urlscan.io logo urlscan.io
SecurityTrails logo

sports.creaders.net Open in urlscan Pro
52.24.243.235  Public Scan

Go To Rescan Add Verdict Report
URL: https://sports.creaders.net/
Submission: On August 02 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 66 IPs in 9 countries across 66 domains to perform 484 HTTP transactions. The main IP is 52.24.243.235, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is sports.creaders.net.
TLS certificate: Issued by Amazon on February 1st 2021. Valid for: a year.
This is the only time sports.creaders.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
28 52.24.243.235 16509 (AMAZON-02)
11 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2620:116:800d... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
10 142.250.184.226 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
7 13.224.90.44 16509 (AMAZON-02)
1 13.224.96.82 16509 (AMAZON-02)
1 2600:9000:219... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
14 213.19.147.43 26120 (RHYTHMONE)
1 2a04:4e42:3::485 54113 (FASTLY)
4 185.184.8.65 204995 (RTB-HOUSE...)
1 5 46.249.52.248 50673 (SERVERIUS-AS)
4 40 2606:4700:20:... 13335 (CLOUDFLAR...)
4 178.250.2.131 44788 (ASN-CRITE...)
8 185.33.221.89 29990 (ASN-APPNEX)
6 18.156.195.47 16509 (AMAZON-02)
4 147.75.38.124 54825 (PACKET)
4 185.64.189.112 62713 (AS-PUBMATIC)
7 184.31.84.150 16625 (AKAMAI-AS)
23 54.155.97.90 16509 (AMAZON-02)
1 13.224.96.109 16509 (AMAZON-02)
1 3.142.157.144 16509 (AMAZON-02)
11 2606:4700:21:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
37 2a00:1450:400... 15169 (GOOGLE)
23 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 142.250.185.130 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
10 2607:f8b0:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 64.233.167.155 15169 (GOOGLE)
3 3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
7 7 142.250.185.98 15169 (GOOGLE)
19 68 2.18.234.21 16625 (AKAMAI-AS)
18 25 142.250.181.226 15169 (GOOGLE)
16 19 37.252.172.249 29990 (ASN-APPNEX)
2 2a00:1450:400... 15169 (GOOGLE)
13 142.250.186.98 15169 (GOOGLE)
1 2a03:2880:f01... 32934 (FACEBOOK)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
2 2 23.45.99.241 16625 (AKAMAI-AS)
1 34.98.67.61 15169 (GOOGLE)
2 2 35.227.252.103 15169 (GOOGLE)
2 2 185.64.189.115 62713 (AS-PUBMATIC)
1 1 69.173.144.139 26667 (RUBICONPR...)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
10 10 72.251.249.13 29791 (VOXEL-DOT...)
1 5.178.65.245 50673 (SERVERIUS-AS)
8 178.162.133.149 60781 (LEASEWEB-...)
8 8 18.197.99.6 16509 (AMAZON-02)
12 13 18.156.0.31 16509 (AMAZON-02)
4 8 51.75.146.200 16276 (OVH)
4 51.89.9.254 16276 (OVH)
5 76.223.111.131 16509 (AMAZON-02)
2 2 63.35.200.21 16509 (AMAZON-02)
2 52.207.62.93 14618 (AMAZON-AES)
1 1 3.228.62.17 14618 (AMAZON-AES)
2 2 169.50.137.190 36351 (SOFTLAYER)
4 4 185.29.132.241 30419 (MEDIAMATH...)
4 4 52.86.210.192 14618 (AMAZON-AES)
1 37.157.3.29 198622 (ADFORM)
2 2 135.125.8.70 16276 (OVH)
1 169.197.150.7 398989 (DEEPINTENT)
1 54.171.168.191 16509 (AMAZON-02)
2 2a00:1288:110... 34010 (YAHOO-IRD)
1 37.252.173.38 29990 (ASN-APPNEX)
2 3 104.111.242.53 16625 (AKAMAI-AS)
1 1 2001:678:cb4:... 56396 (TURN)
484 66
28    52.24.243.235 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-243-235.us-west-2.compute.amazonaws.com
sports.creaders.net
www.creaders.net
pub.creaders.net
11    2606:4700:10::ac43:1faa (United States)

ASN13335 (CLOUDFLARENET, US)
services.bilsyndication.com
biltag.bilsyndication.com
assets.bilsyndication.com
stats.bilsyndication.com
2    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
edge.quantserve.com
cms.quantserve.com
3    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.com
10    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
7    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
7    13.224.90.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-90-44.zrh50.r.cloudfront.net
c.amazon-adsystem.com
1    13.224.96.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-82.zrh50.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
1    2600:9000:2190:1000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
14    213.19.147.43 (United Kingdom)

ASN26120 (RHYTHMONE, US)
targeting.unrulymedia.com
1    2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
4    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
5    46.249.52.248 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
40    2606:4700:20::ac43:47f1 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
4    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
8    185.33.221.89 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs-simple.com
6    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
4    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
7    184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
23    54.155.97.90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
prebid.ad.smaato.net
1    13.224.96.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-109.zrh50.r.cloudfront.net
certify.alexametrics.com
1    3.142.157.144 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-142-157-144.us-east-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
11    2606:4700:21::681b:cf5c (United States)

