bKXKyVViMUktIzXSO-BJbUIwaIQls8Ap3LySg9hTQO6d_-HjT4LlBx_X09CZtUP_gf_rSoESKR7bBfIB5gZ141CtTkiIpUpyKwmpgA9Uazr0v04ZrK2JmnlzCUoq8vDtCcA65s8kDinK77UguUbbfJHX9SRrbp1xxNIA6_GA5dR_MOj2_ZP3KTy2L2kR9RxFM8HrC6NhCv7vJvQtpkwGo8p24FMgIn7QeMfhnx6wFcGFfMK_tL3F41JGjQZc4i3rTzJJwma3gAMLlc-7cQ0PBw0kAu1ob5rRmjI02oVKx6D6u1_fC2iB6lM2hJdbFXtHPDU2t_05_fSYlH604_uIp4JpteGvoV3dInpFYHW8kzJOFtwXgxh70DlVnzMXweHJutSe5wWSN2yW33KXGH-jeO_H2GN9UOEPh5qIiXEkm8lDDeuP3gxluUS8rPde9bUWx5lJRJ0B15Nqf9CfMIkcbJEBe7v8FP7Oih0&cid=CAASJ-RoqVkL_fFecXIUKM-jqdnW61FXjnbcm8OLGWJ3flCR5OK6CzCwHg&rfl=1%2Chttps%253A%252F%252Fwebsites.mygameday.app%252F%240

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4724bd1f0ca388d8566ff2fd9a48dd4a9c535dcfe9248218549209c7eed4b2a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33644
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E4B 42 B
63 B 132ms
71ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AR1MGB6c5t_dkAYT6sT1tGRzBSkhlLaL0LzJXbWot_kjkwXAikV-OJynqBJU7xsW79OLTxqPuvlS5uv2DSYV7kQ6bVGSr4mznBAuYGN1hbzKXF_2w

Requested by

Host: eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
URL: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/ Frame 8E4B 3 KB
1 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/window_focus_fy2021.js

Requested by

Host: eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
URL: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Aug 2022 06:45:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8E4B 138 KB
42 KB 109ms
46ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
URL: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5ce8ecc153c4e51d77a8480af2c1ceeb0c94a94f30b78d23151cacef80e6e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43394
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658749242091060"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Jul 2022 07:21:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/ Frame 8E4B 17 KB
7 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
URL: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b13b8f89a79c883eb205b34adf7ea6afad13e4e7834f0487a3e9335dcaf09d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7476
x-xss-protection: 0
server: cafe
etag: 17790590548613106194
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Aug 2022 07:02:52 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8E4B 0
0 112ms
46ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRuh5JQpZRVTnERp_9Chvw44o0K5qe8AZg8wPiOPFcdRyZvdTbJy6jtAjvnwYsR8wZcbQZ-QbhqC_mpWX6dtqOAxZ7AhQ
Requested by: Host: eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
URL: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CDAE 22 KB
8 KB 117ms
39ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 529803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 04:11:23 GMT
expires: Fri, 21 Jul 2023 04:11:23 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4D76
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIe8YsU89XAwlA2Og9U_cSQ&google_cver=1

43 B
913 B

102ms
60ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIe8YsU89XAwlA2Og9U_cSQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNXUOnAj0rXt_-feiGdSGaaQRQTcTSDPraqHUHU1MsnslFwA95OxGZmGi0cQ1WcGsgOHxc06plz6G1tRjp9lvn6qFEAlKiJgmcVqiF-uQwxwDPDcFbGGploadhDwTS38dUqGHSmsmZBAcBLJ4u5tRov0JAZcmCFIklDChNrpGsXJE1d2JwU
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 73139e47bf7c5bf5-FRA
pragma: no-cache
date: Wed, 27 Jul 2022 07:21:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t9jnd3EmRUDDDepy%2FtvxTRxCC%2FjlrAcDUxckHQ6T7JQQzD%2BQt9dGq2jLaw%2Febkxcv80Z%2Fr6XEBfXoHqOw%2Bmd3E3ldag2NZNksPelkk7L6xC7Eb4U0uT3qym7vzr51gKSbawGd3MTq70Zbw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIe8YsU89XAwlA2Og9U_cSQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4D76
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YuDndjWypPsjEGhD5F07vwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFVm1VqoxMEKwmy4AXcB9A4&google_cver=1

43 B
910 B

65ms
65ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFVm1VqoxMEKwmy4AXcB9A4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNXUOnAj0rXt_-feiGdSGaaQRQTcTSDPraqHUHU1MsnslFwA95OxGZmGi0cQ1WcGsgOHxc06plz6G1tRjp9lvn6qFEAlKiJgmcVqiF-uQwxwDPDcFbGGploadhDwTS38dUqGHSmsmZBAcBLJ4u5tRov0JAZcmCFIklDChNrpGsXJE1d2JwU
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 73139e4868785bf5-FRA
pragma: no-cache
date: Wed, 27 Jul 2022 07:21:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHnZf%2B6C796k9zUdRzAosfGECofIlla4Py5CswTFwSyNQ5MDTgbpQiAZeLFkFKfmXnSvI7N4SJVnxCtx0AiwEE2CWosvIquh8jqoJTUff2%2BeZJAoWf%2FBEZaildOfniCZDlAIxLGZWQzZvg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFVm1VqoxMEKwmy4AXcB9A4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4D76
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPyWmth3tqf3jzIJ7aD2e4s&google_cver=1

43 B
1014 B

46ms
44ms

Image
image/gif

185.89.210.181
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPyWmth3tqf3jzIJ7aD2e4s&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNXUOnAj0rXt_-feiGdSGaaQRQTcTSDPraqHUHU1MsnslFwA95OxGZmGi0cQ1WcGsgOHxc06plz6G1tRjp9lvn6qFEAlKiJgmcVqiF-uQwxwDPDcFbGGploadhDwTS38dUqGHSmsmZBAcBLJ4u5tRov0JAZcmCFIklDChNrpGsXJE1d2JwU

Protocol

HTTP/1.1

Server

185.89.210.181 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 07:21:26 GMT
X-Proxy-Origin: 80.255.7.104; 80.255.7.104; 939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: c28d6523-ef41-4074-9045-cdba28e9590e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPyWmth3tqf3jzIJ7aD2e4s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4D76
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIyMTg4NzAyMDI0NTU5MTY0NQ%3D%3D

170 B
188 B

124ms
47ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIyMTg4NzAyMDI0NTU5MTY0NQ%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 07:21:26 GMT
X-Proxy-Origin: 80.255.7.104; 80.255.7.104; 939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: afe9ed1e-4840-4dc6-b2a4-29cd0c616ab7
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIyMTg4NzAyMDI0NTU5MTY0NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 70AC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIe8YsU89XAwlA2Og9U_cSQ&google_cver=1

43 B
942 B

97ms
56ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIe8YsU89XAwlA2Og9U_cSQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNWnjltSsA08Mat_67eZEG4EYeOPJezQcyWpAnPfbtQlkJSsalXAHfTLLfIdBRTvQoBLj1oQBimcfQ6JiU8uYTudBxO2cNWXB1Gzav2lMfVJ8vX1zULnNgQvF3pj6F3xB-VeK-QptUfiLm3345RvWT2ug9mQif5IWP32CIMYmn2IL1v7zAo
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 73139e47bf7a5bf5-FRA
pragma: no-cache
date: Wed, 27 Jul 2022 07:21:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3Tx5eenceytK1FIPjmYshgxWNjOruRTV4iBE0JgZ%2FbI8tnCQs0zrVgTWmlrvLB6drpxHmyA23eO9EEmC1MEzAoLp9UjBPDRVv0Hsg9Dvjx95Q7nDBCO9eegqwNmlYMKGK5jVh4Y864qCA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIe8YsU89XAwlA2Og9U_cSQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 70AC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YuDndjWypPsjEGhD5F07vwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFVm1VqoxMEKwmy4AXcB9A4&google_cver=1

43 B
912 B

67ms
67ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFVm1VqoxMEKwmy4AXcB9A4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNWnjltSsA08Mat_67eZEG4EYeOPJezQcyWpAnPfbtQlkJSsalXAHfTLLfIdBRTvQoBLj1oQBimcfQ6JiU8uYTudBxO2cNWXB1Gzav2lMfVJ8vX1zULnNgQvF3pj6F3xB-VeK-QptUfiLm3345RvWT2ug9mQif5IWP32CIMYmn2IL1v7zAo
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 73139e4898c95bf5-FRA
pragma: no-cache
date: Wed, 27 Jul 2022 07:21:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BFCtyK9eJrodDKjbDZ0HMbHMoUF7SU0XZmcExrU%2FCsXHY2SN2Z%2Fuw6hUfpJIAUB0umJNuWY1GZiQ00Hfw%2FqbRoEFPExlLtWGdHp5f5LyF%2F7c7MPPJL3P00hM%2FABQZaCiLshYb1YLWlzHHA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFVm1VqoxMEKwmy4AXcB9A4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 70AC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPyWmth3tqf3jzIJ7aD2e4s&google_cver=1

43 B
1014 B

46ms
44ms

Image
image/gif

185.89.210.181
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPyWmth3tqf3jzIJ7aD2e4s&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNWnjltSsA08Mat_67eZEG4EYeOPJezQcyWpAnPfbtQlkJSsalXAHfTLLfIdBRTvQoBLj1oQBimcfQ6JiU8uYTudBxO2cNWXB1Gzav2lMfVJ8vX1zULnNgQvF3pj6F3xB-VeK-QptUfiLm3345RvWT2ug9mQif5IWP32CIMYmn2IL1v7zAo

Protocol

HTTP/1.1

Server

185.89.210.181 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 07:21:26 GMT
X-Proxy-Origin: 80.255.7.104; 80.255.7.104; 939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0ae130e9-9e80-4d59-8da5-04c8cf828fb4
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPyWmth3tqf3jzIJ7aD2e4s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 70AC
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg1Njc4MTIwNzA3ODQ2NDkxMw%3D%3D

170 B
188 B

131ms
55ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg1Njc4MTIwNzA3ODQ2NDkxMw%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 07:21:26 GMT
X-Proxy-Origin: 80.255.7.104; 80.255.7.104; 939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 26ff36ff-99f3-43d3-93ac-8eb16bbba986
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg1Njc4MTIwNzA3ODQ2NDkxMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D758
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIe8YsU89XAwlA2Og9U_cSQ&google_cver=1

43 B
916 B

105ms
63ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIe8YsU89XAwlA2Og9U_cSQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjqvgIQi7bqAhjr66fPATAB&v=APEucNVmotR92SxEp0QYc3VfwVHHCB9trO2J8j5JE4i-HNyKnYkR3xdmFfYBDr5KSz-QULCxTQfLwcbk1d-TDxo89CJgky-zJfoXA-ZG3G-bOAKyIaFUW_1hXAPoG4tQ0wJDka_qK0XzbhlfJmTVSl4L8WSnIzOd9g8IAWyP8M1I4X1gCDWuG6U
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 73139e47bf7f5bf5-FRA
pragma: no-cache
date: Wed, 27 Jul 2022 07:21:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Ma0JRqt%2B47kzsbcrXINn37kvpZQIpKjjUr89S6jcpike%2BOpJUuggPuYrDztYgMDfgde%2B4TR6Zb6bO8dx%2BGH6KzBl5z6UUcO%2FdhPlLERxtmCkYzNKfpJ6rXB%2BvKgFBq7GBA%2FmjjZnnySbg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIe8YsU89XAwlA2Og9U_cSQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D758
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YuDndjWypPsjEGhD5F07vwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFVm1VqoxMEKwmy4AXcB9A4&google_cver=1

43 B
917 B

61ms
61ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFVm1VqoxMEKwmy4AXcB9A4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjqvgIQi7bqAhjr66fPATAB&v=APEucNVmotR92SxEp0QYc3VfwVHHCB9trO2J8j5JE4i-HNyKnYkR3xdmFfYBDr5KSz-QULCxTQfLwcbk1d-TDxo89CJgky-zJfoXA-ZG3G-bOAKyIaFUW_1hXAPoG4tQ0wJDka_qK0XzbhlfJmTVSl4L8WSnIzOd9g8IAWyP8M1I4X1gCDWuG6U
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 73139e4898cb5bf5-FRA
pragma: no-cache
date: Wed, 27 Jul 2022 07:21:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1lMR1Erus%2FgFkN1CqhKtyJcNbHF0z%2Bcyz9t%2FBFluu8LDV7%2BZl6uF%2Ba7kKrWLgKVg0xdO2li6Qjny2F9KYIm%2B%2FgRZ3skhZ9sJRp%2Bjzcg%2FDX7NldU1sDFif2LrHtZQAwXtkbyNQrFybNGU5A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFVm1VqoxMEKwmy4AXcB9A4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D758
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPyWmth3tqf3jzIJ7aD2e4s&google_cver=1

