www.on3.com Open in urlscan Pro
2606:4700:10::6816:42d2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://on3.com/
Effective URL:
https://www.on3.com/
Submission: On December 20 via api (December 20th 2022, 5:30:29 pm UTC) from IE — Scanned from DE

Summary HTTP 401 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 63 IPs in 6 countries across 53 domains to perform 401 HTTP transactions. The main IP is 2606:4700:10::6816:42d2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.on3.com. The Cisco Umbrella rank of the primary domain is 41125.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 3rd 2022. Valid for: a year.

This is the only time www.on3.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:43d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 144	2606:4700:10:... 2606:4700:10::6816:42d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
62	2606:4700:10:... 2606:4700:10::ac43:1bc7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700:303... 2606:4700:3035::ac43:d08a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:205... 2600:9000:2057:ca00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:807::200e	15169 (GOOGLE) (GOOGLE)
3	13.32.28.197 13.32.28.197	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:730... 2600:1f18:730:b150:8ee:4b1d:d9e7:1410	14618 (AMAZON-AES) (AMAZON-AES)
1	3.218.4.10 3.218.4.10	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.20.2 172.217.20.2	15169 (GOOGLE) (GOOGLE)
2	213.19.147.42 213.19.147.42	26120 (RHYTHMONE) (RHYTHMONE)
6	52.22.146.154 52.22.146.154	14618 (AMAZON-AES) (AMAZON-AES)
4	2600:9000:206... 2600:9000:206f:3000:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
2 4	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
3	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	54.73.175.243 54.73.175.243	16509 (AMAZON-02) (AMAZON-02)
1	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.121.4.183 3.121.4.183	16509 (AMAZON-02) (AMAZON-02)
3	18.159.78.175 18.159.78.175	16509 (AMAZON-02) (AMAZON-02)
3	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	99.86.3.236 99.86.3.236	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
5	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400c:c09::9a	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2 6	54.205.76.47 54.205.76.47	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:807::2001	15169 (GOOGLE) (GOOGLE)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
8 8	18.197.255.208 18.197.255.208	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.53.219 35.210.53.219	19527 (GOOGLE-2) (GOOGLE-2)
1	2600:1f18:ed:... 2600:1f18:ed:550e:8a5c:b0cf:9d7c:272c	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.51.217.65 52.51.217.65	16509 (AMAZON-02) (AMAZON-02)
1 2	2.18.232.236 2.18.232.236	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a04:4e42:200... 2a04:4e42:200::300	54113 (FASTLY) (FASTLY)
1 1	70.42.32.191 70.42.32.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
3	3.226.37.73 3.226.37.73	14618 (AMAZON-AES) (AMAZON-AES)
13	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	63.35.6.234 63.35.6.234	16509 (AMAZON-02) (AMAZON-02)
5 19	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	23.218.209.56 23.218.209.56	16625 (AKAMAI-AS) (AKAMAI-AS)
20	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
2	2600:9000:214... 2600:9000:214f:9400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2600:1f18:1ac... 2600:1f18:1aca:4281:c606:3396:5467:8f67	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.57.83.94 52.57.83.94	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
2 2	34.243.37.252 34.243.37.252	16509 (AMAZON-02) (AMAZON-02)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:bfc1:341:b1d9:ff76	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:211... 2600:9000:211e:2400:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
4	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	85.14.248.91 85.14.248.91	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	99.86.4.32 99.86.4.32	16509 (AMAZON-02) (AMAZON-02)
1	35.82.157.189 35.82.157.189	16509 (AMAZON-02) (AMAZON-02)
401	63

1 2606:4700:10::6816:43d2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

on3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

144 2606:4700:10::6816:42d2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

on3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.on3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 2606:4700:10::ac43:1bc7 (United States)

ASN13335 (CLOUDFLARENET, US)

on3static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::ac43:d08a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn-ext.spiny.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:ca00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.28.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-28-197.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b150:8ee:4b1d:d9e7:1410 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.218.4.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-4-10.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.20.2 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s28-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.22.146.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-146-154.compute-1.amazonaws.com

pbs.nextmillmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:206f:3000:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.141 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.73.175.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-175-243.eu-west-1.compute.amazonaws.com

exchange.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.4.183 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-4-183.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.159.78.175 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-78-175.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.3.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-236.fra6.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.205.76.47 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-76-47.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)

b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.197.255.208 (Frankfurt am Main, Germany) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-255-208.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550e:8a5c:b0cf:9d7c:272c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.217.65 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-217-65.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.236 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-236.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.191 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.226.37.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-37-73.compute-1.amazonaws.com

gw.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.35.6.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-6-234.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.186.162 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.209.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:9400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:1f18:1aca:4281:c606:3396:5467:8f67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.83.94 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-83-94.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Tuttlingen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.253 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.243.37.252 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-37-252.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:bfc1:341:b1d9:ff76 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:2400:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.74.194 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.91 (Kamp-Lintfort, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.32 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-32.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.82.157.189 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-157-189.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
145	on3.com 2 redirects on3.com — Cisco Umbrella Rank: 40361 www.on3.com — Cisco Umbrella Rank: 41125	2 MB
62	on3static.com on3static.com — Cisco Umbrella Rank: 48563	2 MB
37	googlesyndication.com b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 139 pagead2.googlesyndication.com — Cisco Umbrella Rank: 101	226 KB
35	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 208 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 297	247 KB
20	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 267	536 KB
13	adsafeprotected.com pixel.adsafeprotected.com — Cisco Umbrella Rank: 604 static.adsafeprotected.com — Cisco Umbrella Rank: 587 dt.adsafeprotected.com — Cisco Umbrella Rank: 543	100 KB
11	liadm.com 3 redirects b-code.liadm.com — Cisco Umbrella Rank: 2626 rp.liadm.com — Cisco Umbrella Rank: 1530 rp4.liadm.com — Cisco Umbrella Rank: 7037 i.liadm.com — Cisco Umbrella Rank: 552 i6.liadm.com — Cisco Umbrella Rank: 1943	23 KB
8	bidswitch.net 8 redirects x.bidswitch.net — Cisco Umbrella Rank: 282	3 KB
8	google.com 1 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1976 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	10 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 982 q.stripe.com — Cisco Umbrella Rank: 6290 m.stripe.com — Cisco Umbrella Rank: 976	101 KB
7	geoedge.be rumcdn.geoedge.be — Cisco Umbrella Rank: 1556 gw.geoedge.be — Cisco Umbrella Rank: 1730	240 KB
6	casalemedia.com 3 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 482 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 513	4 KB
6	nextmillmedia.com pbs.nextmillmedia.com — Cisco Umbrella Rank: 3736	1 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6041 adservice.google.de — Cisco Umbrella Rank: 8549	1 KB
4	rubiconproject.com 1 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 462 pixel.rubiconproject.com — Cisco Umbrella Rank: 309	2 KB
4	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	4 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 296 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503	48 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29 region1.google-analytics.com — Cisco Umbrella Rank: 2623	20 KB
4	gstatic.com fonts.gstatic.com	105 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 154	3 KB
3	openx.net us-u.openx.net — Cisco Umbrella Rank: 411 rtb.openx.net — Cisco Umbrella Rank: 1546	715 B
3	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 903	463 B
3	3lift.com 2 redirects tlx.3lift.com — Cisco Umbrella Rank: 510 eb2.3lift.com — Cisco Umbrella Rank: 335	1 KB
3	yahoo.com c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1139	474 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	185 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1099	17 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	111 KB
2	avct.cloud 2 redirects ads.avct.cloud — Cisco Umbrella Rank: 2769	890 B
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 690	677 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 534	899 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 688	2 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1225	344 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	94 KB
2	addthis.com 1 redirects x.dlx.addthis.com — Cisco Umbrella Rank: 1312	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 204	2 KB
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 4507	751 B
2	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 736	159 B
2	spiny.ai 1 redirects cdn-ext.spiny.ai — Cisco Umbrella Rank: 50950	127 KB
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 10374	60 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 655	439 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1648	296 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 977	356 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1427	588 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 522	291 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 664	381 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 315	265 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 434	675 B
1	media.net prebid.media.net — Cisco Umbrella Rank: 1148	12 KB
1	postrelease.com exchange.postrelease.com — Cisco Umbrella Rank: 5767	390 B
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 449	113 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 581	398 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 162	2 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 999	6 KB
401	53

	Domain	Requested by
143	www.on3.com	www.on3.com rumcdn.geoedge.be static.cloudflareinsights.com
62	on3static.com	www.on3.com
21	pagead2.googlesyndication.com	rumcdn.geoedge.be b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net
20	s0.2mdn.net	rumcdn.geoedge.be s0.2mdn.net b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
19	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
13	tpc.googlesyndication.com	rumcdn.geoedge.be s0.2mdn.net
9	dt.adsafeprotected.com	b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
8	x.bidswitch.net	8 redirects
7	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com rumcdn.geoedge.be
6	i.liadm.com	2 redirects rumcdn.geoedge.be i.liadm.com
6	www.google.com	1 redirects www.on3.com rumcdn.geoedge.be
6	pbs.nextmillmedia.com	cdn-ext.spiny.ai
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	googleads4.g.doubleclick.net	rumcdn.geoedge.be
4	ib.adnxs.com	2 redirects cdn-ext.spiny.ai googleads.g.doubleclick.net
4	rumcdn.geoedge.be	cdn-ext.spiny.ai rumcdn.geoedge.be www.on3.com
4	securepubads.g.doubleclick.net	www.on3.com securepubads.g.doubleclick.net
4	fonts.gstatic.com	www.on3.com
3	sb.scorecardresearch.com	1 redirects
3	q.stripe.com	www.on3.com
3	gw.geoedge.be	rumcdn.geoedge.be
3	b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com	securepubads.g.doubleclick.net rumcdn.geoedge.be
3	www.google.de	www.on3.com
3	js.stripe.com	www.on3.com rumcdn.geoedge.be js.stripe.com
3	fastlane.rubiconproject.com	cdn-ext.spiny.ai
3	btlr.sharethrough.com	cdn-ext.spiny.ai
3	c2shb.ssp.yahoo.com	cdn-ext.spiny.ai
3	c.amazon-adsystem.com	cdn-ext.spiny.ai c.amazon-adsystem.com
3	www.googletagmanager.com	www.on3.com www.googletagmanager.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	connect.facebook.net	www.on3.com connect.facebook.net
2	eb2.3lift.com	2 redirects
2	ads.avct.cloud	2 redirects
2	onetag-sys.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	pm.w55c.net	2 redirects
2	static.adsafeprotected.com	rumcdn.geoedge.be
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	pixel.adsafeprotected.com	rumcdn.geoedge.be b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
2	www.googletagservices.com	rumcdn.geoedge.be
2	x.dlx.addthis.com	1 redirects i.liadm.com
2	dpm.demdex.net	2 redirects
2	pool.admedo.com	2 redirects
2	region1.google-analytics.com	www.googletagmanager.com
2	targeting.unrulymedia.com	cdn-ext.spiny.ai
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	b-code.liadm.com	www.on3.com b-code.liadm.com
2	cdn-ext.spiny.ai	1 redirects www.on3.com
2	on3.com	2 redirects
1	m.stripe.com	m.stripe.network
1	m.exactag.com	b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
1	s.ad.smaato.net	1 redirects
1	ag.innovid.com	b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
1	rtb.openx.net	b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
1	pixel.rubiconproject.com	1 redirects
1	odr.mookie1.com	b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
1	dsp.adfarm1.adition.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	trc.taboola.com	i.liadm.com
1	i6.liadm.com	i.liadm.com
1	match.adsrvr.org	i.liadm.com
1	sync.mathtag.com	1 redirects
1	adservice.google.com	rumcdn.geoedge.be
1	adservice.google.de	rumcdn.geoedge.be
1	stats.g.doubleclick.net	www.google-analytics.com
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	prebid.media.net	cdn-ext.spiny.ai
1	tlx.3lift.com	cdn-ext.spiny.ai
1	htlb.casalemedia.com	cdn-ext.spiny.ai
1	exchange.postrelease.com	cdn-ext.spiny.ai
1	hbopenbid.pubmatic.com	cdn-ext.spiny.ai
1	ap.lijit.com	cdn-ext.spiny.ai
1	www.googleadservices.com	www.googletagmanager.com
1	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
1	rp4.liadm.com	www.on3.com
1	rp.liadm.com	1 redirects
1	static.cloudflareinsights.com	www.on3.com
401	78

This site contains links to these domains. Also see Links.

Domain
on3.zendesk.com
shop.outsider.com
sportsquotes.com
twitter.com
www.instagram.com
facebook.com
instagram.com
spiny.ai

Subject Issuer	Validity	Valid
on3.com Cloudflare Inc ECC CA-3	`2022-02-03` - `2023-02-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-13` - `2023-03-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.liadm.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-09` - `2023-05-09`	a year	crt.sh
pbs.nextmillmedia.com Amazon	`2022-07-13` - `2023-08-11`	a year	crt.sh
gw.geoedge.be Amazon	`2022-09-12` - `2023-10-10`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.postrelease.com Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-12-15` - `2024-01-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
protect.geoedge.be Sectigo ECC Domain Validation Secure Server CA	`2022-01-02` - `2023-02-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2022-04-01` - `2023-05-02`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-12` - `2023-03-09`	4 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-29` - `2022-12-28`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-15` - `2023-01-26`	4 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://www.on3.com/
Frame ID: 27659C5CBCC841D9CFF277B3399E19EC
Requests: 271 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-087j?s=&cim=&ps=true&ls=true&duid=4e503d5d0a01--01gmr9c5yb4ve2m1jc6nvy3vet&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: 231C44F97904E7A755AB007C4B641940
Requests: 8 HTTP requests in this frame

Frame: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6BE7ADDC2AB5A347DD335704BB34A2FF
Requests: 1 HTTP requests in this frame

Frame: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 95761B185E1FFEC5FA0399C2C9827907
Requests: 31 HTTP requests in this frame

Frame: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9CDED61FE077FEEE90795D16EC50EBE1
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNVICS_3IDlGLa6YkmyTmXilKL0E8PXMYmFZfdFmDzzr3MP4XP7i9jbVIm56p0RYGjEp4sI0VXUTuuXKImUBrDWARyJlWAAWj4FtIQlPWg0fum4pccWLj2dL0yIoZKGSngUXbn8eFqazMCt9IDfeiIB8x0vsOQNOUkqqbs0sDJjdJbOEkVw
Frame ID: 9C4B3CF7468BC295D13CE2D4A1994619
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpMGavQEwAQ&v=APEucNVQ29_2ybLPWKs5Utn0EhEpi6AkjEPkV97uQGC7cBw6CCHHSYdC-au5S0YqlZb2jdtGn9YeQDtRPqxYVIVc7mnniOQqmKeAL2OUdNfwYi5QCHoI99aFqXSS746KRSTkBKNlLCvTJK4boTS8XtU0wY84MjMDI4dpneTLkRAu3Lw2ZxOrgu8
Frame ID: CA753232B0C6762E85469FA5707B9139
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7A434B8F7D0FEAAEFE7C930F0E0F6B3A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4D0299C50EDD78441D9B6D421E48C294
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: D5331AC7E203022E631FEC80E360D459
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FE82F445997AD0B78F0DD4C4C5E7C599
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AAC82BDC4C2B8B313E00BA154304DE8D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/index.html?e=69&leftOffset=0&topOffset=0&c=GBtDUtRgGv&t=1&renderingType=2&ev=01_247
Frame ID: 2F4FCF6C0006923A13DD6A71ADBC237A
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=PPtW9lekH9&t=1&renderingType=2&ev=01_247
Frame ID: 6C49029D61AA124E93BF9591C252FD67
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 97C05D272AA0FADDA2CDD87CF272AC94
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 3F8DF75340BF26AF759F33F2383A488B
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: 1CC2426A9953D0FBF91AFA2A0AC7E23D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: B9EBF140AF02738EF29167048B54F5D7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A5DAB92371EA2E913950406724C3F378
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9F950AD37EB245E7F94A1F4029B28493
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

On3.com | The Best of College Sports and Recruiting

Page URL History Show full URLs

http://on3.com/ HTTP 301
https://on3.com/ HTTP 301
https://www.on3.com/ Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

401
Requests

93 %
HTTPS

43 %
IPv6

53
Domains

78
Subdomains

63
IPs

6
Countries

5684 kB
Transfer

13149 kB
Size

50
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://on3.zendesk.com/hc/en-us
Title: FAQ

Search URL Search Domain Scan URL

URL: https://on3.zendesk.com/hc/en-us/requests/new
Title: Help

Search URL Search Domain Scan URL

URL: https://shop.outsider.com/collections/on3
Title: Shop On3

Search URL Search Domain Scan URL

URL: http://sportsquotes.com/
Title: SportsQuotes.com

Search URL Search Domain Scan URL

URL: https://twitter.com/airmgreene/status/1605206423696048128
Title: Source

Search URL Search Domain Scan URL

URL: https://twitter.com/ZachLunsford_11/status/1604948864263458817
Title: Source

Search URL Search Domain Scan URL

URL: https://twitter.com/on3sports
Title: @on3sports

Search URL Search Domain Scan URL

URL: https://www.instagram.com/on3
Title: @on3

Search URL Search Domain Scan URL

URL: https://twitter.com/on3recruits
Title: @on3recruits

Search URL Search Domain Scan URL

URL: https://www.instagram.com/on3recruits
Title: @on3recruits

Search URL Search Domain Scan URL

URL: https://twitter.com/Ivan_Maisel
Title: @Ivan_Maisel

Search URL Search Domain Scan URL

URL: https://twitter.com/mzenitz
Title: @mzenitz

Search URL Search Domain Scan URL

URL: https://twitter.com/ChadSimmons_
Title: @ChadSimmons_

Search URL Search Domain Scan URL

URL: https://twitter.com/MikeHuguenin
Title: @MikeHuguenin

Search URL Search Domain Scan URL

URL: https://twitter.com/hayesfawcett3
Title: @hayesfawcett3

Search URL Search Domain Scan URL

URL: https://www.instagram.com/hayesfawcett3
Title: @hayesfawcett3

Search URL Search Domain Scan URL

URL: https://twitter.com/tiptonedits
Title: @tiptonedits

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tiptonedits
Title: @tiptonedits

Search URL Search Domain Scan URL

URL: https://twitter.com/on3nil
Title: @on3nil

Search URL Search Domain Scan URL

URL: https://www.instagram.com/on3nil
Title: @on3nil

Search URL Search Domain Scan URL

URL: https://facebook.com/On3Sports

Search URL Search Domain Scan URL

URL: https://instagram.com/on3/

Search URL Search Domain Scan URL

URL: https://spiny.ai/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://on3.com/ HTTP 301
https://on3.com/ HTTP 301
https://www.on3.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 97

https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js HTTP 302
https://cdn-ext.spiny.ai/lib/br/tags/v1.0.30/D17/on3/default/bidroll.min.js

Request Chain 193

https://rp.liadm.com/j?dtstmp=1671557421132&aid=a-087j&se=e30&duid=4e503d5d0a01--01gmr9c5yb4ve2m1jc6nvy3vet&tna=v2.5.1&pu=https%3A%2F%2Fwww.on3.com%2F&wpn=lc-bundle&c=PHRpdGxlPk9uMy5jb20gfCBUaGUgQmVzdCBvZiBDb2xsZWdlIFNwb3J0cyBhbmQgUmVjcnVpdGluZzwvdGl0bGU-PG1ldGEgY29udGVudD0iT24zIGlzIGJlc3QgcmVzb3VyY2UgZm9yIGNvbGxlZ2Ugc3BvcnRzLCByZWNydWl0aW5nLCBhbmQgTklMLiBGaW5kIGFsbCBvZiB5b3VyIGZhdm9yaXRlIHRlYW1zIGluZm9ybWF0aW9uIG9yIGJyb3dzZSBvdXIgYWR2YW5jZWQgcGxheWVyIGRhdGFiYXNlLiIgbmFtZT0iZGVzY3JpcHRpb24iPg HTTP 302
https://rp4.liadm.com/j?dtstmp=1671557421132&aid=a-087j&se=e30&duid=4e503d5d0a01--01gmr9c5yb4ve2m1jc6nvy3vet&tna=v2.5.1&pu=https%3A%2F%2Fwww.on3.com%2F&wpn=lc-bundle&c=PHRpdGxlPk9uMy5jb20gfCBUaGUgQmVzdCBvZiBDb2xsZWdlIFNwb3J0cyBhbmQgUmVjcnVpdGluZzwvdGl0bGU-PG1ldGEgY29udGVudD0iT24zIGlzIGJlc3QgcmVzb3VyY2UgZm9yIGNvbGxlZ2Ugc3BvcnRzLCByZWNydWl0aW5nLCBhbmQgTklMLiBGaW5kIGFsbCBvZiB5b3VyIGZhdm9yaXRlIHRlYW1zIGluZm9ybWF0aW9uIG9yIGJyb3dzZSBvdXIgYWR2YW5jZWQgcGxheWVyIGRhdGFiYXNlLiIgbmFtZT0iZGVzY3JpcHRpb24iPg&i6=MmEwMzoxYjIwOjY6ZjAxMTo6NmU%3D&n3pc=true

Request Chain 249

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/300834140/?random=1400110694&cv=11&fst=1671557421323&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=4Q_iCL2KmIUDENy6uY8B&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.on3.com%2F&tiba=On3.com%20%7C%20The%20Best%20of%20College%20Sports%20and%20Recruiting&gtm_ee=1&auid=329625252.1671557421&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=LfGhY9PJHcjTxwLZpKjABw&sscte=1&crd=&pscrd=Ek5DaEVJZ05lRm5RWVE0ckxPbElyNHdiWHNBUklsQU45eFNxdEFSbVpZLXk2dHJ1RmlUVmlEX0o4U0xVaElDWU9zRG52NDlGY0pOREJKQkEaWENoRUlnTmVGblFZUWtZS3ZtTVR4OXM2TEFSSXRBTUtfRkV5V1BVVExmQjkydHg1MldJWHhPZjZaeGpEREYtOGVBM1BLdTZzcUhYend1dFk4R29ITE11dzM HTTP 302
https://www.google.com/pagead/1p-conversion/300834140/?random=1400110694&cv=11&fst=1671557421323&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=4Q_iCL2KmIUDENy6uY8B&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.on3.com%2F&tiba=On3.com%20%7C%20The%20Best%20of%20College%20Sports%20and%20Recruiting&gtm_ee=1&auid=329625252.1671557421&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ05lRm5RWVE0ckxPbElyNHdiWHNBUklsQU45eFNxdEFSbVpZLXk2dHJ1RmlUVmlEX0o4U0xVaElDWU9zRG52NDlGY0pOREJKQkEaWENoRUlnTmVGblFZUWtZS3ZtTVR4OXM2TEFSSXRBTUtfRkV5V1BVVExmQjkydHg1MldJWHhPZjZaeGpEREYtOGVBM1BLdTZzcUhYend1dFk4R29ITE11dzM&is_vtc=1&ocp_id=LfGhY9PJHcjTxwLZpKjABw&cid=CAQSKQDq26N95DcaCtAJ-eCK6r3BEZnOreKfYuoE1B2XM9oNDPo54doTLZwCIBM&random=3594059310 HTTP 302
https://www.google.de/pagead/1p-conversion/300834140/?random=1400110694&cv=11&fst=1671557421323&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=4Q_iCL2KmIUDENy6uY8B&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.on3.com%2F&tiba=On3.com%20%7C%20The%20Best%20of%20College%20Sports%20and%20Recruiting&gtm_ee=1&auid=329625252.1671557421&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ05lRm5RWVE0ckxPbElyNHdiWHNBUklsQU45eFNxdEFSbVpZLXk2dHJ1RmlUVmlEX0o4U0xVaElDWU9zRG52NDlGY0pOREJKQkEaWENoRUlnTmVGblFZUWtZS3ZtTVR4OXM2TEFSSXRBTUtfRkV5V1BVVExmQjkydHg1MldJWHhPZjZaeGpEREYtOGVBM1BLdTZzcUhYend1dFk4R29ITE11dzM&is_vtc=1&ocp_id=LfGhY9PJHcjTxwLZpKjABw&cid=CAQSKQDq26N95DcaCtAJ-eCK6r3BEZnOreKfYuoE1B2XM9oNDPo54doTLZwCIBM&random=3594059310&ipr=y&prhg=0

Request Chain 261

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-087j%2F0%2Fb6c4badd83f644deb862f9158c860604%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&a7665e9a-4205-4f24-9658-91a4f46a222a HTTP 302
https://i.liadm.com/s/e/a-087j/0/b6c4badd83f644deb862f9158c860604?mpid=7156&muid=aaf463a1-f12f-4400-872c-02c97ca5d3d3

Request Chain 263

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=a7665e9a-4205-4f24-9658-91a4f46a222a&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=a7665e9a-4205-4f24-9658-91a4f46a222a&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=a6ff5d79-eb25-4920-bc98-aac586747f9d HTTP 303
https://x.bidswitch.net/sync?ssp=liveintent&user_id=a7665e9a-4205-4f24-9658-91a4f46a222a HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent&bsw_custom_parameter=a6ff5d79-eb25-4920-bc98-aac586747f9d HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent&bsw_custom_parameter=a6ff5d79-eb25-4920-bc98-aac586747f9d HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=af9b7cfb-efe3-47ab-91f5-22c9d26af6c0&user_group=1&ssp=liveintent&bsw_param=a6ff5d79-eb25-4920-bc98-aac586747f9d HTTP 302
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=a6ff5d79-eb25-4920-bc98-aac586747f9d HTTP 303
https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=a6ff5d79-eb25-4920-bc98-aac586747f9d

Request Chain 264

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=a7665e9a-4205-4f24-9658-91a4f46a222a&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-087j%2F0%2Fb6c4badd83f644deb862f9158c860604%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=a7665e9a-4205-4f24-9658-91a4f46a222a&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-087j%2F0%2Fb6c4badd83f644deb862f9158c860604%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
https://i.liadm.com/s/e/a-087j/0/b6c4badd83f644deb862f9158c860604?mpid=82775&muid=66602698248101081070774531128206098408

Request Chain 265

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=a7665e9a-4205-4f24-9658-91a4f46a222a HTTP 302
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=a7665e9a-4205-4f24-9658-91a4f46a222a&rd=Y

Request Chain 267

https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP 302
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=

Request Chain 294

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELZPmh9CAggDCL_t3RBKug8&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELZPmh9CAggDCL_t3RBKug8&google_cver=1&C=1

Request Chain 295

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y6HxL.sQDwbRyzcpZdW3EgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELZPmh9CAggDCL_t3RBKug8&google_cver=1&google_hm=2

Request Chain 296

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOhyxR2ie878fhyBehvIMTQ&google_cver=1

Request Chain 297

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU4NjI5NzYwNDg5NTk0MDM2Mw%3D%3D

Request Chain 298

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEmpbJtRtQD6rAMvqyoXsVg&google_cver=1

Request Chain 300

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESENHLvKDpUSJ31e4DTUwqA9U&google_cver=1

Request Chain 320

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAqkIRSXfSQjYGH4VuVVaWs&google_cver=1&google_push=AavPq0MxmQjVQbxFQPvPFVmUDRSzlG6Pzfi3_P2DcGmh5Uv9O4YsHVf8S6A1h6etF99rbmUNpKUVZIzx_b-9hzvDkSvBq-le0BLudRw HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAqkIRSXfSQjYGH4VuVVaWs&google_cver=1&google_push=AavPq0MxmQjVQbxFQPvPFVmUDRSzlG6Pzfi3_P2DcGmh5Uv9O4YsHVf8S6A1h6etF99rbmUNpKUVZIzx_b-9hzvDkSvBq-le0BLudRw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QTBQQXhUZEIxUDdHckI1&google_gid=CAESEAqkIRSXfSQjYGH4VuVVaWs&google_cver=1&google_push=AavPq0MxmQjVQbxFQPvPFVmUDRSzlG6Pzfi3_P2DcGmh5Uv9O4YsHVf8S6A1h6etF99rbmUNpKUVZIzx_b-9hzvDkSvBq-le0BLudRw

Request Chain 321

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEH_zIR4SOIvegQGign02cSs&google_cver=1&google_push=AavPq0Mf0dA8SAv2gdCj5aUAThm9X72ZEfm33tFG4z2H-rGDg7Ffac_7O4McMOM_RIQwkiS2EhCDjYU9liMunnBASuwqm6iNbQTMH9U2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH_zIR4SOIvegQGign02cSs&google_push=AavPq0Mf0dA8SAv2gdCj5aUAThm9X72ZEfm33tFG4z2H-rGDg7Ffac_7O4McMOM_RIQwkiS2EhCDjYU9liMunnBASuwqm6iNbQTMH9U2

Request Chain 322

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIGTzz2tb-fqT1xXGq6s3EA&google_cver=1&google_push=AavPq0OZrLjglxu2UHeRraCL9mYYu_Qf_Q3GFfSrdkOa01RkuQf555HV1mZpttdaraucdtBwyZvWdGwINDRXP-eRvk8LpAfc3vCueL7J HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3OTI4NDQ2NTE4NzAyNzA4OA%3D%3D&google_push=AavPq0OZrLjglxu2UHeRraCL9mYYu_Qf_Q3GFfSrdkOa01RkuQf555HV1mZpttdaraucdtBwyZvWdGwINDRXP-eRvk8LpAfc3vCueL7J

Request Chain 323

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIAEXb3lI9WCx4MHZ1vq2V0&google_cver=1&google_push=AavPq0N7xWbGn5NhWs1Wv_BiPkmkugBvoWFOVu8nZhz4imxX04-2QCtib4kwnWjn6nUcR8BAh-jGQChR60v91KaX2CF7f7fn3VKHnORt HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=a6ff5d79-eb25-4920-bc98-aac586747f9d&ssp=google&gdpr=&gdpr_consent=

Request Chain 324

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ0QwOFjQf8M4l5xgQ5eMtg&google_cver=1&google_push=AavPq0MaYZ0MohHuRt40oAEvEo4xQ88gu6hq0F2OUfexmtyRudAjfzWDbwWfZMyRPGCi0gxxOguKgyA7XvJJsgICbgEJK2q5ipuVZaxS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJXSTRQMTEtTS1IMUxJ&google_push=AavPq0MaYZ0MohHuRt40oAEvEo4xQ88gu6hq0F2OUfexmtyRudAjfzWDbwWfZMyRPGCi0gxxOguKgyA7XvJJsgICbgEJK2q5ipuVZaxS

Request Chain 325

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESED_NZcjrucpDnnxi96sGOHE&google_cver=1&google_push=AavPq0O-juwPKpJ8Eph_aOt4OySrNpXGVPNPpA-D1jBfn_D6rpQ9oeN1k23hyTpJzck_3sR3OkCFsa_BNKyo3-OYeAZ6yX5kQJWKMjFu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0O-juwPKpJ8Eph_aOt4OySrNpXGVPNPpA-D1jBfn_D6rpQ9oeN1k23hyTpJzck_3sR3OkCFsa_BNKyo3-OYeAZ6yX5kQJWKMjFu

Request Chain 326

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJbdNZOgTQH8lh8fsbKilnU&google_cver=1&google_push=AavPq0MsWqvx1v9MtLV30Uuai7_1HI_QdZnnzLI0Eo33StmyJxugIepawUG_HuSiCd-rvHJsLMSNeApSp5rCQch1tM5yWk559GHjydGotA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=a6ff5d79-eb25-4920-bc98-aac586747f9d&%%GOOGLE_PUSH_PAIR%%

Request Chain 328

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEH_zIR4SOIvegQGign02cSs&google_cver=1&google_push=AavPq0Nhs44rlJN6jLKR40E83_M1lLYNb82mMSM6VCnVuU2SaiuYxArxjQXH8nVEdBLmPA6jJLJJrxlWOgRQ-gMDCKt-OrUBrajb HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH_zIR4SOIvegQGign02cSs&google_push=AavPq0Nhs44rlJN6jLKR40E83_M1lLYNb82mMSM6VCnVuU2SaiuYxArxjQXH8nVEdBLmPA6jJLJJrxlWOgRQ-gMDCKt-OrUBrajb

Request Chain 329

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIAEXb3lI9WCx4MHZ1vq2V0&google_cver=1&google_push=AavPq0PM_NtxHaEspC44am4SloZxKxPyW5-f_sm0NTUxk7QU6PqGjgibqrg1iRvy14VeNeGHkv6eWlpCgH33J2mu0IP8WmiOw2BN HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=c8052266-862a-4cb9-a03b-67fb90657cf2&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PM_NtxHaEspC44am4SloZxKxPyW5-f_sm0NTUxk7QU6PqGjgibqrg1iRvy14VeNeGHkv6eWlpCgH33J2mu0IP8WmiOw2BN&google_hm=pv9deeslSSC8mKrFhnR_nQ==

Request Chain 332

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEON0zxlVGdnkpRaVM53xq1I&google_cver=1&google_push=AavPq0MxWzLc-27hvg0Q4fwDmivPcRyveHjpUwmo0n0Gg2zdqFCepFlhQe6jed-5zK5eLJqD1rN8JgI2_DY4sSxr6QqtBmdaNZgE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0MxWzLc-27hvg0Q4fwDmivPcRyveHjpUwmo0n0Gg2zdqFCepFlhQe6jed-5zK5eLJqD1rN8JgI2_DY4sSxr6QqtBmdaNZgE

Request Chain 333

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESED_NZcjrucpDnnxi96sGOHE&google_cver=1&google_push=AavPq0MFMN_lb67wH6i2FmF0UKAW-PUm4aDnlj7MQ0MmUpKM7iJBKUl3n9i9_KKoOxGG4GZkYaWEwS408VRA6GLakBVVklVm7OcuGg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MFMN_lb67wH6i2FmF0UKAW-PUm4aDnlj7MQ0MmUpKM7iJBKUl3n9i9_KKoOxGG4GZkYaWEwS408VRA6GLakBVVklVm7OcuGg

Request Chain 334

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJvIT0r42BX_z1GwRJiFivM&google_cver=1&google_push=AavPq0Njf9GCe7YLSGdduTFgDvbVDBjHWEJVV_ij-L0E4Ii6FmLUd59A7sMhEYbyvFwtk2ky1Wnr9YP3-mQpUzj3s9RrAL7VOgyTbw HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0Njf9GCe7YLSGdduTFgDvbVDBjHWEJVV_ij-L0E4Ii6FmLUd59A7sMhEYbyvFwtk2ky1Wnr9YP3-mQpUzj3s9RrAL7VOgyTbw&google_gid=CAESEJvIT0r42BX_z1GwRJiFivM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDA4NDIwNTI4NzAzNTEzNDY0MDE2Mg%3D%3D&google_push=AavPq0Njf9GCe7YLSGdduTFgDvbVDBjHWEJVV_ij-L0E4Ii6FmLUd59A7sMhEYbyvFwtk2ky1Wnr9YP3-mQpUzj3s9RrAL7VOgyTbw

Request Chain 373

https://sb.scorecardresearch.com/cs/36671852/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

401 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.on3.com/
Redirect Chain

http://on3.com/
https://on3.com/
https://www.on3.com/

1 MB
158 KB

733ms
674ms

Document
text/html

2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

56e7c597d5fb6883f31864932b364ffb837e522d8a37eebdd9156795c2980ffc

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: EXPIRED
cf-ray: 77ca1aef59cc695d-FRA
content-encoding: br
content-security-policy
content-type: text/html; charset=utf-8
date: Tue, 20 Dec 2022 17:30:20 GMT
last-modified: Tue, 20 Dec 2022 16:48:13 GMT
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: deny
x-powered-by: Next.js
x-xss-protection: 1

Redirect headers

cache-control: max-age=3600
cf-ray: 77ca1aeea8a191ef-FRA
date: Tue, 20 Dec 2022 17:30:19 GMT
expires: Tue, 20 Dec 2022 18:30:19 GMT
location: https://www.on3.com/
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 c8a357145d65263a.css
www.on3.com/_next/static/css/ 1 KB
769 B 58ms
58ms Stylesheet
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/c8a357145d65263a.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5127b82f9e9c8f658c6ac712b12ed1aa32755f5d90bf4953c5d7d9db25eb58e6

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"485-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af39bbe695d-FRA

GET
H2 200 6663058ad249eaa9.css
www.on3.com/_next/static/css/ 21 KB
5 KB 59ms
58ms Stylesheet
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/6663058ad249eaa9.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8eadab9423f2702a66110602270c4b6c86b1b522cb2d69b9b265402a77b848c0

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=21698
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"54c2-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af39bc6695d-FRA

GET
H2 200 0215489be5675b2a.css
www.on3.com/_next/static/css/ 28 KB
5 KB 57ms
57ms Stylesheet
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/0215489be5675b2a.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