43 B
1014 B

49ms
46ms

Image
image/gif

185.89.210.181
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPyWmth3tqf3jzIJ7aD2e4s&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjqvgIQi7bqAhjr66fPATAB&v=APEucNVmotR92SxEp0QYc3VfwVHHCB9trO2J8j5JE4i-HNyKnYkR3xdmFfYBDr5KSz-QULCxTQfLwcbk1d-TDxo89CJgky-zJfoXA-ZG3G-bOAKyIaFUW_1hXAPoG4tQ0wJDka_qK0XzbhlfJmTVSl4L8WSnIzOd9g8IAWyP8M1I4X1gCDWuG6U

Protocol

HTTP/1.1

Server

185.89.210.181 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 07:21:26 GMT
X-Proxy-Origin: 80.255.7.104; 80.255.7.104; 939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 474918a6-95aa-4896-921b-088bc7e5217e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPyWmth3tqf3jzIJ7aD2e4s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D758
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAzMTYwNTQ4MzQ1ODQ0NTc5MA%3D%3D

170 B
188 B

64ms
48ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAzMTYwNTQ4MzQ1ODQ0NTc5MA%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 07:21:26 GMT
X-Proxy-Origin: 80.255.7.104; 80.255.7.104; 939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: dc301652-ee39-4904-97ee-771f32cedf15
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAzMTYwNTQ4MzQ1ODQ0NTc5MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 8E4B 106 KB
37 KB 119ms
42ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
Origin: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 14:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62171
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Jul 2022 14:05:15 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220725/r20110914/elements/html/ Frame 8E4B 8 KB
3 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220725/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqSwHtWjnnumB9CIfeSUksefOozT_vXHA-cd9eRBQ45qif24QabEDZ0P6CcuY8jo5zg9-cNfzmEoVKzUDRlPuwkDRWRQ&cry=1&dbm_d=AKAmf-DY9glhUsBJL0ZNRr_s79wzozt106hTYU8-5zogHBP-w-FO1xTD1VAe2JCRWRTr_yZB_MQTV-72uQmjuivapS9nqPGoRNMQt0drP3oNC65cM6qm2qQE830UxwaHhRv18IC3nIPOVIYFOuOW3ef-bVSKM4a-PamkYtxVD3n2c2kv873XdO91GYswDzlyRIkQoLhD-JD3RnvNV8zjrgN7eAnM3Z31svyld613AIWupquizUvrV8tL-4mOg-1iI5gsTcHMdRJJFCpYf5kK07hbbaZNTOMVDze9oO6dLNrv_8glZ6c1CIyUOn-CepWl_6EMaJamU6cTqPEv0Kz60vZq9l85nBqbV_de8DJTSHgj37kg-SSwnCKuemXpvtlSVFOtAkMB-28uuk49W6KgpTvxaZANfxcH4CAK4dlxNIWY-zhjlwzbl3xheK5cf8CzzJmtR4esiuvyOALd9dILEGWIo3HHtCdhK7rqEqfSeJkMrcJvDLCRyBcUf6BCBtmqc5eWljs2GCCwmrUsJnewIJc-1DuE4txywaGXSldhDhL_OIVtInb8exxN5SsBe6N7wsPQxKM9LbhJmoSYcVMHicZ2XdI2oyuqgilikn8bJRqC97A0togG6Hi41iTG_IGP99EaK8aafF_uxQJ3fui_ig9Sr3BmKI1E3Y6DzJUPIYM4Ft33Ios5pMh-bLib6hJzPhs5cGsAFHjsAjamoa8g_zC0MvjCZJ-SG4b-ySdJ52X8Ejds8w9rE1byHO_Z2TfvQTTdtWoaakJK6IkwsWRKfbI712w6y_acnv5oVl8jYZmO8tEleog71hkmh3p0kjPAn2SoqJ8BQl0d_wBZDxYLlmswe0nlh2-5bw1DvM0tb563T0DfC_K8IX9ShrXp7rPcTePdN2cW0WUx6b1wxE5KSZgAM4ygF12zP-6kURc0QPDGI5p28OobwoRy4gGRye8jv641JD3NIDrXDTho-xEFgssKjDtYLXvnFnOGwtVVUp5s2545l4GnEHlUN-JG3VCOybV2N-81509tSHe0SPKbkmExv5SmmHQeYiUhkv82mjyPf2RTzRnFzEilAoMtHP_jVfOFZELIDnW6g3x_dGr2A5C98hP3WiZdtV6gKQu9Zptwp_UXUstNd3ZFtPkRQtwdEZ7rq64BwLp60jehhDjTKjzCm791ZHnKCKFIxqmL_5oclt7t0HD-TiHrGhj9Q0kRGCjGkPx6FqctLGRD4WeQOGLWqOzeVx1i6JslsbbHPsbmGzNM55dMILuY1j6_u4Aqd2MXN5EriIbPFcIPaqTKSggZ_lZHVs_A-SUhfXtOReNb90S7fWfU-NpO5VpeFI6FjkT2k8TZSlDwQWDtUfdsYLw5Q7TPVFrrlida5YMMX-KM_fytAmSXd13f4wjPL3qtmM8O8oGXD508cfRHtz_RjlIyiNG_YiYEfHK_WESkQ0TGepNBW-eSnGiRJkbrsOmW0BB7qGSoRHQZPJyUNwfDHIRn08VjjGmTDcarqoV-c981La9Ny1XzuIUrhGtMw-vUZCILMNN7q6L6qNM2Bpfn0CC7rZYm-ZF35xkvoaV2paQxfqLow9dEtEGkTzd8pTOsqR9UP3NCauuwRpixmuZQKcVLUy0vY2wdUC2U7XN-UI0r9m7g1YWFJwr5qJ-fXdTGIBlf30ERMgYIlpTaS_TYLx7SAhid6O_oJWaqVQQVeGoLXXhH4s_Ml6Ig73UVSB-KALYkji-CTU6YW9O2InlE8coalNLhbUFXd1_C93dwi0VJiRK2uM1bFgeKIyub4dwCLYnAMdky-aydO9oWt5NFRRVs4FSCfoC-Vs0A0g-UCcbPdjadC89m0rzGW4NOv_cSktbF-25lpPsP7eMZUpNG0hI0A3zw1pwBL1r1JFSSeftO_cesRfI9rr6oZiQazNs46vL8HUoDsZYl4wWBJ0wj-J8RoGxisR0DgohCgxKCFWFFBx2OBXvnOIiRi9_EJTFg9ZZA7k_4cK6-o7HS15xvKvnymcfFi7x2z07QIICQ0kWj48k5_4BaaBbpY8xK453bCXIp49ay1DVrDOD9mAO1pXlViaVD_Ul3yAyWzE1DWm_D9Q8uDU_F_8IEKY-Jzy-lcCu99lldPid_nSF1lhV4SPnelPGZ77-7uKT8LnsnLH_b6eC0kEnYLuYMUHiDApIMmRJVbVbUPzUIJ0KjOEQTkpFHhNl8TRCnae_Bdsg7ZldgXUkYwRfA-fi7TLEHznU6DWSrId6tEt1BVi_Pr5XMTNowpGlTWC0pgFAFzvUSlFBvlsD3wjL-nLetQcBwS3gpGG7uWGK0sbLtdyRYwPjLMeDYxflUoxjTweBloFqpFFmMAOy2pz8AwZA0YZBlDoCT09tzWN2idHpTLijSpTSTQe41yQY__C0QJQ7Si5AkmbaAaGG3G1ruTJ_PsVMW7hUtJk6yWH9WkhiYx_Y_BZzSVrjb8IDeAWelhdfnR2yzioKZTCmjMeoPSVVArEfE246ypBGaAXiXM5vDMU2LwLZPhCCE6AT8Sa93vB4-qfhWiSZoHvMWa61SdS6Jwt0Dxzq-ZepyuMwgZFXcZNxvQMADH1tXVBBe42gfF3EHLH6kXpVih9JHfZO8UUIdEk1PKpCD8dcDL6q99OVIj-n7X_vxZBk6KdyQYcx2aY3m4iBgC4L42nXvcSctLZhGPYcCFsogsB7fILtUkd5-UMkwtx2iJ5DoVLYehw-qdQNm5i_m7clpjOo6nYkUufjKq63UwXct67D9y7ZTkL2Fz9nRVGP5bKXKyVViMUktIzXSO-BJbUIwaIQls8Ap3LySg9hTQO6d_-HjT4LlBx_X09CZtUP_gf_rSoESKR7bBfIB5gZ141CtTkiIpUpyKwmpgA9Uazr0v04ZrK2JmnlzCUoq8vDtCcA65s8kDinK77UguUbbfJHX9SRrbp1xxNIA6_GA5dR_MOj2_ZP3KTy2L2kR9RxFM8HrC6NhCv7vJvQtpkwGo8p24FMgIn7QeMfhnx6wFcGFfMK_tL3F41JGjQZc4i3rTzJJwma3gAMLlc-7cQ0PBw0kAu1ob5rRmjI02oVKx6D6u1_fC2iB6lM2hJdbFXtHPDU2t_05_fSYlH604_uIp4JpteGvoV3dInpFYHW8kzJOFtwXgxh70DlVnzMXweHJutSe5wWSN2yW33KXGH-jeO_H2GN9UOEPh5qIiXEkm8lDDeuP3gxluUS8rPde9bUWx5lJRJ0B15Nqf9CfMIkcbJEBe7v8FP7Oih0&cid=CAASJ-RoqVkL_fFecXIUKM-jqdnW61FXjnbcm8OLGWJ3flCR5OK6CzCwHg&rfl=1%2Chttps%253A%252F%252Fwebsites.mygameday.app%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:06:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Aug 2022 07:06:40 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220725/r20110914/ Frame 8E4B 30 KB
11 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220725/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccf275d85ba3479f9bb61b3915f34b3a16b5437cd0f4ec25666d819875a059a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11520
x-xss-protection: 0
server: cafe
etag: 16798029156924389348
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Aug 2022 07:00:27 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 0E69 106 KB
37 KB 68ms
37ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
Origin: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 14:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62171
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Jul 2022 14:05:15 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220725/r20110914/elements/html/ Frame 0E69 8 KB
3 KB 41ms
37ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220725/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLyJB3jK-zuWkcu1IQmSEj1FqMFh7hnnea780Vfh8pF7EUWBbexdW_MYCKqR9ZFnD_OiGXTWiycrmppp9oGycRVgGBXw&cry=1&dbm_d=AKAmf-CCFrwQTps1ntq9qL_ru_96LjvgNB03g18M3pBkQcFpUJIgqWJ8fX2Yx0jJcxxi5qTwAakmGLdkGaJ5x9y3MRtojUi1rGbwhv2RH85Pjvpo5fHnq4jvlAED-E8Vn6F0BYgE4bKbIxMtKNoMVGlSw5yXlPPMehhsD_BYGp2UYIkjFiQ2rjh64lp-plZ4FDdRVgc2B0DTbzKbcpAjP-9mZ1y5ckSgBVSzeRUaFjkbU-yp-QMjEoQTXUV8BPl4nssSTpLxSqRxZKsyjNu2SdFnOq1RDYOKuD3zPUf4aE6KRFaSDb7-bNMjUyDl8yu000Pj8pz2_gm_XqYZsOy4iJVVIQr2vH2KmAUkcf4MYe6prsNrKbRv5JN_fLG0D6PK9uI421n6TgIQWl2U3kuiFx7jmaz2SE_PhmVtB8T82uBaizSzh-W6C1VVGP4xB3JiidBM_WpZ7Q4HLAhs-N-OpCj4qtorWXwaIOwjEzNpDjnYOEsNasFEqa2EPLIyp7w2n2WColl3e7i1fINGRPEeeoGIA09hKV8sn_rqljb0UbvbqIUd-GCo--DoM70OOQb04LC-Hu_fn8qXqR129fwgvxaUJJHHYS0Qs0fx73hcr2_r3Gc2ImtVFr-yimsSCK70RUUo1RnkRf0RwkDQfx41ZQyqY5XX4weq5WVGanFdQ6ijj67U7CVkEXghVjqLD84boUCNbWW0cWyl42guacuAjzaxC5vRDPYz9CgvfymRWjyanNhx6FRTVEggNtZgfr4ZcM-xKfp042ifc7TTPeycTM3lehs_PnG5a42QQOzgRVglj2i6bhDyOkiDZMUR82y2He1sc3SqHkfHZHfGI4sHxI3sHvIKGqGG9ruUe9ZTGdNs1s5Mq1b6S8fWN1UWbtsAuoMRJoYcncHPsjglDThzRoNDCDc1YXJsQ5VaB_kviXhW4huqMnrBGmeGVIi31Ji53z-z9eF7x60l-lRJLDAxRTl8LNB7JL9MuqadfHQxF-9nw3fzyjTVl_hIaNFwBZ83nlRFo63KAu1vKxVR2VFmIl4w38Rw1snNN8BKknEtvqEUwXivrkv0mj5QJptTk5I9iidQ2bKXsfrZsAigQ3GKFeWDtBU5PpkAHHJGOK7hYQsZSrFsYz1DDUMzP79uWGcXg4aH31qpJvl3Ajj3vyWPA4c641kgjev9s45-unRFoOtj-p7ifw52u0Upx5FDf1HWM26k9raKwVr0weg9qZSeSuV3ZH80luevHkpvGb_GVJV6a-7gfvpkSb2_pgZs4eUHE0FUTJ3bB3HzvhtoyyrxZihT9hOdV6C9EIUTnBf4RHByhEafVxul7VVxU52gIWEbWaG8CItAJ97fhBqL4ueJ8QB3hnea218nm_5baOe1N9tjHIKODLxjDpTBBEpdmrR4xtZeUMGHMswIXkLmQrglvODkGtHvSbK52hQYyRerx2jJs5XCznTTF-P1D2RRPnf96h4orhEJX_2MqgBrq83GJ9A7GHL2CaqRFPgUlVA1BZ_yTphWShi6ZTD4iSN4j_7p1x8iNZ5S6mBHc0KY0c3hrvgGeM7MCtbZ9y0ns_jHExutFJw4YA76vR8jvxFn66_qnD16tDXkqdL-5S9Si8OZqdsHuLhfFiLdMsX9rXBht6tNzwkkCekb2l4NuVVf9kew7Ze8ESg3IGGNoaVaP1gglNYCUfl5tN8EK-qRc1UI-kwW8A70hqQAW38LWke-RvHw1ZtldSRrpjmA-LI72Ru43m6TdViCcWCliPq-lhNwwSkDaKPJdaOE_8TOkQ6Fm54kIkdlitJvhEVVW0V_TB0UNjSCR-86IrxKH7kpqPsKJgWUEdawWxCgdd8ssud5wqw4c0cCsyohruhjLZIQ6qbkLPqqPhfR2Uzm2-f8XD6FiNDR7j-TiJT_yzVIcMuyMkToPja3TF2MsT-DOg69zgtAFtERIimDw-nEcF-m6HsYm3fKPMOppX8TuY-TIm569VohKJ42XzJ-otWpodp2zW2D23F_l7kL7oQSbiEtV-iiZkIMcwZQiWx-Xgv6mXEC_ATL_UbNu2V3toVb1cl6o9YQABc6KDFdYxJwcD5TFeO1YsqmyUsLVDXJNErAGVIx4mlQF_qVgJLLxx0soEoW4xx2RaZzvuoj_66cFwqBC_7SCKo42PDGEaguZUwFgFKa_6K5QJ6tkYBsgOP5mDTMkv21776KJQ_ud-OZAz2GE1MB3O0pi2gWhPScFMYWdYgyOJ1Osoi3-qR5UHETP6TKeYkHJlCPF6WS-i0cn7_Iwqesn0MOaROO9ZvcBb81N29y3qN9PR0cwJIPWrS4lLvdqjjZ8Z-C4FOQeMxNR7SlSKIqV_SXOF4VNy48AyP3fBWB6_IqEW-eaf8PAvPozliKOxo0KCCLpRIsmJJPfwPU0Py5EBM04acz_rS6KhzKP9wpXgwr9hEm8DYCakuWuNWBPBmQ5e-1vEgd8TC111v1lkx4h6WmMeL2Ccm4V-w13ONfB7_Mm50Hd3bq-BrSG8CL_n-Y15DUboP4E1d-HWgRyp999tuAn1pD7kuFbo7kGKL60nNd18ih4RS2iVYOuk-B8bDFecnrKQnUFxxtEid9f41AZQkyYemZx2NOr-XfLpLqd8Wwz6S4SydvB7bw35ONEJbnC1dEq02bPvAVNGB7AhqUeJRZZZHjka4dg-OKUDPBaH7xR-fA5WLHdyISdwgFKO5HU9hlZSBkYDYZEWQ4-euqJDi5SkCN4xaRQDQ7aUaEa15xhNS7OaSlQQW7a831iMUmfbt20wmqIwVNLugTxv3f1ByUV2Dwq59moPkW7QlIjhamEyb7CmnxzEXroUxvzfyzLDa1xyDHBqcop26w2011KqiFlYXaYISG3KfAd8yfPhMGUgaXDEDu-BTrMw7dmq_gqB-5A4TlT0HWlCHoQ4x_nqzK5xt6Wdjd2f7DtmgYzuz6u_4Td0XIbgGz1PDUaDbwIWA7b2K1MM8n_CJBkfzn6ylOwY--AWmP8EYQuAoKw-IHY_LtzY0HLZUqpq_uIbK1oItQjbuohhLCwaMIa1Izh-6JCMtFkqqG8rHLYi8_RdON6EFUNsuk_xFvz4pVQbA245lf5KrH3VqPksUpD9oH5ynPqZLDgyUm5crjDHdQQ2pqV0Doh8SvXzsvEMnT8qKpE0z5Q4pL0JSfmHthHbDLOoxUiI96wk00kLg5Y2Bz1exb_RokVCI1ISLQ4B5RTNQX1NEGcBR3oPPGXORotEul83SzQzJJ-0-baxE&cid=CAASJ-RoDSGu48fEqS7Tn8pnwGnOg2Z6xrvADoGHdTzm7bX7g4mqEIwSUQ&rfl=1%2Chttps%253A%252F%252Fwebsites.mygameday.app%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:06:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Aug 2022 07:06:40 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220725/r20110914/ Frame 0E69 30 KB
11 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220725/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccf275d85ba3479f9bb61b3915f34b3a16b5437cd0f4ec25666d819875a059a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11520
x-xss-protection: 0
server: cafe
etag: 16798029156924389348
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Aug 2022 07:00:27 GMT

GET
H3 200 sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js Show response
pagead2.googlesyndication.com/bg/ Frame CDAE 36 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 13:58:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13883
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jul 2023 13:58:22 GMT

GET
DATA 200
OK truncated
/ Frame BCBB 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 900eb17e0f9b7f0c0d035b14996c5fb4ceefb4956c7b7261e2e591a0a0ff4c48

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8E4B 41 KB
15 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
URL: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 09:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jul 2023 09:42:41 GMT

GET
DATA 200
OK truncated
/ Frame 8E4B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f66c939c0e77d665ba45b3e0e5b12d84202495b851ffeda54b41ec2063f5893c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame BCBB 0
26 B 152ms
74ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Jul 2022 07:21:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0E69 41 KB
15 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
URL: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 09:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jul 2023 09:42:41 GMT

GET
DATA 200
OK truncated
/ Frame 0E69 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd7fa3e1c939db756e35180b79e499016f1fea32fee8e3b88d7db9c61d15ad3b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A0C2 22 KB
8 KB 41ms
40ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 529803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 04:11:23 GMT
expires: Fri, 21 Jul 2023 04:11:23 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6244 22 KB
8 KB 37ms
37ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 529803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 04:11:23 GMT
expires: Fri, 21 Jul 2023 04:11:23 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 438A 0
176 B 137ms
49ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://websites.mygameday.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 27 Jul 2022 07:21:27 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15339142727432857715/300x600/ Frame 860A 4 KB
1 KB 114ms
38ms Document
text/html 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15339142727432857715/300x600/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e81d6aad5c3ed431823fe341291e46580f26ff8f657b877fbb872b9b692e3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 62555
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1392
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Jul 2022 13:58:52 GMT
expires: Wed, 26 Jul 2023 13:58:52 GMT
last-modified: Thu, 09 Jun 2022 11:56:02 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8E4B 0
27 B 82ms
82ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstlhJJRI61jtoCrJzajrv2_4gVHEvU-fw_exWNn_kLy5ihnMVdO95UxddHdESmqNNkaBMbQleITU2cxKhCQkYBLHxARJ48KQl-kjehogkd5yEbIIiEtxKWsb_zmHR_rIzqv1AAv5FZy0YNm5T-RVHYQiYx-8KFntovVEkan0UBQocyU23j9Vdk2BQeUfnho-hiSSM7O2p1VfbRTR_YzOD87R3jPM-flJvd3nPgZviYbgBT9NYU7JbNRKalmo4hCcb4-LFXQfJVZE9z8wU6LtrTxdtOLOOpHVPKd4PLXsLXQfXuVMblaYGmTn9IwdVIb_kLIlyqpGbabdSHPME_isf1LNdoRejroOy9LMqgMWt3wcWzXrL2bMLjNPPXvV6VOoHzVFM1M1kh8nJCfGaCcCG2t44_ol4_r1hhvOfIFHS_bdaVNWcAO1sKPCvPzLn6jw_Bh_7TuDARJ0rqXIJ4sWffCxnOfcRO2wpsp-mTLr_C3ZQLzXIIA_D-HNyCciZz-Ve8OKw-zJiTA6saVa9aSDZltdDKzSH62iRvAhcbLIqT124UYiGnK7OWZi4s-0B-ISRFtgS0Mn2fLoJjZYN_fg5As8HXseKHjH-Xel_A_fls4zSYimOrKeAMwNZD94pKLSdJIzsumLYZNo2SdQL3_-ARf7Nh3dPFcy4DWYaL3zHPJlEL7zO2Tzel2N3of9tqBTk-E6rMY7LmL7oLm5UmvlPWdYKcOyVOxciuPoImUUcyZZc5YdMaTXt5DxHtwQRKPjZBRfzPcBeWbP1EgfdLfbOUMW1rNoXOUO1BAR2twwQM9nLl7pye6AUpe3jkuL06JH7Xq2DisY3QfgGendEhRCHTohnU21G5OnEATBLTWCR2ChX7BxQtWQFSkltuoWJ-bixI6Sh69Jb_bnWYh4N80KGzy-xdv_OF63Sk-Epcdb8b_600gZP2YUt7xHyXy5rgfzNft0zfi6R8AZK0zKPU1z_83WOELea2VCJr_MDFp-8N4GIcEVtjZNrAMx48e-ZLAn9Act175QFF_PaL-TlGyMevddFscQCC8dhQwXBDjY4KvSNbQXnCIx3X2exK437iD_yRN3JhNwHczHKEUOhbhhhyNvSVg6HKXz-d1dzvcM49GEEjmo7YvPk8szog9xqgGpg0SbXtV1FrmZyJsTBPs-0ojVXroSM3P6Iuwm20NatBnyZ3GSdap--oyKKCsXtGI2Wqh84HklIjCjTztSoxEgb2fjMhWczIqDMVOYoSi&sai=AMfl-YRHeGqMSlPsR5tymA89wLrIUNVwJ3XlDU6t5bB_ZG40GabM1htocm-b-y8P4oE6cdRxUWYD_Hqg5pAxBmjQUvnF2bzMEsfSug0cmEtU8SInnzvW_YQ-SrK8TLzF11chkkPEIBcN0HShn-5wVVVd6WXvlqPgk-s5JPPHFFX3ZOwpE67szChX49TGDyir6w9mvVh-UH2yf0TDNrUgvfh36zQds-VMfWQ&sig=Cg0ArKJSzIfm8NfRXmKOEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=183&cbvp=1&cstd=181&cisv=r20220725.74196&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 27 Jul 2022 07:21:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9942674822015316743/970x250/ Frame 714D 4 KB
1 KB 93ms
39ms Document
text/html 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9942674822015316743/970x250/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a247fec5e87f4e74a0dc35f5ddb7039ee16640d731de504900454cdef0fbb58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 62547
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1392
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Jul 2022 13:59:00 GMT
expires: Wed, 26 Jul 2023 13:59:00 GMT
last-modified: Thu, 09 Jun 2022 11:56:42 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0E69 0
27 B 85ms
85ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvUM73XK_YftsSNGGWrCC1FBPhu-ukcZLcmwLj5rEvjVwHZdctILbkXNHykhrnXKhsY_8kiHsCZpItVIJDMPtD-5JcY9BL04pw2KfMuWbKB4AA3NerGvCxnbjP2IyvwFL1ImBYPk-KTtMvMFrNe05pgiJ3ZGsgCTO0sDh6rm1YUFjTRpgh0QS0AXLzC0Rj_n1DpgTI0WAYFuBEAzBOqL5Z7pr402S3u_zEr9fC9diHicCvlr2-u2NMWR8_iGzPyJ9mU1HpAiww0V9Ev_iCFygCNY8J59JY0K7hRRgs8CNwbUlnrqMtf4NQwe13f0jLMw-u_xVoNuXF_AGjuVdtkvp0MKbBRFqPI0b_I7jmu5UrbQxQb8CVxoJwWjWJ94Hgsl_5-CIm-1_XDQKxHhkYK2UgujiHh4Yc_DXaptVLVvWDVaTgHr7eTANiCWgajTkt-mNL3Zs8dAM5ehJr1Ua9PAvuwUzle2xn1Kh-DQtjjbHO6aELdnkt2XYNOpo04VrtU9K92WHXFOLzCm3y2bQm3fgwsBNxFvzlMhcw4H5dk5vU3bMMfNGZQ48hIQxI2L2EdrJDz8yzOU70nLT12iaMWU8ZMZgw5XQGLgg-D6gk46OmQRHVRouwtkV5gRLBk0l-Pq43w_oppR3BLgqF8yGrHXEH99jrFfjg-QEwjkJBm4gjEJhxYhYPY-UAidVkVjAVQxyyPgrK8po343Sfp-eUiIO34fDntqOaDNAOE-JfCSvvmZ22oVYYWIoC3rI-McfXGksnd4tfRgAZyTZARNmpijHFCrFDH79nOv69nnYkgmtu6pvrRIbFmJ25eX_wAqSMmdyymKSr2wVRXYHepvC7G2ZaSWbXU9ttrk3_Fj8RN9ukWcwVcARCmj8nDNDAbDmIytwtkyiT_AXSNvV4mjondIAheqI0hV5BGM9Zmler-36hGDHPd0rkVgNl8i-B-WW7YALYqXqD6EKG-nSrg2IoXonn0VhIxrZmHat2R1zXA_qgx3xdZcoQR3C2penm6h-7WoJlsvaB9uafbSRCYHypibntPWN653M6jPyCOSNiVOdVHgZDrvXT7sGI2D6C2f03UspIbiyGKlOEutIS9HXzKhWB28oWJbBKCqjW6u2toA3AdxOaM8OrraSfLSSPZBDlqfkScv7WM38L-QZz-JM16TULT3QJWl-jrcGKGIIfBeKZNrZXc0KB6_TcTB8_m-p8EOmlp5C6nVeSdf8MZ-YOhmLH2CEK8KEWOj78&sai=AMfl-YT1N2T30ao5BKpjQkvqo7acyjgPWB-9-2syiHplScs0Von5q0Rx3ojy3WH3Qe6q-9aO1OHesaB3QgL9rZLim50lnWCyWPfg25jzgyyOJgb_4bGgtQDHqjW0El8jXgd1-BECLBI0vZCml13oopWW4B1n_0EACkwiBiK1SYcVVGGbrQ8PMKWd05EXPe3SYOhPBoYqxu2FQKW4L6VND_zCZSpZc-TCCzw&sig=Cg0ArKJSzIWenwnQPGJvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=158&cbvp=1&cstd=157&cisv=r20220725.33608&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 27 Jul 2022 07:21:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js Show response
pagead2.googlesyndication.com/bg/ Frame A0C2 36 KB
14 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57a0eda24c0987d1608aac9d83b3be75b8e7879f588bdfe7e1a04c5b5b3d7e4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13875
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jul 2023 06:36:26 GMT