666945c7806e7ca0f578b2f6e29cb49a6ead67947405b9cc20c822507e58a2f0

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 27
cf-polished: origSize=28634
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"6fda-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af39bc9695d-FRA

GET
H2 200 96a07407002e62ca.css
www.on3.com/_next/static/css/ 17 KB
4 KB 49ms
48ms Stylesheet
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/96a07407002e62ca.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92d0f502ca4e1fcfa45e10226c3ebdbad7f31d6f6cd6d9ec8ffe7b0455c724ad

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 27
cf-polished: origSize=17429
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"4415-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af39bcb695d-FRA

GET
H2 200 webpack-b4709540f8fc4a4d.js Show response
www.on3.com/_next/static/chunks/ 3 KB
1 KB 41ms
37ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/webpack-b4709540f8fc4a4d.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b264930c1b3419925ffe1260bf8b91ee37804bb677c98b3d77a5e41554270fc

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=3413
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"d55-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af3bbfb695d-FRA

GET
H2 200 framework-d2f1243c43436331.js Show response
www.on3.com/_next/static/chunks/ 138 KB
45 KB 60ms
55ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/framework-d2f1243c43436331.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcd00ebcff4043f9d89363aba25f26d60d1c8f9be2f1ed87302d7739a986378a

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=142109
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"22b1d-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af3bc02695d-FRA

GET
H2 200 main-9b45f65dd97df6bd.js Show response
www.on3.com/_next/static/chunks/ 159 KB
39 KB 60ms
55ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a703a8d5646f3f3b4f2841cd825713c12df07d8b7c6e67efb593a85f834dbe7c

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=162611
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"27b33-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af3bc06695d-FRA

GET
H2 200 _app-7f6e3d8d7c225f83.js Show response
www.on3.com/_next/static/chunks/pages/ 236 KB
56 KB 45ms
40ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/_app-7f6e3d8d7c225f83.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d141d053ff24a649dd94a41f3d3b3d67ddac085c911d92527dccfd76f744239a

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=242556
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"3b37c-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af3bc0c695d-FRA

GET
H2 200 4229-74bc026b0d696493.js Show response
www.on3.com/_next/static/chunks/ 13 KB
4 KB 58ms
54ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/4229-74bc026b0d696493.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fec7dc6703085ec7c4257b6a05d5cf0f4a58a86cccb1ceb7e6132a47ed566e7

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=13196
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"338c-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af3bc11695d-FRA

GET
H2 200 2938-432fb7fb6fc91679.js Show response
www.on3.com/_next/static/chunks/ 12 KB
3 KB 42ms
38ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/2938-432fb7fb6fc91679.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a770609a8dfc6a90a1349e8727b85598db8a3842f49fbc52690a7f06fb02379

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=12377
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"3059-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af3bc13695d-FRA

GET
H2 200 1610-6ff83cf8d3eab4fa.js Show response
www.on3.com/_next/static/chunks/ 27 KB
7 KB 59ms
54ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/1610-6ff83cf8d3eab4fa.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d292034e26d943368e926706861a1365f4a90ce943453585121937a298aca7b0

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=27885
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"6ced-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af3bc16695d-FRA

GET
H2 200 871-3e82d69b87b25c95.js Show response
www.on3.com/_next/static/chunks/ 16 KB
4 KB 58ms
54ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/871-3e82d69b87b25c95.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32210c82febc36021c63ad54074519cd306dd60176c1cf797d077582cb812e02

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=16530
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"4092-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af3bc17695d-FRA

GET
H2 200 1168-54658fd90c340dd3.js Show response
www.on3.com/_next/static/chunks/ 26 KB
6 KB 41ms
37ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/1168-54658fd90c340dd3.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ea317aa9be687422a8d21d7bceaa57d52badbe604c37596357ef4808bbe96a3

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=27168
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"6a20-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af3bc18695d-FRA

GET
H2 200 5790-6e81f5f9ce0e3aed.js Show response
www.on3.com/_next/static/chunks/ 32 KB
7 KB 59ms
55ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/5790-6e81f5f9ce0e3aed.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

621ef4a276469c9ba56502fbb326a831ad6803c0333de3dec74e69b10d1b20c9

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=32317
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"7e3d-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af3bc1a695d-FRA

GET
H2 200 9784-2434738b96920210.js Show response
www.on3.com/_next/static/chunks/ 10 KB
3 KB 62ms
59ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/9784-2434738b96920210.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea0c59557e96f09888eda92f5dcd78f7da16f839744ad0e30fd612d94753a356

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=9887
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"269f-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af3cc3e695d-FRA

GET
H2 200 5141-b287a5be07d0beb1.js Show response
www.on3.com/_next/static/chunks/ 11 KB
3 KB 73ms
69ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/5141-b287a5be07d0beb1.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e9f4b9a81705bfaf4825babe963b13a8e2f150cd97e09f806137c1bdcc04a90

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 27
cf-polished: origSize=11502
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"2cee-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af3cc3f695d-FRA

GET
H2 200 2193-b1e11c29e6b4c36a.js Show response
www.on3.com/_next/static/chunks/ 13 KB
4 KB 81ms
77ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/2193-b1e11c29e6b4c36a.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b813f43e68255798e72635d62e261f4036d46a4f852c9ed4049952ab182fdeb

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=13773
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"35cd-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af3cc43695d-FRA

GET
H2 200 63-bd74eaf92f60964e.js Show response
www.on3.com/_next/static/chunks/ 45 KB
10 KB 80ms
76ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/63-bd74eaf92f60964e.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2319de6546ebfa369395b6d5ca860c536643d3b7a145e190c56b4e4db11acc5

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=45927
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"b367-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af3cc46695d-FRA

GET
H2 200 1820-63904caa489c24f8.js Show response
www.on3.com/_next/static/chunks/ 5 KB
2 KB 64ms
61ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/1820-63904caa489c24f8.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

696277a53e0fadd37c8f95083897cfc374913d15b3750e5c65c4d23c825bfd26

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=5417
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"1529-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af3cc48695d-FRA

GET
H2 200 1335-4f45390dfe1b41fa.js Show response
www.on3.com/_next/static/chunks/ 46 KB
12 KB 64ms
61ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/1335-4f45390dfe1b41fa.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6505987a0f8f6a271031660e4858a885ff3f7b24940a5f624583c84382a62f2

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=46717
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"b67d-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af3cc4c695d-FRA

GET
H2 200 7392-d3832deb6ce67689.js Show response
www.on3.com/_next/static/chunks/ 21 KB
7 KB 63ms
60ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/7392-d3832deb6ce67689.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8f7c0a159a74d5c84de882fd98238cd201a4e34ac17e2927747ef8cfff75bc6

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=21727
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"54df-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af3cc4e695d-FRA

GET
H2 200 9086-31184526067cb8ee.js Show response
www.on3.com/_next/static/chunks/ 74 KB
19 KB 73ms
70ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/9086-31184526067cb8ee.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

486f85a01c77d66e2356ac53e26b024cc2e9909abbaceefadba029b9f2f9ecc1

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=76058
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"1291a-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af3cc4f695d-FRA

GET
H2 200 1378-55b26e17c84d096c.js Show response
www.on3.com/_next/static/chunks/ 13 KB
4 KB 61ms
58ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/1378-55b26e17c84d096c.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6eb5192637a387e3d7668495008dc35c84da61a63d00196eabb1bbfa8e36df00

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=12953
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"3299-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af3cc51695d-FRA

GET
H2 200 7319-44d6707d80f15d52.js Show response
www.on3.com/_next/static/chunks/ 141 KB
48 KB 88ms
85ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/7319-44d6707d80f15d52.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a2166bdfeb3c6193107d5dc84642563d020982d84b0f96055c2e8011d62e638

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=144524
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"2348c-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af3cc53695d-FRA

GET
H2 200 2780-0565542238430824.js Show response
www.on3.com/_next/static/chunks/ 22 KB
7 KB 63ms
60ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/2780-0565542238430824.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf5108254f736c367c3de65426be74acc3bc98339f4e4aab6798c1df639f3b73

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 27
cf-polished: origSize=22605
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"584d-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af3cc54695d-FRA

GET
H2 200 9043-71b2834ce0b19ae2.js Show response
www.on3.com/_next/static/chunks/ 22 KB
6 KB 63ms
60ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/9043-71b2834ce0b19ae2.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c435fdb1cfed1ba722cbb9ad5d3eff8cd53c8ec48dec4a05e50abddd98850b0

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 27
cf-polished: origSize=22355
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"5753-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af3cc57695d-FRA

GET
H2 200 7916-fbc27973c3790433.js Show response
www.on3.com/_next/static/chunks/ 26 KB
5 KB 61ms
59ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/7916-fbc27973c3790433.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41a7029253dd7ae025b933cb680b697d402a4ef06174d21995d7ce63441bccb4

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 27
cf-polished: origSize=26279
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"66a7-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af3cc59695d-FRA

GET
H2 200 4402-a8375782676e835e.js Show response
www.on3.com/_next/static/chunks/ 53 KB
9 KB 64ms
61ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/4402-a8375782676e835e.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5f1c0cb80abfbdd01f1bfaa73e105e348a6b552bffc98f4f0736cb333d6185f

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 27
cf-polished: origSize=54527
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"d4ff-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af3cc5b695d-FRA

GET
H2 200 index-a3e21670b8f7cdbb.js Show response
www.on3.com/_next/static/chunks/pages/ 51 KB
10 KB 72ms
70ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/index-a3e21670b8f7cdbb.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46df91d8c792fd591cb5c426720b7ce7468091266e3d3b8ab81f04650a2acd75

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 27
cf-polished: origSize=52408
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"ccb8-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af3cc60695d-FRA

GET
H2 200 _buildManifest.js Show response
www.on3.com/_next/static/Mj_fTkaBnjLaIMBLzTfN2/ 26 KB
6 KB 61ms
59ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/Mj_fTkaBnjLaIMBLzTfN2/_buildManifest.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5058731be458353b16f60bed5ba4f2093263248535bb2c186b4ebd666aa41b63

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"684f-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af3cc63695d-FRA

GET
H2 200 _ssgManifest.js Show response
www.on3.com/_next/static/Mj_fTkaBnjLaIMBLzTfN2/ 77 B
167 B 61ms
59ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/Mj_fTkaBnjLaIMBLzTfN2/_ssgManifest.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"4d-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af3cc66695d-FRA

GET
H2 200 Coaching-AFI-5.png
on3static.com/cdn-cgi/image/height=204,width=413,quality=90,fit=cover,gravity=0.5x0.3/uploads/dev/assets/cms/2022/12/20112641/ 33 KB
34 KB 294ms
258ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=204,width=413,quality=90,fit=cover,gravity=0.5x0.3/uploads/dev/assets/cms/2022/12/20112641/Coaching-AFI-5.png

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

703b42b451ce0f6954694721e5f8c018cf39e1223e9e3b1afafdf10588214ef8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 34065
cf-resized: internal=ok/h q=0 n=18 c=20+51 v=2022.12.4 l=34065
last-modified: Tue, 20 Dec 2022 17:26:42 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfAg6q8aNg5E2yYsxo-55nROVsUkYsLTQSonW5aU-KDQ:a2b7ea61de9de7c98fe6b0905c981208"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77ca1af3e811694f-FRA

GET
H2 200 Untitled-design-63-1.png
on3static.com/cdn-cgi/image/height=204,width=413,quality=90,fit=cover,gravity=0.5x0.3/uploads/dev/assets/cms/2022/12/20102912/ 15 KB
15 KB 284ms
249ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=204,width=413,quality=90,fit=cover,gravity=0.5x0.3/uploads/dev/assets/cms/2022/12/20102912/Untitled-design-63-1.png

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55d443e0a7175ba6e0d52aacd0cb6cf9c35d650a49c3a303b5e8496d65413f4b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 15048
cf-resized: internal=ok/h q=0 n=23 c=17+29 v=2022.12.4 l=15048
last-modified: Tue, 20 Dec 2022 16:29:13 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfvZt0MKrgIX8F8Mzbne3Gek5-UkYsLTQSonW5aU-KDQ:2dc925a21222da6d5340bb31478fe699"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77ca1af3e819694f-FRA

GET
H2 200 Chauncey-Magwood.jpg
on3static.com/cdn-cgi/image/height=204,width=413,quality=90,fit=cover,gravity=0.5x0.3/uploads/dev/assets/cms/2022/12/20112255/ 22 KB
22 KB 251ms
216ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=204,width=413,quality=90,fit=cover,gravity=0.5x0.3/uploads/dev/assets/cms/2022/12/20112255/Chauncey-Magwood.jpg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f701fc2c9e1f5c1d9645c04fe3fd47140755e1058ea837da192b6b86ac48a22

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 22420
cf-resized: internal=ok/h q=0 n=16 c=16+37 v=2022.12.4 l=22420
last-modified: Tue, 20 Dec 2022 17:22:56 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cf_qr2EAuaKCnb2rjIpGN_e42fUkYsLTQSonW5aU-KDQ:06b16bad7ec3b7677c1d26ed028023f6"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77ca1af3e816694f-FRA

GET
H2 200 clemson-tigers.svg
on3static.com/teams/ 43 KB
17 KB 70ms
35ms Image
image/svg+xml 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/teams/clemson-tigers.svg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c999f1230ac0239c0298ffb1abcb0d1b335ad99ec4b364da5a10b05c57f46f46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 22 Jul 2021 01:59:12 GMT
server: cloudflare
x-amz-request-id: MHRB3E0BQTKRP0MW
age: 2075358
etag: W/"aabb65d6c48b9033dd606ffc47563c2e"
vary: Accept-Encoding
content-type: image/svg+xml
content-encoding: br
cache-control: max-age=691200
cf-ray: 77ca1af3e818694f-FRA
x-amz-id-2: OYBz6PPajbOe9tyEDRR4uaKuLgnYvaR4ZjX2jNvdYKH1gZEb6fhjhZIyY9QUJrabMcMuSbLHdfA=

GET
H2 200 tss0ApVBdCYD5Q7hcxTE1ArZ0bbwiXxw2d8o.woff2
fonts.gstatic.com/s/archivonarrow/v28/ 17 KB
18 KB 126ms
39ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivonarrow/v28/tss0ApVBdCYD5Q7hcxTE1ArZ0bbwiXxw2d8o.woff2

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebcc3b81f68c9b4d477ba24b6eaef89eb6c6c8f07f44c41801e78fbe49bf9335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.on3.com/
Origin: https://www.on3.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 20:07:02 GMT
x-content-type-options: nosniff
age: 508998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17552
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 18:11:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 20:07:02 GMT

GET
H2 200 k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxKsv4Rn.woff2
fonts.gstatic.com/s/archivo/v18/ 31 KB
31 KB 138ms
51ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivo/v18/k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxKsv4Rn.woff2

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dee9bcb02878b6553e1ecedb49704d5b7f09c8522f3a978eaa91c6b986422626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.on3.com/
Origin: https://www.on3.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 03:54:17 GMT
x-content-type-options: nosniff
age: 394563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31484
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 19:17:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 03:54:17 GMT

GET
H2 200 Coaching-AFI-5.png
on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/20112641/ 8 KB
9 KB 210ms
208ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/20112641/Coaching-AFI-5.png

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85be8ce9dd3eaf81791d73732b23db86603eb0a5dd79682b24ff0cc489939dc8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 8627
cf-resized: internal=ok/h q=0 n=20 c=25+20 v=2022.12.4 l=8627
last-modified: Tue, 20 Dec 2022 17:26:42 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfAg6q8aNg5E2yYsxo-55nROVsGKaAQZUkSbrBjeONDQ:a2b7ea61de9de7c98fe6b0905c981208"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77ca1af448e0694f-FRA

GET
H2 200 Untitled-design-63-1.png
on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/20102912/ 5 KB
5 KB 204ms
201ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/20102912/Untitled-design-63-1.png

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

583bb15455776134b24887b4b290ee5de7133a663950f79494e27a0df2345619

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 4686
cf-resized: internal=ok/h q=0 n=23 c=17+14 v=2022.12.4 l=4686
last-modified: Tue, 20 Dec 2022 16:29:13 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfvZt0MKrgIX8F8Mzbne3Gek5-GKaAQZUkSbrBjeONDQ:2dc925a21222da6d5340bb31478fe699"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77ca1af448eb694f-FRA

GET
H2 200 Chauncey-Magwood.jpg
on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/20112255/ 8 KB
8 KB 215ms
213ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/20112255/Chauncey-Magwood.jpg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b327017eae04b5c626fad42f0d7c381aba2cf449f6b1382da1f4807f17e5bf5c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 7715
cf-resized: internal=ok/h q=0 n=22 c=14+10 v=2022.12.4 l=7715
last-modified: Tue, 20 Dec 2022 17:22:56 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cf_qr2EAuaKCnb2rjIpGN_e42fGKaAQZUkSbrBjeONDQ:06b16bad7ec3b7677c1d26ed028023f6"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77ca1af448ed694f-FRA

GET
H2 200 Arkansas-football.jpg
on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/20101219/ 12 KB
12 KB 230ms
227ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/20101219/Arkansas-football.jpg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86c0de0df565641f9d69ab45b5a17d52e03da33ca6e84981f2b5aed9215634f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 12357
cf-resized: internal=ok/h q=0 n=13 c=30+15 v=2022.12.4 l=12357
last-modified: Tue, 20 Dec 2022 16:12:20 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfMvyCbWabKx40x4zl66-k6hvYGKaAQZUkSbrBjeONDQ:557f5d94ba6339b2d8d22fd185424e7e"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77ca1af448ef694f-FRA

GET
H2 200 will-anderson-alabama-players.jpg
on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/20095632/ 11 KB
11 KB 270ms
268ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/20095632/will-anderson-alabama-players.jpg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4bf77f56ce990f2c0e3ba59497f1b7bd5fd981d1cfa9dbf411df833982c4a6e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 11225
cf-resized: internal=ok/h q=0 n=19 c=11+14 v=2022.12.4 l=11225
last-modified: Tue, 20 Dec 2022 15:56:33 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cf9_ebUW3YrcMxDbBKaHD2Ex2jGKaAQZUkSbrBjeONDQ:c98f7b4ffa3f9dfcd0de133cf33f02c3"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77ca1af448f3694f-FRA

GET
H2 200 11817.jpg
on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/02/10182020/ 4 KB
5 KB 254ms
252ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/02/10182020/11817.jpg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22aabf7d6345fe5278f84c26cf41bc315ea1de20530d4ad9b41c7217bf3e034a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 4447
cf-resized: internal=ok/h q=0 n=36 c=5+19 v=2022.12.3 l=4447
last-modified: Fri, 11 Feb 2022 00:20:21 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfi0Z0E4bShfxSSrmK5ou1UDmGGKaAQZUkSbrBjeONDQ:dbd0774caf00750883fefdd7681dabcd"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77ca1af448f7694f-FRA

GET
H2 200 coaches-afi-.png
on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/20094610/ 9 KB
9 KB 242ms
240ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/20094610/coaches-afi-.png

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e42a432c7220f64ffeafc1aa9ce09e17eeab4ba96536d8941554a12ebac4449e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 9382
cf-resized: internal=ok/h q=0 n=18 c=22+23 v=2022.12.4 l=9382
last-modified: Tue, 20 Dec 2022 15:46:12 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfo5tGQtTH2A9l93p0V41YmJ9XGKaAQZUkSbrBjeONDQ:eecf27eefdda3581b405bfbfadf9b2bf"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77ca1af448fa694f-FRA

GET
H2 200 reidmikeskause.jpg
on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/06/20090122/ 8 KB
8 KB 240ms
238ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/06/20090122/reidmikeskause.jpg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bfb6e67ec9a38d826842bb9e3a2ef166cf61ede4d02a05b1452f7e490b6df76

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 7787
cf-resized: internal=ok/h q=0 n=28 c=6+6 v=2022.12.4 l=7787
last-modified: Mon, 20 Jun 2022 14:01:23 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfiVc9ROqTaeJfmc-_mtctYH04GKaAQZUkSbrBjeONDQ:aef1d915a39652ec655b475cc8941faf"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77ca1af448fc694f-FRA

GET
H2 200 Teamrankings-afi-1.jpeg
on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/20082936/ 11 KB
11 KB 48ms
46ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/20082936/Teamrankings-afi-1.jpeg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9aff399c8788757d81fd9d3b9a9803f7ed62c1e30befc60b8feb79f30cf823c9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 11348
cf-resized: internal=ok/h q=0 n=18 c=5+8 v=2022.12.4 l=11348
last-modified: Tue, 20 Dec 2022 14:29:37 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cf27ohgSyOg8VTJwuaWxy0bm89GKaAQZUkSbrBjeONDQ:ab9643e310f8c6526338a529622b7270"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77ca1af44901694f-FRA

GET
H2 200 NIL-cover-Artboard-6-copy-13.png
on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/20094240/ 5 KB
5 KB 208ms
206ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/20094240/NIL-cover-Artboard-6-copy-13.png

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

099d5504e471ddf447fac55b5b3f60c16ff2bc16c06a2b772acc95e92621037b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 5249
cf-resized: internal=ok/h q=0 n=18 c=16+14 v=2022.12.4 l=5249
last-modified: Tue, 20 Dec 2022 15:42:41 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cf6JulPw6IYCQ7kCDbg8SkkTv1GKaAQZUkSbrBjeONDQ:9c90d0bbec29735b66199ecb1869fd98"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77ca1af44904694f-FRA

GET
H2 200 Untitled-design-29-2.png
on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/20074626/ 7 KB
7 KB 56ms
55ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/20074626/Untitled-design-29-2.png

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00447cbce4f68f83f5d3aa6885185089873eee24bf3cd40bb5261eaa713ba82a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 6819
cf-resized: internal=ok/h q=0 n=13 c=18+15 v=2022.12.4 l=6819
last-modified: Tue, 20 Dec 2022 13:46:27 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfTgKXL2NT-Off4A6i6hyg0kHAGKaAQZUkSbrBjeONDQ:69ed6c84af688ae71265ab37191daa74"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77ca1af44906694f-FRA

GET
H2 200 Untitled-design-25-2.png
on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/19094048/ 8 KB
8 KB 40ms
39ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/19094048/Untitled-design-25-2.png

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f8da09ca6230f1d30a8a66da6882cd2e980359a14e0e432d4ad6df0e1e7a93f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 8240
cf-resized: internal=ok/h q=0 n=19 c=18+14 v=2022.12.4 l=8240
last-modified: Mon, 19 Dec 2022 15:40:49 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfmkSFNygZKkCpjLxOYG7r_-c0GKaAQZUkSbrBjeONDQ:3bdfe9d54e3cbd7cd961a0720b724b12"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77ca1af45919694f-FRA

GET
H2 200 Untitled-design-27-2.png
on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/19132555/ 5 KB
6 KB 48ms
47ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/19132555/Untitled-design-27-2.png

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aca3964ee0dc6ef1a098ec25393e1848ece9377864d67cf253369e1fc63cb7d6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 5543
cf-resized: internal=ok/h q=0 n=21 c=51+18 v=2022.12.4 l=5543
last-modified: Mon, 19 Dec 2022 19:25:56 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfSEUusMW0PWbbrj3yPeRM4EEKGKaAQZUkSbrBjeONDQ:a6081ca3234339a4f682780f4f1834a1"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77ca1af4591d694f-FRA

GET
H2 200 washington-huskies-alston-awards-ncaa-v-alston-education-related-benefits.jpg
on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/19122133/ 8 KB
8 KB 49ms
48ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=100,width=160,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/19122133/washington-huskies-alston-awards-ncaa-v-alston-education-related-benefits.jpg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7385bc763c152d1fa3a4e2affb306f1920c1c8b2e18e78ae3d41dca5b7c01efa

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 8029
cf-resized: internal=ok/h q=0 n=16 c=11+15 v=2022.12.4 l=8029
last-modified: Mon, 19 Dec 2022 18:21:34 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cf8SpRHdePzx5-Vgn71Gq4OYDXGKaAQZUkSbrBjeONDQ:12525e21fdcdc7e75c7980974f718595"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77ca1af4591e694f-FRA

GET
H2 200 17752.jpeg
on3static.com/cdn-cgi/image/height=60,width=60/uploads/assets/752/17/ 1 KB
2 KB 240ms
238ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=60,width=60/uploads/assets/752/17/17752.jpeg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9af18886800ebf227b11a81ca410d66688d3d2b6727008fff23fb6d9cd7ab0a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 1462
cf-resized: internal=ok/h q=0 n=22 c=0+6 v=2022.12.4 l=1462
last-modified: Mon, 20 Sep 2021 19:27:21 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfkqiZEA66GFiJN5QWLqojAw_9Se0BEj0rhyryH2K_DQ:479f491cf11d0e62d1e19c8e3a2d1b09"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af45920694f-FRA

GET
H2 200 79970.png
on3static.com/cdn-cgi/image/height=20,width=96,quality=100,fit=cover,gravity=0.5x0.5/uploads/assets/970/79/ 2 KB
2 KB 242ms
241ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=20,width=96,quality=100,fit=cover,gravity=0.5x0.5/uploads/assets/970/79/79970.png

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

632c685d03fd3ddd62530960c8c1ba163d99ddc67290275e9f2469470dac5cd7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 2248
cf-resized: internal=ok/h q=0 n=35 c=0+0 v=2022.11.7 l=2248
last-modified: Fri, 01 Jul 2022 02:11:05 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfZwsYY8N2-zNE2mUO2NyUyH75mvnXo_DEGt7akr1OBQ:68f09fd77d9c3b48c4e0ae205161ed47"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af45921694f-FRA

GET
H2 200 carson-newman-college-eagles.svg
on3static.com/teams/ 10 KB
5 KB 20ms
18ms Image
image/svg+xml 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/teams/carson-newman-college-eagles.svg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b61bbcd3ab597630d1cf87ca03d6d773e70cac8b9e2f6c0c5a052455ca145d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 16:33:35 GMT
server: cloudflare
x-amz-request-id: XYSBH36ETD5NK8T5
age: 66587
etag: W/"467633d351d5d3dc9655ea56d3647c0e"
vary: Accept-Encoding
content-type: image/svg+xml
content-encoding: br
cache-control: max-age=691200
cf-ray: 77ca1af489a9694f-FRA
x-amz-id-2: 7zmSqmdsVw4/WMLCSpQkhN9FXp3lw7vEcOlmngfzZtTlc1LwqRrssCT0lV+NKC2+gK3YzFXRZeQ=

GET
H2 200 pittsburgh-panthers.svg
on3static.com/teams/ 14 KB
7 KB 24ms
23ms Image
image/svg+xml 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/teams/pittsburgh-panthers.svg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1700f18ef55e185679304a2abe5c4e3437ddba92986c8246f4614598f9388c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 22 Jul 2021 01:55:55 GMT
server: cloudflare
x-amz-request-id: NZR1PW04PDTKPVHW
age: 262892
etag: W/"f9f1a3d1e11290d27e516bb2667394bb"
vary: Accept-Encoding
content-type: image/svg+xml
content-encoding: br
cache-control: max-age=691200
cf-ray: 77ca1af499ab694f-FRA
x-amz-id-2: Bt95ByHXwflq42KK/KHtHZRh6JQIieDJrHMRoUWfF2c8bctCD5n9ufFQcddDo3K8SuYTx/wrGhA=

GET
H2 200 ucf-knights.svg
on3static.com/teams/ 9 KB
4 KB 31ms
30ms Image
image/svg+xml 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/teams/ucf-knights.svg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b65154985155bf9c3a61176265d32e6c74330aadd8b118f14ee4b8210eb6f4b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 24 Sep 2021 20:47:11 GMT
server: cloudflare
x-amz-request-id: 7CGCQ3M16PHN1W32
age: 776689
etag: W/"45539232cb16c66d73788c7cdc6fc9bd"
vary: Accept-Encoding
content-type: image/svg+xml
content-encoding: br
cache-control: max-age=691200
cf-ray: 77ca1af499ac694f-FRA
x-amz-id-2: r2t+aMAXmMhCCuA2NGsp8BX8CCDD3QIujiyjY0cJKXYGtJgb7qmFaiDitWZfomvXUir3DUWYteM=

GET
H2 200 stanford-cardinal.svg
on3static.com/teams/ 6 KB
3 KB 27ms
25ms Image
image/svg+xml 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/teams/stanford-cardinal.svg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

869689043fce802b62b0ef31c3fb2a8c63693448b3551e45e6a4ebbc0f89b1cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 15:58:30 GMT
server: cloudflare
x-amz-request-id: 35ZJH8HGWNX0AQSC
age: 225236
etag: W/"31bdbb3a4896366e7437a152e09f2c90"
vary: Accept-Encoding
content-type: image/svg+xml
content-encoding: br
cache-control: max-age=691200
cf-ray: 77ca1af499b1694f-FRA
x-amz-id-2: B8RdeEnMmyFFJVPvg8d/VX581K+HEAc5TFrbckhS2Q+yqtyIgEN41KXAoxa8DNOYSWyu0NSG5to=

GET
H2 200 kentucky-wildcats.svg
on3static.com/teams/ 5 KB
2 KB 41ms
39ms Image
image/svg+xml 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/teams/kentucky-wildcats.svg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efedfc3e9403ec88c16ccfe6108f8d49dc280c89e76c6fe967a89026cb7fec65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 22 Jul 2021 01:57:54 GMT
server: cloudflare
x-amz-request-id: WED6A7D9F552NXWH
age: 3100806
etag: W/"ea003ce0b69b3568df7833d80b91358a"
vary: Accept-Encoding
content-type: image/svg+xml
content-encoding: br
cache-control: max-age=691200
cf-ray: 77ca1af499b2694f-FRA
x-amz-id-2: I/wBxpeFOvrgbEpEA3oDmvS7Cd9Nq41ZXYJB49lEi1Afj4o+dGDYd4uG4LtucfvWe9PniTCizTM=

GET
H2 200 nc-state-wolfpack.svg
on3static.com/teams/ 13 KB
5 KB 34ms
32ms Image
image/svg+xml 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/teams/nc-state-wolfpack.svg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b07c02accd42ac6ed308db863dee09bfe3b6edb82f8631016e4ff2a5df945b38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 20:05:45 GMT
server: cloudflare
x-amz-request-id: 3MYMCFVJ8BZJMZ9T
age: 879971
etag: W/"7fe1bd65457ffc433bf868a6f2c3a4eb"
vary: Accept-Encoding
content-type: image/svg+xml
content-encoding: br
cache-control: max-age=691200
cf-ray: 77ca1af499b3694f-FRA
x-amz-id-2: ssik7isKDGU1UfxxaO/4ycQwgPIhQ+KO7jARzIKFTyzMP+H1/DHGUP+6dxHA/A+UqNHAWcoyljc=

GET
H2 200 auburn-tigers.svg
on3static.com/teams/ 5 KB
2 KB 20ms
19ms Image
image/svg+xml 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/teams/auburn-tigers.svg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3aabe8a9b5a9011cd3261e4070bc7e285cdbf4b6a51bf25e89973d50c1b3e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 22 Jul 2021 01:59:36 GMT
server: cloudflare
x-amz-request-id: X4P1KRY7SKFMTXRY
age: 416181
etag: W/"8895561410528ab49e5a10e34c0e6dd3"
vary: Accept-Encoding
content-type: image/svg+xml
content-encoding: br
cache-control: max-age=691200
cf-ray: 77ca1af499b4694f-FRA
x-amz-id-2: ewgwAsVqHDVX81sV4OcshGobvnvXwjGNwgDa2jSFOu5or5MvT9qZ3bH/qOFvG8KvDDNPzRvuq7k=

GET
H2 200 florida-state-seminoles.svg
on3static.com/teams/ 35 KB
15 KB 25ms
24ms Image
image/svg+xml 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/teams/florida-state-seminoles.svg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

154dd405927801df53c421d4f29d2c7c65fd5e1c97bf7346e8b84d40c9474d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 22 Jul 2021 01:58:21 GMT
server: cloudflare
x-amz-request-id: YZBETN67R5398ECM
age: 1623395
etag: W/"a1025f4585c8148b6db040b71a9133c4"
vary: Accept-Encoding
content-type: image/svg+xml
content-encoding: br
cache-control: max-age=691200
cf-ray: 77ca1af499b6694f-FRA
x-amz-id-2: 04B9+oq3oby5rKSHK3J4RiflVKOi9BamJK+l0LS8fzfQNfY6bUhBkdDt4ABvyupXc6W/eQhuXrQ=

GET
H2 200 old-dominion-monarchs.svg
on3static.com/teams/ 72 KB
31 KB 31ms
30ms Image
image/svg+xml 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/teams/old-dominion-monarchs.svg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

830d4bf7fb1fc915c0c4f371cf1eef61f7f7a670feafe5cff3fc88ed92b0667b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 22 Jul 2021 01:56:00 GMT
server: cloudflare
x-amz-request-id: MXWR4RNZTZF4WN4B
age: 140589
etag: W/"9c31f331350e9c12e6bf89a28b5df840"
vary: Accept-Encoding
content-type: image/svg+xml
content-encoding: br
cache-control: max-age=691200
cf-ray: 77ca1af499b8694f-FRA
x-amz-id-2: E/FOYIf19I2wtYoOUVCHKTtb7YoaYxze+wJtQeJD0nmeUCjaHIJ7Rjvy9dSGq5pyyHgFp521ZfQ=

GET
H2 200 email-decode.min.js Show response
www.on3.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
818 B 17ms
16ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 19 Dec 2022 11:52:41 GMT
server: cloudflare
content-encoding: gzip
etag: W/"63a05089-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 77ca1af49e0f695d-FRA
expires: Thu, 22 Dec 2022 17:30:20 GMT

GET
H2 200 7495.jpg
on3static.com/cdn-cgi/image/height=60,width=60/uploads/dev/assets/495/7/ 1 KB
2 KB 65ms
58ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=60,width=60/uploads/dev/assets/495/7/7495.jpg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad8b9499872ab4125df05cff12379951dbe6ee05237365fcc1062c3ccdd71f13

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 1423
cf-resized: internal=ok/h q=0 n=18 c=73+12 v=2022.12.4 l=1423
last-modified: Thu, 10 Jun 2021 21:57:14 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf70ujnClVQKC242BtyBcW99U8Se0BEj0rhyryH2K_DQ:38330c0c364c3be6e743a21356a805ef"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af52b0b694f-FRA

GET
H2 200 avatar.png
on3static.com/cdn-cgi/image/height=60,width=60/static/on3/ 610 B
826 B 62ms
53ms Image
image/png 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=60,width=60/static/on3/avatar.png

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0063f08e0f02406de101dc668037a159fbf84f360b98fe95884621fafc87aee

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 610
cf-resized: internal=ok/h q=0 n=52 c=3+16 v=2022.12.3 l=610
last-modified: Fri, 23 Jul 2021 13:45:14 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cf3vLPyM2mKBwaFsK-3cH8FaPISe0BEj0rhyryH2K_DQ:43b7db52f356b2fb3b79d3b908de2134"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af52b13694f-FRA

GET
H2 200 90498.jpg
on3static.com/uploads/assets/498/90/ 26 KB
26 KB 50ms
42ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/uploads/assets/498/90/90498.jpg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83edbd441491de97daf1fbb9feaec03b4f7b37a2bbeb06f8cc388ae844ee2202

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-request-id: 8N8D5KR1ANVX4F22
age: 24693
cf-polished: origSize=35403, status=webp_bigger
content-length: 26467
x-amz-id-2: oT/dQ1I7Gsu1IbElOv5WYwDerejBzClRT+hdxSh/iOTAGdOwQJEwDK0CH607rZAO1Ip3LlihW5A=
cf-bgj: imgq:100,h2pri
last-modified: Sat, 13 Aug 2022 03:21:08 GMT
server: cloudflare
etag: "3df31371f25ba3b48e3bca3ffdfc84ad"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af52b15694f-FRA

GET
H2 200 114086.jpeg
on3static.com/uploads/assets/86/114/ 557 KB
558 KB 43ms
35ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/uploads/assets/86/114/114086.jpeg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfb52641666bd84263c242a65c7155c2c39146bc6fedd17c56274ee52f0a32bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-request-id: 2G0J326H0V28TPGH
age: 273331
cf-polished: origSize=624580, status=webp_bigger
content-length: 570032
x-amz-id-2: kI4mnjBodiJiuqKagJzRYeJHTcvDNKJhabwomjLjs+w908vOu3fsuW+bHqFhxOrKQR1qTFJhNw0=
cf-bgj: imgq:100,h2pri
last-modified: Tue, 18 Oct 2022 13:20:44 GMT
server: cloudflare
etag: "b8c98ebf07306ac8d32f8fc864d59889"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af52b19694f-FRA