GET
H3 200 V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js Show response
pagead2.googlesyndication.com/bg/ Frame 6244 36 KB
14 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57a0eda24c0987d1608aac9d83b3be75b8e7879f588bdfe7e1a04c5b5b3d7e4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13875
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jul 2023 06:36:26 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4892
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=mygameday.app&sn=ChromeSyncframe&so=0&topUrl=websites.mygameday.app&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=FHP3v3w1Uk0zbXBIb3pKd2VCSXlHZ3U3TExnQ0lnaDVQS1BqZ1RvbEhvQXkwd3V6Q3djclpobkc0OHgwSE5rYjAraVNIalJ4UjI0aGk2WUZMSWhqQ0lIWGgyTU1ka0dmTUkzZVRFaWl5YWNKQzViWVVXenVJekJiN1cwVk...

438 B
635 B

288ms
41ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=FHP3v3w1Uk0zbXBIb3pKd2VCSXlHZ3U3TExnQ0lnaDVQS1BqZ1RvbEhvQXkwd3V6Q3djclpobkc0OHgwSE5rYjAraVNIalJ4UjI0aGk2WUZMSWhqQ0lIWGgyTU1ka0dmTUkzZVRFaWl5YWNKQzViWVVXenVJekJiN1cwVkpTeGpVVUYvcmlka2FTYjJ4N25DVWNxcHUvbDhDbUIrVElyc0w5WGJVNUR5Uk5GVklCNE4yek10czNsdTBCSDA3ZE9ObjRkdHFLcVJlbjFiL1ZCSGhQYTNHU0pyMThqRG5ha3JVeTJ6QTErNWowNHd0am1OQStleEtnVnIvUGpTNThVUlRGaUc3a05YelArSFJtRDJDV2NBbmtIL05aZz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

62af87a544f1639face150a44c266bf2570a101b4c7b9c3e6da5083e10e97aaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:26 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5523
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:26 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=FHP3v3w1Uk0zbXBIb3pKd2VCSXlHZ3U3TExnQ0lnaDVQS1BqZ1RvbEhvQXkwd3V6Q3djclpobkc0OHgwSE5rYjAraVNIalJ4UjI0aGk2WUZMSWhqQ0lIWGgyTU1ka0dmTUkzZVRFaWl5YWNKQzViWVVXenVJekJiN1cwVkpTeGpVVUYvcmlka2FTYjJ4N25DVWNxcHUvbDhDbUIrVElyc0w5WGJVNUR5Uk5GVklCNE4yek10czNsdTBCSDA3ZE9ObjRkdHFLcVJlbjFiL1ZCSGhQYTNHU0pyMThqRG5ha3JVeTJ6QTErNWowNHd0am1OQStleEtnVnIvUGpTNThVUlRGaUc3a05YelArSFJtRDJDV2NBbmtIL05aZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1521
content-length: 541
expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CDAE 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BiC_YdefgYqWaIJWOjuwP5Ye4sAgAAAAAOAHgBAI&bg=!PT6lPnrNAAacadVKvGk7ACkAdvg8WgniamKz8FyRiRowdVJjaVHMoNpNqjfD1eOid-Ax_T9Gw7O1PgIAAAB4UgAAAAFoAQeZAu4AbH_0Q84wfinB30iKzcylBH2b7AZwio_ZcGx3vYyPuit3QsuON66-MTI7HeL-ZQW4OXIAn0mZmrT_M8OCFtuMbSobnfs1KlCTWyzn9D39AgmEnm-7ggRHcqyqo_00JIDPLBEEOU-TcZArgx3dd2w1B3oaFXDvIPWGT7jntFf3W_0_qvMpezfyZPxQEFolm3R_AcHhZzrUBqPA8CcOahv9WX6MTAF7btsv4jWh6A1JI2XYL-W__XB-p-2bh8erEO-nrNuWPW_uELE6O1ecaLP6hxybGlLv2YLH8eP9o8EOpLA_CtHh4yWuGR02GArbtPmL9DvaOPsS4fkkUwbD_JgkaawxItMRUyF2p81VIe6AXvklafWJQdmFd6w6vWlHoLlsq-WaZTr6koxCnlzydFYnpD9n0zCdpqtkwJ2C62vgb7kpAx6-PAgCc8s09KJEW421rFrj21Aq_VpPsaGm06YZlZNzbij6tHBl1QdDG4jhjc-zHNqmzfQQP5zT3IBKF1PVwKTPqY84r9PEqnbOTKVP7qpJThYrjzusJyeiprQHcV6n9GE_2r5sgDDN1nUwRgi7hUKARVjQtJUc1KmbM9WWLncqap46pl7DzQv6mzvJKMvuOlqA9KC57N0UBlkeuBvhfwwu1E9iCog7bQwP0uzsYmeN1WxxsAGTuJTNlHmE0bwR8szxTZDgYI7tXYm1h7AB2BCn9bRKD07D0KZE3Z0GcfAKylcpu-rmh5XHTkFNAwL633tZN1AsryDcIVQ-WYEapS-b3u3BOwmOG10_yx2Fr_wRnIKbilGNh93SfpKV-4gy1fcEOh9WpbA2uHmDmqEOvoBANFw5zycU7ZOSnpWM2p0qAR0cXY4D80ZqTQfFbERbmKUAHN3VKCS_NHktG-d7Uu5pIrKSOUDZMtuuIP160dPBPvPfP8-LwMvxWCUTAJDNOGxZz6NFHCMPlvHqN8kdapomeMC6vyfYKpXSYLx2vU_N8AVcjdv2M1ld8lw

Requested by

Host: eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
URL: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/15339142727432857715/300x600/css/ Frame 860A 499 B
290 B 38ms
37ms Stylesheet
text/css 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15339142727432857715/300x600/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15339142727432857715/300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16e66f1c27a24ff6c55f87bf2b303a62411c2e18256fccbea0d672e3f9c67c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15339142727432857715/300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134933
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 261
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 25 Jul 2023 17:52:34 GMT

GET
H3 200 bg1.jpg
s0.2mdn.net/sadbundle/15339142727432857715/300x600/images/ Frame 860A 52 KB
52 KB 39ms
38ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15339142727432857715/300x600/images/bg1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15339142727432857715/300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

897bf0d8e483a143dc187f5f21625d828304229f2a099baaa798df455b37769a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15339142727432857715/300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 13:58:52 GMT
x-content-type-options: nosniff
age: 62555
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53511
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Jul 2023 13:58:52 GMT

GET
H3 200 legal.png
s0.2mdn.net/sadbundle/15339142727432857715/300x600/images/ Frame 860A 10 KB
10 KB 69ms
68ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15339142727432857715/300x600/images/legal.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15339142727432857715/300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4ea27b9b47663c9cd3463abbee0643f818f33c643ede5f55bb88f7e7182efde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15339142727432857715/300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:04:59 GMT
x-content-type-options: nosniff
age: 508588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10264
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 21 Jul 2023 10:04:59 GMT

GET
H3 200 bg2.jpg
s0.2mdn.net/sadbundle/15339142727432857715/300x600/images/ Frame 860A 34 KB
34 KB 70ms
69ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15339142727432857715/300x600/images/bg2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15339142727432857715/300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2948dcb7096bdbcfb42e763bdf7a2dbec4a243e4ed16227d54a33a34bbab9aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15339142727432857715/300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 13:58:53 GMT
x-content-type-options: nosniff
age: 62554
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34347
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Jul 2023 13:58:53 GMT

GET
H3 200 legal2.png
s0.2mdn.net/sadbundle/15339142727432857715/300x600/images/ Frame 860A 2 KB
2 KB 82ms
80ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15339142727432857715/300x600/images/legal2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15339142727432857715/300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9633c01e0c237ffb01b3b979e8197cde05bc75dfc45ed64e54df673b53821b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15339142727432857715/300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 13:58:53 GMT
x-content-type-options: nosniff
age: 62554
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2125
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Jul 2023 13:58:53 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/15339142727432857715/300x600/images/ Frame 860A 11 KB
11 KB 75ms
74ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15339142727432857715/300x600/images/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15339142727432857715/300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efc516e25be760784e2d648733d0b6a90442d01daaef70861329dfa5db0ccb03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15339142727432857715/300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 15:47:14 GMT
x-content-type-options: nosniff
age: 142453
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11229
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 25 Jul 2023 15:47:14 GMT

GET
H3 200 tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 860A 105 KB
35 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15339142727432857715/300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15339142727432857715/300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35824
x-xss-protection: 0
last-modified: Fri, 09 Oct 2015 14:01:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Jul 2022 07:21:27 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/15339142727432857715/300x600/js/ Frame 860A 995 B
408 B 41ms
40ms Script
application/x-javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15339142727432857715/300x600/js/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15339142727432857715/300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c62942ea8d3d696a85db870bcfa123d1c76f21850ecb2f42fdf0e4c7d4ee16b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15339142727432857715/300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 08:13:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83293
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Jul 2023 08:13:14 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/9942674822015316743/970x250/css/ Frame 714D 499 B
291 B 41ms
40ms Stylesheet
text/css 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9942674822015316743/970x250/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9942674822015316743/970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8798ffa54dc908be021deb67a3e83501148a2741fdb8c6606e263ef4e3690517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9942674822015316743/970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 13:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62551
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 262
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Jul 2023 13:58:56 GMT

GET
H3 200 bg1.jpg
s0.2mdn.net/sadbundle/9942674822015316743/970x250/images/ Frame 714D 62 KB
62 KB 55ms
54ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9942674822015316743/970x250/images/bg1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9942674822015316743/970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12a09ccdf49630c1c919e55baceb0fd1214e85e85a8a464b6b5623b130c619f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9942674822015316743/970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 13:58:56 GMT
x-content-type-options: nosniff
age: 62551
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63319
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Jul 2023 13:58:56 GMT

GET
H3 200 legal.png
s0.2mdn.net/sadbundle/9942674822015316743/970x250/images/ Frame 714D 3 KB
3 KB 59ms
58ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9942674822015316743/970x250/images/legal.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9942674822015316743/970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a60ca76234cbf59ade74ddb132e85700a8f390ec9591d6bd3315647cfb537fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9942674822015316743/970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 13:59:06 GMT
x-content-type-options: nosniff
age: 62541
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2794
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Jul 2023 13:59:06 GMT

GET
H3 200 bg2.jpg
s0.2mdn.net/sadbundle/9942674822015316743/970x250/images/ Frame 714D 27 KB
27 KB 60ms
59ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9942674822015316743/970x250/images/bg2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9942674822015316743/970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd40cf486830d662086f11bba9b1209677f5d1833cd596a0111be31c95c756b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9942674822015316743/970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 13:58:57 GMT
x-content-type-options: nosniff
age: 62550
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27669
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Jul 2023 13:58:57 GMT

GET
H3 200 legal2.png
s0.2mdn.net/sadbundle/9942674822015316743/970x250/images/ Frame 714D 2 KB
2 KB 73ms
72ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9942674822015316743/970x250/images/legal2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9942674822015316743/970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6eacbe6f8b8be6ef1898b082a00932354719c54ccb4116b10f3a657df447675f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9942674822015316743/970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 13:58:57 GMT
x-content-type-options: nosniff
age: 62550
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2475
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Jul 2023 13:58:57 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/9942674822015316743/970x250/images/ Frame 714D 13 KB
13 KB 70ms
69ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9942674822015316743/970x250/images/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9942674822015316743/970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e249c9e67e786833efac157379abf36a5419108c7cc83423481ca5f2600a6dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9942674822015316743/970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 13:58:57 GMT
x-content-type-options: nosniff
age: 62550
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12939
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Jul 2023 13:58:57 GMT

GET
H3 200 tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 714D 105 KB
35 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9942674822015316743/970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9942674822015316743/970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35824
x-xss-protection: 0
last-modified: Fri, 09 Oct 2015 14:01:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Jul 2022 07:21:27 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/9942674822015316743/970x250/js/ Frame 714D 994 B
402 B 39ms
39ms Script
application/x-javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9942674822015316743/970x250/js/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9942674822015316743/970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86791a2ff2be885417b1d28e817b1720304bb0296881afe0cce1800c76fe34da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9942674822015316743/970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 13:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62550
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 373
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Jul 2023 13:58:57 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A0C2 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_bdwdufgYvDDLaWD9u8PntKpmAMAAAAAOAHgBAI&bg=!9fal9rLNAAacadVKvGk7ACkAdvg8WmjumSCe0b0VhcVelUe9KgLO4QPkWj3ZSRmEEEurPunPuv5OygIAAAB_UgAAAAJoAQcKACt2Nh6YXuiUPkVyOaf5ZZSIewcH2HuHMbQ9t9Pfq4nZaXR1kItcm7Mk13P4mQLqdaSfG4DWfhB5wsWLvFWfh_A0XxZlTbXnyqYMiLieZog9wLSdUxcjs4GLqvjtTHEquEX7aAT534RrBxojQ6HI670DhAKC7CwYTLKHNieaV6Ssi6VWGUb05sPjPCNvh_L5OB5UME19ErI9TJGbAdbj_nL2WbdjasIy8elVseoMQXsUBidJpfMfAeSnLBCmKIhDxTpe9zqpJ28Fudck0KCAzR-ecsXNJ70DH6xYm8qjjdH1MGV5ngr-F5cTxyttUbjlH6G4LMagO7ONAnOsHGq_ZABQELkgPjMZ4a96J9VZsh9IbMg2ZXdNOPIInRCiuwtfxIyRDt4A7lsbUZnbo2GFR1mTmkGrW_kN593RP52L5ZxhWdLqEYMy7AOvcZ4JQxCCYYHMCPp9HJvvS1VvmfveAJ54BFwtYYHrdb9VwJ_qJNOVOb23ORrWJ3OkuS6uRWFOlJaOMT2NVKPsy7KM6sYTqP2O96eR7Ysbs9uC1pz76p_YfoHKztSBkDXxhVF3tXx7SLD7TtNqZdCo8Ezg0GV0oto60X91wGoaPLK4XEjtKq9drt5UG83Y14a1O5aOpbafaxdbp16KIgKWx59xBJw5zjyMpmVj3137kvVhbCyrAwRzdNo4OUjqSdIQoMI4bJg158R140ZJeuHcQ2bNxFdQfgrUKQgJS8t7-yi8qqOG-Mw_VfhJX-KsEfTvjmqI5pcDAGI4IB6dkrnqdpdarpf0AQ6N8AzOw7MiV3b9dd7v8f-XW0dBNpFnRRPjFm1aUUVDGmiVAM3mIWTCSv8BW9yrxRCmaeCnq6I1BLAYXBb-L5Gp8J9VluvlVH43BJ6WSrok0pIrVYOp2YKxKPXx2bMUu7HBJ2xUGsTRfGGnVpskBmO1w80bLKtvzM6BiFBYrgAgp-pg00QRjIQtY3HosSLgnSXuZh72a64PjXBUAggbdOJGvOr-n2IV7eQrE1quTX7jd8_UJku3WG5Mc8GLIJpuSeiAY3u5KFmo16o

Requested by

Host: eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
URL: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6244 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLnjDdufgYsfVL_2P9u8P4uqQ2AwAAAAAOAHgBAI&bg=!dXaldjLNAAacadVKvGk7ACkAdvg8WpKKkYVk84W6-yI-5IQ-00SwuouoS7Gq7K2mkgiBGEY9bymuhwIAAAB-UgAAAAJoAQcKAJ9mMqNrCvqyYeujS-NdYnZCNtuRwws2aYbqHCwQfbHFpm3KB4rFMUwppFATotBkEslEzyMElGsk8x7NvwOud9P8Tp-FAjkwDfz61BfspgtAun6S7UN5zIKIuSKW-HVuQq53FtnwgEWbsuuR65yRLbH6oFjH2YUzxlW2ozmjHy4t0MSVKekyfoWjbWzduxh6W1wpjVbRyau-Jh9peCxhRz6ZAuq4VmjtRWdTHkUvtfiGPsHbQk1x3BNKQMvpegfNE-S5Q6JkUSuGlQoeDAnB9ixxfzpDhBMsGoOCYp4OXkeHDM761y-S_Q9u68ZpD-Ko5Mx2ycXpu32cNAuzUwnl2gpWqLL00i7AyOo5OBFZ1bMmX8GY20gUCZUD66E8sBTBjERWRP3Ey4odqtcx3NUmE6p1uEZP2eMwZqLCRQdJGzEpjQUyXlWLkcx3MXY8n1hShvLxpfR8A7a-qlbBbCIDOKnak3eC8xMfaEfYzyd_oU9NV4p3hLyGqQ4ctUS_zC6X7HdxEAvSeOZkySo0ytdTqGqVFKhhNaUW2cyMzv8EJgZqzeJTv3udu2kynr0DfBjzmRClia1wfeX_CW4LwwC7Mvm-K3_ZRyo5XHL8slIMKwEcaycHDTmNse4lylKLvf7LDtWRb_D7WiPpAo-w7lMyWFOnypZYUew0PJ4cuKmqz_QTr2GqwhVVtaVf1789JIpVjKKdfFFZvDnbxbRjcyytntzeEv0oy_0WlO4GjopSIL1OaY1gWrJOP56h9OtYNlRcKcYJuJjtmmfh13nYn6Mv6Aez_GJBXg_7Bx3Baa7JrtOx0c7HOR_C7-fzEMfmCW4dUpAvHGX9u4dYZUrimdShqIfvZU38IvhVD6YWPrzcDAlNi1WeurSeN8J8opoZPbDbAVPizggNX-YF3nQ-BtynzBJO0mer9hWVOz_t0_CPjCZDKlx8HpV8xSeOJdIn6gDV7yhJ1Ki_faKUzE6rdvXsPxqt-wubkdyGjnE0Cn0upDkU_yqB-ZxE4DwIzuVXNz2saY29o-UgCFEDU8KJGVs3KB8Vd8cP745duAod42xxqCOkTpTzMil5hj5vAdUYuf-kIrfInbWvE5S-JlXvDdW3SflrHIBkKtmuLef6-HnTezOtzUxYPq4KwaWZtZk4vraprrANxBvK9vfLNx9qF_uGykFg4paqlCJGX_qlBZSYk6wq1OMNGEpWKOpCwKJXiQ

Requested by

Host: eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
URL: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8E4B 0
26 B 75ms
75ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstlhJJRI61jtoCrJzajrv2_4gVHEvU-fw_exWNn_kLy5ihnMVdO95UxddHdESmqNNkaBMbQleITU2cxKhCQkYBLHxARJ48KQl-kjehogkd5yEbIIiEtxKWsb_zmHR_rIzqv1AAv5FZy0YNm5T-RVHYQiYx-8KFntovVEkan0UBQocyU23j9Vdk2BQeUfnho-hiSSM7O2p1VfbRTR_YzOD87R3jPM-flJvd3nPgZviYbgBT9NYU7JbNRKalmo4hCcb4-LFXQfJVZE9z8wU6LtrTxdtOLOOpHVPKd4PLXsLXQfXuVMblaYGmTn9IwdVIb_kLIlyqpGbabdSHPME_isf1LNdoRejroOy9LMqgMWt3wcWzXrL2bMLjNPPXvV6VOoHzVFM1M1kh8nJCfGaCcCG2t44_ol4_r1hhvOfIFHS_bdaVNWcAO1sKPCvPzLn6jw_Bh_7TuDARJ0rqXIJ4sWffCxnOfcRO2wpsp-mTLr_C3ZQLzXIIA_D-HNyCciZz-Ve8OKw-zJiTA6saVa9aSDZltdDKzSH62iRvAhcbLIqT124UYiGnK7OWZi4s-0B-ISRFtgS0Mn2fLoJjZYN_fg5As8HXseKHjH-Xel_A_fls4zSYimOrKeAMwNZD94pKLSdJIzsumLYZNo2SdQL3_-ARf7Nh3dPFcy4DWYaL3zHPJlEL7zO2Tzel2N3of9tqBTk-E6rMY7LmL7oLm5UmvlPWdYKcOyVOxciuPoImUUcyZZc5YdMaTXt5DxHtwQRKPjZBRfzPcBeWbP1EgfdLfbOUMW1rNoXOUO1BAR2twwQM9nLl7pye6AUpe3jkuL06JH7Xq2DisY3QfgGendEhRCHTohnU21G5OnEATBLTWCR2ChX7BxQtWQFSkltuoWJ-bixI6Sh69Jb_bnWYh4N80KGzy-xdv_OF63Sk-Epcdb8b_600gZP2YUt7xHyXy5rgfzNft0zfi6R8AZK0zKPU1z_83WOELea2VCJr_MDFp-8N4GIcEVtjZNrAMx48e-ZLAn9Act175QFF_PaL-TlGyMevddFscQCC8dhQwXBDjY4KvSNbQXnCIx3X2exK437iD_yRN3JhNwHczHKEUOhbhhhyNvSVg6HKXz-d1dzvcM49GEEjmo7YvPk8szog9xqgGpg0SbXtV1FrmZyJsTBPs-0ojVXroSM3P6Iuwm20NatBnyZ3GSdap--oyKKCsXtGI2Wqh84HklIjCjTztSoxEgb2fjMhWczIqDMVOYoSi&sai=AMfl-YRHeGqMSlPsR5tymA89wLrIUNVwJ3XlDU6t5bB_ZG40GabM1htocm-b-y8P4oE6cdRxUWYD_Hqg5pAxBmjQUvnF2bzMEsfSug0cmEtU8SInnzvW_YQ-SrK8TLzF11chkkPEIBcN0HShn-5wVVVd6WXvlqPgk-s5JPPHFFX3ZOwpE67szChX49TGDyir6w9mvVh-UH2yf0TDNrUgvfh36zQds-VMfWQ&sig=Cg0ArKJSzIfm8NfRXmKOEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=484&vt=11&dtpt=301&dett=3&cstd=181&cisv=r20220725.74196&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Jul 2022 07:21:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0E69 0
26 B 75ms
75ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvUM73XK_YftsSNGGWrCC1FBPhu-ukcZLcmwLj5rEvjVwHZdctILbkXNHykhrnXKhsY_8kiHsCZpItVIJDMPtD-5JcY9BL04pw2KfMuWbKB4AA3NerGvCxnbjP2IyvwFL1ImBYPk-KTtMvMFrNe05pgiJ3ZGsgCTO0sDh6rm1YUFjTRpgh0QS0AXLzC0Rj_n1DpgTI0WAYFuBEAzBOqL5Z7pr402S3u_zEr9fC9diHicCvlr2-u2NMWR8_iGzPyJ9mU1HpAiww0V9Ev_iCFygCNY8J59JY0K7hRRgs8CNwbUlnrqMtf4NQwe13f0jLMw-u_xVoNuXF_AGjuVdtkvp0MKbBRFqPI0b_I7jmu5UrbQxQb8CVxoJwWjWJ94Hgsl_5-CIm-1_XDQKxHhkYK2UgujiHh4Yc_DXaptVLVvWDVaTgHr7eTANiCWgajTkt-mNL3Zs8dAM5ehJr1Ua9PAvuwUzle2xn1Kh-DQtjjbHO6aELdnkt2XYNOpo04VrtU9K92WHXFOLzCm3y2bQm3fgwsBNxFvzlMhcw4H5dk5vU3bMMfNGZQ48hIQxI2L2EdrJDz8yzOU70nLT12iaMWU8ZMZgw5XQGLgg-D6gk46OmQRHVRouwtkV5gRLBk0l-Pq43w_oppR3BLgqF8yGrHXEH99jrFfjg-QEwjkJBm4gjEJhxYhYPY-UAidVkVjAVQxyyPgrK8po343Sfp-eUiIO34fDntqOaDNAOE-JfCSvvmZ22oVYYWIoC3rI-McfXGksnd4tfRgAZyTZARNmpijHFCrFDH79nOv69nnYkgmtu6pvrRIbFmJ25eX_wAqSMmdyymKSr2wVRXYHepvC7G2ZaSWbXU9ttrk3_Fj8RN9ukWcwVcARCmj8nDNDAbDmIytwtkyiT_AXSNvV4mjondIAheqI0hV5BGM9Zmler-36hGDHPd0rkVgNl8i-B-WW7YALYqXqD6EKG-nSrg2IoXonn0VhIxrZmHat2R1zXA_qgx3xdZcoQR3C2penm6h-7WoJlsvaB9uafbSRCYHypibntPWN653M6jPyCOSNiVOdVHgZDrvXT7sGI2D6C2f03UspIbiyGKlOEutIS9HXzKhWB28oWJbBKCqjW6u2toA3AdxOaM8OrraSfLSSPZBDlqfkScv7WM38L-QZz-JM16TULT3QJWl-jrcGKGIIfBeKZNrZXc0KB6_TcTB8_m-p8EOmlp5C6nVeSdf8MZ-YOhmLH2CEK8KEWOj78&sai=AMfl-YT1N2T30ao5BKpjQkvqo7acyjgPWB-9-2syiHplScs0Von5q0Rx3ojy3WH3Qe6q-9aO1OHesaB3QgL9rZLim50lnWCyWPfg25jzgyyOJgb_4bGgtQDHqjW0El8jXgd1-BECLBI0vZCml13oopWW4B1n_0EACkwiBiK1SYcVVGGbrQ8PMKWd05EXPe3SYOhPBoYqxu2FQKW4L6VND_zCZSpZc-TCCzw&sig=Cg0ArKJSzIWenwnQPGJvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=444&vt=11&dtpt=286&dett=3&cstd=157&cisv=r20220725.33608&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: websites.mygameday.app
URL: https://websites.mygameday.app/assoc_page.cgi?c=1-8951-0-0-0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Jul 2022 07:21:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5BBE 13 KB
5 KB 37ms
37ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://websites.mygameday.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 42776
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Jul 2022 19:28:31 GMT
expires: Wed, 26 Jul 2023 19:28:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7638 783 B
536 B 49ms
48ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d4de14048ce328aee2fc8d1bd3a1b4e1f6d333d65f206b52a449a04e46b81d15