GET
H2 200 17515.jpeg
on3static.com/uploads/assets/515/17/ 12 KB
12 KB 43ms
35ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/uploads/assets/515/17/17515.jpeg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53c63ba74bb906ec25fae997b90958ea94ad07ee777afd41600d105904f1ed02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-request-id: 4RTS63BXTHFR578V
age: 1112704
cf-polished: origSize=14235, status=webp_bigger
content-length: 11895
x-amz-id-2: sm45TWj0Oh7gIqiZGc3Rtc3hLfZmumvOpGeuEOCjG0+ZV47AMB+fAXJ3NnfCvJUq+EJvnK7KtVE=
cf-bgj: imgq:100,h2pri
last-modified: Mon, 20 Sep 2021 14:01:09 GMT
server: cloudflare
etag: "03817ca525182abb30ebcd797d508c0e"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af52b1b694f-FRA

GET
H2 200 21902.jpg
on3static.com/uploads/assets/902/21/ 137 KB
137 KB 37ms
29ms Image
image/webp 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/uploads/assets/902/21/21902.jpg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f53e0cdd4e7362db59200b225bc1406f9fd0d7256480b34ffd995e76be7ef814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-request-id: 2G0VHYWBHQX6R7N1
age: 273331
cf-polished: origFmt=jpeg, origSize=276591
content-disposition: inline; filename="21902.webp"
content-length: 140146
x-amz-id-2: tvpbrcdnOol/MjdYQqBtCsnRh88rtGZJQQBuYEiJax+HM9x426NmQpS8xD9w1m6V9ICG5+XhtZk=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 15 Oct 2021 14:29:15 GMT
server: cloudflare
etag: "dd45fab59c2cce6a7c4a96bb72c7204a"
vary: Accept
content-type: image/webp
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af52b1c694f-FRA

GET
H2 200 94646.png
on3static.com/uploads/assets/646/94/ 38 KB
39 KB 35ms
27ms Image
image/webp 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/uploads/assets/646/94/94646.png

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6963e940901f2253e772c121b1fc85f9dba8be8f0ffd244729aa3661bb882bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-request-id: 9XRJNCSCW8NA2CVA
age: 419277
cf-polished: origFmt=png, origSize=65289
content-disposition: inline; filename="94646.webp"
content-length: 39410
x-amz-id-2: hQUMKOToNM9xFCvuD2jqb1aGr4EhW6dA7J9+TS/AOUbFwVrCi+fswiKTgGUkZ5BCx+tL5mNvcy0=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 26 Aug 2022 15:37:12 GMT
server: cloudflare
etag: "c4f5d7bf3adc686a5925710efb976df5"
vary: Accept
content-type: image/webp
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af52b1d694f-FRA

GET
H2 200 ivan.maisel.png
on3static.com/cdn-cgi/image/height=70,width=70/static/mock/ 4 KB
5 KB 61ms
54ms Image
image/png 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=70,width=70/static/mock/ivan.maisel.png

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28b92ded79d34e1157b44bda6b47c413234043a7f608004ede70e1512521aec4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 4558
cf-resized: internal=ok/m q=0 n=214 c=4+17 v=2022.10.4 l=4558
last-modified: Fri, 02 Jul 2021 20:00:43 GMT
cf-bgj: imgq:92,h2pri
server: cloudflare
etag: "cfjTfJsxNsX8MR8jxV7dcYXw:ab94d4e6d1c9265bd137de5b7613f9d9"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af52b1e694f-FRA

GET
H2 200 MikeLeachMissState.png
on3static.com/cdn-cgi/image/height=157,width=300,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/12155805/ 12 KB
12 KB 62ms
54ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=157,width=300,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/12155805/MikeLeachMissState.png

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fdb1b043fb81af745ae8aaccba02bccb26230096268f96d5efc7fe015e1b552

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 12488
cf-resized: internal=ok/h q=0 n=54 c=44+62 v=2022.12.3 l=12488
last-modified: Mon, 12 Dec 2022 21:58:06 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfP0g4jJdcZ6eqP-psOcXwfoy5qbfA3Y0hDGY38LHZDQ:979460a70477d2fb41409cb47d0b9d9a"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77ca1af52b22694f-FRA

GET
H2 200 MaxDugganTCU2022.png
on3static.com/cdn-cgi/image/height=157,width=300,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/07164023/ 10 KB
10 KB 78ms
70ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=157,width=300,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/07164023/MaxDugganTCU2022.png

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9df56aef2dfdd405b5abb564ecef9cea047895389f991422829dc37541af8ce2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 10236
cf-resized: internal=ok/h q=0 n=21 c=17+30 v=2022.12.3 l=10236
last-modified: Wed, 07 Dec 2022 22:40:24 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfxdF1g-s6CINrLfRjDtYkBNbxqbfA3Y0hDGY38LHZDQ:b132a50d0d538ae8a4b9b59e6e70c173"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77ca1af52b25694f-FRA

GET
H2 200 TCUcelebrate.png
on3static.com/cdn-cgi/image/height=157,width=300,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/04153229/ 21 KB
21 KB 70ms
63ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=157,width=300,quality=90,fit=cover,gravity=0.5x0.5/uploads/dev/assets/cms/2022/12/04153229/TCUcelebrate.png

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f86800bab1802848fcdeb5d7328ccc02a6e60dcf58a84462c9ff706105ec3bfc

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 21223
cf-resized: internal=ok/h q=0 n=103 c=29+51 v=2022.12.0 l=21223
last-modified: Sun, 04 Dec 2022 21:32:30 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfSRyvkzayuMRk-IDILO9StAq7qbfA3Y0hDGY38LHZDQ:2328439c6d8bfbbebb7e22c340ec0b01"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77ca1af52b26694f-FRA

GET
H2 200 tennessee-icon.png
on3static.com/cdn-cgi/image/height=50,width=50/sites/ 1 KB
2 KB 76ms
69ms Image
image/png 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=50,width=50/sites/tennessee-icon.png?v=19

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f3cbefd2688d25b4620990b72434ce9283142b261f31054066b2945305e9749

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 1329
cf-resized: internal=ok/h q=0 n=24 c=1+11 v=2022.12.3 l=1329
last-modified: Thu, 01 Sep 2022 03:49:49 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cf7pQ8IDRvKkN9dfa6-byV3uN3-Pa6vtxYcUkT5JfxDQ:5130a569232b369b6a673841f616285f"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af52b27694f-FRA

GET
H2 200 michigan-icon.png
on3static.com/cdn-cgi/image/height=50,width=50/sites/ 1 KB
2 KB 60ms
53ms Image
image/png 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=50,width=50/sites/michigan-icon.png?v=19

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f697615483c57fdba224ad7baa9ae560f44e2ad58f2a8fbb7e6126ea529ab9db

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 1474
cf-resized: internal=ok/h q=0 n=27 c=2+9 v=2022.12.3 l=1474
last-modified: Sat, 08 Jan 2022 21:41:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfK7665326j0wOh70iPYS8_fnv-Pa6vtxYcUkT5JfxDQ:16b1053a8731ba3f7a85050e6814ee6a"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af52b29694f-FRA

GET
H2 200 notre-dame-icon.png
on3static.com/cdn-cgi/image/height=50,width=50/sites/ 2 KB
2 KB 104ms
97ms Image
image/png 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=50,width=50/sites/notre-dame-icon.png?v=19

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a94802b7b830d5ce9f3e9a45422879a49435e16b925241fbe6a3c0bc27c7b8d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 2263
cf-resized: internal=ok/h q=0 n=21 c=1+10 v=2022.11.7 l=2263
last-modified: Sat, 08 Jan 2022 21:41:59 GMT
cf-bgj: imgq:99,h2pri
server: cloudflare
etag: "cfYMvTRu_sYUcW1go0WXB7GmUM-Pa6vtxYcUkT5JfxBQ:61c8b527d009c097b1ab362eea4f9744"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af52b2b694f-FRA

GET
H2 200 kentucky-icon.png
on3static.com/cdn-cgi/image/height=50,width=50/sites/ 2 KB
2 KB 62ms
56ms Image
image/png 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=50,width=50/sites/kentucky-icon.png?v=19

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5a246b6c88f2670a95d6fe57f9a25b104f3113e3bd8a4b7d8d16ccc906943db

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 2047
cf-resized: internal=ok/h q=0 n=17 c=1+4 v=2022.11.7 l=2047
last-modified: Sat, 08 Jan 2022 21:41:59 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cf4sstowRIYqTYN4XlEl9Tl4a9-Pa6vtxYcUkT5JfxBQ:bd339242f476cfb441e1ecd5a8e46019"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af52b2d694f-FRA

GET
H2 200 alabama-icon.png
on3static.com/cdn-cgi/image/height=50,width=50/sites/ 2 KB
2 KB 62ms
55ms Image
image/png 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=50,width=50/sites/alabama-icon.png?v=19

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30533108b75736e1b0d42d25f44243dea63d69550c83fe3a2e429c376da769d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 1773
cf-resized: internal=ok/h q=0 n=33 c=0+6 v=2022.12.3 l=1773
last-modified: Mon, 01 Aug 2022 04:41:59 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfyhH4mW5BV1DZ81AqZYggb4Cg-Pa6vtxYcUkT5JfxDQ:83a81da24f72858f88ecff6e9145d70c"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af52b2f694f-FRA

GET
H2 200 texas-icon.png
on3static.com/cdn-cgi/image/height=50,width=50/sites/ 1 KB
2 KB 76ms
70ms Image
image/png 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=50,width=50/sites/texas-icon.png?v=19

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e067f918fe057e539a9e613459a1bc6d990ce67f157f905852fa9b39681791cb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 1476
cf-resized: internal=ok/h q=0 n=39 c=1+7 v=2022.12.0 l=1476
last-modified: Sat, 08 Jan 2022 21:41:56 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cf75yiEGG-uWCQk-EAXCl2ol3Q-Pa6vtxYcUkT5JfxDQ:9b918e216e532b58102c427b44fefb22"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af52b30694f-FRA

GET
H2 200 georgia-icon.png
on3static.com/cdn-cgi/image/height=50,width=50/sites/ 2 KB
2 KB 60ms
54ms Image
image/png 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=50,width=50/sites/georgia-icon.png?v=19

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da789ee54e37ec881f802b4f26d4a68a3ff149102fa4585ca6642ea41690bf63

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 1696
cf-resized: internal=ok/h q=0 n=33 c=0+6 v=2022.12.3 l=1696
last-modified: Sat, 08 Jan 2022 21:42:00 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfiFwqsG6lFNWrpg3GhXDzUzEk-Pa6vtxYcUkT5JfxDQ:94d863b4c0efb3b3d403fd488023ffb7"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af52b32694f-FRA

GET
H2 200 florida-state-icon.png
on3static.com/cdn-cgi/image/height=50,width=50/sites/ 2 KB
2 KB 67ms
61ms Image
image/png 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=50,width=50/sites/florida-state-icon.png?v=19

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51eb6857a0deb44e1f49a62a595f4918e135e65e53ac1820a01018c77a527d56

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 2274
cf-resized: internal=ok/h q=0 n=16 c=0+12 v=2022.12.3 l=2274
last-modified: Mon, 01 Aug 2022 03:55:29 GMT
cf-bgj: imgq:98,h2pri
server: cloudflare
etag: "cfQ9_Uu596kAwvnOkdupQDlGoZ-Pa6vtxYcUkT5JfxDQ:54bb9ddafd3605ad710cd6479036283c"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af52b34694f-FRA

GET
H2 200 79248.jpg
on3static.com/cdn-cgi/image/height=50,width=50/uploads/assets/248/79/ 985 B
1 KB 227ms
221ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=50,width=50/uploads/assets/248/79/79248.jpg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c70f109cb9b9a94bab92cb27b7fd115335b75e25ac211de529a3ad6fcb5f1094

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 985
cf-resized: internal=ok/h q=0 n=25 c=2+6 v=2022.12.4 l=985
last-modified: Mon, 27 Jun 2022 20:57:29 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfAd9zSNUTBU8TrX9AbsRyV6iE-Pa6vtxYcUkT5JfxDQ:a41d6ca5e8e3c6089f499738439995a0"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af52b37694f-FRA

GET
H2 200 2729.jpg
on3static.com/cdn-cgi/image/height=50,width=50/uploads/dev/assets/729/2/ 982 B
1 KB 242ms
237ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=50,width=50/uploads/dev/assets/729/2/2729.jpg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83fea0086d05ba283839462b65977a2a9d7291f371f9447afd66fd5f5cd49954

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 982
cf-resized: internal=ok/h q=0 n=26 c=3+1 v=2022.12.3 l=982
last-modified: Thu, 03 Jun 2021 23:49:23 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfLGY8vPb8CErs-5JeeeEMhPwh-Pa6vtxYcUkT5JfxDQ:0360a256e76de192983f2a4b3dc29bda"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af52b3a694f-FRA

GET
H2 200 10233.jpg
on3static.com/cdn-cgi/image/height=50,width=50/uploads/dev/assets/233/10/ 1 KB
1 KB 246ms
240ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=50,width=50/uploads/dev/assets/233/10/10233.jpg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fda183b102069c10c3b6f70511e764893599a4a4ffd060c5a923f81369aa189

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 1061
cf-resized: internal=ok/h q=0 n=32 c=6+3 v=2022.12.3 l=1061
last-modified: Wed, 16 Jun 2021 21:12:56 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfegnAZr9YivDmClt1-MnzVmeZ-Pa6vtxYcUkT5JfxDQ:cbb702d763c25d8aaa42da7acee662e6"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af52b3d694f-FRA

GET
H2 200 18028.jpeg
on3static.com/cdn-cgi/image/height=50,width=50/uploads/assets/28/18/ 1 KB
2 KB 232ms
227ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=50,width=50/uploads/assets/28/18/18028.jpeg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7aba2ac857312733116b755e037fd56ad47b6b1582633c10ad80e1d35ee1278f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 1366
cf-resized: internal=ok/h q=0 n=20 c=0+7 v=2022.12.3 l=1366
last-modified: Tue, 21 Sep 2021 12:51:58 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfn77QgPLRGzWsvZriMf3xG7Al-Pa6vtxYcUkT5JfxDQ:3619eb968945dd4c9b0c7c081bec6c16"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af53b3f694f-FRA

GET
H2 200 130387.jpeg
on3static.com/cdn-cgi/image/height=50,width=50/uploads/assets/387/130/ 1 KB
1 KB 218ms
213ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/cdn-cgi/image/height=50,width=50/uploads/assets/387/130/130387.jpeg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4539d8d776902ccb5ab151f172c3862dab9dab52650f7eedae49beb12df9c65

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 1207
cf-resized: internal=ok/h q=0 n=18 c=1+1 v=2022.12.4 l=1207
last-modified: Tue, 29 Nov 2022 19:46:51 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfVG5jpQP27YsaDgFb3Jr050LX-Pa6vtxYcUkT5JfxDQ:7d45a761fc321d4757897766f0f6e181"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af53b41694f-FRA

GET
H2 200 on3-red.jpeg
on3static.com/static/on3/ 12 KB
12 KB 57ms
52ms Image
image/webp 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/static/on3/on3-red.jpeg?v=1

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a912b197e4f0aef150d4a04bd6991500efbe25de9eb039c647e28a1016cc53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-request-id: TSC1PKAZCCBWBHVY
age: 163378
cf-polished: origFmt=jpeg, origSize=44094
content-disposition: inline; filename="on3-red.webp"
content-length: 12292
x-amz-id-2: SStg01BKAo6onyFB+Rd7Jr8ERuSuvteU0R2Mtzrc2yRWxTXqd+W46Yne5tVNItZUvCo1Uafl6XM=
cf-bgj: imgq:100,h2pri
last-modified: Mon, 16 May 2022 21:35:53 GMT
server: cloudflare
etag: "e0296dbbe6680e8ab610a77ec1a02ee1"
vary: Accept
content-type: image/webp
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af53b44694f-FRA

GET
H2 200 on3-square-recruits.png
on3static.com/static/on3/ 3 KB
3 KB 46ms
41ms Image
image/webp 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/static/on3/on3-square-recruits.png

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e37a9c99f2eb99e56c8dd52bab574a4bf56ed2e5308cb9704258f12cd25411c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-request-id: ZYF7KRFW31FJZECT
age: 161259
cf-polished: origFmt=png, origSize=5436
content-disposition: inline; filename="on3-square-recruits.webp"
content-length: 3080
x-amz-id-2: aS3gOoA6neIdb3ESjXfvlx4D0BaRlB9grmwBiRSjSea/DIlBvNbRl6Go4KzuIgvAtoN8Cq2H+ns=
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Jul 2021 02:37:26 GMT
server: cloudflare
etag: "a02259a6257ca59b5573de58617365c6"
vary: Accept
content-type: image/webp
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af53b49694f-FRA

GET
H2 200 Ivan-Maisel.png
on3static.com/uploads/dev/assets/cms/2021/07/28100348/ 244 KB
245 KB 40ms
35ms Image
image/webp 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/uploads/dev/assets/cms/2021/07/28100348/Ivan-Maisel.png

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ccceeadb072c653875aadf3090bdafa410c592946042831c4d62112dd41b669

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-request-id: 7FEVMYZD0NVXX4VD
age: 31088
cf-polished: origFmt=png, origSize=372863
content-disposition: inline; filename="Ivan-Maisel.webp"
content-length: 249914
x-amz-id-2: NWXnZop0+FfBHpL4sn8BU1bwVyLRSK964dlwxJ19EQdadkWfQ9carYuTbrTTlNh3Vd3EfbPA9H8=
cf-bgj: imgq:100,h2pri
last-modified: Wed, 28 Jul 2021 15:03:49 GMT
server: cloudflare
etag: "923335d978234583555e1099a04a822b"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77ca1af53b4b694f-FRA
expires: Thu, 28 Jul 2022 15:03:48 GMT

GET
H2 200 Matt-Zenitz.jpg
on3static.com/uploads/dev/assets/cms/2021/07/28112119/ 104 KB
105 KB 45ms
41ms Image
image/jpeg 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/uploads/dev/assets/cms/2021/07/28112119/Matt-Zenitz.jpg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

968f2ab0aaa9600d7513bbbe46297f462fab4a9463352a233097018b0e5880c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-request-id: 8N8FTT2NWM01YFC6
age: 24693
cf-polished: origSize=129523, status=webp_bigger
content-length: 106929
x-amz-id-2: /QRo2wWNYZuE1zVzUYZWw6IdV6mA1mV0/t8Zn8rQHqzrEPtE+Iyz/gZtIQHA9PAfM+K6mQsGQqQ=
cf-bgj: imgq:100,h2pri
last-modified: Wed, 28 Jul 2021 16:21:20 GMT
server: cloudflare
etag: "6ece94a8876a9af776ab82e6f7287b80"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77ca1af53b4f694f-FRA
expires: Thu, 28 Jul 2022 16:21:19 GMT

GET
H2 200 Chad-Simmons-profile-NEW.jpg
on3static.com/uploads/dev/assets/cms/2021/07/05130535/ 117 KB
118 KB 45ms
41ms Image
image/webp 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/uploads/dev/assets/cms/2021/07/05130535/Chad-Simmons-profile-NEW.jpg

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fea0fdb21f8d21ebd20972688aa9f301ce5776bb2aaf2c392aba9b8b8a9da8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-request-id: WAC9S0RG02JCMW5T
age: 152155
cf-polished: origFmt=jpeg, origSize=211493
content-disposition: inline; filename="Chad-Simmons-profile-NEW.webp"
content-length: 119896
x-amz-id-2: 8d0uxfrLL61jni/b0hfad+otctTQscQuNKEIjIDCq6oQgxX1ggdMM0sBj4Em7BoKJQ+BGTv3sSk=
cf-bgj: imgq:100,h2pri
last-modified: Sun, 05 Sep 2021 18:05:36 GMT
server: cloudflare
etag: "62b175d4518c256a86c68f3b4fe70427"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77ca1af53b51694f-FRA
expires: Mon, 05 Sep 2022 18:05:35 GMT

GET
H2 200 Mike-Huguenin.png
on3static.com/uploads/dev/assets/cms/2021/07/28100342/ 191 KB
191 KB 60ms
56ms Image
image/webp 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/uploads/dev/assets/cms/2021/07/28100342/Mike-Huguenin.png

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8681113a518231dc0c1f9de67164333fcdc4976029093c9a2c7dc349db46785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-request-id: CBBX60PJ8TJ66XJJ
age: 38313
cf-polished: origFmt=png, origSize=318205
content-disposition: inline; filename="Mike-Huguenin.webp"
content-length: 195194
x-amz-id-2: 08fnd+56dvPkjSUZGj3t7mb5sdARy3BUcuxhTMSken1yS/uNduKIjltOj014MKjnDbjdlVtX1sU=
cf-bgj: imgq:100,h2pri
last-modified: Wed, 28 Jul 2021 15:03:43 GMT
server: cloudflare
etag: "91d9fcd1ac92c2814b45951ab5197088"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77ca1af53b52694f-FRA
expires: Thu, 28 Jul 2022 15:03:42 GMT

GET
H2 200 hayes.fawcett.png
on3static.com/static/on3/ 67 KB
67 KB 65ms
61ms Image
image/webp 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/static/on3/hayes.fawcett.png

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

954ad525fbd3f63698793792528aee6cb3a4f7c5fbd42510008bea09390cdf1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-request-id: YPRGN8KVPHK9BZYP
age: 24714
cf-polished: origFmt=png, origSize=100652
content-disposition: inline; filename="hayes.webp"
content-length: 68456
x-amz-id-2: 8OzQx/XmMYIhLNkfozUwAzKBhoJCBO/uBZ/RgqXw2SZyPFjDae/hausOYhXtbuaz+QCW+zd1ohk=
cf-bgj: imgq:100,h2pri
last-modified: Thu, 01 Jul 2021 02:09:42 GMT
server: cloudflare
etag: "f2d9538159d3e1007731b62f8bea9011"
vary: Accept
content-type: image/webp
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af53b54694f-FRA

GET
H2 200 joe.tipton.png
on3static.com/static/on3/ 49 KB
50 KB 46ms
42ms Image
image/webp 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/static/on3/joe.tipton.png

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb8f2f9670bc12ce8f0515cd1b559f5697f97c481342a097a59a079aef3c7b0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-request-id: N6FQ5255KANJMQWN
age: 164297
cf-polished: origFmt=png, origSize=78114
content-disposition: inline; filename="joe.webp"
content-length: 50674
x-amz-id-2: JvkSfAyFTnGXX5WATivKfbbH7OZKoG3cfmdhUHMDnMetGy0LvLIdxKFr+2SJNVtqCE+9f42KlK0=
cf-bgj: imgq:100,h2pri
last-modified: Thu, 01 Jul 2021 02:09:41 GMT
server: cloudflare
etag: "072a8d92389271abd104c096585fcb54"
vary: Accept
content-type: image/webp
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af53b56694f-FRA

GET
H2 200 on3-nil-social.png
on3static.com/static/on3/ 2 KB
2 KB 55ms
51ms Image
image/webp 2606:4700:10::ac43:1bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://on3static.com/static/on3/on3-nil-social.png

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ed265403543eb95facaf90e843ea1fab664ea51efe3dda61695b95df3f25263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-request-id: 7FEZVT7FZC5XGJ8V
age: 31088
cf-polished: origFmt=png, origSize=12446
content-disposition: inline; filename="on3-nil-social.webp"
content-length: 2042
x-amz-id-2: kd0+O0naLs+jizV3bE1G3AyYpXRwzXasoQ/qt5d9BGDOMEhVmqDlOqt7RpDooV7hMC+MrND+TH4=
cf-bgj: imgq:100,h2pri
last-modified: Wed, 13 Apr 2022 20:58:28 GMT
server: cloudflare
etag: "642de75ee08ae301a1d6560c1157c71e"
vary: Accept
content-type: image/webp
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 77ca1af53b57694f-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 185ms
57ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4726734a48b33c83575aa629342e5a8c36cf253e8c282c6e067b8a0c60a542ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27666
x-xss-protection: 0
server: sffe
etag: "1426 / 652 of 1000 / last-modified: 1670587582"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 20 Dec 2022 17:30:20 GMT

GET
H3

200

bidroll.min.js Show response
cdn-ext.spiny.ai/lib/br/tags/v1.0.30/D17/on3/default/
Redirect Chain

https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
https://cdn-ext.spiny.ai/lib/br/tags/v1.0.30/D17/on3/default/bidroll.min.js

420 KB
127 KB

95ms
48ms

Script
text/javascript

2606:4700:3035::ac43:d08a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ext.spiny.ai/lib/br/tags/v1.0.30/D17/on3/default/bidroll.min.js
Requested by: Host: www.on3.com
URL: https://www.on3.com/
Protocol: H3
Server: 2606:4700:3035::ac43:d08a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49558f4c23d06e2f845c483370853824680ca621ea2c9ea6b053736c44822273

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P5
age: 729
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 18 Dec 2022 19:37:21 GMT
server: cloudflare
etag: W/"256743092dafd12b76253264dfb5f82e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bAslsenCh%2BSDY3Wt5Zr68hXlb6HQ3aFjLcVdD3eIsCNGAi2WHeVMjlkrHOJOHPW1%2FWrrM2Wy04COssT%2B8LKbPMUevonUQc%2FmrfihGJ4LmLTPTfVJkNBcNxvV73gT1nlXPWZwixWPbl7aoLe4ImQr"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=900, public, must-revalidate
cf-ray: 77ca1af8f8b890d7-FRA
x-amz-cf-id: EikP1xAJxAckHS2ke83eu1kxhDONAeYXUHnwnF1t7yWlOoUOjMdNqQ==

Redirect headers

date: Tue, 20 Dec 2022 17:30:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SzaWdu1uHJsdjbZxjCFXNpuRD%2FRJAkhemARTxt%2BTllfjn1hSBSrVyD6ieGrKUMQ5oWkGBUvo045WTjhuYGrFBzfXeKaZ00miAXTUitP%2BaZX5LmZKrr%2BFPg7wT34IYQ5wpA%2FjHjgM%2Fcb2ebseY0NC"}],"group":"cf-nel","max_age":604800}
location: https://cdn-ext.spiny.ai/lib/br/tags/v1.0.30/D17/on3/default/bidroll.min.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 77ca1af6df61bbaa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 a-087j.min.js Show response
b-code.liadm.com/ 30 KB
11 KB 126ms
9ms Script
application/javascript 2600:9000:2057:ca00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-087j.min.js
Requested by: Host: www.on3.com
URL: https://www.on3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ca00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b059dc1d15af5f40d94bf4aace678895a875f3b9716f21120e1efedc6a2417fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 03:57:59 GMT
content-encoding: gzip
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 48741
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: ce51_I_Q2Mnv4wLtvD2ISIwOv9fBiDyAojguYxj6ImkIb5gS1q_SRQ==

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 203ms
85ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: www.on3.com
URL: https://www.on3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer
Origin: https://www.on3.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 77ca1af6dc529b8f-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 142ms
52ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-193678100-1

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e7be9920c406f5a11bef3efb0711360173dbbbceb98e9b465bb9bd801036a70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44644
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Dec 2022 17:30:20 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
37 KB 51ms
50ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.on3.com/
Origin: https://www.on3.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:14:45 GMT
x-content-type-options: nosniff
age: 461735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37780
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 09:14:45 GMT

GET
H2 200 tss2ApVBdCYD5Q7hcxTE1ArZ0bb1uX563v0qNxg.woff2
fonts.gstatic.com/s/archivonarrow/v28/ 19 KB
19 KB 59ms
58ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivonarrow/v28/tss2ApVBdCYD5Q7hcxTE1ArZ0bb1uX563v0qNxg.woff2

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5729bf70c85166b632a1e3190ecf2b8a519d5c7ef745c0063840b0a56d2416b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.on3.com/
Origin: https://www.on3.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 17:03:37 GMT
x-content-type-options: nosniff
age: 174403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19608
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 18:08:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Dec 2023 17:03:37 GMT

GET
H2 200 3340-64b8a6f8ca5327e2.js
www.on3.com/_next/static/chunks/ 0
6 KB 75ms
75ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/3340-64b8a6f8ca5327e2.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 27
cf-polished: origSize=18928
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"49f0-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8df20695d-FRA

GET
H2 200 2669-571c6a2318e695ca.js
www.on3.com/_next/static/chunks/ 0
5 KB 72ms
71ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/2669-571c6a2318e695ca.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 27
cf-polished: origSize=23913
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"5d69-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8df24695d-FRA

GET
H2 200 login-11c196f31145d544.js
www.on3.com/_next/static/chunks/pages/ 0
809 B 73ms
72ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/login-11c196f31145d544.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 27
cf-polished: origSize=2127
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"84f-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8df2b695d-FRA

GET
H2 200 3859-605226a601e763d6.js
www.on3.com/_next/static/chunks/ 0
9 KB 71ms
71ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/3859-605226a601e763d6.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=39953
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"9c11-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8df2d695d-FRA

GET
H2 200 3916-15dc6e6ad3e3f79e.js
www.on3.com/_next/static/chunks/ 0
16 KB 104ms
103ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/3916-15dc6e6ad3e3f79e.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=54227
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"d3d3-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8df31695d-FRA

GET
H2 200 4583-e4b846674050b3df.js
www.on3.com/_next/static/chunks/ 0
7 KB 82ms
81ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/4583-e4b846674050b3df.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 27
cf-polished: origSize=24896
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"6140-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8df33695d-FRA

GET
H2 200 8557-5582d49c9c9598da.js
www.on3.com/_next/static/chunks/ 0
3 KB 72ms
71ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/8557-5582d49c9c9598da.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 27
cf-polished: origSize=14293
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"37d5-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8df37695d-FRA

GET
H2 200 3176-4d072eefd87281fd.js
www.on3.com/_next/static/chunks/ 0
4 KB 85ms
85ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/3176-4d072eefd87281fd.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 27
cf-polished: origSize=13392
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"3450-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8df3c695d-FRA

GET
H2 200 8922-c664d7ded5d6c83d.js
www.on3.com/_next/static/chunks/ 0
5 KB 56ms
55ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/8922-c664d7ded5d6c83d.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 27
cf-polished: origSize=27255
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"6a77-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8df43695d-FRA

GET
H2 200 7244-8dc0aa99ef410c40.js
www.on3.com/_next/static/chunks/ 0
13 KB 72ms
69ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/7244-8dc0aa99ef410c40.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 27
cf-polished: origSize=51635
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"c9b3-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8ef49695d-FRA

GET
H2 200 join-a6c4bcf25bfdb49e.js
www.on3.com/_next/static/chunks/pages/ 0
727 B 84ms
81ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/join-a6c4bcf25bfdb49e.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 27
cf-polished: origSize=1951
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"79f-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8ef75695d-FRA

GET
H2 200 e893f787-85b7183688e8746d.js
www.on3.com/_next/static/chunks/ 0
88 KB 88ms
85ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/e893f787-85b7183688e8746d.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=337061
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"524a5-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8ef7d695d-FRA

GET
H2 200 4563-10f16cb406d8dca1.js
www.on3.com/_next/static/chunks/ 0
37 KB 82ms
79ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/4563-10f16cb406d8dca1.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=176457
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"2b149-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8ef82695d-FRA

GET
H2 200 6741-34f964d823264b5c.js
www.on3.com/_next/static/chunks/ 0
11 KB 85ms
83ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/6741-34f964d823264b5c.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=37326
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"91ce-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8ef85695d-FRA

GET
H2 200 3215-87e6f84af9b8aaa2.js
www.on3.com/_next/static/chunks/ 0
7 KB 99ms
97ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/3215-87e6f84af9b8aaa2.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=34148
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"8564-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8ef87695d-FRA

GET
H2 200 5258-e886df987a0ba92b.js
www.on3.com/_next/static/chunks/ 0
21 KB 83ms
81ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/5258-e886df987a0ba92b.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=87076
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"15424-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8ef8b695d-FRA

GET
H2 200 %5Bslug%5D-679ed03beb0fb8d0.js
www.on3.com/_next/static/chunks/pages/news/ 0
722 B 79ms
78ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/news/%5Bslug%5D-679ed03beb0fb8d0.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:20 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=1900
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"76c-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8ef8d695d-FRA

GET
H2 200 3583-7112170ccfea77f5.js
www.on3.com/_next/static/chunks/ 0
3 KB 98ms
97ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/3583-7112170ccfea77f5.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 27
cf-polished: origSize=11864
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"2e58-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8ef8f695d-FRA

GET
H2 200 6726-4ad055a7ee15fd12.js
www.on3.com/_next/static/chunks/ 0
6 KB 752ms
751ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/6726-4ad055a7ee15fd12.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"7410-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8ef9d695d-FRA

GET
H2 200 news-69a91235af91480a.js
www.on3.com/_next/static/chunks/pages/ 0
796 B 764ms
764ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/news-69a91235af91480a.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"79d-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8efa1695d-FRA

GET
H2 200 %5Bslug%5D-3bca524b0262792f.js
www.on3.com/_next/static/chunks/pages/user/ 0
6 KB 83ms
83ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/user/%5Bslug%5D-3bca524b0262792f.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 27
cf-polished: origSize=32201
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"7dc9-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8efa2695d-FRA

GET
H2 200 %5Bslug%5D-eefed8ebf09f4008.js
www.on3.com/_next/static/chunks/pages/college/%5Bcollege%5D/news/ 0
790 B 424ms
424ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/college/%5Bcollege%5D/news/%5Bslug%5D-eefed8ebf09f4008.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"77c-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8efa3695d-FRA

GET
H2 200 news-4a43bc1af78a1469.js
www.on3.com/_next/static/chunks/pages/college/%5Bcollege%5D/category/%5Bcategory%5D/ 0
816 B 828ms
827ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/college/%5Bcollege%5D/category/%5Bcategory%5D/news-4a43bc1af78a1469.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"7c1-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8efa6695d-FRA

GET
H2 200 news-2bb8efb72465c568.js
www.on3.com/_next/static/chunks/pages/college/%5Bcollege%5D/ 0
805 B 710ms
710ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/college/%5Bcollege%5D/news-2bb8efb72465c568.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"7af-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8efa9695d-FRA

GET
H2 200 news-474eac843e18eb0a.js
www.on3.com/_next/static/chunks/pages/category/%5Bcategory%5D/ 0
802 B 776ms
774ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/category/%5Bcategory%5D/news-474eac843e18eb0a.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"7b1-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8efab695d-FRA

GET
H2 200 1104-d7963dda8f517732.js
www.on3.com/_next/static/chunks/ 0
13 KB 919ms
916ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/1104-d7963dda8f517732.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"10980-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8ffaf695d-FRA

GET
H2 200 deals-9374b94887b91c27.js
www.on3.com/_next/static/chunks/pages/nil/ 0
909 B 213ms
210ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/nil/deals-9374b94887b91c27.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"8a9-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8ffb2695d-FRA

GET
H2 200 1747-55256f0ef6d81921.js
www.on3.com/_next/static/chunks/ 0
85 KB 603ms
601ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/1747-55256f0ef6d81921.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"4e179-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8ffb5695d-FRA

GET
H2 200 8512-843e2caf8e2c2426.js
www.on3.com/_next/static/chunks/ 0
4 KB 685ms
682ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/8512-843e2caf8e2c2426.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"4397-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8ffb7695d-FRA

GET
H2 200 7987-dff29cd32ef968ec.js
www.on3.com/_next/static/chunks/ 0
5 KB 829ms
827ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/7987-dff29cd32ef968ec.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"5628-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8ffc0695d-FRA

GET
H2 200 4398-c7c74793d2b6c0a2.js
www.on3.com/_next/static/chunks/ 0
17 KB 924ms
921ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/4398-c7c74793d2b6c0a2.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"119f1-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8ffc2695d-FRA

GET
H2 200 nil-ad9e3d0f1facaf88.js
www.on3.com/_next/static/chunks/pages/db/%5Bid%5D/ 0
11 KB 844ms
842ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/db/%5Bid%5D/nil-ad9e3d0f1facaf88.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"cf7f-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8ffc4695d-FRA

GET
H2 200 9764-80b9155a8851f307.js
www.on3.com/_next/static/chunks/ 0
3 KB 1066ms
1064ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/9764-80b9155a8851f307.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:22 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"48e7-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8ffd4695d-FRA

GET
H2 200 5307-caa6ec586f83a472.js
www.on3.com/_next/static/chunks/ 0
5 KB 730ms
728ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/5307-caa6ec586f83a472.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"623d-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8ffd8695d-FRA

GET
H2 200 4154-079515f03e40c6a9.js
www.on3.com/_next/static/chunks/ 0
7 KB 412ms
411ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/4154-079515f03e40c6a9.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"5753-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8ffda695d-FRA