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lN80tc7g0ZJWG2d5bLBkRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://websites.mygameday.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-lN80tc7g0ZJWG2d5bLBkRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 27 Jul 2022 07:21:27 GMT
expires: Wed, 27 Jul 2022 07:21:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js Show response
pagead2.googlesyndication.com/bg/ Frame 5BBE 36 KB
14 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57a0eda24c0987d1608aac9d83b3be75b8e7879f588bdfe7e1a04c5b5b3d7e4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13875
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jul 2023 06:36:26 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7638 0
0 134ms
133ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022072101&jk=2472861887385552&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5BBE 0
9 B 37ms
36ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?N3earw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BCBB 42 B
64 B 151ms
75ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_PmhKothgv6aWkotX-xAi3MpwbeL9AbSA3qEHRmB7E6662c4D0IcXIvcvPKxy1Jr2bXHUdaMStqj2nFn4uqBhCpJ_JZbggAQjQE6cdF4b3A0IE1q6AwECXTDuFuCEUo4DO4o7xHSkwFtsFg&sai=AMfl-YS3t516oNv3__4DSfuyxR44MAqzeZc6HvuQa8NZJcRvvGdraJwfvZtgNlcFEHdPPX7kvkzXthIHVYkRJ44mgbDaVFhBnBPqwNXpXvNARJLxoUAMxvpFblilL15segY&sig=Cg0ArKJSzEO2_A9pW3rUEAE&cid=CAASJ-Ror0xxGa7eErbKVbw_wL3IuzpYZMqh7TuzK73h7n5S_CUF3a9Adg&id=lidar2&mcvt=1002&p=452,982,1052,1282&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220725&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1191671391&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658906486412&rpt=446&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0E69 42 B
64 B 78ms
75ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaIdrOdvpu-xcj8GhLEUGBN8_cSr_9zz34swPSjRxEUSNc56K21UbCifqv5UOUr5rK7q5a7pjURMTOqXSqePwKfoh4RMv62VPvo1Z7q0FOjhiasLMQYpfKGnqmk33ax07smNpUxEqEpiC0Hw&sai=AMfl-YQ483bxtFsiteBNirPCnFF6EwL3ZcF1lB74mHMqes13MgNOvouEU_cq5KVwIHi2VW4DkTJ27hIwJEBIh2L0FxPypnpYRVT1eXtPCADvs9fqavbLrzmqEEHAyLdV6Uo&sig=Cg0ArKJSzC9ymFndFz8xEAE&cid=CAASJ-RoDSGu48fEqS7Tn8pnwGnOg2Z6xrvADoGHdTzm7bX7g4mqEIwSUQ&id=lidar2&mcvt=1000&p=0,315,250,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220725&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4267387573&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658906486395&rpt=537&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8E4B 42 B
64 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvAHpr_I09pOU5WLuApkBnbGig3AtDqYoJnolbzDNBR2kTrGop64zRxaRG8FDnIIHoc5ab2f0YOKhlsVJzxh4WDeh4SCFtLkvfjDCIJInptzwhLdFoOtPULha2HcSQBedSVzWIPTTNo73-0OQ&sai=AMfl-YRb8rbQouPVY9EkY65TXMaql3JYtf-TujuPBZt08Gsbon8p01OjqDA7OFPt90rD6yARbA--Yx4RcFvyWNUIl8Ona6uDcv2BWT_tzjY7NXygYRBx-8Y_TeIZp_G3yNk&sig=Cg0ArKJSzKSB7DVAIx6HEAE&cid=CAASJ-RoqVkL_fFecXIUKM-jqdnW61FXjnbcm8OLGWJ3flCR5OK6CzCwHg&id=lidar2&mcvt=1000&p=1052,1241,1092,1282&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220725&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4217473537&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658906486415&rpt=484&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 138ms
138ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022072101&jk=2472861887385552&bg=!ICOlI2fNAAacadVKvGk7ACkAdvg8WpiXf_atavZ09qQwqjP97q810ljei_HGA8TOB7TFntKPaxrTRQIAAABNUgAAAAJoAQeZAq4mqjxMBXm3FAXbMMf8-uwiaKqYAkYNvgV67tBpRmCsZfdGhhZoDPwzQQ3BdzLnwOv0rfj8qHYcx5T2mqrLQHR6c05rGYtvtzCIMSsCbfZ5k_MqixtoZN5XMV1pv4YH8xhseLvFNYKBV1b3PeSSciKtyQ1H1Zhj3DrompRAfC8M4TmgXqtIdfg2Cq3TigWe2oZ3zvhftMD-sCqVjXwW69KC1884rNrWXOEE9oZJ-TeNpzkNl4KWr4hSTMPJCJ63-DeYXAhWGQH-O65V78wNR7eT7KQ58VtQj342sgReQcvhh1gmWKsI4p4XxpMjB-xiyNkC_Jbd9EuhnVl-IYbLduxSlJolYLIz1JZFOHNLuAZi_WjUqvDrOYdeOh2QfutlTUF3T3DEaNtEslMt_19QiZaodARbTpNCjTmoBvyEFiDR5cPu6g9cSLjLsfPkknOM1wvoPX1GWVHr9jlSXKR0y6-lsAMexAF3UogJKSlOPCqlu_uH3LnMahYwPlx1QSyiGl-IJnHZNxCCzhvIiyopIuH1PELRuTHeyShz7GdHUCrRdFlmHTFMbfDZQOnBxRS1DMNwRn_QM1F9Bv7HJnVXK2DfdpmIrXe0SxfrYysHkRThLhR7SZmW9-FmzD8xU7IMkrmKtNZcQ3OyJ0dBD8oAenTKlxRuM_BuK0WWzb_DAgxIa3xbcfbryLoT72EnEekgAfOF4age37Qv9FieKNPNehLwZYKvxZNcJsqDCAR6b1L5ZlC9qSh0qSGubBKJreAXnu0D2WUAkq3QN8khCu3FsGJYIZAFQ8o88RdNoJBsAvpN47QF5-Jant9svK9JG7V5BQ6S2cifaaIvh2cOLTUcPvb5CZjhURGr8I6QC_4nH1qOjmf4Wp6LDnapKR_1xJVZsHPiGfEPEkbDO4YmrvnifA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 121ms
45ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8YRJC1Z8WF&gtm=2oe7p0&_p=1030006238&_z=ccd.v9B&cid=1229237347.1658906485&ul=en-us&sr=1600x1200&_s=2&sid=1658906484&sct=1&seg=0&dl=https%3A%2F%2Fwebsites.mygameday.app%2Fassoc_page.cgi%3Fc%3D1-8951-0-0-0&dt=News%20-%20Hunter%20AFL%20Masters%20-%20GameDay&en=dimension3&_ee=1&ep.dimension3=australian%20football&_et=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8YRJC1Z8WF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://websites.mygameday.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync Show response
eb2.3lift.com/ Frame E6F4 37 B
140 B 117ms
40ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/17664_interplay_sportstg.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://websites.mygameday.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Wed, 27 Jul 2022 07:21:30 GMT

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame E203 3 KB
2 KB 211ms
46ms Document
text/html 2.18.168.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/17664_interplay_sportstg.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.168.244 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-168-244.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://websites.mygameday.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Wed, 27 Jul 2022 07:21:30 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame CCE3 281 B
554 B 214ms
45ms Document
text/html 92.123.9.160
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/17664_interplay_sportstg.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-9-160.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://websites.mygameday.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 27 Jul 2022 07:21:30 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 6E34 52 KB
17 KB 153ms
37ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/17664_interplay_sportstg.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://websites.mygameday.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 7930
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 27 Jul 2022 07:21:30 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 20 Jul 2022 05:09:06 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 130660
X-Served-By: cache-lga21977-LGA, cache-hhn4024-HHN
X-Timer: S1658906490.494953,VS0,VE0

GET
H3

200

usersync
ads.playground.xyz/
Redirect Chain

https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID
https://ads.playground.xyz/usersync?partner=appnexus&uid=1031605483458445790

43 B
60 B

118ms
41ms

Image
image/gif

34.102.253.54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.playground.xyz/usersync?partner=appnexus&uid=1031605483458445790
Protocol: H3
Server: 34.102.253.54 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 54.253.102.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websites.mygameday.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:30 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: 8a084c5f-718d-4a99-adf1-d5b324e906bd

Redirect headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 07:21:30 GMT
X-Proxy-Origin: 80.255.7.104; 80.255.7.104; 939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: fa6f1cbc-4b30-48ae-a05b-60beb25a02d9
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ads.playground.xyz/usersync?partner=appnexus&uid=1031605483458445790
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6E34 0
741 B 46ms
46ms Script
text/html 185.89.210.181
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.181 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 07:21:30 GMT
X-Proxy-Origin: 80.255.7.104; 80.255.7.104; 939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 28b75b6b-7acf-4028-baa6-e3415e7372b3
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame BD63 2 KB
2 KB 153ms
62ms Document
text/html 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwebsites.mygameday.app%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4258f0f625f9f61771e91f0c87fe4a39899bc3432b21c6f8d7426021372ddd17

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 73139e5ed857695b-FRA
content-encoding: br
content-type: text/html
date: Wed, 27 Jul 2022 07:21:30 GMT
dropped-udsids: 39|241|230|46|73|8|88|5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zzk2mNFlGPf2yxGHp948RTcfjW%2FIPYXs%2FgKk3UaEN75AHh4yTzPcKGk2XZzNfHWvisPedaOm4bJ%2Fu%2FEKzfQ%2BMf1ndUM3C8Kno9%2FM%2BxPrYb1kuE79vHqOkrXdyUejknNNBvu1FtwoEmCdgg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame CCE3 31 KB
10 KB 45ms
45ms Script
text/html 92.123.9.160
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-9-160.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bce483ce05e34af34c91bf765756b9bb814731a1a6dd1bb73fc3a05ec93b5dc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 07:21:30 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=83244
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9453
Expires: Thu, 28 Jul 2022 06:28:54 GMT

GET
H2 451 709414.gif
id.rlcdn.com/ Frame CCE3 0
98 B 134ms
46ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:30 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame CCE3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDYQIJ6lpH9FqjkG7u8zz-g&google_cver=1

0
239 B

174ms
40ms

Image
image/gif

69.173.144.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDYQIJ6lpH9FqjkG7u8zz-g&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDYQIJ6lpH9FqjkG7u8zz-g&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CCE3
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=S5s6wZJERBahCKG4tEOdlQ&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=S5s6wZJERBahCKG4tEOdlQ