GET
H2 200 industry-comparison-98cf5a09511b9d45.js
www.on3.com/_next/static/chunks/pages/db/%5Bid%5D/ 0
7 KB 1178ms
1177ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/db/%5Bid%5D/industry-comparison-98cf5a09511b9d45.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:22 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"792f-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8ffde695d-FRA

GET
H2 200 %5BcollectiveGroup%5D-db3bc5ec0cfb39c1.js
www.on3.com/_next/static/chunks/pages/nil/collectives/ 0
10 KB 329ms
329ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/nil/collectives/%5BcollectiveGroup%5D-db3bc5ec0cfb39c1.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"c07a-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8ffe1695d-FRA

GET
H2 200 9352-97636beb9dde1016.js
www.on3.com/_next/static/chunks/ 0
3 KB 728ms
726ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/9352-97636beb9dde1016.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"2d95-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8ffe4695d-FRA

GET
H2 200 4542-9c7c4446fe852ce5.js
www.on3.com/_next/static/chunks/ 0
6 KB 834ms
833ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/4542-9c7c4446fe852ce5.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"67a8-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8ffe7695d-FRA

GET
H2 200 %5Bteam%5D-d92c4cc750b04383.js
www.on3.com/_next/static/chunks/pages/teams/ 0
7 KB 741ms
740ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/teams/%5Bteam%5D-d92c4cc750b04383.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"709a-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8ffea695d-FRA

GET
H2 200 teams-590cc112dc5356f2.js
www.on3.com/_next/static/chunks/pages/ 0
4 KB 886ms
886ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/teams-590cc112dc5356f2.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"4136-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8f810695d-FRA

GET
H2 200 4019-0035430696cbf787.js
www.on3.com/_next/static/chunks/ 0
4 KB 694ms
693ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/4019-0035430696cbf787.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"7044-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8f812695d-FRA

GET
H2 200 3900-fbc9ceec3d85374f.js
www.on3.com/_next/static/chunks/ 0
15 KB 1345ms
1344ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/3900-fbc9ceec3d85374f.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:22 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"16239-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8f816695d-FRA

GET
H2 200 %5Bid%5D-0258f66ea589c97b.js
www.on3.com/_next/static/chunks/pages/db/ 0
12 KB 947ms
947ms Other
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/db/%5Bid%5D-0258f66ea589c97b.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"d22a-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af8f818695d-FRA

GET
H3 200 pubads_impl_2022120601.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
129 KB 121ms
40ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 13:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132161
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 09:39:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Dec 2023 13:29:20 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 205 B
125 B 161ms
80ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.on3.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7dc22b340e053a60cdbc9541a6db65d56986efd05453971442906eea5dd2661

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0
expires: Tue, 20 Dec 2022 17:30:21 GMT

GET
H2 200 sync-container.js Show response
b-code.liadm.com/ 6 KB
6 KB 8ms
8ms Script
application/javascript 2600:9000:2057:ca00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/sync-container.js
Requested by: Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-087j.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ca00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 09:51:30 GMT
x-amz-version-id: WIo1DFPCLgnYZuB8yv1dFIDWe1bYBj2G
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
last-modified: Tue, 10 May 2022 11:48:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 2187531
etag: "ae5e94de938b0387eda6df8f20da811a"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 5904
x-amz-cf-id: s58BMgv3x2vtf4R62PN3Jwx3LmrSz5eEAJbs-3E9GqipqmNqeO544w==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
75 KB 137ms
53ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D6C0XT55DS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-193678100-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a3bde2b0da6de425a5bf387a2cd2512996ae9f92a25c45ed03cd65d78f5431f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76857
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Dec 2022 17:30:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 183ms
58ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-193678100-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 20 Dec 2022 16:27:23 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3778
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 20 Dec 2022 18:27:23 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 144ms
64ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-300834140&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-193678100-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

64a9c9903ca26501223b42fdb457ed157c4a228858959a319d8cc24e558c4628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66914
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Dec 2022 17:30:21 GMT

GET
H2 200 6663058ad249eaa9.css Show response
www.on3.com/_next/static/css/ 21 KB
5 KB 135ms
116ms Fetch
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/6663058ad249eaa9.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8eadab9423f2702a66110602270c4b6c86b1b522cb2d69b9b265402a77b848c0

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 29
cf-polished: origSize=21698
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"54c2-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af98943695d-FRA

GET
H2 200 0215489be5675b2a.css Show response
www.on3.com/_next/static/css/ 28 KB
5 KB 82ms
64ms Fetch
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/0215489be5675b2a.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

666945c7806e7ca0f578b2f6e29cb49a6ead67947405b9cc20c822507e58a2f0

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=28634
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"6fda-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af98946695d-FRA

GET
H2 200 96a07407002e62ca.css Show response
www.on3.com/_next/static/css/ 17 KB
4 KB 83ms
65ms Fetch
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/96a07407002e62ca.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92d0f502ca4e1fcfa45e10226c3ebdbad7f31d6f6cd6d9ec8ffe7b0455c724ad

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=17429
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"4415-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af9894a695d-FRA

GET
H2 200 3583-7112170ccfea77f5.js Show response
www.on3.com/_next/static/chunks/ 12 KB
3 KB 59ms
42ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/3583-7112170ccfea77f5.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05495b6a8f1c836fdb363bcdcd6a38e3ab0fd96fc02ba6755eb415adb7301ace

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=11864
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"2e58-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af9895c695d-FRA

GET
H2 200 6741-34f964d823264b5c.js Show response
www.on3.com/_next/static/chunks/ 36 KB
11 KB 93ms
75ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/6741-34f964d823264b5c.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88a9fd5c36af560b55d1754850d6ebf89a4e08c2970aba71bf6440033b15f8e4

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 29
cf-polished: origSize=37326
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"91ce-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af9895f695d-FRA

GET
H2 200 %5Bslug%5D-3bca524b0262792f.js Show response
www.on3.com/_next/static/chunks/pages/user/ 31 KB
6 KB 75ms
57ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/user/%5Bslug%5D-3bca524b0262792f.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c68e97b48e35032a8d26a3d4bf79aa7e956f76f7b83b3279287beb51f6eab949

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=32201
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"7dc9-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af98960695d-FRA

GET
H2 200 5e94f82f48ced092.css Show response
www.on3.com/_next/static/css/ 22 KB
5 KB 104ms
87ms Fetch
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/5e94f82f48ced092.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d98b496dcd07245c8d922b48a3ce138c3505a7c2d3a4269c7c05a906d5d4c7af

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=22331
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"573b-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af98950695d-FRA

GET
H2 200 e893f787-85b7183688e8746d.js Show response
www.on3.com/_next/static/chunks/ 329 KB
88 KB 84ms
67ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/e893f787-85b7183688e8746d.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01672495e45469835599b579c056da3b519eccd52c06f3ea22a60c226a47aaf6

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 29
cf-polished: origSize=337061
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"524a5-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af9896c695d-FRA

GET
H2 200 3859-605226a601e763d6.js Show response
www.on3.com/_next/static/chunks/ 39 KB
9 KB 83ms
66ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/3859-605226a601e763d6.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fba3a8494e2ff25c58add9d0aaca8a7f46dce5a39fd2217840bbe4d16b58b3f

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 29
cf-polished: origSize=39953
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"9c11-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af98972695d-FRA

GET
H2 200 3916-15dc6e6ad3e3f79e.js Show response
www.on3.com/_next/static/chunks/ 53 KB
16 KB 91ms
74ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/3916-15dc6e6ad3e3f79e.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2dd74760c6bfae0bf8b6a2c45466df2527ec54700dafb704eeec42644e18865

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 29
cf-polished: origSize=54227
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"d3d3-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af98973695d-FRA

GET
H2 200 4563-10f16cb406d8dca1.js Show response
www.on3.com/_next/static/chunks/ 172 KB
37 KB 78ms
62ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/4563-10f16cb406d8dca1.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0a88053a6bcec5790b7bac6e5ab69401585f5e27406179f27bc38275a4f6747

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 29
cf-polished: origSize=176457
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"2b149-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af98976695d-FRA

GET
H2 200 3215-87e6f84af9b8aaa2.js Show response
www.on3.com/_next/static/chunks/ 33 KB
7 KB 103ms
87ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/3215-87e6f84af9b8aaa2.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95bc73be43b0cc4bc556e942ff9536f74c56d3ccf3d154ded074b0cfa65ac1ee

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 29
cf-polished: origSize=34148
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"8564-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af98978695d-FRA

GET
H2 200 5258-e886df987a0ba92b.js Show response
www.on3.com/_next/static/chunks/ 85 KB
21 KB 86ms
70ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/5258-e886df987a0ba92b.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d580027413c6732c52f706580a34e4d4d4bf12ae59c66d83df69a7bd6d9cb7ee

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 29
cf-polished: origSize=87076
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"15424-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af9897a695d-FRA

GET
H2 200 %5Bslug%5D-eefed8ebf09f4008.js Show response
www.on3.com/_next/static/chunks/pages/college/%5Bcollege%5D/news/ 2 KB
763 B 1090ms
1074ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/college/%5Bcollege%5D/news/%5Bslug%5D-eefed8ebf09f4008.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a930e71f1f6b81f55f426f33e4bc319268a7d248544bb80164a69e039d2100bf

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:22 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"77c-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af98991695d-FRA

GET
H2 200 d533cdcf2b979dde.css Show response
www.on3.com/_next/static/css/ 25 KB
6 KB 81ms
66ms Fetch
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/d533cdcf2b979dde.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a35c408cbba6afa01ef47ca11d4d02f64c79a12f6735769951b2f0dde27c54b

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 29
cf-polished: origSize=25752
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"6498-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af98959695d-FRA

GET
H2 200 6726-4ad055a7ee15fd12.js Show response
www.on3.com/_next/static/chunks/ 29 KB
6 KB 995ms
975ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/6726-4ad055a7ee15fd12.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39bd346ee248cc9b48fe02843d4b27f56e4d6900ce1964de25cd852e0232d4fb

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:22 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"7410-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af989b4695d-FRA

GET
H2 200 news-2bb8efb72465c568.js Show response
www.on3.com/_next/static/chunks/pages/college/%5Bcollege%5D/ 2 KB
790 B 815ms
795ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/college/%5Bcollege%5D/news-2bb8efb72465c568.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd6afbb8fbf9baa4aa3c52449436f2aec353c3e56b2f9b0cfc78dd58b0bd6808

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"7af-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af989b7695d-FRA

GET
H2 200 7d16613d90052806.css Show response
www.on3.com/_next/static/css/ 22 KB
5 KB 338ms
318ms Fetch
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/7d16613d90052806.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

501a035b4e68b085571485afe6373c13f7b385f48c0a5ac9590fa2a7cb808ea1

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"5746-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af9899c695d-FRA

GET
H2 200 news-4a43bc1af78a1469.js Show response
www.on3.com/_next/static/chunks/pages/college/%5Bcollege%5D/category/%5Bcategory%5D/ 2 KB
818 B 943ms
923ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/college/%5Bcollege%5D/category/%5Bcategory%5D/news-4a43bc1af78a1469.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7408622be111fb1ba19384224cd1c20688edc9a4ec333631b37680977792f3e

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"7c1-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af989b9695d-FRA

GET
H2 200 news-474eac843e18eb0a.js Show response
www.on3.com/_next/static/chunks/pages/category/%5Bcategory%5D/ 2 KB
787 B 832ms
813ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/category/%5Bcategory%5D/news-474eac843e18eb0a.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84566ea01c51bcc51743cafe4855ced2c7e1aafe7a004c9404c5cbe04484b222

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"7b1-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af989ba695d-FRA

GET
H2 200 1747-55256f0ef6d81921.js Show response
www.on3.com/_next/static/chunks/ 312 KB
85 KB 1439ms
1420ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/1747-55256f0ef6d81921.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87feda490f73eafd4b34baf671cf87ab45e5ebf34a28a0fa343e9f720133cfae

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:22 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"4e179-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af9b9cb695d-FRA

GET
H2 200 8512-843e2caf8e2c2426.js Show response
www.on3.com/_next/static/chunks/ 17 KB
4 KB 848ms
829ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/8512-843e2caf8e2c2426.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee0bc6080af27561e339017bd9bc5fe7ae12f1e3a4b5a9f1a7d441decdc929bf

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"4397-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af9b9ce695d-FRA

GET
H2 200 7987-dff29cd32ef968ec.js Show response
www.on3.com/_next/static/chunks/ 22 KB
5 KB 687ms
668ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/7987-dff29cd32ef968ec.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c17c5df81223d06131578031e442b135b93a722fc5d09126a2161eaeb50146cf

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"5628-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af9b9d1695d-FRA

GET
H2 200 4398-c7c74793d2b6c0a2.js Show response
www.on3.com/_next/static/chunks/ 70 KB
17 KB 1142ms
1123ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/4398-c7c74793d2b6c0a2.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbffb8a33ab90fb09939d2dbd9fb41ee4842e3ee1b4f05797395527f8ed96811

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:22 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"119f1-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af9b9d7695d-FRA

GET
H2 200 nil-ad9e3d0f1facaf88.js Show response
www.on3.com/_next/static/chunks/pages/db/%5Bid%5D/ 52 KB
11 KB 948ms
930ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/db/%5Bid%5D/nil-ad9e3d0f1facaf88.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b1c77d079dfd6f706594db4f4f9feba2d300d07f92683467cc34c17f428a5e0

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"cf7f-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af9b9da695d-FRA

GET
H2 200 76d07520b9426ce0.css Show response
www.on3.com/_next/static/css/ 22 KB
5 KB 868ms
851ms Fetch
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/76d07520b9426ce0.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33011093b700b2bb851a71f1b18fce667224e150f4b674f9ed922a665663bc38

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"582f-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af989a1695d-FRA

GET
H2 200 270017ad2341f2d5.css Show response
www.on3.com/_next/static/css/ 35 KB
6 KB 718ms
701ms Fetch
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/270017ad2341f2d5.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42c759694f7f1905a76989ef08920380dbff90c2914b3f80e87ca6f96c01328c

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"8cbf-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af989a5695d-FRA

GET
H2 200 ab527a804450f341.css Show response
www.on3.com/_next/static/css/ 22 KB
5 KB 269ms
252ms Fetch
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/ab527a804450f341.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d51555855d8b6179e5a6c2c9eccbdc681ebd084b6919af0d6df2a6935bad412

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"58b8-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af989a8695d-FRA

GET
H2 200 9764-80b9155a8851f307.js Show response
www.on3.com/_next/static/chunks/ 18 KB
3 KB 753ms
736ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/9764-80b9155a8851f307.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2efb7666a794470b9e09589ba6b6aa35b5e4c163e172c14c8b4da58de42f1b2b

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"48e7-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af9b9e8695d-FRA

GET
H2 200 5307-caa6ec586f83a472.js Show response
www.on3.com/_next/static/chunks/ 25 KB
5 KB 754ms
738ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/5307-caa6ec586f83a472.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8559a92711cb16cbf63ddd77813054761318a59fa2e1d58b8f557722bffe788

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"623d-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af9b9ee695d-FRA

GET
H2 200 4154-079515f03e40c6a9.js Show response
www.on3.com/_next/static/chunks/ 22 KB
7 KB 949ms
933ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/4154-079515f03e40c6a9.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad0436699aef87d2488c671ab81c7fab881f9bb2f6432afce1ec33885139938f

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"5753-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af9b9f0695d-FRA

GET
H2 200 industry-comparison-98cf5a09511b9d45.js Show response
www.on3.com/_next/static/chunks/pages/db/%5Bid%5D/ 30 KB
7 KB 830ms
814ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/db/%5Bid%5D/industry-comparison-98cf5a09511b9d45.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7928e247213c27b7ad860d98eb34eb5dff8613e92a7ed17aa4cde395bb429a5d

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"792f-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af9b9f3695d-FRA

GET
H2 200 7e9edbf8b60b4699.css Show response
www.on3.com/_next/static/css/ 21 KB
5 KB 737ms
722ms Fetch
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/7e9edbf8b60b4699.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

362da9342e3d20600e557a2ffa71a068f5bc4addc0682fe833d562f6e4ca342c

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"5592-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af989aa695d-FRA

GET
H2 200 85997d0d484115c3.css Show response
www.on3.com/_next/static/css/ 7 KB
2 KB 723ms
707ms Fetch
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/85997d0d484115c3.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3f46591b98130936bf6e3bba275da666c8051f85dcf5f7f1511d5bde173d8cc

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"1ce6-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af989ad695d-FRA

GET
H2 200 9352-97636beb9dde1016.js Show response
www.on3.com/_next/static/chunks/ 11 KB
3 KB 1082ms
1067ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/9352-97636beb9dde1016.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9b302c5c4cbb4e5219e16dac589d9e81bc340cf40cd26f841c4e957864937d6

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:22 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"2d95-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af9b9f9695d-FRA

GET
H2 200 4542-9c7c4446fe852ce5.js Show response
www.on3.com/_next/static/chunks/ 26 KB
5 KB 914ms
899ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/4542-9c7c4446fe852ce5.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b09ab91ef0e854ace3c6a716a4c991895665134c049e2ee0e7042e3936a4faa

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"67a8-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af9b9fb695d-FRA

GET
H2 200 %5Bteam%5D-d92c4cc750b04383.js Show response
www.on3.com/_next/static/chunks/pages/teams/ 28 KB
7 KB 958ms
944ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/teams/%5Bteam%5D-d92c4cc750b04383.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15d1b72c9859676731eced0d14dd0a9ec8c3a0fe69372584c0960d7a0bd3fd75

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"709a-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af9ba04695d-FRA

GET
H2 200 47171ad40269bfcc.css Show response
www.on3.com/_next/static/css/ 25 KB
6 KB 736ms
721ms Fetch
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/47171ad40269bfcc.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e162d7edf1fcd93a4e11b454dab7acdcddc72c6e245aab5b132099e763dafe6a

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"63e7-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af989b1695d-FRA

GET
H2 200 96fa5fc2b5ed2afa.css Show response
www.on3.com/_next/static/css/ 6 KB
2 KB 842ms
828ms Fetch
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/96fa5fc2b5ed2afa.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62940af7f8084b014e9992277bd468868b081bd4e7c1075be85d7ee096e0c9c1

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"1614-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1af989b2695d-FRA

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 178 KB
45 KB 72ms
8ms Script
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:30:53 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront), 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
last-modified: Thu, 15 Dec 2022 17:02:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-C2
age: 3569
x-amz-server-side-encryption: AES256
etag: W/"9678e76b6e6295571547f8fe5df68b88"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: QGm7c9wBbAemteDmdEvthKO-lC0TmHiluIeWqpASk2TByA4PrqAGVg==

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1671557421132&aid=a-087j&se=e30&duid=4e503d5d0a01--01gmr9c5yb4ve2m1jc6nvy3vet&tna=v2.5.1&pu=https%3A%2F%2Fwww.on3.com%2F&wpn=lc-bundle&c=PHRpdGxlPk9uMy5jb20gfCBUaGUgQm...
https://rp4.liadm.com/j?dtstmp=1671557421132&aid=a-087j&se=e30&duid=4e503d5d0a01--01gmr9c5yb4ve2m1jc6nvy3vet&tna=v2.5.1&pu=https%3A%2F%2Fwww.on3.com%2F&wpn=lc-bundle&c=PHRpdGxlPk9uMy5jb20gfCBUaGUgQ...

13 B
551 B

323ms
99ms

XHR
application/json

3.218.4.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1671557421132&aid=a-087j&se=e30&duid=4e503d5d0a01--01gmr9c5yb4ve2m1jc6nvy3vet&tna=v2.5.1&pu=https%3A%2F%2Fwww.on3.com%2F&wpn=lc-bundle&c=PHRpdGxlPk9uMy5jb20gfCBUaGUgQmVzdCBvZiBDb2xsZWdlIFNwb3J0cyBhbmQgUmVjcnVpdGluZzwvdGl0bGU-PG1ldGEgY29udGVudD0iT24zIGlzIGJlc3QgcmVzb3VyY2UgZm9yIGNvbGxlZ2Ugc3BvcnRzLCByZWNydWl0aW5nLCBhbmQgTklMLiBGaW5kIGFsbCBvZiB5b3VyIGZhdm9yaXRlIHRlYW1zIGluZm9ybWF0aW9uIG9yIGJyb3dzZSBvdXIgYWR2YW5jZWQgcGxheWVyIGRhdGFiYXNlLiIgbmFtZT0iZGVzY3JpcHRpb24iPg&i6=MmEwMzoxYjIwOjY6ZjAxMTo6NmU%3D&n3pc=true

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Server

3.218.4.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-4-10.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
x-pixel-event-id: 937d15b0-3b3a-46f4-b11a-cd9456b572fe
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: a48caef63a2156c8
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Tue, 20 Dec 2022 17:30:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1671557421132&aid=a-087j&se=e30&duid=4e503d5d0a01--01gmr9c5yb4ve2m1jc6nvy3vet&tna=v2.5.1&pu=https%3A%2F%2Fwww.on3.com%2F&wpn=lc-bundle&c=PHRpdGxlPk9uMy5jb20gfCBUaGUgQmVzdCBvZiBDb2xsZWdlIFNwb3J0cyBhbmQgUmVjcnVpdGluZzwvdGl0bGU-PG1ldGEgY29udGVudD0iT24zIGlzIGJlc3QgcmVzb3VyY2UgZm9yIGNvbGxlZ2Ugc3BvcnRzLCByZWNydWl0aW5nLCBhbmQgTklMLiBGaW5kIGFsbCBvZiB5b3VyIGZhdm9yaXRlIHRlYW1zIGluZm9ybWF0aW9uIG9yIGJyb3dzZSBvdXIgYWR2YW5jZWQgcGxheWVyIGRhdGFiYXNlLiIgbmFtZT0iZGVzY3JpcHRpb24iPg&i6=MmEwMzoxYjIwOjY6ZjAxMTo6NmU%3D&n3pc=true
access-control-allow-origin: https://www.on3.com
request-time: 0
access-control-allow-credentials: true
trace-id: ba583eff777b18c9
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 3340-64b8a6f8ca5327e2.js Show response
www.on3.com/_next/static/chunks/ 18 KB
6 KB 42ms
41ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/3340-64b8a6f8ca5327e2.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b0ce018cec1cf460afb0b3432b08f9e6365d6d233ccbdbb86a07a19f2a258b4

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=18928
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"49f0-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1afa4b93695d-FRA

GET
H2 200 2669-571c6a2318e695ca.js Show response
www.on3.com/_next/static/chunks/ 23 KB
5 KB 46ms
45ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/2669-571c6a2318e695ca.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d8df2f63fd61f56589c8fa49f0a89e5eefab265904f0617376587ed731921c4

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=23913
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"5d69-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1afa4b99695d-FRA

GET
H2 200 login-11c196f31145d544.js Show response
www.on3.com/_next/static/chunks/pages/ 2 KB
731 B 39ms
38ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/login-11c196f31145d544.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0566ea0e8a61bd9073a2b1a19f05f33c4f96f2b23ce21511d8c2243cec7638d1

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=2127
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"84f-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1afa4b9f695d-FRA

GET
H2 200 9fe22a0239a555d1.css Show response
www.on3.com/_next/static/css/ 18 KB
4 KB 53ms
53ms Fetch
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/9fe22a0239a555d1.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99e99e78aa5d72f4c689ef34daa6793d7ef8fdd457c943aea998a970105e78e7

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=18483
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"4833-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1afa4b9d695d-FRA

GET
H2 200 %5Bslug%5D-679ed03beb0fb8d0.js Show response
www.on3.com/_next/static/chunks/pages/news/ 2 KB
720 B 38ms
38ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/news/%5Bslug%5D-679ed03beb0fb8d0.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68b799f632b9ed0522ed5e4661080b5baa17fd25afa5a6f2db4ffe6938e97e64

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 29
cf-polished: origSize=1900
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"76c-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1afa5ba2695d-FRA

GET
H2 200 4583-e4b846674050b3df.js Show response
www.on3.com/_next/static/chunks/ 24 KB
7 KB 42ms
40ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/4583-e4b846674050b3df.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b7f4d85fa29db0bee26bbb6f850a22f762271a73468efe2fcddaba48212b354

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=24896
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"6140-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1afa5bab695d-FRA

GET
H2 200 8557-5582d49c9c9598da.js Show response
www.on3.com/_next/static/chunks/ 14 KB
3 KB 46ms
43ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/8557-5582d49c9c9598da.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3092d361d82fe15fff872f63ac99509275c8f279b2c62bef7c575614f2f379f

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=14293
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"37d5-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1afa5bb4695d-FRA

GET
H2 200 3176-4d072eefd87281fd.js Show response
www.on3.com/_next/static/chunks/ 13 KB
4 KB 50ms
47ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/3176-4d072eefd87281fd.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35c9e81dba52a60c741879a4c4944e05bde2b37556a1d206d7d525b3e0888d9a

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=13392
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"3450-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1afa5bc0695d-FRA

GET
H2 200 8922-c664d7ded5d6c83d.js Show response
www.on3.com/_next/static/chunks/ 27 KB
6 KB 75ms
73ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/8922-c664d7ded5d6c83d.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

203d80492a999fccd64f5a87eff47811fe759013ffae8c27c4dbe6f4d3a19e23

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=27255
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"6a77-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1afa5bc3695d-FRA

GET
H2 200 7244-8dc0aa99ef410c40.js Show response
www.on3.com/_next/static/chunks/ 50 KB
13 KB 44ms
41ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/7244-8dc0aa99ef410c40.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cd2ce5c72f7579334beaca51f2b88cf3e1317e5870f7952bd4ca48e56b81968

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=51635
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"c9b3-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1afa5bc6695d-FRA

GET
H2 200 join-a6c4bcf25bfdb49e.js Show response
www.on3.com/_next/static/chunks/pages/ 2 KB
731 B 48ms
46ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/join-a6c4bcf25bfdb49e.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8646f990913280314d78040f4425afb9cfff69158cd49c41394acd6d6b8018a5

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=1951
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"79f-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1afa5bcb695d-FRA

GET
H2 200 dcff31c9d4136d00.css Show response
www.on3.com/_next/static/css/ 9 KB
3 KB 54ms
52ms Fetch
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/dcff31c9d4136d00.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f886cb5306edad163eb596ce89d572c6206d6d022ee437fe4d0c0d50f4a0f005

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 28
cf-polished: origSize=8711
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"2207-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1afa5bca695d-FRA

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 37ms
10ms XHR
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: KO0V33_zzBQMkGMaMpLupHqINiAUum0D
content-encoding: gzip
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
date: Tue, 20 Dec 2022 01:27:17 GMT
x-amz-cf-pop: FRA56-C2
age: 58604
x-cache: Hit from cloudfront
last-modified: Wed, 07 Dec 2022 02:43:04 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: YheWHGjLbynbhuQBCDB_ebFDM8ha5fKN09bO7NbjcHeCjGuAtCEuqQ==

GET
H2 200 4670326 Show response
fundingchoicesmessages.google.com/i/ 18 KB
8 KB 165ms
64ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/4670326?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c8468eb144c1c25e41e3ccb7f56363fb30c346481f48c775a10fef84b3afadea

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Vm0JbLqAG_dP4-mKAjay2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-Vm0JbLqAG_dP4-mKAjay2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 165ms
68ms XHR
text/plain 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1724851470&t=pageview&_s=1&dl=https%3A%2F%2Fwww.on3.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=On3.com%20%7C%20The%20Best%20of%20College%20Sports%20and%20Recruiting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBAAUABAAAAACAAI~&jid=909754715&gjid=1175933997&cid=471441715.1671557421&tid=UA-193678100-1&_gid=2106742027.1671557421&_r=1&gtm=2oubu0&cd1=undefined&cd2=undefined&cd3=%2F&cd4=undefined&cd5=undefined&cd6=&cd7=On3&cd8=44&cd9=National&cd10=undefined&cd11=web&cd12=undefined&cd13=other&cd14=guest&cd15=guest&z=338474513

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/300834140/ 2 KB
1 KB 172ms
85ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/300834140/?random=1671557421311&cv=11&fst=1671557421311&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.on3.com%2F&tiba=On3.com%20%7C%20The%20Best%20of%20College%20Sports%20and%20Recruiting&auid=329625252.1671557421&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-300834140&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27bfbc2917608db07fb061e7480573ff5b6b760568367853af5bd9ee275e9db8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/300834140/ 3 KB
2 KB 168ms
85ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/300834140/?random=1671557421320&cv=11&fst=1671557421320&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.on3.com%2F&tiba=On3.com%20%7C%20The%20Best%20of%20College%20Sports%20and%20Recruiting&auid=329625252.1671557421&uaw=0&data=event%3Dpage_view%3Bpage_path%3D%2F%3BauthorName%3Dundefined%3BauthorId%3Dundefined%3BpathName%3D%2F%3Bcategory%3Dundefined%3BcontentId%3Dundefined%3BteamName%3D%3BsiteName%3DOn3%3BsiteKey%3D44%3BsiteType%3DNational%3Buser%3Dundefined%3Bplatform%3Dweb%3BcategoryKey%3Dundefined%3BpageType%3Dother%3BuserStatus%3Dguest%3BsubStatus%3Dguest&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-300834140&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db9edb604c0596bd3511b0ef8e333d0e71b1dca152768bf7ded03977870593d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1012
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/300834140/ 2 KB
2 KB 207ms
72ms Script
text/javascript 172.217.20.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/300834140/?random=1671557421323&cv=11&fst=1671557421323&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=4Q_iCL2KmIUDENy6uY8B&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.on3.com%2F&tiba=On3.com%20%7C%20The%20Best%20of%20College%20Sports%20and%20Recruiting&gtm_ee=1&auid=329625252.1671557421&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-300834140&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s28-in-f2.1e100.net

Software

cafe /

Resource Hash

20542eb31c8d837200fa7d0978252a7f435d6e6ebefe07828784d65a79acd072

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1217
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 87ms
18ms Preflight
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.on3.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.on3.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Tue, 20 Dec 2022 17:30:21 GMT

OPTIONS
H2 204 auction
pbs.nextmillmedia.com/openrtb2/ Frame 0
0 322ms
102ms Preflight 52.22.146.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs.nextmillmedia.com/openrtb2/auction
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.146.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-146-154.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.on3.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
date: Tue, 20 Dec 2022 17:30:21 GMT
expires: 0
pragma: no-cache
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 204 auction
pbs.nextmillmedia.com/openrtb2/ Frame 0
0 322ms
102ms Preflight 52.22.146.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs.nextmillmedia.com/openrtb2/auction
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.146.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-146-154.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.on3.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
date: Tue, 20 Dec 2022 17:30:21 GMT
expires: 0
pragma: no-cache
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 204 auction
pbs.nextmillmedia.com/openrtb2/ Frame 0
0 322ms
103ms Preflight 52.22.146.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs.nextmillmedia.com/openrtb2/auction
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.146.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-146-154.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.on3.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
date: Tue, 20 Dec 2022 17:30:21 GMT
expires: 0
pragma: no-cache
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 grumi-ip.js Show response
rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/ 12 KB
5 KB 64ms
8ms Script
application/javascript 2600:9000:206f:3000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi-ip.js
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d50c94e062cfbcd2b5b804e9bdb01755941dc851812cdbeea3c6dc928651f8c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 15:45:36 GMT
content-encoding: br
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-version-id: e.3U.G1f06KjIcrHqtrFOJQX8lrzLenv
last-modified: Wed, 09 Nov 2022 18:01:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 6286
etag: W/"8ad2beee52c2abad4a49b927b72d3048"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age: 14400, stale-while-revalidate=14400, immutable
x-amz-cf-id: 6KULSKZ3Y2p_FK_NnXZqGbe8Tkq2erNhkY4BWue0Zac_XD534fsuOQ==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
308 B 8ms
8ms XHR
text/plain 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.on3.com&pubid=f616a11b-a2f7-4850-88be-2e2d60ff82f7
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 11:47:06 GMT
via: 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
age: 20594
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.on3.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: vVUwG3ehOK2Mo7FUXqCie5W95bwE2DtI7FOFgd_uLGiNDzXbcuOUvA==

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
159 B 60ms
22ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.on3.com
pragma: no-cache
date: Tue, 20 Dec 2022 17:30:21 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 357 B
1 KB 80ms
24ms XHR
application/json 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

847a98d7da27fe4d895e9b3a088ff63626bf570a45d7a55272a165f177ee7dc6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 17:30:21 GMT
AN-X-Request-Uuid: cde55053-cc6b-4fbc-8b38-286323b7a693
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.on3.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 357
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 65ms
21ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969571017878182a4f188116d50015&pos=kentucky_mpu_top&cmd=bid&secure=1
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 916451191610a37574e4460b9f8bd614b964053eef35bfaaf17bf9fea8c1c164

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.on3.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 63ms
18ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969571017878182a4f188116d50015&pos=kentucky_mpu_middle&cmd=bid&secure=1
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: a3a8c41a5c103793744c591438e56156b5d968594b3045bc2f60bd173d57f21e

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.on3.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
290 B 61ms
17ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96984f017878182078188114ea0016&pos=kentucky_mobile_mpu_top&cmd=bid&secure=1
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: bb40c7e82e6518f95d198f0ab3c019f0120f69144a96491bd83ab28a341e78f7

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.on3.com
access-control-allow-credentials: true
content-length: 62

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
398 B 102ms
34ms XHR
application/json 216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.27.0
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: b615b51697b6098bb772433dc103e1e0199638100eddbc3756ad33bd25305c5d

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 20 Dec 2022 17:30:21 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.on3.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 139ms
85ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.on3.com
date: Tue, 20 Dec 2022 17:30:20 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 prebid Show response
exchange.postrelease.com/ 0
390 B 111ms
34ms XHR
application/json 54.73.175.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.postrelease.com/prebid?ntv_ptd=1137694,1137695,1137698&ntv_pb_rid=21ea6f0fc75ce56&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoibXB1X3RvcCIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdXX19fSx7ImFkVW5pdENvZGUiOiJtcHVfbWlkZGxlIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF1dfX19LHsiYWRVbml0Q29kZSI6Im1vYmlsZV9tcHVfdG9wIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF1dfX19XX0=&ntv_dbr=eyJtcHVfdG9wIjowLCJtcHVfbWlkZGxlIjowLCJtb2JpbGVfbXB1X3RvcCI6MH0=&ntv_url=https%3A%2F%2Fwww.on3.com%2F
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.175.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-175-243.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:21 GMT
content-encoding: gzip
server: nginx/1.12.1
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.on3.com
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-length: 20
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
565 B 96ms
47ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=889348&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2225640fe825c35a3%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.on3.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%226.27.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.on3.com%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2226440b53ef45465%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22889348%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2227d026b9e044247%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22889349%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22282d434d72dddab%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22889353%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da64ff0b7508a600d9491d3b061938b15e06513db4af9e285a3ee9a0867c3980

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=usmZTwXyfJsYgcptEaP7pjRFzdSbt2h2CxfTcKEFZ3X2kL%2BqGFfcHpHKL4U8UHaOHdbWiYCWzeLAMXT7c9H8X5c%2B6RDyR%2Bc0L0BVl2fo3oLVJafmkZFxDyRp4m%2BLg%2BI46fPHoyD5"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.on3.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77ca1afbdb799c12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
552 B 51ms
11ms XHR
application/json 3.121.4.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.27.0&referrer=https%3A%2F%2Fwww.on3.com%2F&tmax=5000

Requested by

Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.121.4.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-121-4-183.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:21 GMT
accept-ch: sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua
x-auction-status: 12, 12, 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 auction Show response
pbs.nextmillmedia.com/openrtb2/ 0
343 B 351ms
148ms XHR
text/plain 52.22.146.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs.nextmillmedia.com/openrtb2/auction
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.146.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-146-154.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:21 GMT
x-prebid: pbs-go/unknown
vary: Origin
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

POST
H2 204 auction Show response
pbs.nextmillmedia.com/openrtb2/ 0
344 B 344ms
142ms XHR
text/plain 52.22.146.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs.nextmillmedia.com/openrtb2/auction
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.146.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-146-154.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:21 GMT
x-prebid: pbs-go/unknown
vary: Origin
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

POST
H2 204 auction Show response
pbs.nextmillmedia.com/openrtb2/ 0
343 B 378ms
175ms XHR
text/plain 52.22.146.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs.nextmillmedia.com/openrtb2/auction
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.146.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-146-154.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:22 GMT
x-prebid: pbs-go/unknown
vary: Origin
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
155 B 48ms
10ms XHR
text/plain 18.159.78.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.78.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-78-175.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.on3.com
date: Tue, 20 Dec 2022 17:30:21 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
154 B 48ms
10ms XHR
text/plain 18.159.78.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.78.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-78-175.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.on3.com
date: Tue, 20 Dec 2022 17:30:21 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
154 B 49ms
12ms XHR
text/plain 18.159.78.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.78.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-78-175.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.on3.com
date: Tue, 20 Dec 2022 17:30:21 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
788 B 180ms
61ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23942&site_id=398058&zone_id=2230680&size_id=15&rf=https%3A%2F%2Fwww.on3.com%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=097a73ef-dea3-486c-b99e-07928ba54ff5&l_pb_bid_id=42cb0f49e2519bd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.10579078331016811
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 92f9851b2be7b636c5e6016cf5911f10596b433e4bcbf651a704338988263976

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:21 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.on3.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 241
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
564 B 199ms
81ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23942&site_id=398058&zone_id=2230680&size_id=15&rf=https%3A%2F%2Fwww.on3.com%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=bb8ea09f-2b2a-4048-b445-54255da2481e&l_pb_bid_id=43038cb1d3d6682&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4945585130417689
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8103fe73bd02943d332e107ec7727e3bf81c0107f99ced6d701ed5aa77da8c79

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:21 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.on3.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 241
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
565 B 184ms
65ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23942&site_id=398058&zone_id=2230680&size_id=15&rf=https%3A%2F%2Fwww.on3.com%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=f14ad1b4-9ab6-4b8f-8100-f8e8cfd96ea7&l_pb_bid_id=440597ef9a28e7d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3243155733363394
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5629c2051ac404f4b9a7ed2f8b917334caf71064f0c217758879e42c045d6c45

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:21 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.on3.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 241
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 21 KB
12 KB 317ms
245ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU9VA2T2
Requested by: Host: cdn-ext.spiny.ai
URL: https://cdn-ext.spiny.ai/lib/br/prod/D17/on3/default/bidroll.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a2fffcc911b4a58af729375719d1248c780fb777d7236a3c45cacfa7e2784283

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:21 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.on3.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Tue, 20 Dec 2022 17:30:21 GMT

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
459 B 98ms
51ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.on3.com%2F&pid=9ANXPC8STSS4A&cb=0&ws=1600x1200&v=22.1212.1511&t=5000&slots=%5B%7B%22sd%22%3A%22mpu_top%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22mpu_middle%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22mobile_mpu_top%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%5D&pubid=f616a11b-a2f7-4850-88be-2e2d60ff82f7&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: 57WEMSXFX4WZTC3VMJZQ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.on3.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: M_xnuRUW20y8Z6wK8sF7Pm0MeFSbAg4HpKqxyGuaylqeTJ7orIAyfg==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
335 B 109ms
39ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-D6C0XT55DS&gtm=2oebu0&_p=1724851470&cid=471441715.1671557421&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671557421&sct=1&seg=0&dl=https%3A%2F%2Fwww.on3.com%2F&dt=On3.com%20%7C%20The%20Best%20of%20College%20Sports%20and%20Recruiting&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D6C0XT55DS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 v3 Show response
js.stripe.com/ 406 KB
98 KB 49ms
9ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/4583-e4b846674050b3df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9080759f8df9cc79344d1a219beb77cc9c65d37b609b4e5aed5e6ebf7594ae8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 20 Dec 2022 17:30:21 GMT
via: 1.1 varnish
age: 35
x-cache: HIT
content-length: 100104
x-request-id: e4283634-6e1c-4b78-a0a7-aecec4bf8098
x-served-by: cache-hhn-etou8220089-HHN
last-modified: Mon, 19 Dec 2022 19:35:50 GMT
server: Fastly
etag: "26c51d3fbb8332171fcf09c97a2c7d05"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 23

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
436 B 64ms
21ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-193678100-1&cid=471441715.1671557421&jid=909754715&gjid=1175933997&_gid=2106742027.1671557421&_u=4GBAAUAAAAAAACAAI~&z=120572654

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 20 Dec 2022 17:30:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/ 231 KB
78 KB 8ms
8ms Script
text/javascript 2600:9000:206f:3000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d0bca701934ae0c62584d55895ee5a5de529d65de0c57554bc66d00d89a2baf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:45:22 GMT
content-encoding: br
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-version-id: 29pc3AUh0bYsATU_BtrVAntNtdhOvJMQ
last-modified: Tue, 20 Dec 2022 15:42:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 2700
etag: W/"6db08a97ce29347abd186ab16233d6a0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: 6q-hzSDE6AKAUJA4QUllCKrkjMxfgbvSI9qPzZ8Ay1ZDJHjUW6qwcw==

GET
H2 200 %5BcollectiveGroup%5D-db3bc5ec0cfb39c1.js Show response
www.on3.com/_next/static/chunks/pages/nil/collectives/ 48 KB
10 KB 33ms
33ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/nil/collectives/%5BcollectiveGroup%5D-db3bc5ec0cfb39c1.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c74d4875627d22426e0447f50c80b355219079f4028fc3d30f93aad9dfc0357

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
cf-polished: origSize=49274
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"c07a-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1afc4fdf695d-FRA

GET
H2 200 d225329378fd6789.css Show response
www.on3.com/_next/static/css/ 26 KB
6 KB 730ms
729ms Fetch
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/d225329378fd6789.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2633a0226062e0b1c9a0b42e3ab473f3da71afee34ce1a3bdbdba2a7098b05eb

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:22 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"6994-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1afc4fe3695d-FRA

GET
H2 200 /
www.google.com/pagead/1p-user-list/300834140/ 42 B
548 B 136ms
50ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/300834140/?random=1671557421311&cv=11&fst=1671555600000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.on3.com%2F&tiba=On3.com%20%7C%20The%20Best%20of%20College%20Sports%20and%20Recruiting&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1990547584&rmt_tld=0&ipr=y

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/300834140/ 42 B
108 B 138ms
51ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/300834140/?random=1671557421311&cv=11&fst=1671555600000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.on3.com%2F&tiba=On3.com%20%7C%20The%20Best%20of%20College%20Sports%20and%20Recruiting&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1990547584&rmt_tld=1&ipr=y

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/300834140/ 42 B
108 B 136ms
51ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/300834140/?random=1671557421320&cv=11&fst=1671555600000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.on3.com%2F&tiba=On3.com%20%7C%20The%20Best%20of%20College%20Sports%20and%20Recruiting&data=event%3Dpage_view%3Bpage_path%3D%2F%3BauthorName%3Dundefined%3BauthorId%3Dundefined%3BpathName%3D%2F%3Bcategory%3Dundefined%3BcontentId%3Dundefined%3BteamName%3D%3BsiteName%3DOn3%3BsiteKey%3D44%3BsiteType%3DNational%3Buser%3Dundefined%3Bplatform%3Dweb%3BcategoryKey%3Dundefined%3BpageType%3Dother%3BuserStatus%3Dguest%3BsubStatus%3Dguest&fmt=3&is_vtc=1&random=825032634&rmt_tld=0&ipr=y

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/300834140/ 42 B
548 B 137ms
50ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/300834140/?random=1671557421320&cv=11&fst=1671555600000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.on3.com%2F&tiba=On3.com%20%7C%20The%20Best%20of%20College%20Sports%20and%20Recruiting&data=event%3Dpage_view%3Bpage_path%3D%2F%3BauthorName%3Dundefined%3BauthorId%3Dundefined%3BpathName%3D%2F%3Bcategory%3Dundefined%3BcontentId%3Dundefined%3BteamName%3D%3BsiteName%3DOn3%3BsiteKey%3D44%3BsiteType%3DNational%3Buser%3Dundefined%3Bplatform%3Dweb%3BcategoryKey%3Dundefined%3BpageType%3Dother%3BuserStatus%3Dguest%3BsubStatus%3Dguest&fmt=3&is_vtc=1&random=825032634&rmt_tld=1&ipr=y

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/300834140/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/300834140/?random=1400110694&cv=11&fst=1671557421323&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=4Q_iCL2KmIUDENy6uY...
https://www.google.com/pagead/1p-conversion/300834140/?random=1400110694&cv=11&fst=1671557421323&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=4Q_iCL2KmIUDENy6uY8B&hn=www.googleadser...
https://www.google.de/pagead/1p-conversion/300834140/?random=1400110694&cv=11&fst=1671557421323&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=4Q_iCL2KmIUDENy6uY8B&hn=www.googleadserv...

42 B
64 B

134ms
54ms

Image
image/gif

2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/300834140/?random=1400110694&cv=11&fst=1671557421323&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=4Q_iCL2KmIUDENy6uY8B&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.on3.com%2F&tiba=On3.com%20%7C%20The%20Best%20of%20College%20Sports%20and%20Recruiting&gtm_ee=1&auid=329625252.1671557421&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ05lRm5RWVE0ckxPbElyNHdiWHNBUklsQU45eFNxdEFSbVpZLXk2dHJ1RmlUVmlEX0o4U0xVaElDWU9zRG52NDlGY0pOREJKQkEaWENoRUlnTmVGblFZUWtZS3ZtTVR4OXM2TEFSSXRBTUtfRkV5V1BVVExmQjkydHg1MldJWHhPZjZaeGpEREYtOGVBM1BLdTZzcUhYend1dFk4R29ITE11dzM&is_vtc=1&ocp_id=LfGhY9PJHcjTxwLZpKjABw&cid=CAQSKQDq26N95DcaCtAJ-eCK6r3BEZnOreKfYuoE1B2XM9oNDPo54doTLZwCIBM&random=3594059310&ipr=y&prhg=0

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/300834140/?random=1400110694&cv=11&fst=1671557421323&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=4Q_iCL2KmIUDENy6uY8B&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.on3.com%2F&tiba=On3.com%20%7C%20The%20Best%20of%20College%20Sports%20and%20Recruiting&gtm_ee=1&auid=329625252.1671557421&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ05lRm5RWVE0ckxPbElyNHdiWHNBUklsQU45eFNxdEFSbVpZLXk2dHJ1RmlUVmlEX0o4U0xVaElDWU9zRG52NDlGY0pOREJKQkEaWENoRUlnTmVGblFZUWtZS3ZtTVR4OXM2TEFSSXRBTUtfRkV5V1BVVExmQjkydHg1MldJWHhPZjZaeGpEREYtOGVBM1BLdTZzcUhYend1dFk4R29ITE11dzM&is_vtc=1&ocp_id=LfGhY9PJHcjTxwLZpKjABw&cid=CAQSKQDq26N95DcaCtAJ-eCK6r3BEZnOreKfYuoE1B2XM9oNDPo54doTLZwCIBM&random=3594059310&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 news-69a91235af91480a.js Show response
www.on3.com/_next/static/chunks/pages/ 2 KB
753 B 34ms
33ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/news-69a91235af91480a.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d28b97f8ffeb85fe7c40b0dcc53775e6bba248d3368330a3f96c9e089f2fba1

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
cf-polished: origSize=1949
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"79d-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1afdba9d695d-FRA

GET
H/1.1 200
OK a-087j Show response
i.liadm.com/s/c/ Frame 231C 1 KB
1 KB 312ms
103ms Document
text/html 54.205.76.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-087j?s=&cim=&ps=true&ls=true&duid=4e503d5d0a01--01gmr9c5yb4ve2m1jc6nvy3vet&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi-ip.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.205.76.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-76-47.compute-1.amazonaws.com

Software

Resource Hash

dd5a9599e1470118364c3c4eeec1a59ed078b6ea4c2bb521cf9dc201bae062c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 674
Content-Type: text/html; charset=UTF-8
Date: Tue, 20 Dec 2022 17:30:22 GMT
ETag: 1.61803398874
Request-Time: 5
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding

GET
H2 200 teams-590cc112dc5356f2.js Show response
www.on3.com/_next/static/chunks/pages/ 16 KB
4 KB 38ms
37ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/teams-590cc112dc5356f2.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a34435da6643e514bb1521dc6517a1b6f8003152a94851575fe615cb1044deb4

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
cf-polished: origSize=16694
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"4136-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1afe8c78695d-FRA

GET
H2 200 6392fd756a063385.css Show response
www.on3.com/_next/static/css/ 20 KB
5 KB 291ms
290ms Fetch
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/6392fd756a063385.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f1110ae700694e29ed4d89c94d614776b0bc7170570f20401ae3da96dab7d45

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:22 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"4e95-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1afe8c75695d-FRA

GET
H2 200 1104-d7963dda8f517732.js Show response
www.on3.com/_next/static/chunks/ 66 KB
13 KB 39ms
39ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/1104-d7963dda8f517732.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1abff603e9f8d7856b61c74897cfeea629d65da3815c8708c0399d5e2513298

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"10980-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1afebcbe695d-FRA

GET
H2 200 deals-9374b94887b91c27.js Show response
www.on3.com/_next/static/chunks/pages/nil/ 2 KB
873 B 34ms
34ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/nil/deals-9374b94887b91c27.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97ef73303cd6eb428b3a4f4ba79469364ed5313e7630c44f55fd7475654032a3

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:21 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
cf-polished: origSize=2217
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"8a9-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1afebcc0695d-FRA

GET
H2 200 f1c26ff1341ec1ad.css Show response
www.on3.com/_next/static/css/ 46 KB
9 KB 671ms
670ms Fetch
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/f1c26ff1341ec1ad.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31b7ddd263a5ee2a8a65513adc186890de769dfad618972997b99adab859aaca

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:22 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"b971-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1afebcbf695d-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 214ms
69ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.on3.com

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 134ms
47ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.on3.com

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 35 KB
14 KB 507ms
507ms XHR
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2901702505178758&correlator=3473661532404502&eid=31071150%2C31071256%2C44761478%2C21065725&output=ldjh&gdfp_req=1&vrg=2022120601&ptt=17&impl=fifs&iu_parts=4670326%2Cdw-ott%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=300x250%2C300x250&ifi=1&adks=2902443972%2C1847363962&didk=3115857542~4184552943&sfv=1-0-40&prev_scp=pos%3Dtop%26amznbid%3D2%26amznp%3D2%7Cpos%3Dtop%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D50892c8efbf2a0d%26hb_bidder%3Dmedianet&eri=1&cust_params=ptype%3Dhome%26referrer%3Ddirect%26team%3Don3%26siteType%3DNational%26userStatus%3Dguest%26siteKey%3D44&sc=1&cookie_enabled=1&abxe=1&dt=1671557422088&lmt=1671554893&dlt=1671557420089&idt=1116&adxs=1170%2C-12245933&adys=603%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.on3.com%2F&frm=20&vis=1&psz=300x2982%7C300x250&msz=300x250%7C0x0&fws=512%2C128&ohw=0%2C0&ga_vid=471441715.1671557421&ga_sid=1671557422&ga_hid=1724851470&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73639769981ab85a67bc2f5434fa4e1526bfd9082811fb47aaf5185f9a81db97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14789
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6BE7 6 KB
3 KB 213ms
80ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 17:30:22 GMT
expires: Wed, 20 Dec 2023 17:30:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

b6c4badd83f644deb862f9158c860604
i.liadm.com/s/e/a-087j/0/ Frame 231C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-087j%2F0%2Fb6c4badd83f644deb862f9158c860604%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&a7665e9a-4205-4f24-9658-91a...
https://i.liadm.com/s/e/a-087j/0/b6c4badd83f644deb862f9158c860604?mpid=7156&muid=aaf463a1-f12f-4400-872c-02c97ca5d3d3

43 B
274 B

183ms
99ms

Image
image/gif

54.205.76.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-087j/0/b6c4badd83f644deb862f9158c860604?mpid=7156&muid=aaf463a1-f12f-4400-872c-02c97ca5d3d3

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-087j?s=&cim=&ps=true&ls=true&duid=4e503d5d0a01--01gmr9c5yb4ve2m1jc6nvy3vet&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Protocol

HTTP/1.1

Server

54.205.76.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-76-47.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 17:30:22 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

Redirect headers

Date: Tue, 20 Dec 2022 17:30:22 GMT
Server: MT3 254 34fcae8 master zrh-pixel-x14 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://i.liadm.com/s/e/a-087j/0/b6c4badd83f644deb862f9158c860604?mpid=7156&muid=aaf463a1-f12f-4400-872c-02c97ca5d3d3
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 20 Dec 2022 17:30:21 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 231C 70 B
265 B 104ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-087j?s=&cim=&ps=true&ls=true&duid=4e503d5d0a01--01gmr9c5yb4ve2m1jc6nvy3vet&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 20 Dec 2022 17:30:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

52164
i6.liadm.com/s/ Frame 231C
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=a7665e9a-4205-4f24-9658-91a4f46a222a&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=a7665e9a-4205-4f24-9658-91a4f46a222a&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=a6ff5d79-eb25-4920-bc98-aac586747f9d
https://x.bidswitch.net/sync?ssp=liveintent&user_id=a7665e9a-4205-4f24-9658-91a4f46a222a
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent&bsw_custom_parameter=a6ff5d79-eb25-4920-bc98-aac586747f9d
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent&bsw_custom_parameter=a6ff5d79-eb25-4920-bc98-aac586747f9d
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=af9b7cfb-efe3-47ab-91f5-22c9d26af6c0&user_group=1&ssp=liveintent&bsw_param=a6ff5d79-eb25-4920-bc98-aac586747f9d
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=a6ff5d79-eb25-4920-bc98-aac586747f9d
https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=a6ff5d79-eb25-4920-bc98-aac586747f9d

43 B
436 B

423ms
105ms

Image
image/gif

2600:1f18:ed:550e:8a5c:b0cf:9d7c:272c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=a6ff5d79-eb25-4920-bc98-aac586747f9d

Requested by

Protocol

HTTP/1.1

Server

2600:1f18:ed:550e:8a5c:b0cf:9d7c:272c Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 17:30:22 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=a6ff5d79-eb25-4920-bc98-aac586747f9d
Date: Tue, 20 Dec 2022 17:30:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 2

GET
H/1.1

200
OK

b6c4badd83f644deb862f9158c860604
i.liadm.com/s/e/a-087j/0/ Frame 231C
Redirect Chain

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=a7665e9a-4205-4f24-9658-91a4f46a222a&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-087j%2F0%2Fb6c4badd83f644deb862f9158c860604%3Fmpid%3D82775%26muid%3D%2...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=a7665e9a-4205-4f24-9658-91a4f46a222a&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-087j%2F0%2Fb6c4badd83f644deb862f9158c860604%3Fmp...
https://i.liadm.com/s/e/a-087j/0/b6c4badd83f644deb862f9158c860604?mpid=82775&muid=66602698248101081070774531128206098408

43 B
274 B

191ms
99ms

Image
image/gif

54.205.76.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-087j/0/b6c4badd83f644deb862f9158c860604?mpid=82775&muid=66602698248101081070774531128206098408

Requested by

Protocol

HTTP/1.1

Server

54.205.76.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-76-47.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 17:30:22 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

DCS: dcs-prod-irl1-2-v045-05ee5fd88.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: MRUE1qkVQgU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://i.liadm.com/s/e/a-087j/0/b6c4badd83f644deb862f9158c860604?mpid=82775&muid=66602698248101081070774531128206098408
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

live_intent_sync
x.dlx.addthis.com/e/ Frame 231C
Redirect Chain

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=a7665e9a-4205-4f24-9658-91a4f46a222a
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=a7665e9a-4205-4f24-9658-91a4f46a222a&rd=Y

43 B
601 B

160ms
159ms

Image
image/gif

2.18.232.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=a7665e9a-4205-4f24-9658-91a4f46a222a&rd=Y

Requested by

Protocol

Server

2.18.232.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-236.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Tue, 20 Dec 2022 17:30:22 GMT
pragma: no-cache
date: Tue, 20 Dec 2022 17:30:22 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.dlx.addthis.com/e/live_intent_sync?na_exid=a7665e9a-4205-4f24-9658-91a4f46a222a&rd=Y
pragma: no-cache
date: Tue, 20 Dec 2022 17:30:22 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Tue, 20 Dec 2022 17:30:22 GMT

GET
H2 200 /
trc.taboola.com/sg/liveintent/1/cm/ Frame 231C 43 B
381 B 40ms
16ms Image
image/gif 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/liveintent/1/cm/
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-087j?s=&cim=&ps=true&ls=true&duid=4e503d5d0a01--01gmr9c5yb4ve2m1jc6nvy3vet&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 20 Dec 2022 17:30:22 GMT
via: 1.1 varnish
x-served-by: cache-hhn-etou8220024-HHN
server: nginx
x-timer: S1671557422.147541,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

35004
i.liadm.com/s/ Frame 231C
Redirect Chain

https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=

43 B
436 B

103ms
102ms

Image
image/gif

54.205.76.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=

Requested by

Protocol

HTTP/1.1

Server

54.205.76.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-76-47.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 17:30:22 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 4
Content-Type: image/gif

Redirect headers

Location: //i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Pragma: no-cache
Date: Tue, 20 Dec 2022 17:30:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 77
Content-Type: text/html; charset=utf-8

GET
H2 200 4019-0035430696cbf787.js Show response
www.on3.com/_next/static/chunks/ 28 KB
4 KB 29ms
28ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/4019-0035430696cbf787.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7b106bbf827ab693ed92b86529c7cd47aebea9128cf015251b7955221cf3584

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:22 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 1
cf-polished: origSize=28740
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"7044-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1b016a6d695d-FRA

GET
H2 200 3900-fbc9ceec3d85374f.js Show response
www.on3.com/_next/static/chunks/ 89 KB
15 KB 29ms
28ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/3900-fbc9ceec3d85374f.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f8f2560e0b77fbe957a1937f2e8790915d800a8dfe8e61ffdd3d8ab02d5a806

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:22 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"16239-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1b016a79695d-FRA

GET
H2 200 %5Bid%5D-0258f66ea589c97b.js Show response
www.on3.com/_next/static/chunks/pages/db/ 52 KB
12 KB 39ms
38ms Script
application/javascript 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/chunks/pages/db/%5Bid%5D-0258f66ea589c97b.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4af55f637b24bffae4e6251d02c562c9d69115a4090105d6656635d5688e9d16

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:22 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 1
cf-polished: origSize=53802
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"d22a-1852cb493f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1b016a7c695d-FRA

GET
H2 200 a4eedcb3940dacb8.css Show response
www.on3.com/_next/static/css/ 33 KB
7 KB 904ms
903ms Fetch
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/a4eedcb3940dacb8.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98827c97e32fe6c74803813505ad0ea9d01f01fffd73eec050d7d4369ec4bb8d

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:23 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"836c-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1b016a73695d-FRA

GET
H2 200 6ce9409c7d45dbd2.css Show response
www.on3.com/_next/static/css/ 11 KB
3 KB 748ms
748ms Fetch
text/css 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/_next/static/css/6ce9409c7d45dbd2.css

Requested by

Host: www.on3.com
URL: https://www.on3.com/_next/static/chunks/main-9b45f65dd97df6bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce336384d2577dad6b0a1ef9ab3fddfe81c590789bb9446054a618938dc35ae6

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:23 GMT
content-security-policy
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Mon, 19 Dec 2022 23:25:10 GMT
server: cloudflare
etag: W/"2caf-1852cb493f0"
x-download-options: noopen
x-frame-options: deny
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 77ca1b016a77695d-FRA

GET
H3 200 container.html Show response
b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9576 6 KB
3 KB 210ms
49ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 17:30:22 GMT
expires: Wed, 20 Dec 2023 17:30:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9CDE 6 KB
3 KB 200ms
48ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 17:30:22 GMT
expires: Wed, 20 Dec 2023 17:30:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/ Frame 9CDE 231 KB
78 KB 7ms
7ms Script
text/javascript 2600:9000:206f:3000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js
Requested by: Host: www.on3.com
URL: https://www.on3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d0bca701934ae0c62584d55895ee5a5de529d65de0c57554bc66d00d89a2baf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:45:22 GMT
content-encoding: br
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-version-id: 29pc3AUh0bYsATU_BtrVAntNtdhOvJMQ
last-modified: Tue, 20 Dec 2022 15:42:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 2701
etag: W/"6db08a97ce29347abd186ab16233d6a0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: 21-McY9h_RDPf3w1Ug9l2vqrhNDWW71DAFn00jGe3FBtzz5KYChAhA==

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/ Frame 9576 231 KB
78 KB 7ms
7ms Script
text/javascript 2600:9000:206f:3000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js
Requested by: Host: www.on3.com
URL: https://www.on3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d0bca701934ae0c62584d55895ee5a5de529d65de0c57554bc66d00d89a2baf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:45:22 GMT
content-encoding: br
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-version-id: 29pc3AUh0bYsATU_BtrVAntNtdhOvJMQ
last-modified: Tue, 20 Dec 2022 15:42:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 2701
etag: W/"6db08a97ce29347abd186ab16233d6a0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: RJlPsCAWOU50QMIuwkGhaD5oIos3OaU17uWoCqAqKSWzEZqtrTK-Yw==

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame 9CDE 0
96 B 329ms
110ms XHR
text/plain 3.226.37.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.226.37.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-37-73.compute-1.amazonaws.com
Software: nginx/1.20.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 20 Dec 2022 17:30:23 GMT
server: nginx/1.20.1
x-powered-by: Express
content-length: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9C4B 624 B
242 B 76ms
76ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNVICS_3IDlGLa6YkmyTmXilKL0E8PXMYmFZfdFmDzzr3MP4XP7i9jbVIm56p0RYGjEp4sI0VXUTuuXKImUBrDWARyJlWAAWj4FtIQlPWg0fum4pccWLj2dL0yIoZKGSngUXbn8eFqazMCt9IDfeiIB8x0vsOQNOUkqqbs0sDJjdJbOEkVw

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 17:30:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9CDE 82 KB
34 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CvXyoEtfBTM8qkIl3BZR8PMjd93EngWYyfk0UGKoR19nvwr9uEzd4yIFkYB3j8185pM5qS3op9NBuOoixXAc3xOPFIipXzUjaHv5uJX-qf6qlHxMNcCYcyRgBaStZr3sN5N1ylN4n3Sd-5RIEv1ttfsv11dOqiiHtMhlbdI07UUQuw1LE&dbm_d=AKAmf-BETAFxcKaK70We0D9uNkwj0aJW9Wqi1Xu7RqraGAei6YHTW_BThvYzbxyu7Y67pDgt5lSX3TOSPgWZFnF_gCF5Who8xAETb5dqrABF4DDrHMXtqcXKlIMG6E0161ARqKJWLzGePJam1yCfPRvBObBO31iKC6BIxq3Jjen9CkzkjciQ4nVrNgCSxmRV2Lt98qUxFSUi_8a_9V81bIYsepJBuESSm2WRKyHYQXJvM7cyO6uwIglkdgch-Dv7pV8gZGO7zsZEUTrAlN750QKG0WxpUZj2ujbI74HSqGgUXtzJAwGYle_ov_xbo4dx6hNgNb1_Ce2ProVdE9r0UB7dUj7FJgH3-PVe9dXioh10hfiPQOvzwesgnEsy-lQWkhSvzt8Z8nE3JlDT55eVOFKQleSYxqNfav5XzLSu9HiI7Q5SbsYIdIpKdWz6QJQYe75Q10CzY_G3uE0WJiE4TNp8laM4K3FglpDDaXLrdRZ7nhsKQpQTr2vUPF2MdTUnRsicbVO4dXCWbN3XeNpBFhHSb0WbtiY11cqywS0WFQrs2B86cQhqayj_kS06tl-9mMKibZuEpPXPaP8njvgCQAorVOKS5_bhGqxV0RqwVVrcIH34yub4L2KLNCYSh6nrMEwkZMqr3SONUYXhmebYrMxgh2v924l7jp_lQPcwYRDc-Nd30lxHiPW2YhKCxmaMu8jzE06ZLk99mvpcRvidNxKJTDdOCfRJ8ISjSIBr3qdGi5-MIXK4iG4fH9FD3LdAMj1FfjIS8wzplb9bZHaEsCDqz2-Uu3hqrDXXULdVnY2Y7rQnuh_TOM5DAmQhPoMPsvBvSoLm7YM38sg1IYbhQucvOw2mX6fgM7SWqJuXdCvh0_IaxIlk2EmR7hRBNMp15MfF7uKGbiQVVDzMblSaPR1-lWkoH9_blujV2nn4Xrq5dR3hJtLQKwZnXkw3jbttHcXhu5AYaxKDLtwntZcu-vNikbpu0u67AILenJ9AR4jBLt6g-elc4UKf5ff0SXCrvckG3u07SFE7XnXrxtEOhE1Q4abrrTHLWpM42a9dvc7gG_jIg9HJtf00emOqO2EWoL_VmeQGJZllSM_AIM1Ia1obw457A1WsGQMhMq7gmFDdxG1hCNaZsUshamLwkL9oEgSysiIS6d8N1CH3Wl1gtYfoDiYRVUWCWad0Uw42fZJQtYl0bfHNVAXNW5VlptDhud3Q2Q2ftBJ-9GS9V52uVFUt1mgnRxVGzLQBMrBGbxwi4TlyPoRMciNfGTgv_4yAZeF3n46vp5XPhbm3GrAvGHW71JgVQN4T7WN-GQym_PUA9RoDVGAn0ggPPoNkTYofvIV47LgFpqwQBi8aNJf14ud5J3h39NS-l3xldLrFNM9SK0KnMcGTuqLRSFjhjiU_ag_NOvygs0GCDd7ze6JUNdOWY5HkedpZijqqfzxNrz1B1ZYLH00nfknuiP7XG7sQJtELnoV9fccrOtNd_cD7ztWQXPmks4qJV-aL_zmhj5697EwmU2BtiWcdh70a04wMpsbfQQWiKdJG1n2TaahQGSg3YF6562QwHnqS9xN0Ueo9QCHpjcCrXlTaH0q7xyZMuXJNQsQLoCwu3hscLKX5KrINP4PhAZ-yNim-TmiSUWm_hcrsX044WUUWVvv7ilLa9s3w2U2vG0AMt4bsQnoT5Fpg8G7A59bQt8bxHwpCvEWxbS5hXeRHFVXDFulxsHo-GmDTzaaVhFEMLD7AKIc-qgTUKsVF5Rk83xco7NypcpnML-2rQ2mRknvJ-AOfbQ8pWsKRJgjgHE65jwUP1nvI_LQ8nNzHUw5DVbTuA9B_vYCFD8215UD7Q6vJL5BWeX8op5dpRb90_jKwzCOpYCfRR4ahmgFObxao3d7iVG69PsjffbeH9hwgGj5aUizxU5LhzchBuIxJNWzeiNaoCqtZ2oqKFD6bBuxiK0kep0Dg2qdbBUOdQkdm4HA9l3ntA9Aci_-CctKQCRVSg8-UOEAk8TJ5keldKZCALcjdTT7_8HYTA0srOGrQcXjxU611ZjuupKjsICn-B7mCBsTjqWjVav3AeIgn4DMIzUB2RFtCiZqh2Sy5vKnP15plWHJWuk3WHgT4JVcgNaK3se6JReGUSKAkJDohuPmWCwFyF1OmVxys2QxeZ7xrVTKGxFBvnzluHNCT9-JSy2MhwZaP58q9Iba_ifipmdOmHTvJDT2tAFFH-Bq4yjaV2oLsosc7GZqg8AD-Rnr7FurFK3j7ocgWaPJcFt2LLDdMD2A7uskXWuRsFxVTCam-MwPVLJCEBnJMtzAT3U9lYnSmamLGi6NTL5cFvrad7xj02Z2KKz129wZ0NSOtHLTEG1YNWl3nGlImCB2U8X9o8ZFe4vZwHTN4yVvkf1guvlSj_dDJ4G2JWrULhiWh0OTisBvIMNRc_En5IhqLz8wDZMp_nj0EQ1h7zs9DAnwQ8GbdC9AG16F3rREmzyIWGw1qzS98fdxoQQPySx0TOCrXiWUfsQkAlZBlPt_FmoBxzJrtEulwh5DQ0qWUvTwkI3Pbxni7h-A4cQeCCh8oRWdG1wWUySzN8UZD1Ct-83J_bxT2eB2ko3LKliMPiKrya7O5hNG4_Ae-jJ7rriq4OD8MDp4bpr4WNiASM49isrFHMkDXbTAkuUFWKdYCv4gfqGDWNrZvyp2XqBqFA9J0hEjG5ClMQEIu_hGdhowS0IXX0MK8_KoytSp5PoD-9cdnWXIDtb8tWV5mtL7M1mxEsvKIWmqX5iUyaUt_aK39OLPOTgtfr7teIc-sHRrtRzSdxayAajw84EqHQvHrBVTkpElQz1t-UoscnhVCjr6_QDA2IyHlvHCZDG87hA1tFNjIq_lqyVnKyEoh0vtjEkyx66ZwHS5am88I-1-vHe3L3KO9Jz0Q1rxg1_n0vYPrE0VtKA3t0Z3OBv2OV_AJadSWVnISl6UO27nN7rqqyxDmrzhTeYblb4cUt2d2bQbatOiQneckBqbx76Y9Sf6fduDFOZOMXNZP9CyVkCurHephdd0BrYv6h88zJPq0ROE-HzvoZ7BIEF5dH1o_hh9JCxNvbuwOAgPV_OHnX-1uF7w62U4XfLn3YtkNJoDYQQujIr8oEE_16-5vZieq7Bysyan-oCVEdMkroLco9nUQS6SejZguaeUVHU1ryxJK39VJFXwqE2aP3-pFHyZqprauOikCJ7_kZYod&cid=CAQSOwDq26N9_SUJDo_kUZEQKUKkpg0n9nqhPUKvCxoJu9SiqxcQTL-0b7h8NSDzat9ZFeKZ6lWIbhDzzCwrGAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.on3.com%242%2Chttps%253A%252F%252Fb76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-40%252Fhtml%252Fcontainer.html%240

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13ad3a5b6e7911d28d57bc0ea2ca54dac6a5f90e64ada064e9d5e50a68044040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34794
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9CDE 3 KB
1 KB 173ms
65ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:05:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5070
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Jan 2023 16:05:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9CDE 18 KB
8 KB 147ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 10:07:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Jan 2023 10:07:32 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9CDE 0
0 46ms
45ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTH4ujqsjvu1vuuffDf2lGzxOHTijtwKxSZJd8ivJEC3vysYLD0hDBeriDZ086seMbVIpbzlx0yBqdAt_lvP6-SK0XDcg
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9CDE 153 KB
47 KB 175ms
68ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Dec 2022 17:30:23 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CDE 42 B
173 B 179ms
72ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CWL_zqlvrjVGsf7uYP3iGGsW3er2orAcRVEJ35hfBd-tUUNyohjYh2Ce4KcDIPKQ1sglJ7scphis5dktlqQWNntEfaOYejApZ8DKbExVgvcgyB6wE

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame 9576 0
95 B 324ms
124ms XHR
text/plain 3.226.37.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.226.37.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-37-73.compute-1.amazonaws.com
Software: nginx/1.20.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 20 Dec 2022 17:30:23 GMT
server: nginx/1.20.1
x-powered-by: Express
content-length: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CA75 640 B
262 B 75ms
75ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpMGavQEwAQ&v=APEucNVQ29_2ybLPWKs5Utn0EhEpi6AkjEPkV97uQGC7cBw6CCHHSYdC-au5S0YqlZb2jdtGn9YeQDtRPqxYVIVc7mnniOQqmKeAL2OUdNfwYi5QCHoI99aFqXSS746KRSTkBKNlLCvTJK4boTS8XtU0wY84MjMDI4dpneTLkRAu3Lw2ZxOrgu8