43 B
556 B

135ms
135ms

Image
image/gif

52.46.128.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=S5s6wZJERBahCKG4tEOdlQ

Protocol

HTTP/1.1

Server

52.46.128.147 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 07:21:31 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: PTEN955MC66PP1XXFRRK
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=S5s6wZJERBahCKG4tEOdlQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CCE3
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYzQTM4MkstTy1MT0FQ

170 B
188 B

48ms
47ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYzQTM4MkstTy1MT0FQ

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYzQTM4MkstTy1MT0FQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame CCE3
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L63A382K-O-LOAP

0
710 B

494ms
143ms

Image
text/plain

2620:1ec:21::14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L63A382K-O-LOAP
Protocol: H2
Server: 2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:30 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: CE093FC806DF4DC69EEB8EDC9C937A9F Ref B: FRAEDGE1107 Ref C: 2022-07-27T07:21:31Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXkxEQhrRuAfv7kHbPZUw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L63A382K-O-LOAP
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame CCE3
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=12eAgL46Q5SJwsrKcMFTxA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=12eAgL46Q5SJwsrKcMFTxA

43 B
556 B

59ms
59ms

Image
image/gif

52.95.126.160

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=12eAgL46Q5SJwsrKcMFTxA

Protocol

HTTP/1.1

Server

52.95.126.160 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 07:21:31 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 2FPD539SZF1ZK1899VCE
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=12eAgL46Q5SJwsrKcMFTxA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame CCE3
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L63A382K-O-LOAP&sigv=1&esig=2~ed71e766d7c887f2b248c517c2f9dc277e4c1558

0
194 B

388ms
37ms

Image
text/plain

2a00:1288:80:807::2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L63A382K-O-LOAP&sigv=1&esig=2~ed71e766d7c887f2b248c517c2f9dc277e4c1558

Protocol

Server

2a00:1288:80:807::2 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:31 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L63A382K-O-LOAP&sigv=1&esig=2~ed71e766d7c887f2b248c517c2f9dc277e4c1558
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CCE3
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzBkZTYxZTA5ZjQ5ZjY4OTBiOTI4YTg5ZDI2M2I4YmIwMGZjZWJkYQ

170 B
188 B

66ms
66ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzBkZTYxZTA5ZjQ5ZjY4OTBiOTI4YTg5ZDI2M2I4YmIwMGZjZWJkYQ

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzBkZTYxZTA5ZjQ5ZjY4OTBiOTI4YTg5ZDI2M2I4YmIwMGZjZWJkYQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame BD63 70 B
265 B 183ms
59ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwebsites.mygameday.app%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:30 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame BD63
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuDndjWypPsjEGhD5F07vwAABMQAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuDndjWypPsjEGhD5F07vwAABMQAAAIB&dcc=t

43 B
645 B

132ms
131ms

Image
image/gif

52.46.128.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuDndjWypPsjEGhD5F07vwAABMQAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwebsites.mygameday.app%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.46.128.147 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 07:21:31 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 4YGC2NKD1T8S5S1H1BQQ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 07:21:31 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: K1MFQH0GWMB1H60EXSXC
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuDndjWypPsjEGhD5F07vwAABMQAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame BD63 170 B
188 B 49ms
48ms Image
image/png 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YuDndjWypPsjEGhD5F07vwAABMQAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwebsites.mygameday.app%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame BD63 0
0 132ms
42ms Image
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwebsites.mygameday.app%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 YuDndjWypPsjEGhD5F07vwAABMQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame BD63 43 B
994 B 200ms
60ms Image
image/gif 2a05:d018:d29:3605:9ba9:76c9:a8da:3df

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YuDndjWypPsjEGhD5F07vwAABMQAAAIB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwebsites.mygameday.app%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:9ba9:76c9:a8da:3df -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:30 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame BD63
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=08ac1605-3f36-4d89-a5c6-b45731393977&expiration=1690442491

43 B
908 B

63ms
62ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=08ac1605-3f36-4d89-a5c6-b45731393977&expiration=1690442491
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwebsites.mygameday.app%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 73139e6358ce5bf5-FRA
pragma: no-cache
date: Wed, 27 Jul 2022 07:21:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uUybrgR0VOuDAj%2B4p8VUsnh8StzIsQBm7cBnh3jWM2nVa13BsoJkuJEiHgGVkEu5KICIwBeTeLaisgtIdaRgNHC18CKLyYaby4l%2BLp1qzunPQLNqrRm47ufNhOmn%2FDrAncrDdCrLGXZ5w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=08ac1605-3f36-4d89-a5c6-b45731393977&expiration=1690442491
date: Wed, 27 Jul 2022 07:21:31 GMT
server: Kestrel
content-length: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BD63
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YuDnegAB8lIwAQAK
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YuDnegAB8lIwAQAK&gdpr=1&_test=YuDnegAB8lIwAQAK

43 B
909 B

57ms
57ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YuDnegAB8lIwAQAK&gdpr=1&_test=YuDnegAB8lIwAQAK
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwebsites.mygameday.app%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 73139e614e065bf5-FRA
pragma: no-cache
date: Wed, 27 Jul 2022 07:21:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DWsHx%2Bnoe4jhix5U6ZusyV2tRaew1apoHqkpLCEqjGPQT5SywXWt%2FGkX8N0%2F3wPLlKeRYqtdir5IUSc9zW1%2FnnPoXnj0c6HNVGAyg3oJL8pHlOIDftb0mvvAbsHenMXpxirvnxJQtowK6A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 27 Jul 2022 07:21:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1658906491.049910,VS0,VE0
x-served-by: cache-hhn4049-HHN
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YuDnegAB8lIwAQAK&gdpr=1&_test=YuDnegAB8lIwAQAK
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 ix
ad4m.at/ad/sim/ Frame BD63 0
0 143ms
52ms Image
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwebsites.mygameday.app%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame BD63 43 B
425 B 147ms
42ms Image
image/gif 2606:4700::6812:c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?YuDndjWypPsjEGhD5F07vwAA%261220
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwebsites.mygameday.app%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:21:30 GMT
cf-cache-status: HIT
age: 157
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
content-length: 43
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
etag: "902a3d-2b-546dc3a097100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 73139e5ffe51904e-FRA
expires: Wed, 27 Jul 2022 11:21:30 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6E34 0
741 B 53ms
52ms Script
text/html 185.89.210.181
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.181 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 07:21:31 GMT
X-Proxy-Origin: 80.255.7.104; 80.255.7.104; 939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: b261c421-0c5e-42e6-b55c-89017b524fb3
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

218 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.turn.com/	1970-01-20 09:07:38	Name: uid Value: 4024964469599577003
.mygameday.app/	1970-01-20 22:19:38	Name: _ga_8YRJC1Z8WF Value: GS1.1.1658906484.1.0.1658906484.0
.websites.mygameday.app/	1970-01-20 13:34:02	Name: beopid Value: 406e3ac7-af8e-4951-a19c-706e1132838d
.mygameday.app/	1970-01-20 13:34:02	Name: utag_main Value: v_id:01823e8820050008ec4e552228aa03074003c06c00b08$_sn:1$_se:1$_ss:1$_st:1658908284742$ses_id:1658906484742%3Bexp-session$_pn:1%3Bexp-session
.mygameday.app/	1970-01-20 22:19:38	Name: _ga Value: GA1.2.1229237347.1658906485
.mygameday.app/	1970-01-20 04:49:52	Name: _gid Value: GA1.2.847437257.1658906485
.mygameday.app/	1970-01-20 04:48:26	Name: _gat_gtag_UA_141267029_4 Value: 1
ads.playground.xyz/	1970-01-20 04:58:24	Name: connect.sid Value: s%3AQ-co36mih2EDXQ-3Js8KdvpP6gB3_p00.8m%2FeaRa5QCbiaY%2FrmtKKlaszYEfILbXlMDEqy5P6DFo
.rubiconproject.com/	1970-01-20 13:34:02	Name: khaos Value: L63A382K-O-LOAP
.rubiconproject.com/	1970-01-20 13:34:02	Name: audit Value: 1\|hLZGFuTafB2ZVgk322/3BgNb0fGVcfL/XWaA1sYWTLG0RTcz8e+19eexRquGsFCe5sVpjA7TyJgVdUQQvXr9usVpzP7f7URbzG6FmltYou093VosydT3+A==
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 6f0c8e56c20adfba
.mygameday.app/	1970-01-20 14:10:02	Name: __gads Value: ID=71cad8bbf9f8806b-225c9dcbdccd00ed:T=1658906485:S=ALNI_MZUwAvGD7jthGl_EMgxndzdV19cpg
.mygameday.app/	1970-01-20 04:48:26	Name: lotame_domain_check Value: mygameday.app
.openx.net/	1970-01-20 13:34:02	Name: i Value: c8e9d4de-cd60-44d3-83f4-320366f33dc7\|1658906486
.doubleclick.net/	1970-01-20 14:10:02	Name: IDE Value: AHWqTUmhwpQ797fa6kdgCweGMqlLktmo8Eb_Zsvqq5HUSTksvoi_gqiqvurvwQzI83c
.adnxs.com/	1970-01-20 06:58:02	Name: uuid2 Value: 1031605483458445790
.casalemedia.com/	1970-01-20 06:58:02	Name: CMPS Value: 1220
.adnxs.com/	1970-01-20 06:58:02	Name: anj Value: dTM7k!M41.D>6NRF']wIg2IlcH^qM=!@wnfH8K6pQK`!5=E<L5>xi_40I$pdrqOwgwHhLj(xq%eD3=7AU'wIp69`u%nugO%v4VB%nn3$-ej_
.casalemedia.com/	1970-01-20 13:34:02	Name: CMID Value: YuDndjWypPsjEGhD5F07vwAA
.casalemedia.com/	1970-01-20 06:58:02	Name: CMPRO Value: 1220
.criteo.com/	1970-01-20 14:10:02	Name: uid Value: 4a6afe60-4614-4dca-a5c8-f2950dad2fe2
.mygameday.app/	1970-01-20 14:10:02	Name: cto_bundle Value: WekC_F9NYmhqWHhSQ0VvMUdjdnNkWCUyRiUyQnp5M0FXJTJCTUdmQTFWS0olMkI1UWpBMWwwa3dTUUtUcU5rVURXdDRCYTdhVVRsZXJVWExQQUZkbmJva1dLOXlTdGRSMHhIelVaREpoMGVVMnlmV1BFS3FuSFZ5UyUyQlcwRGhSRml4WiUyQlN5WHRYUllaRE9aTmJoM1FKNlYyZkdpRGNsUElnYWclM0QlM0Q
.casalemedia.com/	1970-01-20 06:58:02	Name: CMTS Value: 5179
.casalemedia.com/	1970-01-20 13:34:02	Name: CMRUM3 Value: f162e0e77a05a0&0862e0e77a05a00&2762e0e77a0b40&2d62e0e77705a0CAESEFVm1VqoxMEKwmy4AXcB9A4&e662e0e77a2760&5862e0e77a05a0&0562e0e77a05a0&2e62e0e77a05a0&4962e0e77a05a0
.casalemedia.com/	1970-01-20 04:49:52	Name: CMST Value: YuDnemLg53oA
.yahoo.com/	1970-01-20 13:34:24	Name: A3 Value: d=AQABBHrn4GICEKWHh1TSfJ7kqIa3YetAUgMFEgEBAQE44mLqYgAAAAAA_eMAAA&S=AQAAAnVHXVwkM-OCrLkFK1JvDv4