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 17:30:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9576 86 KB
35 KB 106ms
105ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DAEW6DzLiW7e9Rspk7isWGLT9c4PWpZE710nMYZVzujgcUz3OzC2jXBSAN_9N6yK6QWto0-a5SRIjq-nit_-_o1Hi6M8AOeG5zZBulFXd3EKiDQyxUNxbxGrejfwyrzz59nEpegQn8BIYKbBe-ahN_FcVmJxv1XdC_lmW1VaDcaYHetc0&dbm_d=AKAmf-C-SlZtUW-brQUry9LkWM5f7VrFV_Kujk9qqtctzxJodZKwbkNBKBtGih8SvzU-h1Z90tBAT1yv5IZ5SrdOuKITkSzDO5iN4LxyZb4EPvxTCuuDA75fuzTmI55IoPh9Vh-9_aT0h1tJeUEv5Tud0Ct5NzKLQvxFsfYVbnxH_P21I4nChTrItSJgQb5jrkGQeGQsGTCJS5-s0-A923TPFfMNBYh8E8L27riLsUlFs-Ms4SwuStO6PXda3n22z6crVMqYOj38KN0EaZLHcKUf04XAJDn6YlVTwK9t8qanGccUAz0HqrfjMN2HW5qBu_O1DKVuaci2jWtz0-m0DxHrCGXpmd4lEFA3_-T8TqbCLydr608O0yHziN_PE91CGV2QOeBIOI5XG23HGVRafnKM7wc0g6PzT5gl3u9HPRiAIaBtX6bV1Dfp2NpvaVi1Hy0OjICAaDbH1SFoY684mTiVyTk2FNghW2p96nCcA4sY8QscKR3JYAEBfTxhljHIbfFu_3yWMouMPFaoR_FfxWMZellpkr7k3QZ6h7YP6FBOnJ0UO-WFJwQm4CZswoq7uyD1Lqk5GLVPt8hFBZmftv3bGWSY8UBU7d6vgsEK4FiVRYUXLkaYxmdgtUsnqkJZjEyXU3yDq7hS75oEBSdKtk2Xy8M9KboYeIrYiZp6P6tg9V5BHBf0VxsN2UwfThtZc4f2QzfrgT1aIGqgpgj2MvTh8NVUD3gXfXSG5F4y8ThirJRoG2AW2zYQyl9LR81YdpWZFZ75GD6RtITM16_ny_7NsXJotPZWynY30XnEt1EbahroFo9ZS_ODP5ucWNmJ-xQCayTTiZPgfld07VL8Nd2TtcTpAuVYiDJK-Qwe2T4GWjMrfwLz20OGnU7tQaezqigzVmrAdIgAEnzWN729XC54tTD9R-CVCHnxuVZSC9gNLIzNClagST5enRtXW2mCZ0luF2DifHin4GYxQt6ZV6HZX6_LMQ_UzPRkP3AcJ4QFnBNY5CdvhlrYHvBdzCbik65iEq7hps3LqKLPN0wTIkwGarAqWPjWfujOElY7SLpI40E3qsLWqV8AVTSne9bAI32pl8IwiSRuOGGaNeJsO1BQPRKef_mb80eatE0pcGCXMAUnC2ItF7NQXZ4pcWHavPGfMHZPWTGq9qD85rRoGyIplVz2pVJ6C0M--_3_juCdZkFDGDTSq8sq1e0rHsDma5VnnTkRC2TArE3iCII0QSaOiwWwFxnUVtEf00kLIzk5f-kLXGnLPf5k4vDg9iZAqTWysKW-Diicc_r5CXQGOtzemGT-iyz_SlPQcF657azUjJ8vUY9Zvl-xSjZHE6KX2jTvfGrZ-nJfs3s77kXLdwlHX7sn4ouyGBsmDF7GcF8J4Grq1EaV-Ulm5QL9AMDgfv1XhWMYAv1rLBnYtrLngbGofXrYaGzi3TcIoNosIGpnRs4xndr8K3giwhykFZgKIRLvnCAL5tWZVskA8YUfA3lkdZxwTBxKTZwp-9zYxpzUo4sWn5TqPQ1dbvMv8hVB632rhvywCJAMlyFZN5Uz_PtxYdQV5WvsleofLy2OHfvcu6PfhgI_ENl_k6dwYiHq8MUBVzHyDF65v30AUsKBtfGIpIYSrEwz5ow3qoRGhrjJvRgwU4Q8dHhR0zpWfQpwDTFerOZnC-1G0O3t8i1LJliM5ooh44jrLnJgjR5kHBaBkhJ42_oihlL28mahcOjP5kNx5lasvPML2lmilPXlo0aRhATeliE_-i_Z-ah_wzGNXoqVVeC9JLcAjXQmd-qioROpDJnRttYPWH3GNQmHS4y63bDrnPs7n7dsE5hwUYVpscLhRU7UVJksldGCOisSmVmMKkJIYU2n0H3cJssO2_J8e52SmjxfgVs-DNzXLBpAvh2Hx12pSOYyL6Duarfs1KVJf_qYpBxaSFDh6WUKn-gJJtglpsEubDf3zgMfBkozOAJFKaifBs8H3UdYMkx97bmrH7oPXY1W5VOldoVTLTdHhpm9oenxEaEIyah70MjbOMYLmsc9bHcqN9-nX88ggYx_7XDcqPwMQCjniTINrtzbP2N8i7CLptW_AlrU3wduvb-hjXn7ks1HzKu73VvW6aB8vqQueHq5wFyyR08X0dJdyNBosoKF2mYADBBHoOyzzc8iEZOyUhuHTKyN_iQFtMD8xuHk70ebpQXXRKOQurlc-LSOmyiL-6hcYuReNwY9nUd9kHZPQoBGioUPjNGKvBpROcXtnvslg4IysmGTPGvLccwXOmiI6Q1KJI6-8qLs8XDbll8v0oCFPuTWCa1foXFdpHQ9vQVMluKx8bxryx9GAHCJd7wbvhG6KWaqnrbLtQILaDm3iLZx-T9_fQXZ5KwM-GpnkhXwAE94zuTXkiXpspha0wrSS_oQlDP8EGphYzhQjTE5ZFEuSIPvzOLl_Z006qXkeedXwFgdvbE-PmJZdQx2RqtY-o_IFOQHEf7YRlMYT1yE68g9_StNHEsGJjXPWF_cEBD5-9i-1zEqdnF9ohNiG0PKRtQ8_j5uGJfSAP6n8Llo_Cn1pLgTGySfB5GswGwwIN5I3WydXG5u8xcZ_j2xHGMa4w2Go2p6wUks29ow_Z_4bIsrPjfvtXEFlyVCnN5F1r64GNfFTKl1JRrV6zDXMBiuNaEFEe1yVII_4NBPGBLz0_NbgmM2AaPMciUJifS6e1MsrrkWVNaHFicpEPK_cQbJEX8OnpKUjHEidE-X6ngYmLazp0OjP4O5v5S0tJfQ3TG_VlGYFmD76sXvaSjXsHkG3p0HRXJsBsezIh6JBMYHLe5QZ8RW_rb2Lw6CsJPMyZ6FpX3I3GvdiYznvygsDo1N32Lbmkt3bBWBs551z3IjVnBPBrXzuOiTRs-UKCao6K1UKI8wTZChAzY1Cyg6pt7mNiK2wOiyo41DEbH8OH9qqjCXcloQpJcOyJKHy_w6pbVMCYEDj9MlVxevG79W9F60O1JmfqaajIUpPiqJ9wVVJwSy5x2L4aRysRNfMtwRbEIecbi-6YYhSSB2Rmd_KAhxcseTKW9iucMk_6eE9jNldQjVO-VfRElnCvEPNyhP9YSaMCOnVyWqFev8F0ooOq_I_jJ5IX5cGOxlZh94_yNQHg3WC9UHGoYy6blZCwKkPChj1MYjIoS-lfawteLVqwASWuprur93OpEWdzrTtMHymMFGfwsZmwDE9YIfBixQYsgVcKvVmJeRXQuxAtcs9Pg9OaGyxnjPUl9iDEFWvarOE77Ro0egNPoHXNiGhgbmvhiHSAKJ3MlOwq9qhD2n8adC0BAd3UX7ZLqY5dlTDzlEqNz0-_u4PzXU1Hux9opXHTVb&cid=CAQSOwDq26N9_SUJDo_kUZEQKUKkpg0n9nqhPUKvCxoJu9SiqxcQTL-0b7h8NSDzat9ZFeKZ6lWIbhDzzCwrGAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.on3.com%242%2Chttps%253A%252F%252Fb76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-40%252Fhtml%252Fcontainer.html%240

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

437f2f57ffc84c09bae7ad3a776ed08a6ee00621f03b381b8b54e009c7944498

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35439
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 9576 47 KB
13 KB 101ms
32ms Script
application/javascript 63.35.6.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=15481227570&pubId=1&placementId=396796068&adsafe_par&bundleId=&dealId=&bidurl=https://www.on3.com/
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.6.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-6-234.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 399de571b154d75643405349ce24b4e2493beb86c9eb1ee56e3ced0d59714ef6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9576 3 KB
1 KB 166ms
69ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:05:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5070
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Jan 2023 16:05:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9576 18 KB
7 KB 141ms
44ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 10:07:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Jan 2023 10:07:32 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9576 0
0 47ms
45ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTipMSPZbnM8PmEx2v1LVHSW3j2NpuuWX3evNDJS8fS23IXzeWD7W4-Hi29d7l9qhoJvMZpwuDWQ6qEwTfy01HHAjlQMg
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9576 153 KB
47 KB 217ms
120ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Dec 2022 17:30:23 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9576 42 B
107 B 169ms
73ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dwh5t8pQnlLjr0132BdXLeRifsgrKLpJDuxzQgtOj6hqeDZClXwiahRZ7DdwVmm5t4FbYuPtE-_7rPWwaUiHIRa7x6HGf53wddXn_owLoa0WrZ9Rk

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9C4B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELZPmh9CAggDCL_t3RBKug8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELZPmh9CAggDCL_t3RBKug8&google_cver=1&C=1

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELZPmh9CAggDCL_t3RBKug8&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNVICS_3IDlGLa6YkmyTmXilKL0E8PXMYmFZfdFmDzzr3MP4XP7i9jbVIm56p0RYGjEp4sI0VXUTuuXKImUBrDWARyJlWAAWj4FtIQlPWg0fum4pccWLj2dL0yIoZKGSngUXbn8eFqazMCt9IDfeiIB8x0vsOQNOUkqqbs0sDJjdJbOEkVw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 17:30:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 17:30:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESELZPmh9CAggDCL_t3RBKug8&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9C4B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y6HxL.sQDwbRyzcpZdW3EgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELZPmh9CAggDCL_t3RBKug8&google_cver=1&google_hm=2

43 B
766 B

9ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELZPmh9CAggDCL_t3RBKug8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNVICS_3IDlGLa6YkmyTmXilKL0E8PXMYmFZfdFmDzzr3MP4XP7i9jbVIm56p0RYGjEp4sI0VXUTuuXKImUBrDWARyJlWAAWj4FtIQlPWg0fum4pccWLj2dL0yIoZKGSngUXbn8eFqazMCt9IDfeiIB8x0vsOQNOUkqqbs0sDJjdJbOEkVw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 17:30:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELZPmh9CAggDCL_t3RBKug8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 9C4B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOhyxR2ie878fhyBehvIMTQ&google_cver=1

43 B
1 KB

24ms
24ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOhyxR2ie878fhyBehvIMTQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNVICS_3IDlGLa6YkmyTmXilKL0E8PXMYmFZfdFmDzzr3MP4XP7i9jbVIm56p0RYGjEp4sI0VXUTuuXKImUBrDWARyJlWAAWj4FtIQlPWg0fum4pccWLj2dL0yIoZKGSngUXbn8eFqazMCt9IDfeiIB8x0vsOQNOUkqqbs0sDJjdJbOEkVw

Protocol

HTTP/1.1

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 17:30:23 GMT
AN-X-Request-Uuid: 9be5af9e-d3ce-4ffb-b7ed-2af618617683
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOhyxR2ie878fhyBehvIMTQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9C4B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU4NjI5NzYwNDg5NTk0MDM2Mw%3D%3D

170 B
243 B

87ms
43ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU4NjI5NzYwNDg5NTk0MDM2Mw%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 20 Dec 2022 17:30:23 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: a66f2cfb-1fa8-47f5-9cfc-bc5718a5ba5d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU4NjI5NzYwNDg5NTk0MDM2Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame CA75
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEmpbJtRtQD6rAMvqyoXsVg&google_cver=1

43 B
61 B

75ms
41ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEmpbJtRtQD6rAMvqyoXsVg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpMGavQEwAQ&v=APEucNVQ29_2ybLPWKs5Utn0EhEpi6AkjEPkV97uQGC7cBw6CCHHSYdC-au5S0YqlZb2jdtGn9YeQDtRPqxYVIVc7mnniOQqmKeAL2OUdNfwYi5QCHoI99aFqXSS746KRSTkBKNlLCvTJK4boTS8XtU0wY84MjMDI4dpneTLkRAu3Lw2ZxOrgu8
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEmpbJtRtQD6rAMvqyoXsVg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame CA75 43 B
304 B 132ms
42ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpMGavQEwAQ&v=APEucNVQ29_2ybLPWKs5Utn0EhEpi6AkjEPkV97uQGC7cBw6CCHHSYdC-au5S0YqlZb2jdtGn9YeQDtRPqxYVIVc7mnniOQqmKeAL2OUdNfwYi5QCHoI99aFqXSS746KRSTkBKNlLCvTJK4boTS8XtU0wY84MjMDI4dpneTLkRAu3Lw2ZxOrgu8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame CA75
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESENHLvKDpUSJ31e4DTUwqA9U&google_cver=1

23 B
172 B

39ms
38ms

Image
image/gif

23.218.209.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESENHLvKDpUSJ31e4DTUwqA9U&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpMGavQEwAQ&v=APEucNVQ29_2ybLPWKs5Utn0EhEpi6AkjEPkV97uQGC7cBw6CCHHSYdC-au5S0YqlZb2jdtGn9YeQDtRPqxYVIVc7mnniOQqmKeAL2OUdNfwYi5QCHoI99aFqXSS746KRSTkBKNlLCvTJK4boTS8XtU0wY84MjMDI4dpneTLkRAu3Lw2ZxOrgu8
Protocol: H2
Server: 23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Tue, 20 Dec 2022 17:30:23 GMT
pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESENHLvKDpUSJ31e4DTUwqA9U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame CA75 23 B
172 B 85ms
43ms Image
image/gif 23.218.209.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpMGavQEwAQ&v=APEucNVQ29_2ybLPWKs5Utn0EhEpi6AkjEPkV97uQGC7cBw6CCHHSYdC-au5S0YqlZb2jdtGn9YeQDtRPqxYVIVc7mnniOQqmKeAL2OUdNfwYi5QCHoI99aFqXSS746KRSTkBKNlLCvTJK4boTS8XtU0wY84MjMDI4dpneTLkRAu3Lw2ZxOrgu8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Tue, 20 Dec 2022 17:30:23 GMT
pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 9CDE 170 KB
59 KB 150ms
39ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
Origin: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 11:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23396
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Dec 2022 11:00:27 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 9CDE 8 KB
3 KB 52ms
50ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 13:02:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Jan 2023 13:02:25 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 9CDE 30 KB
11 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 13:02:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11387
x-xss-protection: 0
server: cafe
etag: 8197878782792770439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Jan 2023 13:02:25 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 9576 170 KB
59 KB 167ms
84ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
Origin: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 11:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23396
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Dec 2022 11:00:27 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 9576 8 KB
3 KB 68ms
66ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 13:02:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Jan 2023 13:02:25 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 9576 30 KB
11 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 13:02:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11387
x-xss-protection: 0
server: cafe
etag: 8197878782792770439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Jan 2023 13:02:25 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9CDE 41 KB
15 KB 121ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 13:31:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187123
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Dec 2023 13:31:40 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7A43 1 KB
643 B 119ms
40ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13503
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 13:45:20 GMT
etag: 48472445140208031
expires: Wed, 21 Dec 2022 13:45:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9576 41 KB
15 KB 85ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 13:31:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187123
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Dec 2023 13:31:40 GMT

GET
H2 200 main.19.8.377.js Show response
static.adsafeprotected.com/ Frame 9576 199 KB
62 KB 33ms
9ms Script
application/javascript 2600:9000:214f:9400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.377.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:9400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:56:39 GMT
x-amz-version-id: dX.ebh6MRkbxhfqjxJgTQokuZG2AvCpL
content-encoding: gzip
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 668025
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 12 Dec 2022 16:54:47 GMT
server: AmazonS3
etag: W/"6021cd2c4605b3ba4a8f0769ad2e5fc0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: MRbQY4L7Zc-hz6gdGkZchdl9m06eYgvkIjyvOi85whSTtwWe3whjsw==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4D02 1 KB
643 B 79ms
39ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13503
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 13:45:20 GMT
etag: 48472445140208031
expires: Wed, 21 Dec 2022 13:45:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9576 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f49890252ccc53de4f9e0beff96beb04282de8b3cda1a6a22e121a9662e9272

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame D533 91 KB
23 KB 12ms
11ms Script
application/javascript 2600:9000:214f:9400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:9400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 7782847
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: zmfw29bTwjuozZLFbx6glXCkftTk9gcY5r1QaalhakQzCxYBfK7TWw==

GET
H2 200 mon
pixel.adsafeprotected.com/ Frame 9576 43 B
216 B 37ms
37ms Image
image/gif 63.35.6.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=925113&advId=818595827&campId=15481227570&pubId=1&placementId=396796068&adsafe_par&bundleId=&dealId=&bidurl=https://www.on3.com/&adsafe_url=https%3A%2F%2Fwww.on3.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fb76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fb76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:1cef3054-b94d-a0ed-1274-0379ab967919,c:xmjYp9,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-5bd77c4f97-zflnb,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:77,mot:0,app:0,maw:0,fm:tqzWB9F+11%7C12%7C13%7C14%7C15%7C16*.925113%7C161%7C162%7C171%7C172,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:100,oid:fbba6753-808b-11ed-a5fd-f62622c07689,v:19.8.377,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.6.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-6-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
server: nginx
x-server-name: app03.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9576 43 B
215 B 314ms
101ms Image
image/gif 2600:1f18:1aca:4281:c606:3396:5467:8f67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=1cef3054-b94d-a0ed-1274-0379ab967919&tv=%7Bc:xmjYpN,pingTime:-3,time:140,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:99%7D,%7Bpiv:0,vs:o,r:l,t:139%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:141,n:139,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:99,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~300.250%5D%7D%7D,%7Bsl:o,t:139,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tqzWB9F+11%7C12%7C13%7C14%7C15%7C16*.925113%7C161%7C162%7C171%7C172,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:101%7D&br=c
Requested by: Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:c606:3396:5467:8f67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9576 43 B
216 B 310ms
100ms Image
image/gif 2600:1f18:1aca:4281:c606:3396:5467:8f67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=1cef3054-b94d-a0ed-1274-0379ab967919&tv=%7Bc:xmjYpT,pingTime:-6,time:146,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:146,n:139,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:99,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~300.250%5D%7D%7D,%7Bsl:o,t:139,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B6~0%5D,as:%5B6~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tqzWB9F+11%7C12%7C13%7C14%7C15%7C16*.925113%7C161%7C162%7C171%7C172,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:101%7D&tpiLookup=ao:www.on3.com*&br=c
Requested by: Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:c606:3396:5467:8f67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9576 43 B
215 B 300ms
101ms Image
image/gif 2600:1f18:1aca:4281:c606:3396:5467:8f67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=1cef3054-b94d-a0ed-1274-0379ab967919&tv=%7Bc:xmjYq6,pingTime:-2,time:159,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:496,beZ:498,mfA:573,cmA:575,inA:575,inZ:578,prA:579,prZ:587,si:597,poA:597,poZ:615,cmZ:615,mfZ:615,loA:642,loZ:645,ltA:655,ltZ:655,mdA:498,mdZ:539%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:99%7D,%7Bpiv:0,vs:o,r:l,t:139%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:159,n:139,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:99,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~300.250%5D%7D%7D,%7Bsl:o,t:139,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B19~0%5D,as:%5B19~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tqzWB9F+11%7C12%7C13%7C14%7C15%7C16*.925113%7C161%7C162%7C171%7C172,idMap:16*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:101,sinceFw:58,readyFired:true%7D&br=c
Requested by: Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:c606:3396:5467:8f67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
server: nginx
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FE82 22 KB
8 KB 38ms
38ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 209518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 07:18:25 GMT
expires: Mon, 18 Dec 2023 07:18:25 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4D02
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAqkIRSXfSQjYGH4VuVVaWs&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAqkIRSXfSQjYGH4VuVVaWs&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QTBQQXhUZEIxUDdHckI1&google_gid=CAESEAqkIRSXfSQjYGH4VuVVaWs&google_cver=1&google_push=AavPq0MxmQjVQbxFQPvPFVmUDRSzlG6Pzfi3_P2DcGmh5Uv...

170 B
188 B

46ms
46ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QTBQQXhUZEIxUDdHckI1&google_gid=CAESEAqkIRSXfSQjYGH4VuVVaWs&google_cver=1&google_push=AavPq0MxmQjVQbxFQPvPFVmUDRSzlG6Pzfi3_P2DcGmh5Uv9O4YsHVf8S6A1h6etF99rbmUNpKUVZIzx_b-9hzvDkSvBq-le0BLudRw

Requested by

Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 17:30:23 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-050264eaa58f9e669@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QTBQQXhUZEIxUDdHckI1&google_gid=CAESEAqkIRSXfSQjYGH4VuVVaWs&google_cver=1&google_push=AavPq0MxmQjVQbxFQPvPFVmUDRSzlG6Pzfi3_P2DcGmh5Uv9O4YsHVf8S6A1h6etF99rbmUNpKUVZIzx_b-9hzvDkSvBq-le0BLudRw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4D02
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH_zIR4SOIvegQGign02cSs&google_push=AavPq0Mf0dA8SAv2gdCj5aUAThm9X72ZEfm33tFG4z2H-rGDg7Ffac_7O4...

170 B
188 B

42ms
42ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH_zIR4SOIvegQGign02cSs&google_push=AavPq0Mf0dA8SAv2gdCj5aUAThm9X72ZEfm33tFG4z2H-rGDg7Ffac_7O4McMOM_RIQwkiS2EhCDjYU9liMunnBASuwqm6iNbQTMH9U2

Requested by

Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220078-HHN
pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1671557423.384911,VS0,VE92
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH_zIR4SOIvegQGign02cSs&google_push=AavPq0Mf0dA8SAv2gdCj5aUAThm9X72ZEfm33tFG4z2H-rGDg7Ffac_7O4McMOM_RIQwkiS2EhCDjYU9liMunnBASuwqm6iNbQTMH9U2
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4D02
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIGTzz2tb-fqT1xXGq6s3EA&google_cver=1&google_push=AavPq0OZrLjglxu2UHeRraCL9mYYu_Qf_Q3GFfSrdkOa01RkuQf555HV1mZpttdaraucdtBwyZvWdGwINDRXP-...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3OTI4NDQ2NTE4NzAyNzA4OA%3D%3D&google_push=AavPq0OZrLjglxu2UHeRraCL9mYYu_Qf_Q3GFfSrdkOa01RkuQf555HV1mZpttdaraucdtBwyZvWdGwINDRXP-eRvk...

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3OTI4NDQ2NTE4NzAyNzA4OA%3D%3D&google_push=AavPq0OZrLjglxu2UHeRraCL9mYYu_Qf_Q3GFfSrdkOa01RkuQf555HV1mZpttdaraucdtBwyZvWdGwINDRXP-eRvk8LpAfc3vCueL7J

Requested by

Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3OTI4NDQ2NTE4NzAyNzA4OA%3D%3D&google_push=AavPq0OZrLjglxu2UHeRraCL9mYYu_Qf_Q3GFfSrdkOa01RkuQf555HV1mZpttdaraucdtBwyZvWdGwINDRXP-eRvk8LpAfc3vCueL7J
Date: Tue, 20 Dec 2022 17:30:23 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame 4D02
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIAEXb3lI9WCx4MHZ1vq2V0&google_cver=1&google_push=AavPq0N7xWbGn5NhWs1Wv_BiPkmkugBvoWFOVu8nZhz4imxX04-2QCtib4kwnWjn6nUcR8BAh-jGQChR60v91KaX2CF7...
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=a6ff5d79-eb25-4920-bc98-aac586747f9d&ssp=google&gdpr=&gdpr_consent=

43 B
356 B

114ms
41ms

Image
image/gif

34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=a6ff5d79-eb25-4920-bc98-aac586747f9d&ssp=google&gdpr=&gdpr_consent=
Requested by: Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=a6ff5d79-eb25-4920-bc98-aac586747f9d&ssp=google&gdpr=&gdpr_consent=
date: Tue, 20 Dec 2022 17:30:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4D02
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ0QwOFjQf8M4l5xgQ5eMtg&google_cver=1&google_push=AavPq0MaYZ0MohHuRt40oAEvEo4xQ88gu6hq0F2OUfexmtyRudAjfzWDbwWfZMyRPGCi0gxxOgu...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJXSTRQMTEtTS1IMUxJ&google_push=AavPq0MaYZ0MohHuRt40oAEvEo4xQ88gu6hq0F2OUfexmtyRudAjfzWDbwWfZMyRPGCi0gxxOguKgyA7XvJJsgICbgEJK2q5ipuVZaxS

170 B
188 B

43ms
43ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJXSTRQMTEtTS1IMUxJ&google_push=AavPq0MaYZ0MohHuRt40oAEvEo4xQ88gu6hq0F2OUfexmtyRudAjfzWDbwWfZMyRPGCi0gxxOguKgyA7XvJJsgICbgEJK2q5ipuVZaxS

Requested by

Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJXSTRQMTEtTS1IMUxJ&google_push=AavPq0MaYZ0MohHuRt40oAEvEo4xQ88gu6hq0F2OUfexmtyRudAjfzWDbwWfZMyRPGCi0gxxOguKgyA7XvJJsgICbgEJK2q5ipuVZaxS
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4D02
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESED_NZcjrucpDnnxi96sGOHE&google_cver=1&google_push=AavPq0O-juwPKpJ8Eph_aOt4OySrNpXGVPNPpA-D1jBfn_D6rpQ9oeN1k23hyTpJzck_3sR3OkCFsa_BNKyo...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0O-juwPKpJ8Eph_aOt4OySrNpXGVPNPpA-D1jBfn_D6rpQ9oeN1k23hyTpJzck_3sR3OkCFsa_BNKyo3-OYeAZ6yX5kQJWKMjFu

170 B
188 B

42ms
42ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0O-juwPKpJ8Eph_aOt4OySrNpXGVPNPpA-D1jBfn_D6rpQ9oeN1k23hyTpJzck_3sR3OkCFsa_BNKyo3-OYeAZ6yX5kQJWKMjFu

Requested by

Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0O-juwPKpJ8Eph_aOt4OySrNpXGVPNPpA-D1jBfn_D6rpQ9oeN1k23hyTpJzck_3sR3OkCFsa_BNKyo3-OYeAZ6yX5kQJWKMjFu
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4D02
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJbdNZOgT...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=a6ff5d79-eb25-4920-bc98-aac586747f9d&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

43ms
41ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=a6ff5d79-eb25-4920-bc98-aac586747f9d&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=a6ff5d79-eb25-4920-bc98-aac586747f9d&%%GOOGLE_PUSH_PAIR%%
date: Tue, 20 Dec 2022 17:30:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4D02 0
12 B 40ms
39ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L6egvvItSvoBBUF9_tG6107UzEqNRXSRSpxBvaP3DoyUyZwIsOKRqmz-3idYUz_-Rb-mswfw

Requested by

Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A43
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH_zIR4SOIvegQGign02cSs&google_push=AavPq0Nhs44rlJN6jLKR40E83_M1lLYNb82mMSM6VCnVuU2SaiuYxArxjQ...

170 B
188 B

43ms
43ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH_zIR4SOIvegQGign02cSs&google_push=AavPq0Nhs44rlJN6jLKR40E83_M1lLYNb82mMSM6VCnVuU2SaiuYxArxjQXH8nVEdBLmPA6jJLJJrxlWOgRQ-gMDCKt-OrUBrajb

Requested by

Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220078-HHN
pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1671557423.385084,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH_zIR4SOIvegQGign02cSs&google_push=AavPq0Nhs44rlJN6jLKR40E83_M1lLYNb82mMSM6VCnVuU2SaiuYxArxjQXH8nVEdBLmPA6jJLJJrxlWOgRQ-gMDCKt-OrUBrajb
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A43
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIAEXb3lI9WCx4MHZ1vq2V0&google_cver=1&google_push=AavPq0PM_NtxHaEspC44am4SloZxKxPyW5-f_sm0NTUxk7QU6PqGjgibqrg1iRvy14VeNeGHkv6eWlpCgH33J2mu0IP8...
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://x.bidswitch.net/sync?dsp_id=59&user_id=c8052266-862a-4cb9-a03b-67fb90657cf2&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PM_NtxHaEspC44am4SloZxKxPyW5-f_sm0NTUxk7QU6PqGjgibqrg1iRvy14VeNeGHkv6eWlpCgH33J2mu0IP8WmiOw2BN&google_hm=pv9deeslSSC8mKrFhnR_nQ==

170 B
188 B

43ms
43ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PM_NtxHaEspC44am4SloZxKxPyW5-f_sm0NTUxk7QU6PqGjgibqrg1iRvy14VeNeGHkv6eWlpCgH33J2mu0IP8WmiOw2BN&google_hm=pv9deeslSSC8mKrFhnR_nQ==

Requested by

Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PM_NtxHaEspC44am4SloZxKxPyW5-f_sm0NTUxk7QU6PqGjgibqrg1iRvy14VeNeGHkv6eWlpCgH33J2mu0IP8WmiOw2BN&google_hm=pv9deeslSSC8mKrFhnR_nQ==
date: Tue, 20 Dec 2022 17:30:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 7A43 43 B
350 B 57ms
21ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEG0JkpukjPYPQiILdRhidbc&google_cver=1&google_push=AavPq0Ns644iLBCLZWMGz7q0AvTEa0Dd0f7Efjb-6U2Pq_tnSKjzeG9b5bYKTzPs3se-wqa4WEGAkfDgS_PxM0zEHe7MH5yzZQ3G
Requested by: Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: pucoljkbi241fh65utgoabe0vspoili9

GET
H2 200 trk
ag.innovid.com/ Frame 7A43 43 B
296 B 219ms
22ms Image
image/gif 2a05:d01c:1d8:8101:bfc1:341:b1d9:ff76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESELCv1ljyzCAr5MbuWMAH0_I&google_cver=1&google_push=AavPq0PZl99ee07PKUC6HV0SNhSI83_45bjIp9DDF1NEToG9TdzkQKVwd76_kUuYdK4XjDtFn006sjMpe3RhoEgx9iy1ign8aB7Qkw
Requested by: Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:bfc1:341:b1d9:ff76 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A43
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEON0zxlVGdnkpRaVM53xq1I&google_cver=1&google_push=AavPq0MxWzLc-27hvg0Q4fwDmivPcRyveHjpUwmo0n0Gg2zdqFCepFlhQe6jed-5zK5eLJqD1rN8JgI2_DY4sSxr...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0MxWzLc-27hvg0Q4fwDmivPcRyveHjpUwmo0n0Gg2zdqFCepFlhQe6jed-5zK5eLJqD1rN8JgI2_DY4sSxr6QqtBmdaNZgE

170 B
188 B

46ms
46ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0MxWzLc-27hvg0Q4fwDmivPcRyveHjpUwmo0n0Gg2zdqFCepFlhQe6jed-5zK5eLJqD1rN8JgI2_DY4sSxr6QqtBmdaNZgE

Requested by

Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 20 Dec 2022 17:30:23 GMT
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0MxWzLc-27hvg0Q4fwDmivPcRyveHjpUwmo0n0Gg2zdqFCepFlhQe6jed-5zK5eLJqD1rN8JgI2_DY4sSxr6QqtBmdaNZgE
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 4HKoT1pjFQOxFruHqhNqcGaOVRauHXjHpfvN1tj6pXYp3wnalC1g6Q==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A43
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESED_NZcjrucpDnnxi96sGOHE&google_cver=1&google_push=AavPq0MFMN_lb67wH6i2FmF0UKAW-PUm4aDnlj7MQ0MmUpKM7iJBKUl3n9i9_KKoOxGG4GZkYaWEwS408VRA...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MFMN_lb67wH6i2FmF0UKAW-PUm4aDnlj7MQ0MmUpKM7iJBKUl3n9i9_KKoOxGG4GZkYaWEwS408VRA6GLakBVVklVm7OcuGg

170 B
188 B

43ms
43ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MFMN_lb67wH6i2FmF0UKAW-PUm4aDnlj7MQ0MmUpKM7iJBKUl3n9i9_KKoOxGG4GZkYaWEwS408VRA6GLakBVVklVm7OcuGg

Requested by

Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MFMN_lb67wH6i2FmF0UKAW-PUm4aDnlj7MQ0MmUpKM7iJBKUl3n9i9_KKoOxGG4GZkYaWEwS408VRA6GLakBVVklVm7OcuGg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A43
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJvIT0r42BX_z1GwRJiFivM&google_cver=1&google_push=AavPq0Njf9GCe7YLSGdduTFgDvbVDBjHWEJVV_ij-L0E4Ii6FmLUd59A7sMhEYbyvFwtk2ky1Wnr9YP3-mQpUzj3s9RrAL7VOg...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0Njf9GCe7YLSGdduTFgDvbVDBjHWEJVV_ij-L0E4Ii6FmLUd59A7sMhEYbyvFwtk2ky1Wnr9YP3-mQpUzj3s9RrAL7VOgy...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDA4NDIwNTI4NzAzNTEzNDY0MDE2Mg%3D%3D&google_push=AavPq0Njf9GCe7YLSGdduTFgDvbVDBjHWEJVV_ij-L0E4Ii6FmLUd59A...