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad4m.at
ads.playground.xyz
ads.rubiconproject.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
bam.nr-data.net
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
boot.pbstck.com
btloader.com
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.pbstck.com
cm.g.doubleclick.net
connect.facebook.net
dsum-sec.casalemedia.com
eb2.3lift.com
eccddfa60555fbe7af1ecf65ff7290f4.safeframe.googlesyndication.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
huntermaf.org.au
ib.adnxs.com
id.rlcdn.com
id.sharedid.org
id5-sync.com
intake.pbstck.com
js-agent.newrelic.com
js-sec.indexww.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
passport.mygameday.app
pixel.rubiconproject.com
platform.twitter.com
pr-bh.ybp.yahoo.com
prod.uidapi.com
px.ads.linkedin.com
r.turn.com
refresh.pbstck.com
region1.google-analytics.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
s.amazon-adsystem.com
s.beop.io
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
syndication.twitter.com
t.beop.io
tags.crwdcntrl.net
tags.tiqcdn.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
websites.mygameday.app
widget.beop.io
www-static.spulsecdn.net
www-static1.spulsecdn.net
www-static2.spulsecdn.net
www-static3.spulsecdn.net
www-static4.spulsecdn.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.sportingpulse.com
104.18.18.126
104.18.19.126
104.244.42.72
104.96.145.246
108.138.17.94
13.248.245.213
13.54.240.48
13.55.129.189
141.95.98.67
142.250.184.194
142.250.184.226
142.250.186.162
151.101.129.108
151.101.130.137
151.101.2.49
152.199.23.151
162.247.241.14
178.250.2.146
185.89.210.180
185.89.210.181
2.18.168.244
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
203.210.102.25
23.47.212.221
2600:9000:206e:2200:9:213:6900:93a1
2600:9000:206e:3000:9:213:6900:93a1
2600:9000:206e:a400:9:213:6900:93a1
2600:9000:223f:4c00:9:213:6900:93a1
2600:9000:223f:ec00:9:213:6900:93a1
2602:803:c004:200::143
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:15d
2606:4700:10::6816:3556
2606:4700:10::ac43:5d8
2606:4700:20::681a:78b
2606:4700:20::681a:bd1
2606:4700::6810:5614
2606:4700::6812:c4c
2620:1ec:21::14
2a00:1288:80:807::2
2a00:1450:4001:800::2006
2a00:1450:4001:801::2003
2a00:1450:4001:806::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9b
2a02:2638:1::3
2a02:2638::1c
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
2a05:d018:d29:3605:9ba9:76c9:a8da:3df
3.130.97.0
3.209.155.158
34.102.146.192
34.102.253.54
34.120.107.143
34.251.24.18
34.98.64.218
35.244.174.68
35.71.131.137
52.19.26.128
52.212.1.11
52.46.128.147
52.57.153.94
52.63.225.143
52.95.126.160
54.200.17.135
63.34.67.128
69.173.144.138
92.123.9.160
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
0102ffc65da6faf5bed8f19605ac97a7f7b4744c9d3883e36b4d5516b6f29252
04c43527d971927ba2a3a639ae208f21c6b5b3c1eb7f079ebcd772a8e6e92fa6
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
094b946adc39ade08f6d927ea066c8fef3ba6ee5c12919873172315ef7428e92
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d70bbfb11363ce757317814f00d07369dff17b53bd66f397d5bcb3ce07d7adf
0dfc6a248555f050b5d255b29f2f32b6ea72970ba15f516123f59141b0dbc227
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12a09ccdf49630c1c919e55baceb0fd1214e85e85a8a464b6b5623b130c619f2
12b5ba52d815da3811d2bc9f88d11a497753192d9910f0d64ce0fe1a325dbfbd
13c3a168e07c10ca3db80605cdf6f5195507de06b7b5d3ca79f1e4b3f6e00433
1429e3019386f32fb47024e8d34a24e7563eebfb8dd415218c547efda9dbc34b
16e66f1c27a24ff6c55f87bf2b303a62411c2e18256fccbea0d672e3f9c67c9c
1f3e88c9176b21a33dc9e038a4ca9b412500a93ea50c5ab8408c99e21468d32a
22f11d72c4c2c8d08b1b745e2ad121064249aaf88dc676cfc6bb80c35bc58c1c
238621d3b08808f7d6764dc53e53c87b5b5189f38e30cd581802fa39220e6d4a
2430ebc2d719e863a80918aa4613cfe8b7257a1a2de45d16081d6a04244c5a45
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2948dcb7096bdbcfb42e763bdf7a2dbec4a243e4ed16227d54a33a34bbab9aee
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
2e5725866cc62a4f528fb8d7dd1d4c7827832f9d229077f3e747fbf511230bc6
310d5a788fc1f70e3caba3d17f111344cbe5463b7fbc3913bc8b74dcf5531c67
3953ff0333f905c50fbb2d0594b86f311c14f4ea2e8246ccfa201cd75079f60e
3a247fec5e87f4e74a0dc35f5ddb7039ee16640d731de504900454cdef0fbb58
3a60ca76234cbf59ade74ddb132e85700a8f390ec9591d6bd3315647cfb537fd
3a90d251808875f911e778292b74e171fda5b06912fadb8f2eba81729c2dfbdd
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e249c9e67e786833efac157379abf36a5419108c7cc83423481ca5f2600a6dc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
4258f0f625f9f61771e91f0c87fe4a39899bc3432b21c6f8d7426021372ddd17
4279f3c8cfb4cf8c010714d2d4852fc1d07214de32a61e194a1dcdb20a5b2d3e
4724bd1f0ca388d8566ff2fd9a48dd4a9c535dcfe9248218549209c7eed4b2a4
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49b51f1235ecba1e9e1b21948741ac3de37a4a8e8f22f7db959a4aff828ea72f
4b37b192d439da20850f06ffe2691531b9388f226897a73643cb32e699952d47
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6c80e285c29ee2445d1a8ccf4180f1b94a4ba2ff7251706b1b8ef8c8f94aff
4da5e6820b5232e3f9eefe8320ed63ac84ec4d40f4ab53b17872f1763c2d07cc
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
515d906c4b9ee9efa9f25ccf986dd1454cf162ce01e8609c911941330a3d6a1c
5214903223bfb08d9933a91d4907e2fa046512a2bfac522c94e7de50c21c74d0
52a33c96540ea9ed4ec2e42da30d88c9a0861adff13cfe0802816a2e8437f934
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
5669b803aa15242be0bf9ef58e01dd6c01f2efa1260fbeda256dacdec8bc93fa
57a0eda24c0987d1608aac9d83b3be75b8e7879f588bdfe7e1a04c5b5b3d7e4f
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62af87a544f1639face150a44c266bf2570a101b4c7b9c3e6da5083e10e97aaa
64ebf8a953e7d6c2050da828ee008c8da55f02e5f7a34ebf8b3b05851f1eeae4
64f865873cdb7cfe81c1a2c9adbdf46c19d86f0141bf70e1ecc39108696de661
65d10f647ca2ffef2513c48c1910bb738b4b254c57820e9b3c4c0dfdcc2cef8d
691912995b85981c0666d26bf36897d14dcfca89bbfe2db2e93926d7be72deb9
6960da3d7f6c83343c3890d0e1333f3a8776bb1bd8bccd28bc7e05d17f2d1812
6bbe67a6ea0c70d5ae78875dbf122816804f266fcf252a8c5c7bef6fce93c9ce
6bd4d835e9ec69631e36060587a7af0c4b60cff4581256428eec139e3accdfad
6e30d2153c36eb79856f9e18a5ba0a6dad03734bd08e1c289f32f77dba462aa0
6eacbe6f8b8be6ef1898b082a00932354719c54ccb4116b10f3a657df447675f
79926c3ae7267be53d75d90825e3a01f49ddc553fe4b949ee40e5a7f724ab364
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7d8aeb9173d48761d6c7776cdefea774c187377a1d30225b42a28ccdead7da43
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86791a2ff2be885417b1d28e817b1720304bb0296881afe0cce1800c76fe34da
8798ffa54dc908be021deb67a3e83501148a2741fdb8c6606e263ef4e3690517
87cdd3534cb3bae0dd132848ca27f72709a52dd8ad30f09aabc9854f61e4c282
87d1e7ad2a41d2f0f66fa148506e7cabecbb0d052423047d02637790b3a11296
897bf0d8e483a143dc187f5f21625d828304229f2a099baaa798df455b37769a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c8e65ab155f7acc6336c69a4ba38e552106f6ed4c64c99fa0ec1803f24fec51
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
900eb17e0f9b7f0c0d035b14996c5fb4ceefb4956c7b7261e2e591a0a0ff4c48
95925b60671c7b3c3af7bba5e3a6ad71bbe833aff7cca4f1e92c1063e97a101c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9bbc964f42b95ca98f88388333b57798b103bf76784818307f8f3c0c464e3e31
9bd7819a1d6660f82f6b95860db5e1cee94af3c96ae8c0b12f5289559b6e901a
9db6cbd7259b5f855d7f8d0fbe7e984aab0f2d31953bf61e630590d4a57f9e58
9e81d6aad5c3ed431823fe341291e46580f26ff8f657b877fbb872b9b692e3c0
9f4213155317ecb2c2bbf311da42f5b5cf0f11128c4990cac52a415e43122245
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0fc0615075a9950b2ab5311e7f9adcf27f8dc177c639aa4cd683b14087417ad
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3acfa22721ab750c4483386b25daeb09e95d51dc9af834b56918584c671f101
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e6a88a087c85108f66e05542a1aeef00c11b34ab145709a9ce8256440baf93
a502f79cb5fa985d8b516eeb3b2ce66e500731cd1999e64b3bb1cb035e784f66
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a74ec6c3372b17eb68484fa2617af769f7e8c415eb33e5ee174cd8a43c5edaa7
a86d622b4c639bbc841d7162c49f3073a7871c270679371d9f079ad261e32d02
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
b13b8f89a79c883eb205b34adf7ea6afad13e4e7834f0487a3e9335dcaf09d24
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba4c56b1402aaab313f855711ba242f1168aae3dea89683b319c15af0f120343
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bce483ce05e34af34c91bf765756b9bb814731a1a6dd1bb73fc3a05ec93b5dc6
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c19455754ead9313cc2221c64f1c66e8378501d8099bdcb3d90bb0b1a170b5ec
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3d3d6b1f4e6c1a6579bffaaf7829e025de699890c31fce512064d0eded1c16b
c62942ea8d3d696a85db870bcfa123d1c76f21850ecb2f42fdf0e4c7d4ee16b7
c781c3b20201e3576a2af27828b9f886b1bddca93d599f2950c08667c7d2a043
c9633c01e0c237ffb01b3b979e8197cde05bc75dfc45ed64e54df673b53821b4
c9bdaf142f4297a030c4b66658fe0ce07d731f87d12eac45c424254f42ed7163
ca06420d27dd552ca50ff6503c7c2f2eef79c2f20a3eed29858e4af9226b2e93
ccaf59e06eb4f607fdedb30b166d8ab31ae2f92eaf4a2f998504204f1a2bf526
ccf275d85ba3479f9bb61b3915f34b3a16b5437cd0f4ec25666d819875a059a9
cd40cf486830d662086f11bba9b1209677f5d1833cd596a0111be31c95c756b2
cf505ddc9b1925cc42a5a98d9b029016bc49dc15c9dd5be4e2614cdaa8d3a174
d3112ae98e17f0ef1646d3c2a0dc0d89260387d4575be3f7a73d16dc1b6af5b0
d4de14048ce328aee2fc8d1bd3a1b4e1f6d333d65f206b52a449a04e46b81d15
d4ea27b9b47663c9cd3463abbee0643f818f33c643ede5f55bb88f7e7182efde
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dbc32f33967798a78d4d23797bcac666b28f0c1c6ccafb52ab501b8f1f7f746c
dd73aaa40aaa3f68485ce0099ab91f2db304523f542b95da68397340d58d5c4f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e406975d2e1dcdee8ce196a83c46210544c75f6a8f8e0d234b7d47dc57caceb5
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e69abd7e0cc82f336e61fea889e406ecbbeb7ece1df960231b7a9ba0d1dd1676
ec7871e30a38e7d72192f08166affae1b9a37d7f0eae0c6abaa580b2171cc7e8
ed0d5b8744e974398b940fbc68d194a96b2a9cc6db593f97d46b6e9e14a374b2
eeb6d4979f806687dfaec638ec07bf40c9fdc78e8d4809fb9c41da572ef8636f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef72fdc86270b0226a5018efba5f4d5742587b4c578f10567eb3d758e78fd124
efc516e25be760784e2d648733d0b6a90442d01daaef70861329dfa5db0ccb03
f1d760c1ce0a632fc16adab88f286afeb1c477d8a11f4c942721a2cdda649a8d
f282b302b54548f13a9057846c920b30519a4d4b7f4a5160347d2f7990827889
f522c035a950993fd706dc4b858536030f2ca2d5b2c5b5ab8ce686e30a35c305
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f5ce8ecc153c4e51d77a8480af2c1ceeb0c94a94f30b78d23151cacef80e6e32
f66c939c0e77d665ba45b3e0e5b12d84202495b851ffeda54b41ec2063f5893c
f68459bb45feb6164fbf99936aa4f09a05845f992aca4dff26ba9be8207b68cd
fd7fa3e1c939db756e35180b79e499016f1fea32fee8e3b88d7db9c61d15ad3b
ff72319068659cf7954eed64039bf89309da00c4d8ec69c551665e4d0acf9ec0
ffe1fc548e8d8c0e937c360cdb0d8ad6fa1a293dc72fe52325d1e3f95524a125

websites.mygameday.app Open in urlscan Pro 13.55.129.189 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

228 Requests

89 %HTTPS

48 %IPv6

48 Domains

86 Subdomains

78 IPs

9 Countries

2465 kBTransfer

5759 kBSize

26 Cookies

19 Outgoing links

Page URL History

Redirected requests

228 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

websites.mygameday.app Open in urlscan Pro
13.55.129.189 Public Scan

Screenshot
Live screenshot

Full Image

228
Requests

89 %
HTTPS

48 %
IPv6

48
Domains

86
Subdomains

78
IPs

9
Countries

2465 kB
Transfer

5759 kB
Size

26
Cookies

228 HTTP transactions
5 data transactions