170 B
188 B

42ms
42ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDA4NDIwNTI4NzAzNTEzNDY0MDE2Mg%3D%3D&google_push=AavPq0Njf9GCe7YLSGdduTFgDvbVDBjHWEJVV_ij-L0E4Ii6FmLUd59A7sMhEYbyvFwtk2ky1Wnr9YP3-mQpUzj3s9RrAL7VOgyTbw

Requested by

Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDA4NDIwNTI4NzAzNTEzNDY0MDE2Mg%3D%3D&google_push=AavPq0Njf9GCe7YLSGdduTFgDvbVDBjHWEJVV_ij-L0E4Ii6FmLUd59A7sMhEYbyvFwtk2ky1Wnr9YP3-mQpUzj3s9RrAL7VOgyTbw
date: Tue, 20 Dec 2022 17:30:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7A43 0
12 B 41ms
40ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LYqQtVg_hoxBd4peeeIY95N-YAjwloLy5dh_Nu1DQiqjQPcVmWPIPceEbxYu0AjKYxKh54

Requested by

Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AAC8 22 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 209518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 07:18:25 GMT
expires: Mon, 18 Dec 2023 07:18:25 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9576 43 B
215 B 280ms
101ms Image
image/gif 2600:1f18:1aca:4281:c606:3396:5467:8f67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=1cef3054-b94d-a0ed-1274-0379ab967919&tv=%7Bc:xmjYqr,pingTime:0,time:180,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:99%7D,%7Bpiv:0,vs:o,r:l,t:139%7D,%7Bpiv:100,vs:i,r:,t:180%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:180,n:139,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:99,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~300.250%5D%7D%7D,%7Bsl:o,t:139,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B40~0%5D,as:%5B40~300.250%5D%7D%7D,%7Bsl:i,t:180,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:tqzWB9F+11%7C12%7C13%7C14%7C15%7C16*.925113%7C161%7C162%7C171%7C172,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:101%7D&br=c
Requested by: Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:c606:3396:5467:8f67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/ Frame 2F4F 115 KB
25 KB 124ms
46ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/index.html?e=69&leftOffset=0&topOffset=0&c=GBtDUtRgGv&t=1&renderingType=2&ev=01_247

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7733207cffdf30a54d5243350f4d55e696721a83a3022df349ce7ee17cbd3c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 25735
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 17:30:23 GMT
expires: Wed, 21 Dec 2022 17:30:23 GMT
last-modified: Tue, 14 Jun 2022 11:41:28 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9CDE 0
0 183ms
83ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuBLbxCuXLyRhsFRgGbP-NiMbDtAeQ_J-e_RS3bB6O8haaN3L0h4oyF0qCO9QQwrMU9I-2OmrV6bxUQ2rofUyAZzPU87lz3lxAWGO7NEmRtOe3_7t93BSHY1tmkaMVR7-u4fQgUEjOg3FVb_du0LHBDQc9fmCjtW0WUW53qxWlSPdsPsmvbmVOYxHJxqA28EcSK2QL13MzM6ejsGVDN7JsgbQNqYIYeP-1TybQN-BBScyMJdjyC_F_elWDVR9-tP1JFhv6vG7gEegtuwLeKc7tS7aJZVbYozfBZCuYJFG55V2goeRYLvDcUFMwL3rE9tQJuwqFU2Iti5tQQJUG7sN5ZqeLws1W6x4FwkZlAVARRTrAjty3JF2jIqfJiC76xaY17VZGB7gImfJGv7G9zM1kWRCJ7bxNdum_disrzFxwFU9hIzYvUxuF6r75cTplqzAKnOocgx6po8ODVt-ch1pA5ffyAV3uFKt83znJ2HigyoHiRN5M2qOemPwOY3UMgtKf69AIL1V0O1wacL5YXcSOMl0m4sBf43x4L1hJnwKl1puTO5Ai3YO_1BYTsYgqk8iQ8Jw34VSUwaLEv3Wboa7uCAwaCT5Jk2PgHOHC4pyPfabnPt4uJT3NIYgQL8HhVsNuBRLZP_9h0Jd26eQIConPpBPJnjLqp8TX-pFZA1pIKIJqZ7X8Hk-SP_RlJLPIM--b4lNH-KMX1HhS6gd4Ql2IsTz-dpkIQNh1ww86dX-PS0R3M5VwkpnD_oW6AKLsh_ZJcfFg0g2h6oRZLr8yF4-dLdOlRFbZ_Jh_RtOMilMbrCR4tW2lSp6qgOgEn7lpHIOyAZwtvbmbFrGK-lXOto3i1buhzPQusm8FM6s-X7_E1lnKsg3LZogbxIwweDsTGzBx-k3YE3dnaQBxfdzFrno0VllBp6fWW6BKSsoG8euP4KFFWOLAcIsKhxoeF2BdLn6yCBhMH0ZlaF2K6WftxY8s9jLHe2bKl_iiayxxpLzzj_CbqHeRgbhaY-uB7ABB9zaPv9bZxhc1NHLp4GSotdmeOqdKtG2ymrq9kOOagZBrthAzGYlmks_g7IGIJzPNnynYI8_8DEbYJgiGPlVnr1IOeEK6gpbtFVYqqP2S7G2zorBqmPcX_hn8jh677y0hbj8nzLKsh4D-mUVoIUlRifPSlQF9D0Pgij7v-TEsePlY5h2gKo9M4O0i1wOuaNQL_wzBp2Z8ELlC_mqpPY2oH-4pO4sKy7MvblBgDvB4V7eZXCm4&sai=AMfl-YSbP7ITPerPeJcdG_SsN_NDmw8JNw-1cIkEHWV5aG1zH92Mvg87K5dmddTl6Yf_Hty2_fSFvUVwboDefKujJKoRh2bYln9n2N-JZ3DjstnDkfeAQlPMYXlhc4ZlETCInW7rFikt0oZx6saeVAzyjfHl7wNZaIzt6RMfiinfp4D04SrksVZ9JGmgcpyyEFkx3ugljbxXQVAKNxBPNjnJYWIKsgjCBHCCmDg_GeBF_k9QuX-Ur38vvP5l-n-QkxvqPeQqhz-gbxE&sig=Cg0ArKJSzG50Z78f_7D6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=293&cbvp=1&cstd=287&cisv=r20221207.37611&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 20 Dec 2022 17:30:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 20 Dec 2022 17:30:23 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/18371140143323373724/ Frame 6C49 1 KB
768 B 127ms
62ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=PPtW9lekH9&t=1&renderingType=2&ev=01_247

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40d163a81a60a4f29628f72060ad0fd3749411ea1c24d35a3c7a63d65ec356d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 740
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 17:30:23 GMT
expires: Wed, 20 Dec 2023 17:30:23 GMT
last-modified: Tue, 25 Oct 2022 17:09:20 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9576 0
0 173ms
82ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst_rk4lf3-Xwa5KIZWBroldX-wq6wIYefSOfd0xQOTJtpH4nFXYf3SW9i_6ep38o7rO6jVp9Br_ZMGIxOXoFAavF5ZyTP9IpzITjVtN8S0R5Hl9BBxXFR65e9xaI0nsW7SPw5Rmwvoe6a2MKF95qBgUstK06NTkcxojuMMhqm2D3kDigsobwu-teCY7mXPu_e2FP0DNi7WzRnW1JYS6cYGvnCXhOHJE7SLxJ5Bn3cFEMtB5R8FnEIizp-lFVIWg9vS91TZwLuNaqnOqepnxkiuo8sjOlzhEGX9J3kgo7SLKPoqDdb6nl8-t5fjBoI4649qxujOFaTUsggjEp1_z_3JkXPbujo9V8wMIXY7XH8Wk00_eo8EkKOm9Sx_aUP-FKRkwbs0Ks6tJBXgTTZnt9qGHnSBVDZoyXiQbkvG_7ziLTAqnQLZ5cLIkFH2XwfQeLEL-QGfBWmypSRfwOzKGrigytdFMS8ww0FifQ0XRbx3rKTXE6W41I_OrWSVoI_TmOhSBgRHFBMqBZzCZOh9dsXD5b9tzokvq_0QlqrWov4_qqHWt7qRWITbNT4zEvALGiAntAGFlN0-u35ntiO2JcJCUkDaIfBxY6BT6n2qHisuNAwcI5cB1NeRoMC0oh9oV2tzL_jJTPU6mIfXifnopRWvZSaO1m2qiDlU6jUMDGjr3D6DTcdF8NBdJwn4VTqvSU2zTAiRC8SK81Sr1m6MyD8JLG6BHcIJ5Jv83JRCzF9lNQt0Ig3WHtfhK0kWwPyiY8R33mwG-lzggnv765OyeR1sYTAMRSPCSfhMpV44Jd-LFhWFc6-TK1HOXFY9AXDz3EzuyqNS-4xuNfiPy3EeWT8LfvRCh5CscVUDyM_yVbz2-06J8Tk7iEeSeSBZE2jl3OqD5MzA_Fw3mT6gQf82yx_SE9xvhOXN5IRkh2ugnOAjjJi6vA4nSPh0phlOzMHb-zmTPT5kr-dMxzOtFyoFU28v5VaEklM_01ZULBhoq1tTchtRvQcpz9lZbepmzgQ7wusBSpesSef7IePQaPTDcgCeiUeSJF9Rl8MIrBWRGCrz93Q37Q34QcJpAm-XwqLRRQJBA2ypEJMW12KOmNaNebkMrK3f3YiYWojRQg2NklxdcC7pp1wpHiKCONHlNFkpk_YHeAaOU0cNOwgsPFpZ0__KFTfdItflZQpHz4yIeJDbytcsH4Vz52LNRFpgtpThnjEF4SvLzThGk7w6bYU76a44hvHDxTJVa_hfJIpjXcw&sai=AMfl-YRi2ujrjAm87QVf6xszD6z8PI3F7ZZSL_6Ft-O8dAgwPGEX3WU7Rk58AERNz2yPe3pGXWanzYH1vmDldVt2-BSYxHFCeCisdW-GwpweS_651LJ-8SKdjj5wgJPAYQjhyZ7k7sjMnKSkbqJcK9cVg1u6yaEbb9a80ERNnD4gp0nR03Tdq8tYSrN_hcA-HhY0kkAHh3ovsxVk8X1VRaHWXiiFMeLuyzfsrS0-3_gROaQ-x_QRHLK3z4Dnl-2mIXnxexNRDyEAJxc&sig=Cg0ArKJSzHYoIE0ViEGvEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=276&cbvp=1&cstd=271&cisv=r20221207.51653&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 20 Dec 2022 17:30:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 20 Dec 2022 17:30:23 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 9576 60 B
60 B 60ms
14ms Image
image/gif 85.14.248.91
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26964075&extCr=180660497&extPm=322763903&gdpr_consent=&gdpr=

Requested by

Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.14.248.91 Kamp-Lintfort, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 17:30:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Di, 20 Dez 2022 05:30:23 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1119
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame FE82 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 16:25:40 GMT

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame AAC8 36 KB
16 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 16:25:40 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 2F4F 118 KB
40 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/index.html?e=69&leftOffset=0&topOffset=0&c=GBtDUtRgGv&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/index.html?e=69&leftOffset=0&topOffset=0&c=GBtDUtRgGv&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 09:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28981
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Dec 2022 09:27:22 GMT

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6C49 113 KB
38 KB 87ms
87ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=PPtW9lekH9&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=PPtW9lekH9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Dec 2022 17:30:23 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 6C49 118 KB
40 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=PPtW9lekH9&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=PPtW9lekH9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 09:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28981
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Dec 2022 09:27:22 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9CDE 0
0 154ms
76ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuBLbxCuXLyRhsFRgGbP-NiMbDtAeQ_J-e_RS3bB6O8haaN3L0h4oyF0qCO9QQwrMU9I-2OmrV6bxUQ2rofUyAZzPU87lz3lxAWGO7NEmRtOe3_7t93BSHY1tmkaMVR7-u4fQgUEjOg3FVb_du0LHBDQc9fmCjtW0WUW53qxWlSPdsPsmvbmVOYxHJxqA28EcSK2QL13MzM6ejsGVDN7JsgbQNqYIYeP-1TybQN-BBScyMJdjyC_F_elWDVR9-tP1JFhv6vG7gEegtuwLeKc7tS7aJZVbYozfBZCuYJFG55V2goeRYLvDcUFMwL3rE9tQJuwqFU2Iti5tQQJUG7sN5ZqeLws1W6x4FwkZlAVARRTrAjty3JF2jIqfJiC76xaY17VZGB7gImfJGv7G9zM1kWRCJ7bxNdum_disrzFxwFU9hIzYvUxuF6r75cTplqzAKnOocgx6po8ODVt-ch1pA5ffyAV3uFKt83znJ2HigyoHiRN5M2qOemPwOY3UMgtKf69AIL1V0O1wacL5YXcSOMl0m4sBf43x4L1hJnwKl1puTO5Ai3YO_1BYTsYgqk8iQ8Jw34VSUwaLEv3Wboa7uCAwaCT5Jk2PgHOHC4pyPfabnPt4uJT3NIYgQL8HhVsNuBRLZP_9h0Jd26eQIConPpBPJnjLqp8TX-pFZA1pIKIJqZ7X8Hk-SP_RlJLPIM--b4lNH-KMX1HhS6gd4Ql2IsTz-dpkIQNh1ww86dX-PS0R3M5VwkpnD_oW6AKLsh_ZJcfFg0g2h6oRZLr8yF4-dLdOlRFbZ_Jh_RtOMilMbrCR4tW2lSp6qgOgEn7lpHIOyAZwtvbmbFrGK-lXOto3i1buhzPQusm8FM6s-X7_E1lnKsg3LZogbxIwweDsTGzBx-k3YE3dnaQBxfdzFrno0VllBp6fWW6BKSsoG8euP4KFFWOLAcIsKhxoeF2BdLn6yCBhMH0ZlaF2K6WftxY8s9jLHe2bKl_iiayxxpLzzj_CbqHeRgbhaY-uB7ABB9zaPv9bZxhc1NHLp4GSotdmeOqdKtG2ymrq9kOOagZBrthAzGYlmks_g7IGIJzPNnynYI8_8DEbYJgiGPlVnr1IOeEK6gpbtFVYqqP2S7G2zorBqmPcX_hn8jh677y0hbj8nzLKsh4D-mUVoIUlRifPSlQF9D0Pgij7v-TEsePlY5h2gKo9M4O0i1wOuaNQL_wzBp2Z8ELlC_mqpPY2oH-4pO4sKy7MvblBgDvB4V7eZXCm4&sai=AMfl-YSbP7ITPerPeJcdG_SsN_NDmw8JNw-1cIkEHWV5aG1zH92Mvg87K5dmddTl6Yf_Hty2_fSFvUVwboDefKujJKoRh2bYln9n2N-JZ3DjstnDkfeAQlPMYXlhc4ZlETCInW7rFikt0oZx6saeVAzyjfHl7wNZaIzt6RMfiinfp4D04SrksVZ9JGmgcpyyEFkx3ugljbxXQVAKNxBPNjnJYWIKsgjCBHCCmDg_GeBF_k9QuX-Ur38vvP5l-n-QkxvqPeQqhz-gbxE&sig=Cg0ArKJSzG50Z78f_7D6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=561&vt=11&dtpt=268&dett=3&cstd=287&cisv=r20221207.37611&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 20 Dec 2022 17:30:23 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9576 43 B
215 B 99ms
99ms Image
image/gif 2600:1f18:1aca:4281:c606:3396:5467:8f67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=1cef3054-b94d-a0ed-1274-0379ab967919&tv=%7Bc:xmjYwj,pingTime:-10,time:544,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS4xMjQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1671557423722%7C%7C26b88b5ba85b45c9034568c10d2281fd%7C%7Cff2a6b6b0b4b5b2c43e945104008d359%7C%7C9a686e839cb39ba81151fc52fcfd7b71%7C%7Cad5f4b8ba3d462e0f89feacd74f46a96%7C%7C2037f9eaa2f4477fced700eef6920fdf%7C%7C5dca320064d5b4f1eee0f027ef064005%7C%7C8f5fdde7ea556886d1d3108df8c1c047%7C%7C1663701684%7D
Requested by: Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:c606:3396:5467:8f67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
server: nginx
x-server-name: dt23.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9576 0
0 75ms
75ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst_rk4lf3-Xwa5KIZWBroldX-wq6wIYefSOfd0xQOTJtpH4nFXYf3SW9i_6ep38o7rO6jVp9Br_ZMGIxOXoFAavF5ZyTP9IpzITjVtN8S0R5Hl9BBxXFR65e9xaI0nsW7SPw5Rmwvoe6a2MKF95qBgUstK06NTkcxojuMMhqm2D3kDigsobwu-teCY7mXPu_e2FP0DNi7WzRnW1JYS6cYGvnCXhOHJE7SLxJ5Bn3cFEMtB5R8FnEIizp-lFVIWg9vS91TZwLuNaqnOqepnxkiuo8sjOlzhEGX9J3kgo7SLKPoqDdb6nl8-t5fjBoI4649qxujOFaTUsggjEp1_z_3JkXPbujo9V8wMIXY7XH8Wk00_eo8EkKOm9Sx_aUP-FKRkwbs0Ks6tJBXgTTZnt9qGHnSBVDZoyXiQbkvG_7ziLTAqnQLZ5cLIkFH2XwfQeLEL-QGfBWmypSRfwOzKGrigytdFMS8ww0FifQ0XRbx3rKTXE6W41I_OrWSVoI_TmOhSBgRHFBMqBZzCZOh9dsXD5b9tzokvq_0QlqrWov4_qqHWt7qRWITbNT4zEvALGiAntAGFlN0-u35ntiO2JcJCUkDaIfBxY6BT6n2qHisuNAwcI5cB1NeRoMC0oh9oV2tzL_jJTPU6mIfXifnopRWvZSaO1m2qiDlU6jUMDGjr3D6DTcdF8NBdJwn4VTqvSU2zTAiRC8SK81Sr1m6MyD8JLG6BHcIJ5Jv83JRCzF9lNQt0Ig3WHtfhK0kWwPyiY8R33mwG-lzggnv765OyeR1sYTAMRSPCSfhMpV44Jd-LFhWFc6-TK1HOXFY9AXDz3EzuyqNS-4xuNfiPy3EeWT8LfvRCh5CscVUDyM_yVbz2-06J8Tk7iEeSeSBZE2jl3OqD5MzA_Fw3mT6gQf82yx_SE9xvhOXN5IRkh2ugnOAjjJi6vA4nSPh0phlOzMHb-zmTPT5kr-dMxzOtFyoFU28v5VaEklM_01ZULBhoq1tTchtRvQcpz9lZbepmzgQ7wusBSpesSef7IePQaPTDcgCeiUeSJF9Rl8MIrBWRGCrz93Q37Q34QcJpAm-XwqLRRQJBA2ypEJMW12KOmNaNebkMrK3f3YiYWojRQg2NklxdcC7pp1wpHiKCONHlNFkpk_YHeAaOU0cNOwgsPFpZ0__KFTfdItflZQpHz4yIeJDbytcsH4Vz52LNRFpgtpThnjEF4SvLzThGk7w6bYU76a44hvHDxTJVa_hfJIpjXcw&sai=AMfl-YRi2ujrjAm87QVf6xszD6z8PI3F7ZZSL_6Ft-O8dAgwPGEX3WU7Rk58AERNz2yPe3pGXWanzYH1vmDldVt2-BSYxHFCeCisdW-GwpweS_651LJ-8SKdjj5wgJPAYQjhyZ7k7sjMnKSkbqJcK9cVg1u6yaEbb9a80ERNnD4gp0nR03Tdq8tYSrN_hcA-HhY0kkAHh3ovsxVk8X1VRaHWXiiFMeLuyzfsrS0-3_gROaQ-x_QRHLK3z4Dnl-2mIXnxexNRDyEAJxc&sig=Cg0ArKJSzHYoIE0ViEGvEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=616&vt=11&dtpt=340&dett=3&cstd=271&cisv=r20221207.51653&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 20 Dec 2022 17:30:23 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AAC8 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bp--pLvGhY82cPMTA9u8Pm_CXMAAAAAA4AeAEAg&bg=!4OOl46fNAAYgquz3AKo7ACkAdvg8WoDpw2Ppjyy2WqkaOuWaEfARmFetxKMD1_z6akIdyRuuMqogdAIAAAC8UgAAAANoAQeZAzBpW0-c78msC6IrBpp8hvpajxi0DA3KdLOtlQOIX1IZ4JsMdlM3vYDlXDAE7K6UQSt2pjzvGGsh5ut3bKp_GSGu7usaTq3EdZ1Kum-1losue0XeO1BEjUIDkvmANndIvxCfuYT0xWN6y2ftW63qdQpoc_Bhjsv1Hldv2xnYnHpr8U0GEN-fQzKfWEVlXZ5r1OCGoM9s7o7nyJAezYftME9wVqatKvUGTD0FsmAFnhzN_b4UwE8ASgAF7-nrXOtyGCLOYfLGOOlw0u4hOIHL8Ixn5R-oQ7yu8a7JiIJgRlSJZ2QaMHhNtcn3pcbvX8k6b2YxubYbIw7aRyzt_0XVXeHG_vC5ChYYdUe_Fp2mNV6IcFp145xvO1kGXDgV0scQIM8h87BpC8yuxDWCg3iK6WYnC69UkfsjaJ8jj6hekp7LffdHbh8y6iupT0MiiPyEQ-H5PZ2Y-Vt_D4wUb4YcWuJzERxk39JJBaY5mFKUPUDMbTy4A_uyl6U4XfSAeMPiI5EDCt5v53Z3SvLB3HL-oyPolnb6EnD_CDlFze1l-EMflDDMugCD6k8WnQ0_kJFrudUHxH-2m5MIoLUbQ5IrzOl5d4NdeqeTU1JNbvgO3KvupQ9NGiCrYfaZSVFLFskCY8K7u7GaddLMnvG2ODNtGoEbrPP3LfBRnu9sp6JrvNUgdh8lZyoGIXcjYYQKI_pKSBZrm6udOfhma6RCc0-5NFajn2LXTRZosYsj2BfmAi7Sy398LfbQmPFVvYhljCeuobjLPbHlhLx5KZRgduB1jHMzJl8oJty5LOaKLtrFNrM0CnaVg5CtF6LH_8QIxcjXE-nsO4atkfepIZMKYVdSZUk1zNW3kPKI8PhDzgmiJs61zbVH6RoIthAWx1S2LuLTGIi7KqkTBHEsZttQS4Qw7CxS-zZQzoAtR3oKLCNcNnompFVCk_TT6-g3buXxzu0j9vuTFbAopq62xdOTt2k5ja1J5Xvi3FAUQ9kq3h4RQXf9Q9e5xSCAPaJl22yE5UiQEXVDb1zXlH2sWl4yjeRLyMH7bxrnVz9GnrsGTqMXIocpsiR2njC6N8a6QeXEV5mLRQk

Requested by

Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FE82 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BettcLvGhY_u8O6mT7_UPxOGSgAwAAAAAOAHgBAI&bg=!KCulK2_NAAYgquz3AKo7ACkAdvg8WjN2_9w6LPpKSAwa5NuX7uPVN7lqZYhwaHNN-o3w-A3IDstnBwIAAADqUgAAAARoAQeZAzhOu-HYnqsLGrWeiQdkxt9Ojy6i3v6xfsQJq2nxeOOrk204EM2VK7YEjpBNQxXHWp5rq6bwZuLcBTnuJLruroR7-ZfRZESA1Hc2iqtUUWW6nNqtNXCEifjGP8-pi9V6CPFcKvIPTzLaqO0_X8zCULZxWZqBcg2juCevF_jXbFCr8JvkVhQzDEsKDPwADP2JRJYjXj3ESKCvq126g4jOrbl8exJSfE_U03BdLprLh9kJoFg79c4fvctNTpsB7PyhzFJxh3NN4SN2rj6yK1s9TjPM4SjGDg63aKUp---OIOtjLS5UIMTGq-kAWVs-9Gy-50Ppzi69nH1ftmqVqq2UBJe5TP-l2zXDqcRcHXhy-g3VRJwuUaJrZjJOQVbjMhdGCjMFKhGAebve2LS6Pw-gcIZ8vfQSyPpnpWCFIyfDQ_vTzViMx5WW68IfEva1JePRSeTEyGICCHmPMyycv6Ikyu3MPxEjtWtWE8-I9-0oQXTBHiSrZIAxj4NmB9NCMg5zXBvwiEJu2QO2OHVyukbolnzlbB4QRPKjqMfRCPsX3N8j9g9oY8UsD9BXyVk8flvycpwhSA2s9LqTEJGlI863vDJTwO6Y0TPkqggKFhsfFxwDawOI8EQEALyGIWl5ox2B_dEiU0XA4-wqLKJkp6ZgVwSmA4TcRQpNOuH3Z0KeYpH6s70LjXKS7adqjM-XWP0P9mUbkYAS59KEMr7S47MW9uhBz61HY8zGiFvICSOf9XAeQ8jVDtUouqglDqpp4rnC8MrzjJFEId0qaaQK2MpLCP2k-WXkRZtHnsR7zlm8tsK3E3mKkjofD3lhvtEGlQvWSoZXe1CSDqMvn7-5FBzmtpAnDZmER-EzPgaL5O41l3qfYyjRVWopxSaeNWyNe-2NA8p6J1X3D10EFSPmB0V9rRkjNHGT-pQ6PQ_vXm_oM2y1yeYBuk0PMPYJIjLTpPvLvqgnPpkCFdCXCHm5uYmStxgnAFh9UD38L8xV5CiOUt4cgd5Odq65MqU3f27QB27D7sIo6af4FEV6VXW23fkd_xZDAm67y83H0J8MLlw3beF8oNUYPEob76nzIOjlV-beifjnmm6NAqPzXw

Requested by

Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2F4F 7 KB
6 KB 157ms
79ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15d15485121df0f41cb87e089f667735e76b072c56a6a434a95cfea8b32af9ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0

GET
H3 200 motif.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/ Frame 2F4F 451 B
341 B 40ms
39ms Image
image/svg+xml 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/motif.svg

Requested by

Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

524c55c8d2300cce448d346b995650dc7fcd703ab0c3734c057147b5c69d3773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/index.html?e=69&leftOffset=0&topOffset=0&c=GBtDUtRgGv&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 15:16:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8013
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:41:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Dec 2022 15:16:50 GMT

GET
H3 200 logo_kia.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/ Frame 2F4F 1 KB
702 B 40ms
39ms Image
image/svg+xml 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/logo_kia.svg

Requested by

Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4caec19fb48c8b123d8f1dd3443f2bd70863adf6408db3ea83b1ee46df65c454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/index.html?e=69&leftOffset=0&topOffset=0&c=GBtDUtRgGv&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 15:16:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8013
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 674
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:41:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Dec 2022 15:16:50 GMT

GET
H3 200 23717839_20211026020519412_bg_01.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 2F4F 29 KB
29 KB 52ms
51ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211026020519412_bg_01.jpg

Requested by

Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fd323d8762bfe107930a69fab5d99df2b9eb7fcf1e266bfc801113a0d4d9620

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/index.html?e=69&leftOffset=0&topOffset=0&c=GBtDUtRgGv&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 13:54:22 GMT
x-content-type-options: nosniff
age: 12961
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29911
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 09:05:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Dec 2022 13:54:22 GMT

GET
H3 200 23717839_20211026033458094_bg_02.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 2F4F 30 KB
30 KB 48ms
47ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211026033458094_bg_02.jpg

Requested by

Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7993d2d8d1e84feef5eaa4d8c9dcbc44367875122baa1b6760d9150711f4577

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/index.html?e=69&leftOffset=0&topOffset=0&c=GBtDUtRgGv&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 15:05:02 GMT
x-content-type-options: nosniff
age: 8721
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30908
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 10:34:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Dec 2022 15:05:02 GMT

GET
H3 200 23717839_20211026020525850_bg_03.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 2F4F 29 KB
29 KB 44ms
43ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211026020525850_bg_03.jpg

Requested by

Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3435b89855d83510f5b3dcc3d0bfe4d8b7848a76c218d939fa4cbcc43d004f02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/index.html?e=69&leftOffset=0&topOffset=0&c=GBtDUtRgGv&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 13:52:32 GMT
x-content-type-options: nosniff
age: 13071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29523
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 09:05:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Dec 2022 13:52:32 GMT

GET
H3 200 23717839_20211026033502008_bg_04.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 2F4F 33 KB
33 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211026033502008_bg_04.jpg

Requested by

Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f144c4faf434bfe66e01058d20974e19961adab4808beaaf9735871e930d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/index.html?e=69&leftOffset=0&topOffset=0&c=GBtDUtRgGv&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 13:52:39 GMT
x-content-type-options: nosniff
age: 13064
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33944
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 10:35:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Dec 2022 13:52:39 GMT

POST
H2 200 stats Show response
gw.geoedge.be/api/ Frame 9CDE 0
95 B 127ms
127ms XHR
text/plain 3.226.37.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/stats
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.226.37.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-37-73.compute-1.amazonaws.com
Software: nginx/1.20.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 20 Dec 2022 17:30:23 GMT
server: nginx/1.20.1
x-powered-by: Express
content-length: 0

GET
DATA 200
OK truncated
/ Frame 9CDE 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82f0f9d0692e46d8a3c37151ff71dba41e86d29f6769e273f44aaef83e18fbe9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 main.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame 6C49 2 KB
806 B 51ms
50ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=PPtW9lekH9&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ce3230b9e066248a47bc5bda0de3c15431306fa3e447bacce88b2b87f0f0c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=PPtW9lekH9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:17:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 794
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 778
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 14:38:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Dec 2022 17:32:09 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6C49 7 KB
5 KB 153ms
85ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e03f9a2140cbcc24fc457bc84201934b37cd821a4d3bd814e3425838ad547cf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 97C0 200 B
809 B 7ms
6ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1092320
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 20 Dec 2022 17:30:23 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 07 Dec 2022 23:30:12 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 498806
x-content-type-options: nosniff
x-request-id: a01146da-e61a-4a9c-8de6-672368e38218
x-served-by: cache-hhn-etou8220089-HHN

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 89ms
89ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e1d3b643da45eab061083a2358e8ce527f2fbd77ef168c3b50162b5690abe3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11100
x-xss-protection: 0

GET
H3 200 300x250_de-de_performance.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame 6C49 61 KB
17 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/300x250_de-de_performance.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0a0c7dd8cccf9f6242549757fbb6b960d4043d8f96fa6c8c2cc75afa972744a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=PPtW9lekH9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17789
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 15:42:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Dec 2022 17:41:58 GMT

POST
H2 204 rum Show response
www.on3.com/cdn-cgi/ 0
37 B 43ms
28ms XHR
text/plain 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.on3.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Tue, 20 Dec 2022 17:30:23 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.on3.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 77ca1b0af90f695d-FRA

POST
H2 204 rum Show response
www.on3.com/cdn-cgi/ 0
145 B 35ms
34ms XHR
text/plain 2606:4700:10::6816:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.on3.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.on3.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Tue, 20 Dec 2022 17:30:23 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.on3.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 77ca1b0af918695d-FRA

POST
H2 200 csp-report
q.stripe.com/ Frame 97C0 0
570 B 538ms
178ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 20 Dec 2022 17:30:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 97C0 0
571 B 536ms
176ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 20 Dec 2022 17:30:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 97C0 631 B
461 B 8ms
8ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 20 Dec 2022 17:30:23 GMT
via: 1.1 varnish
age: 1092320
x-cache: HIT
content-length: 332
x-request-id: 65975c76-74a0-47fe-9bd6-fd0c73ee1f9d
x-served-by: cache-hhn-etou8220089-HHN
last-modified: Wed, 07 Dec 2022 23:30:11 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 448979

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
27 KB 26ms
10ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 20 Dec 2022 17:30:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: npVJUgrNbIcxzjP+KdZUJkXSKMoa0Vuvtyxkn9orVOtJnOMeiwaQs9WhQJOiUEZ+a/FNQRp9T/RC8f71/GJijw==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/36671852/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

7ms
7ms

Script
application/javascript

99.86.4.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Protocol: H2
Server: 99.86.4.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-32.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:07:42 GMT
content-encoding: gzip
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 1361
x-amz-server-side-encryption: AES256
etag: W/"5b0f9f0704a703b8da651007721fac57"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: p9v1IBSGR8X5Gfbg72LNsdciqXXaUVqn74N6T69f4fS2BkikYfF2Wg==

Redirect headers

location: /internal-cs/default/beacon.js
date: Tue, 20 Dec 2022 17:30:23 GMT
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-length: 0
x-amz-cf-id: QL5Pz_S4baO4x1OcgzJqRRGsFKfS_53l1pMcJkk-cmYToppw2H5tGw==
x-cache: Miss from cloudfront

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 3F8D 930 B
1 KB 29ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 241
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 20 Dec 2022 17:30:23 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 316
x-content-type-options: nosniff
x-request-id: 73500adc-0911-4c91-a6c6-78fb93e6a36f
x-served-by: cache-hhn-etou8220089-HHN
x-timer: S1671557424.878359,VS0,VE0

GET
H3 200 356775472752325 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 20ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/356775472752325?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e53f8a3e3e8746a823e1ecf07366ca1dc0ecb31c66e7227a976616bf6eed943

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 20 Dec 2022 17:30:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 85939
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: dFdgqJpFU8TBwxUtNeawXnbNnZ22HBHl/hZ2+3d/FMAMo3EHpiXBIn72VBoxWQGLjdnzEHHpn9rhaPE2iZ2SxQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 3F8D 0
344 B 489ms
177ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.on3.com
URL: https://www.on3.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
expires: 0

GET
H3 200 star_alliance.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 6C49 4 KB
2 KB 39ms
38ms XHR
image/svg+xml 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/300x250_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3052cb4159c6c3da4cee05fc67f879dfc7c5cf59628a6fd37485cf4c685f60d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=PPtW9lekH9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:27:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1840
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 11:00:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Dec 2022 17:42:01 GMT

GET
H3 200 lh_logotype_single.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 6C49 5 KB
2 KB 41ms
39ms XHR
image/svg+xml 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/300x250_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=PPtW9lekH9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 661
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2151
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Dec 2022 17:34:22 GMT

GET
H3 200 lh_crane.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 6C49 2 KB
1 KB 42ms
39ms XHR
image/svg+xml 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/300x250_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=PPtW9lekH9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:17:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 789
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1311
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Dec 2022 17:32:14 GMT

GET
H3 200 NH_D_EU_Coffee-European_300x250.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame 6C49 77 KB
77 KB 42ms
40ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4703548/NH_D_EU_Coffee-European_300x250.jpg

Requested by

Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc37d733f1e46092fe1a503fb59b8c65ecebb452f7eebaa96782f3a1cc579174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=PPtW9lekH9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:26:35 GMT
x-content-type-options: nosniff
age: 228
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78522
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 08:49:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Dec 2022 17:41:35 GMT

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 3F8D 86 KB
16 KB 13ms
11ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Tue, 20 Dec 2022 17:30:23 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 80
x-cache: HIT
content-length: 16031
x-request-id: 72baec27-0bb2-43a8-ba78-9f68bb498ee5
x-served-by: cache-hhn-etou8220089-HHN
server: Fastly
x-timer: S1671557424.903525,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 116

GET
H3 200 LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame 6C49 50 KB
50 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2

Requested by

Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=PPtW9lekH9&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:22:05 GMT
x-content-type-options: nosniff
age: 498
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51548
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 11:46:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Dec 2022 17:37:05 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2F4F 17 KB
6 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Dec 2022 17:30:23 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6C49 17 KB
6 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Dec 2022 17:30:23 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Dec 2022 17:30:23 GMT

GET
DATA 200
OK truncated
/ Frame 9576 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82f0f9d0692e46d8a3c37151ff71dba41e86d29f6769e273f44aaef83e18fbe9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 6 Show response
m.stripe.com/ Frame 3F8D 156 B
522 B 547ms
186ms XHR
application/json 35.82.157.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.82.157.189 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-82-157-189.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

60995dcf730b26c42b1fedee155bc21edb1572019ead7b4387ec094445ee4ff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 20 Dec 2022 17:30:24 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 8ms
8ms Image
text/plain 99.86.4.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=36671852&cs_it=b2&cv=3.8.0.210223&ns__t=1671557423977&ns_c=UTF-8&c7=https%3A%2F%2Fwww.on3.com%2F&c8=On3.com%20%7C%20The%20Best%20of%20College%20Sports%20and%20Recruiting&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-32.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:23 GMT
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: GFPBNfRf_G-M5YXa0RU7VOIhChVrOjx4unyaSDmfWjowPUMk5hSSSg==
x-cache: Miss from cloudfront

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 1CC2 36 KB
16 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 16:25:40 GMT

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame B9EB 36 KB
16 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 16:25:40 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A5DA 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2956
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 16:41:08 GMT
expires: Wed, 20 Dec 2023 16:41:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9F95 783 B
535 B 68ms
67ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b7e899aad2a16b73d7300aa0c68dd77aca13baf5c733b683c57ded31a296488d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6hYKzNwcmeEUHngKD9K_qg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-6hYKzNwcmeEUHngKD9K_qg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 17:30:24 GMT
expires: Tue, 20 Dec 2022 17:30:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame A5DA 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 16:25:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9F95 0
0 73ms
72ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120601&jk=2901702505178758&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A5DA 0
10 B 38ms
38ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-gaMWQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:30:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9576 42 B
64 B 78ms
78ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvw78cqzBgVOdhjLkYsJ1vXycIoMzVnJRm8-ZSd91HGqXtxhECnGTW6HIeV_OroTJ4_q2ei0SxCwJS4x1GJJmnd0vOiiyF8489G3yk9HOgRUN4V4pZSmHxYwpjJOIbXmrHMxnCmWw&sai=AMfl-YQ_YqfqH6PV6Iy8VTvBuw-99yUlkRort_Gf1R6sAHn1Go_w022ebFDbe9w2k0vBw04lG1sDb7S5_lD_u-15MXoIb_VDVaq7u-W5n5-tDODZzyjCulyynMLtUmclcg&sig=Cg0ArKJSzDJEIbXYEPjzEAE&cid=CAQSOwDq26N9_SUJDo_kUZEQKUKkpg0n9nqhPUKvCxoJu9SiqxcQTL-0b7h8NSDzat9ZFeKZ6lWIbhDzzCwrGAEgEw&id=lidar2&mcvt=1000&p=603,1170,853,1470&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2902443972&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671557422683&rpt=563&isd=0&lsd=0&met=ce&wmsd=0&pbe=0

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/40a19b09-700a-47d5-ac7a-8210aa4288c3/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9576 43 B
215 B 100ms
100ms Image
image/gif 2600:1f18:1aca:4281:c606:3396:5467:8f67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=1cef3054-b94d-a0ed-1274-0379ab967919&tv=%7Bc:xmjYGA,pingTime:1,time:1181,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:99%7D,%7Bpiv:0,vs:o,r:l,t:139%7D,%7Bpiv:100,vs:i,r:,t:180%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1001,o:180,n:139,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:99,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~300.250%5D%7D%7D,%7Bsl:o,t:139,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B40~0%5D,as:%5B40~300.250%5D%7D%7D,%7Bsl:i,t:180,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:102,fm:tqzWB9F+11%7C12%7C13%7C14%7C15%7C16*.925113%7C161%7C162%7C171%7C172,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:101,sis:208%7D&br=c
Requested by: Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:c606:3396:5467:8f67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:24 GMT
server: nginx
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9576 43 B
215 B 99ms
98ms Image
image/gif 2600:1f18:1aca:4281:c606:3396:5467:8f67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=1cef3054-b94d-a0ed-1274-0379ab967919&tv=%7Bc:xmjYGA,pingTime:1,time:1181,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:99%7D,%7Bpiv:0,vs:o,r:l,t:139%7D,%7Bpiv:100,vs:i,r:,t:180%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1001,o:180,n:139,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:99,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~300.250%5D%7D%7D,%7Bsl:o,t:139,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B40~0%5D,as:%5B40~300.250%5D%7D%7D,%7Bsl:i,t:180,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:102,fm:tqzWB9F+11%7C12%7C13%7C14%7C15%7C16*.925113%7C161%7C162%7C171%7C172,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:101,sis:208,metricId:publ1,cmr:t%7D&br=c
Requested by: Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:c606:3396:5467:8f67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:24 GMT
server: nginx
x-server-name: dt22.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9576 43 B
215 B 99ms
99ms Image
image/gif 2600:1f18:1aca:4281:c606:3396:5467:8f67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=1cef3054-b94d-a0ed-1274-0379ab967919&tv=%7Bc:xmjYGB,pingTime:1,time:1182,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:99%7D,%7Bpiv:0,vs:o,r:l,t:139%7D,%7Bpiv:100,vs:i,r:,t:180%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:180,n:139,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:99,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~300.250%5D%7D%7D,%7Bsl:o,t:139,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B40~0%5D,as:%5B40~300.250%5D%7D%7D,%7Bsl:i,t:180,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:102,fm:tqzWB9F+11%7C12%7C13%7C14%7C15%7C16*.925113%7C161%7C162%7C171%7C172,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:101,sis:208,metricId:grpm1,cmr:t%7D&br=c
Requested by: Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:c606:3396:5467:8f67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:24 GMT
server: nginx
x-server-name: dt23.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 78ms
77ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120601&jk=2901702505178758&bg=!OTqlOn7NAAYgquz3AKo7ACkAdvg8WlZTx0-5LHUEtUv343gNus5zPl7adTjfNy8WDVSuHwvTV5S2kwIAAABXUgAAAAJoAQeZAsNeVZtUo1KjS_3WrD7Cfqz_nCvus6X6aRvij-UjysHBeuoFQOS8wVyMjSXbKR1tDsdq2eTNMfmXqL6C1_9ZRzIbKGHJfjd0DIGrS-LqG2LvjoR8rGmZrMPM65F74KQMgeQcPOOoVE8L4cKDFdUy0jptUvC8BAuhiTc0JKnlA6CoLkzsakaWbM0IjOWuk-tr0NttDmcYTZbZKmbDucVUdX9SsYT5RChcA1d8idl351FKNNRVSAoPzjvEXSHBD9DEEVJKciXL4bH9asdgAyxvykjsxV9o84O_AIQBN7SKvvqR-LaJr0bvJ6CqKMLtgarge-UoKn-nUBkDlx2JLDU9TkePXRrVRZCCLxGJkIYrYGPoNETfGZgHRWZCZQsWEs6eLYiYTmf2qF0fpaLwC-LU-eCLNoBgN7vl7ksyiiB9emZbp6B_2sHV41y0Qf85gwrCxLM5bD9oib3VmUYFCGc0BlACIJiI5qPSuCnoIJ4dCoEp-zF-XpqpGL0UE5V-kM-5AKgQLl5EMHBfw_mDqXHUEaB8QbfimeWdlWtANoypCx-_4ByRSkVJ4yBSTEbaVgrS5GuueuIOLyCEUfMOe2m-MLs33OJ0-QxRwUpS8ngkszP9Chl9tWdJBupkfDPsJsvWGrhjr-ugoyPAB6GHv9LhDUoEbKdPCX27w7W15f0qdF5pM5tyJtKDwp3jzxEeX-M5QEYk8b2xK2GlqgCE2qW20IgOXJmZ4KaNlgVK7pQ-zDK9iJ7YlNOymelo8T8qC0yXFu0Gp1u17yHaXBJBDu4Gpy2k4q7RNI5YijJC0tGceIkNb3kiGx1cywH5byBwHmIZxkyNum7sWIe3_4rvR7a52kaUKmXZewtt33GhvfsA25gpnyMNv6VsZvMS7numerOjnAdPcD-Qgu9bNKq-Yeq43HuQoVz1IJvp0wJ6oTA3RluX6uaHCQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 106ms
41ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-D6C0XT55DS&gtm=2oebu0&_p=1724851470&cid=471441715.1671557421&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1671557421&sct=1&seg=1&dl=https%3A%2F%2Fwww.on3.com%2F&dt=On3.com%20%7C%20The%20Best%20of%20College%20Sports%20and%20Recruiting&en=page_view&_ee=1&ep.page_path=%2F&ep.authorName=undefined&ep.authorId=undefined&ep.pathName=%2F&ep.category=undefined&ep.contentId=undefined&ep.teamName=&ep.siteName=On3&ep.siteKey=44&ep.siteType=National&ep.user=undefined&ep.platform=web&ep.categoryKey=undefined&ep.pageType=other&ep.userStatus=guest&ep.subStatus=guest&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D6C0XT55DS&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.on3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9576 43 B
215 B 99ms
99ms Image
image/gif 2600:1f18:1aca:4281:c606:3396:5467:8f67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=1cef3054-b94d-a0ed-1274-0379ab967919&tv=%7Bc:xmjZJ6,pingTime:5,time:5181,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:99%7D,%7Bpiv:0,vs:o,r:l,t:139%7D,%7Bpiv:100,vs:i,r:,t:180%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5001,o:180,n:139,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:99,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~300.250%5D%7D%7D,%7Bsl:o,t:139,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B40~0%5D,as:%5B40~300.250%5D%7D%7D,%7Bsl:i,t:180,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:102,fm:tqzWB9F+11%7C12%7C13%7C14%7C15%7C16*.925113%7C161%7C162%7C171%7C172,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:101,sis:208%7D&br=c
Requested by: Host: b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
URL: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:c606:3396:5467:8f67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 17:30:28 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pbs.nextmillmedia.com/openrtb2	1970-01-20 08:20:43	Name: nmm-ss-cps-usr Value: 1
pbs.nextmillmedia.com/openrtb2	1970-01-20 08:20:43	Name: nmm-ss-cps-usr-exp Value: "2022-12-21 17:30:21"
i.liadm.com/s	1970-01-20 09:02:29	Name: _li_ss Value: MgUIBhCAFDIFCAoQgBQyBQgLEIAUMgUIfhCAFDIGCIsBEIAUMgUIeRCAFDIGCIEBEIAUMgUIDBCAFDIJCP____8HEIAU
.on3.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .on3.com
.on3.com/	1970-01-20 17:55:17	Name: _lc2_fpi Value: 4e503d5d0a01--01gmr9c5yb4ve2m1jc6nvy3vet
.on3.com/	1970-01-20 08:20:43	Name: _gid Value: GA1.2.2106742027.1671557421
.on3.com/	1970-01-20 08:19:17	Name: _gat_gtag_UA_193678100_1 Value: 1
.on3.com/	1970-01-20 10:28:53	Name: _gcl_au Value: 1.1.329625252.1671557421
.on3.com/	1970-01-20 17:55:17	Name: _ga Value: GA1.1.471441715.1671557421
.on3.com/	1970-01-20 17:55:17	Name: _ga_D6C0XT55DS Value: GS1.1.1671557421.1.1.1671557421.0.0.0
.liadm.com/	1970-01-20 17:55:17	Name: lidid Value: a7665e9a-4205-4f24-9658-91a4f46a222a
.rubiconproject.com/	1970-01-20 17:04:53	Name: khaos Value: LBWI4P11-M-H1LI
.rubiconproject.com/	1970-01-20 17:04:53	Name: audit Value: 1\|hLZGFuTafB0ozm2jzwgM/j5APvdogVCbaTd6KyMQnaub55ZO9yeic0FQpWsWEwc3z0yTAsWqIWzAUJ+gL7gixdDu7Ii+wRSpUN+/nvRkaHE=
.doubleclick.net/	1970-01-20 17:40:53	Name: IDE Value: AHWqTUlL9Jbyi4bqOLX49Jq96xpSr3950K9uOoI3ctdQk_WQxdzbIgi6Bw1040MC
www.on3.com/	1970-01-20 08:19:17	Name: _liChk Value: 0.12962621541271213
.bidswitch.net/	1970-01-20 17:04:53	Name: tuuid Value: a6ff5d79-eb25-4920-bc98-aac586747f9d
.bidswitch.net/	1970-01-20 17:04:53	Name: c Value: 1671557422
.bidswitch.net/	1970-01-20 17:04:53	Name: tuuid_lu Value: 1671557422
.mathtag.com/	1970-01-20 17:45:12	Name: uuid Value: aaf463a1-f12f-4400-872c-02c97ca5d3d3
.demdex.net/	1970-01-20 12:38:29	Name: demdex Value: 66602698248101081070774531128206098408
.dpm.demdex.net/	1970-01-20 12:38:29	Name: dpm Value: 66602698248101081070774531128206098408
.addthis.com/	1970-01-20 17:49:31	Name: na_id Value: 2022122017302200088145709699
.addthis.com/	1970-01-20 17:49:31	Name: na_tc Value: Y
.addthis.com/	1970-01-20 17:49:31	Name: uid Value: 63a1f12e67ccabad
.addthis.com/	1970-01-20 17:49:31	Name: ouid Value: 63a1f12e0001e3d4d0740e0c6d62e8202814fac8e24425ded15a
pool.admedo.com/	1970-01-20 17:04:53	Name: tuuid Value: af9b7cfb-efe3-47ab-91f5-22c9d26af6c0
pool.admedo.com/	1970-01-20 17:04:53	Name: c Value: 1671557422
pool.admedo.com/	1970-01-20 17:04:53	Name: tuuid_lu Value: 1671557422
.dlx.addthis.com/	1970-01-20 09:02:29	Name: na_sc_x Value: 1
.on3.com/	1970-01-20 17:40:53	Name: __gads Value: ID=2984f47823c19b53:T=1671557422:S=ALNI_MZcHq3zjk3XQnXMe_Au7_CIqdfOYg
.on3.com/	1970-01-20 17:40:53	Name: __gpi Value: UID=00000b9587e696fa:T=1671557422:RT=1671557422:S=ALNI_MZgxDdor2PjjmA5j1hBU9t_HHKucw
.adnxs.com/	1970-01-20 10:28:53	Name: uuid2 Value: 5586297604895940363
.casalemedia.com/	1970-01-20 10:28:53	Name: CMPS Value: 5152
.casalemedia.com/	1970-01-20 10:28:53	Name: CMPRO Value: 5152
.casalemedia.com/	1970-01-20 17:04:53	Name: CMID Value: Y6HxL.sQDwbRyzcpZdW3EgAA
.adnxs.com/	1970-01-20 10:28:53	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?l<L4>e!@wnfH8K6pQK`!5=E<L5?%KHYXz+g0t=HolejBJiSD(OglWOw>lo9xu>7zT%nugO%v4VB%nn`=2^(6
.casalemedia.com/	1970-01-20 10:28:53	Name: CMTS Value: 3243
.adfarm1.adition.com/	1970-01-20 10:28:53	Name: UserID1 Value: 7179284465187027088
.3lift.com/	1970-01-20 10:28:53	Name: tluid Value: 4084205287035134640162
.w55c.net/	1970-01-20 17:49:31	Name: wfivefivec Value: A0PAxTdB1P7GrB5
.w55c.net/	1970-01-20 09:02:29	Name: matchgoogle Value: 5
m.exactag.com/	1970-01-20 10:28:53	Name: exactag_new_gk Value: d679aa9c138a43659d94b94c3b310121%7C18.02.2023%2017%3A30%3A23
m.exactag.com/	1970-01-20 12:38:29	Name: exactag_new_uk Value: 64717b1ef0334e1485c914f5b16accbd%7C
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: faa338f231184afd90826724
.everesttech.net/	1970-01-20 17:04:53	Name: everest_g_v2 Value: g_surferid~Y6HxLwAFeKXYTQAF
ads.avct.cloud/	1970-01-20 17:04:53	Name: uuid Value: c8052266-862a-4cb9-a03b-67fb90657cf2
.innovid.com/	1970-01-20 10:28:53	Name: uuid Value: c620700d-2937-4105-9834-2b00ce204846-20221220 12:30:23
m.stripe.com/	1970-01-20 17:55:17	Name: m Value: f78ca539-3770-41e9-a902-c69f66c32e1401ffc3
.www.on3.com/	1970-01-20 17:04:53	Name: __stripe_mid Value: 40832c7c-075f-4ea6-89db-5f8666ebd6a6f7ac38
.www.on3.com/	1970-01-20 08:19:19	Name: __stripe_sid Value: b86836e3-45dc-4572-b26f-4738eafef40ce733eb

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-dtb-cf.amazon-adsystem.com
ads.avct.cloud
adservice.google.com
adservice.google.de
ag.innovid.com
ap.lijit.com
b-code.liadm.com
b1sync.zemanta.com
b76ab3b3ea569cb70ff2b1d45954f1bc.safeframe.googlesyndication.com
btlr.sharethrough.com
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
cdn-ext.spiny.ai
cm.g.doubleclick.net
connect.facebook.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
exchange.postrelease.com
fastlane.rubiconproject.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gw.geoedge.be
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
js.stripe.com
m.exactag.com
m.stripe.com
m.stripe.network
match.adsrvr.org
odr.mookie1.com
on3.com
on3static.com
onetag-sys.com
pagead2.googlesyndication.com
pbs.nextmillmedia.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pm.w55c.net
pool.admedo.com
prebid.media.net
q.stripe.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
rtb.openx.net
rumcdn.geoedge.be
s.ad.smaato.net
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.teads.tv
targeting.unrulymedia.com
tlx.3lift.com
tpc.googlesyndication.com
trc.taboola.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.on3.com
x.bidswitch.net
x.dlx.addthis.com
13.248.245.213
13.32.28.197
142.250.186.162
142.250.74.194
15.197.193.217
151.101.128.176
151.101.130.49
172.217.20.2
172.64.154.237
18.159.78.175
18.197.255.208
185.29.132.245
185.64.189.112
185.80.39.216
185.89.210.141
2.18.232.236
2001:4860:4802:32::36
213.19.147.42
216.52.2.39
23.218.209.56
2600:1f18:1aca:4281:c606:3396:5467:8f67
2600:1f18:730:b150:8ee:4b1d:d9e7:1410
2600:1f18:ed:550e:8a5c:b0cf:9d7c:272c
2600:9000:2057:ca00:8:8845:1500:93a1
2600:9000:206f:3000:4:b37b:9440:93a1
2600:9000:211e:2400:1b:5138:8a40:93a1
2600:9000:214f:9400:8:48e:53c0:93a1
2602:803:c004:200::140
2606:4700:10::6816:42d2
2606:4700:10::6816:43d2
2606:4700:10::ac43:1bc7
2606:4700:3035::ac43:d08a
2606:4700::6810:3865
2a00:1450:4001:801::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2006
2a00:1450:4001:810::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2001
2a00:1450:400c:c09::9a
2a00:1450:400d:807::2001
2a00:1450:400d:807::200e
2a00:1450:400d:80d::2002
2a03:2880:f02d:12:face:b00c:0:3
2a04:4e42:200::300
2a05:d01c:1d8:8101:bfc1:341:b1d9:ff76
3.121.4.183
3.218.4.10
3.226.37.73
34.107.148.139
34.243.37.252
34.98.67.61
35.186.253.211
35.210.53.219
35.244.159.8
35.82.157.189
51.89.9.253
52.22.146.154
52.28.203.152
52.51.217.65
52.57.83.94
54.187.119.242
54.205.76.47
54.73.175.243
63.35.6.234
69.173.144.165
70.42.32.191
85.114.159.93
85.14.248.91
99.86.3.236
99.86.4.32
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
00447cbce4f68f83f5d3aa6885185089873eee24bf3cd40bb5261eaa713ba82a
01672495e45469835599b579c056da3b519eccd52c06f3ea22a60c226a47aaf6
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05495b6a8f1c836fdb363bcdcd6a38e3ab0fd96fc02ba6755eb415adb7301ace
0566ea0e8a61bd9073a2b1a19f05f33c4f96f2b23ce21511d8c2243cec7638d1
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
099d5504e471ddf447fac55b5b3f60c16ff2bc16c06a2b772acc95e92621037b
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
0b264930c1b3419925ffe1260bf8b91ee37804bb677c98b3d77a5e41554270fc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13ad3a5b6e7911d28d57bc0ea2ca54dac6a5f90e64ada064e9d5e50a68044040
154dd405927801df53c421d4f29d2c7c65fd5e1c97bf7346e8b84d40c9474d33
15d15485121df0f41cb87e089f667735e76b072c56a6a434a95cfea8b32af9ab
15d1b72c9859676731eced0d14dd0a9ec8c3a0fe69372584c0960d7a0bd3fd75
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1d28b97f8ffeb85fe7c40b0dcc53775e6bba248d3368330a3f96c9e089f2fba1
1d51555855d8b6179e5a6c2c9eccbdc681ebd084b6919af0d6df2a6935bad412
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1f1110ae700694e29ed4d89c94d614776b0bc7170570f20401ae3da96dab7d45
1fda183b102069c10c3b6f70511e764893599a4a4ffd060c5a923f81369aa189
203d80492a999fccd64f5a87eff47811fe759013ffae8c27c4dbe6f4d3a19e23
20542eb31c8d837200fa7d0978252a7f435d6e6ebefe07828784d65a79acd072
20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61
22aabf7d6345fe5278f84c26cf41bc315ea1de20530d4ad9b41c7217bf3e034a
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2633a0226062e0b1c9a0b42e3ab473f3da71afee34ce1a3bdbdba2a7098b05eb
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
27bfbc2917608db07fb061e7480573ff5b6b760568367853af5bd9ee275e9db8
28b92ded79d34e1157b44bda6b47c413234043a7f608004ede70e1512521aec4
2b813f43e68255798e72635d62e261f4036d46a4f852c9ed4049952ab182fdeb
2e9f4b9a81705bfaf4825babe963b13a8e2f150cd97e09f806137c1bdcc04a90
2efb7666a794470b9e09589ba6b6aa35b5e4c163e172c14c8b4da58de42f1b2b
30533108b75736e1b0d42d25f44243dea63d69550c83fe3a2e429c376da769d7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b7ddd263a5ee2a8a65513adc186890de769dfad618972997b99adab859aaca
32210c82febc36021c63ad54074519cd306dd60176c1cf797d077582cb812e02
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33011093b700b2bb851a71f1b18fce667224e150f4b674f9ed922a665663bc38
3435b89855d83510f5b3dcc3d0bfe4d8b7848a76c218d939fa4cbcc43d004f02
35c9e81dba52a60c741879a4c4944e05bde2b37556a1d206d7d525b3e0888d9a
362da9342e3d20600e557a2ffa71a068f5bc4addc0682fe833d562f6e4ca342c
399de571b154d75643405349ce24b4e2493beb86c9eb1ee56e3ced0d59714ef6
39bd346ee248cc9b48fe02843d4b27f56e4d6900ce1964de25cd852e0232d4fb
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34
3a35c408cbba6afa01ef47ca11d4d02f64c79a12f6735769951b2f0dde27c54b
3a912b197e4f0aef150d4a04bd6991500efbe25de9eb039c647e28a1016cc53a
3a94802b7b830d5ce9f3e9a45422879a49435e16b925241fbe6a3c0bc27c7b8d
3c74d4875627d22426e0447f50c80b355219079f4028fc3d30f93aad9dfc0357
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
3ed265403543eb95facaf90e843ea1fab664ea51efe3dda61695b95df3f25263
40d163a81a60a4f29628f72060ad0fd3749411ea1c24d35a3c7a63d65ec356d2
41a7029253dd7ae025b933cb680b697d402a4ef06174d21995d7ce63441bccb4
42c759694f7f1905a76989ef08920380dbff90c2914b3f80e87ca6f96c01328c
437f2f57ffc84c09bae7ad3a776ed08a6ee00621f03b381b8b54e009c7944498
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46df91d8c792fd591cb5c426720b7ce7468091266e3d3b8ab81f04650a2acd75
4726734a48b33c83575aa629342e5a8c36cf253e8c282c6e067b8a0c60a542ba
486f85a01c77d66e2356ac53e26b024cc2e9909abbaceefadba029b9f2f9ecc1
49558f4c23d06e2f845c483370853824680ca621ea2c9ea6b053736c44822273
4af55f637b24bffae4e6251d02c562c9d69115a4090105d6656635d5688e9d16
4b1c77d079dfd6f706594db4f4f9feba2d300d07f92683467cc34c17f428a5e0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7f4d85fa29db0bee26bbb6f850a22f762271a73468efe2fcddaba48212b354
4caec19fb48c8b123d8f1dd3443f2bd70863adf6408db3ea83b1ee46df65c454
4ce3230b9e066248a47bc5bda0de3c15431306fa3e447bacce88b2b87f0f0c1d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
501a035b4e68b085571485afe6373c13f7b385f48c0a5ac9590fa2a7cb808ea1
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5058731be458353b16f60bed5ba4f2093263248535bb2c186b4ebd666aa41b63
5127b82f9e9c8f658c6ac712b12ed1aa32755f5d90bf4953c5d7d9db25eb58e6
51eb6857a0deb44e1f49a62a595f4918e135e65e53ac1820a01018c77a527d56
524c55c8d2300cce448d346b995650dc7fcd703ab0c3734c057147b5c69d3773
53c63ba74bb906ec25fae997b90958ea94ad07ee777afd41600d105904f1ed02
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
55d443e0a7175ba6e0d52aacd0cb6cf9c35d650a49c3a303b5e8496d65413f4b
5629c2051ac404f4b9a7ed2f8b917334caf71064f0c217758879e42c045d6c45
56e7c597d5fb6883f31864932b364ffb837e522d8a37eebdd9156795c2980ffc
5729bf70c85166b632a1e3190ecf2b8a519d5c7ef745c0063840b0a56d2416b8
583bb15455776134b24887b4b290ee5de7133a663950f79494e27a0df2345619
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5b0ce018cec1cf460afb0b3432b08f9e6365d6d233ccbdbb86a07a19f2a258b4
5cd2ce5c72f7579334beaca51f2b88cf3e1317e5870f7952bd4ca48e56b81968
5fd323d8762bfe107930a69fab5d99df2b9eb7fcf1e266bfc801113a0d4d9620
5fea0fdb21f8d21ebd20972688aa9f301ce5776bb2aaf2c392aba9b8b8a9da8f
60995dcf730b26c42b1fedee155bc21edb1572019ead7b4387ec094445ee4ff8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
621ef4a276469c9ba56502fbb326a831ad6803c0333de3dec74e69b10d1b20c9
62940af7f8084b014e9992277bd468868b081bd4e7c1075be85d7ee096e0c9c1
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
632c685d03fd3ddd62530960c8c1ba163d99ddc67290275e9f2469470dac5cd7
63f144c4faf434bfe66e01058d20974e19961adab4808beaaf9735871e930d4e
64a9c9903ca26501223b42fdb457ed157c4a228858959a319d8cc24e558c4628
666945c7806e7ca0f578b2f6e29cb49a6ead67947405b9cc20c822507e58a2f0
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
68b799f632b9ed0522ed5e4661080b5baa17fd25afa5a6f2db4ffe6938e97e64
696277a53e0fadd37c8f95083897cfc374913d15b3750e5c65c4d23c825bfd26
6963e940901f2253e772c121b1fc85f9dba8be8f0ffd244729aa3661bb882bd1
6b09ab91ef0e854ace3c6a716a4c991895665134c049e2ee0e7042e3936a4faa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d0bca701934ae0c62584d55895ee5a5de529d65de0c57554bc66d00d89a2baf
6eb5192637a387e3d7668495008dc35c84da61a63d00196eabb1bbfa8e36df00
6f3cbefd2688d25b4620990b72434ce9283142b261f31054066b2945305e9749
6f49890252ccc53de4f9e0beff96beb04282de8b3cda1a6a22e121a9662e9272
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
6f701fc2c9e1f5c1d9645c04fe3fd47140755e1058ea837da192b6b86ac48a22
6f8da09ca6230f1d30a8a66da6882cd2e980359a14e0e432d4ad6df0e1e7a93f
6fba3a8494e2ff25c58add9d0aaca8a7f46dce5a39fd2217840bbe4d16b58b3f
6fdb1b043fb81af745ae8aaccba02bccb26230096268f96d5efc7fe015e1b552
703b42b451ce0f6954694721e5f8c018cf39e1223e9e3b1afafdf10588214ef8
73639769981ab85a67bc2f5434fa4e1526bfd9082811fb47aaf5185f9a81db97
7385bc763c152d1fa3a4e2affb306f1920c1c8b2e18e78ae3d41dca5b7c01efa
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7928e247213c27b7ad860d98eb34eb5dff8613e92a7ed17aa4cde395bb429a5d
7a770609a8dfc6a90a1349e8727b85598db8a3842f49fbc52690a7f06fb02379
7aba2ac857312733116b755e037fd56ad47b6b1582633c10ad80e1d35ee1278f
7d8df2f63fd61f56589c8fa49f0a89e5eefab265904f0617376587ed731921c4
7e53f8a3e3e8746a823e1ecf07366ca1dc0ecb31c66e7227a976616bf6eed943
7ea317aa9be687422a8d21d7bceaa57d52badbe604c37596357ef4808bbe96a3
7fec7dc6703085ec7c4257b6a05d5cf0f4a58a86cccb1ceb7e6132a47ed566e7
8103fe73bd02943d332e107ec7727e3bf81c0107f99ced6d701ed5aa77da8c79
82f0f9d0692e46d8a3c37151ff71dba41e86d29f6769e273f44aaef83e18fbe9
830d4bf7fb1fc915c0c4f371cf1eef61f7f7a670feafe5cff3fc88ed92b0667b
83edbd441491de97daf1fbb9feaec03b4f7b37a2bbeb06f8cc388ae844ee2202
83fea0086d05ba283839462b65977a2a9d7291f371f9447afd66fd5f5cd49954
84566ea01c51bcc51743cafe4855ced2c7e1aafe7a004c9404c5cbe04484b222
847a98d7da27fe4d895e9b3a088ff63626bf570a45d7a55272a165f177ee7dc6
85be8ce9dd3eaf81791d73732b23db86603eb0a5dd79682b24ff0cc489939dc8
8646f990913280314d78040f4425afb9cfff69158cd49c41394acd6d6b8018a5
869689043fce802b62b0ef31c3fb2a8c63693448b3551e45e6a4ebbc0f89b1cf
86c0de0df565641f9d69ab45b5a17d52e03da33ca6e84981f2b5aed9215634f8
87feda490f73eafd4b34baf671cf87ab45e5ebf34a28a0fa343e9f720133cfae
88a9fd5c36af560b55d1754850d6ebf89a4e08c2970aba71bf6440033b15f8e4
8bfb6e67ec9a38d826842bb9e3a2ef166cf61ede4d02a05b1452f7e490b6df76
8d50c94e062cfbcd2b5b804e9bdb01755941dc851812cdbeea3c6dc928651f8c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eadab9423f2702a66110602270c4b6c86b1b522cb2d69b9b265402a77b848c0
9080759f8df9cc79344d1a219beb77cc9c65d37b609b4e5aed5e6ebf7594ae8a
916451191610a37574e4460b9f8bd614b964053eef35bfaaf17bf9fea8c1c164
92d0f502ca4e1fcfa45e10226c3ebdbad7f31d6f6cd6d9ec8ffe7b0455c724ad
92f9851b2be7b636c5e6016cf5911f10596b433e4bcbf651a704338988263976
949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf
954ad525fbd3f63698793792528aee6cb3a4f7c5fbd42510008bea09390cdf1a
95bc73be43b0cc4bc556e942ff9536f74c56d3ccf3d154ded074b0cfa65ac1ee
968f2ab0aaa9600d7513bbbe46297f462fab4a9463352a233097018b0e5880c5
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
97ef73303cd6eb428b3a4f4ba79469364ed5313e7630c44f55fd7475654032a3
98827c97e32fe6c74803813505ad0ea9d01f01fffd73eec050d7d4369ec4bb8d
99e99e78aa5d72f4c689ef34daa6793d7ef8fdd457c943aea998a970105e78e7
9a2166bdfeb3c6193107d5dc84642563d020982d84b0f96055c2e8011d62e638
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aff399c8788757d81fd9d3b9a9803f7ed62c1e30befc60b8feb79f30cf823c9
9b61bbcd3ab597630d1cf87ca03d6d773e70cac8b9e2f6c0c5a052455ca145d5
9c435fdb1cfed1ba722cbb9ad5d3eff8cd53c8ec48dec4a05e50abddd98850b0
9ccceeadb072c653875aadf3090bdafa410c592946042831c4d62112dd41b669
9df56aef2dfdd405b5abb564ecef9cea047895389f991422829dc37541af8ce2
9e1d3b643da45eab061083a2358e8ce527f2fbd77ef168c3b50162b5690abe3d
9e7be9920c406f5a11bef3efb0711360173dbbbceb98e9b465bb9bd801036a70
9f8f2560e0b77fbe957a1937f2e8790915d800a8dfe8e61ffdd3d8ab02d5a806
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1abff603e9f8d7856b61c74897cfeea629d65da3815c8708c0399d5e2513298
a2fffcc911b4a58af729375719d1248c780fb777d7236a3c45cacfa7e2784283
a34435da6643e514bb1521dc6517a1b6f8003152a94851575fe615cb1044deb4
a3a8c41a5c103793744c591438e56156b5d968594b3045bc2f60bd173d57f21e
a3bde2b0da6de425a5bf387a2cd2512996ae9f92a25c45ed03cd65d78f5431f2
a4539d8d776902ccb5ab151f172c3862dab9dab52650f7eedae49beb12df9c65
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5f1c0cb80abfbdd01f1bfaa73e105e348a6b552bffc98f4f0736cb333d6185f
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a703a8d5646f3f3b4f2841cd825713c12df07d8b7c6e67efb593a85f834dbe7c
a7993d2d8d1e84feef5eaa4d8c9dcbc44367875122baa1b6760d9150711f4577
a7dc22b340e053a60cdbc9541a6db65d56986efd05453971442906eea5dd2661
a930e71f1f6b81f55f426f33e4bc319268a7d248544bb80164a69e039d2100bf
aca3964ee0dc6ef1a098ec25393e1848ece9377864d67cf253369e1fc63cb7d6
ad0436699aef87d2488c671ab81c7fab881f9bb2f6432afce1ec33885139938f
ad8b9499872ab4125df05cff12379951dbe6ee05237365fcc1062c3ccdd71f13
b059dc1d15af5f40d94bf4aace678895a875f3b9716f21120e1efedc6a2417fa
b07c02accd42ac6ed308db863dee09bfe3b6edb82f8631016e4ff2a5df945b38
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3052cb4159c6c3da4cee05fc67f879dfc7c5cf59628a6fd37485cf4c685f60d
b3092d361d82fe15fff872f63ac99509275c8f279b2c62bef7c575614f2f379f
b327017eae04b5c626fad42f0d7c381aba2cf449f6b1382da1f4807f17e5bf5c
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5a246b6c88f2670a95d6fe57f9a25b104f3113e3bd8a4b7d8d16ccc906943db
b615b51697b6098bb772433dc103e1e0199638100eddbc3756ad33bd25305c5d
b65154985155bf9c3a61176265d32e6c74330aadd8b118f14ee4b8210eb6f4b9
b7408622be111fb1ba19384224cd1c20688edc9a4ec333631b37680977792f3e
b7733207cffdf30a54d5243350f4d55e696721a83a3022df349ce7ee17cbd3c2
b7e899aad2a16b73d7300aa0c68dd77aca13baf5c733b683c57ded31a296488d
b8681113a518231dc0c1f9de67164333fcdc4976029093c9a2c7dc349db46785
b9af18886800ebf227b11a81ca410d66688d3d2b6727008fff23fb6d9cd7ab0a
bb40c7e82e6518f95d198f0ab3c019f0120f69144a96491bd83ab28a341e78f7
bbffb8a33ab90fb09939d2dbd9fb41ee4842e3ee1b4f05797395527f8ed96811
c0063f08e0f02406de101dc668037a159fbf84f360b98fe95884621fafc87aee
c17c5df81223d06131578031e442b135b93a722fc5d09126a2161eaeb50146cf
c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15
c3f46591b98130936bf6e3bba275da666c8051f85dcf5f7f1511d5bde173d8cc
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
c6505987a0f8f6a271031660e4858a885ff3f7b24940a5f624583c84382a62f2
c68e97b48e35032a8d26a3d4bf79aa7e956f76f7b83b3279287beb51f6eab949
c70f109cb9b9a94bab92cb27b7fd115335b75e25ac211de529a3ad6fcb5f1094
c8468eb144c1c25e41e3ccb7f56363fb30c346481f48c775a10fef84b3afadea
c999f1230ac0239c0298ffb1abcb0d1b335ad99ec4b364da5a10b05c57f46f46
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ce336384d2577dad6b0a1ef9ab3fddfe81c590789bb9446054a618938dc35ae6
cf5108254f736c367c3de65426be74acc3bc98339f4e4aab6798c1df639f3b73
d0a88053a6bcec5790b7bac6e5ab69401585f5e27406179f27bc38275a4f6747
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d141d053ff24a649dd94a41f3d3b3d67ddac085c911d92527dccfd76f744239a
d1700f18ef55e185679304a2abe5c4e3437ddba92986c8246f4614598f9388c7
d292034e26d943368e926706861a1365f4a90ce943453585121937a298aca7b0
d2dd74760c6bfae0bf8b6a2c45466df2527ec54700dafb704eeec42644e18865
d3aabe8a9b5a9011cd3261e4070bc7e285cdbf4b6a51bf25e89973d50c1b3e6f
d4bf77f56ce990f2c0e3ba59497f1b7bd5fd981d1cfa9dbf411df833982c4a6e
d580027413c6732c52f706580a34e4d4d4bf12ae59c66d83df69a7bd6d9cb7ee
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
d8559a92711cb16cbf63ddd77813054761318a59fa2e1d58b8f557722bffe788
d98b496dcd07245c8d922b48a3ce138c3505a7c2d3a4269c7c05a906d5d4c7af
da64ff0b7508a600d9491d3b061938b15e06513db4af9e285a3ee9a0867c3980
da789ee54e37ec881f802b4f26d4a68a3ff149102fa4585ca6642ea41690bf63
db9edb604c0596bd3511b0ef8e333d0e71b1dca152768bf7ded03977870593d3
dc37d733f1e46092fe1a503fb59b8c65ecebb452f7eebaa96782f3a1cc579174
dcd00ebcff4043f9d89363aba25f26d60d1c8f9be2f1ed87302d7739a986378a
dd5a9599e1470118364c3c4eeec1a59ed078b6ea4c2bb521cf9dc201bae062c5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dee9bcb02878b6553e1ecedb49704d5b7f09c8522f3a978eaa91c6b986422626
dfb52641666bd84263c242a65c7155c2c39146bc6fedd17c56274ee52f0a32bb
e03f9a2140cbcc24fc457bc84201934b37cd821a4d3bd814e3425838ad547cf8
e067f918fe057e539a9e613459a1bc6d990ce67f157f905852fa9b39681791cb
e162d7edf1fcd93a4e11b454dab7acdcddc72c6e245aab5b132099e763dafe6a
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e37a9c99f2eb99e56c8dd52bab574a4bf56ed2e5308cb9704258f12cd25411c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a432c7220f64ffeafc1aa9ce09e17eeab4ba96536d8941554a12ebac4449e
e9b302c5c4cbb4e5219e16dac589d9e81bc340cf40cd26f841c4e957864937d6
ea0c59557e96f09888eda92f5dcd78f7da16f839744ad0e30fd612d94753a356
ebcc3b81f68c9b4d477ba24b6eaef89eb6c6c8f07f44c41801e78fbe49bf9335
ee0bc6080af27561e339017bd9bc5fe7ae12f1e3a4b5a9f1a7d441decdc929bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
efedfc3e9403ec88c16ccfe6108f8d49dc280c89e76c6fe967a89026cb7fec65
f0a0c7dd8cccf9f6242549757fbb6b960d4043d8f96fa6c8c2cc75afa972744a
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f2319de6546ebfa369395b6d5ca860c536643d3b7a145e190c56b4e4db11acc5
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f53e0cdd4e7362db59200b225bc1406f9fd0d7256480b34ffd995e76be7ef814
f697615483c57fdba224ad7baa9ae560f44e2ad58f2a8fbb7e6126ea529ab9db
f7b106bbf827ab693ed92b86529c7cd47aebea9128cf015251b7955221cf3584
f86800bab1802848fcdeb5d7328ccc02a6e60dcf58a84462c9ff706105ec3bfc
f886cb5306edad163eb596ce89d572c6206d6d022ee437fe4d0c0d50f4a0f005
f8f7c0a159a74d5c84de882fd98238cd201a4e34ac17e2927747ef8cfff75bc6
fb8f2f9670bc12ce8f0515cd1b559f5697f97c481342a097a59a079aef3c7b0a
fd6afbb8fbf9baa4aa3c52449436f2aec353c3e56b2f9b0cfc78dd58b0bd6808

www.on3.com Open in urlscan Pro 2606:4700:10::6816:42d2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

401 Requests

93 %HTTPS

43 %IPv6

53 Domains

78 Subdomains

63 IPs

6 Countries

5684 kBTransfer

13149 kBSize

50 Cookies

23 Outgoing links

Page URL History

Redirected requests

401 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.on3.com Open in urlscan Pro
2606:4700:10::6816:42d2 Public Scan

Screenshot
Live screenshot

Full Image

401
Requests

93 %
HTTPS

43 %
IPv6

53
Domains

78
Subdomains

63
IPs

6
Countries

5684 kB
Transfer

13149 kB
Size

50
Cookies

401 HTTP transactions
3 data transactions