ASN13335 (CLOUDFLARENET, US)
px.vliplatform.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
15    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
37    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
23    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
10    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
10    2607:f8b0:4006:804::2003 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
6    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    64.233.167.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f155.1e100.net
bid.g.doubleclick.net
3    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
4    2a00:1450:4001:61::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r4---sn-4g5e6nsd.c.2mdn.net
7    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
68    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
js-sec.indexww.com
ssum-sec.casalemedia.com
25    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
19    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    2a00:1450:4001:69::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r4---sn-4g5ednse.c.2mdn.net
13    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
ade.googlesyndication.com
1    2a03:2880:f01c:8004:face:b00c:0:8c (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
ad.atdmt.com
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    23.45.99.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rtb.openx.net
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2a05:d01c:1d8:8101:939a:325c:ab79:c5b3 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
10    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    5.178.65.245 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
u-ams02.e-planning.net
8    178.162.133.149 (Madrid, Spain)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
8    18.197.99.6 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
13    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ups.analytics.yahoo.com
8    51.75.146.200 (France)

ASN16276 (OVH, FR)
PTR: p11.id5-sync.com
id5-sync.com
4    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
5    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
2    63.35.200.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
2    52.207.62.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rtb.adentifi.com
1    3.228.62.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.extend.tv
2    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
4    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    52.86.210.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
beacon.lynx.cognitivlabs.com
1    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    135.125.8.70 (France)

ASN16276 (OVH, FR)
gu.dyntrk.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    54.171.168.191 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
dpm.demdex.net
2    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    37.252.173.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
3    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
Apex Domain
Subdomains		 Transfer
74 googlesyndication.com
6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
338 KB
67 casalemedia.com
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
69 KB
67 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
bid.g.doubleclick.net
cm.g.doubleclick.net
253 KB
40 quantumdex.io
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
17 KB
28 creaders.net
sports.creaders.net
www.creaders.net
pub.creaders.net
4 MB
23 smaato.net
prebid.ad.smaato.net
8 KB
21 yahoo.com
c2shb.ssp.yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
16 KB
20 adnxs.com
ib.adnxs.com
secure.adnxs.com
16 KB
19 2mdn.net
s0.2mdn.net
gcdn.2mdn.net
r4---sn-4g5e6nsd.c.2mdn.net
r4---sn-4g5ednse.c.2mdn.net
7 MB
16 gstatic.com
csi.gstatic.com
fonts.gstatic.com
93 KB
14 unrulymedia.com
targeting.unrulymedia.com
1 KB
11 vliplatform.com
px.vliplatform.com
6 KB
11 google-analytics.com
ssl.google-analytics.com
www.google-analytics.com
36 KB
11 bilsyndication.com
services.bilsyndication.com
biltag.bilsyndication.com
assets.bilsyndication.com
stats.bilsyndication.com
354 KB
10 lijit.com
ap.lijit.com
5 KB
10 googleapis.com
imasdk.googleapis.com
fonts.googleapis.com
497 KB
8 id5-sync.com
id5-sync.com
11 KB
8 advertising.com
pixel.advertising.com
3 KB
8 sonobi.com
sync.go.sonobi.com
4 KB
8 indexww.com
js-sec.indexww.com
8 KB
8 adnxs-simple.com
ib.adnxs-simple.com
7 KB
7 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com Failed
37 KB
6 pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
ads.pubmatic.com Failed
1 KB
6 e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
4 KB
5 adsrvr.org
match.adsrvr.org
1 KB
5 google.com
adservice.google.com
www.google.com
941 B
5 criteo.com
bidder.criteo.com
gum.criteo.com
1 KB
4 cognitivlabs.com
beacon.lynx.cognitivlabs.com
1 KB
4 mathtag.com
sync.mathtag.com
2 KB
4 onetag-sys.com
onetag-sys.com
3 KB
4 a-mo.net
prebid.a-mo.net
986 B
4 creativecdn.com
prebid-eu.creativecdn.com
724 B
4 googletagservices.com
www.googletagservices.com
126 KB
3 owneriq.net
px.owneriq.net
1 KB
3 google.de
adservice.google.de
409 B
2 dyntrk.com
gu.dyntrk.com
850 B
2 simpli.fi
um.simpli.fi
1 KB
2 adentifi.com
rtb.adentifi.com
176 B
2 adroll.com
d.adroll.com
223 B
2 openx.net
rtb.openx.net
758 B
2 addthis.com
e.dlx.addthis.com
1 KB
2 criteo.net
static.criteo.net
52 KB
2 quantserve.com
edge.quantserve.com
cms.quantserve.com
9 KB
1 turn.com
ad.turn.com
425 B
1 demdex.net
dpm.demdex.net
1 deepintent.com
match.deepintent.com
44 B
1 adform.net
c1.adform.net
331 B
1 extend.tv
sync.extend.tv
546 B
1 innovid.com
ag.innovid.com
296 B
1 rubiconproject.com
pixel.rubiconproject.com
460 B
1 mookie1.com
odr.mookie1.com
324 B
1 atdmt.com
ad.atdmt.com
1 KB
1 googletagmanager.com
www.googletagmanager.com
40 KB
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
47 B
1 alexametrics.com
certify.alexametrics.com
552 B
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
1 quantcount.com
rules.quantcount.com
436 B
1 cloudfront.net
d31qbv1cthcecs.cloudfront.net
2 KB
0 adotmob.com Failed
sync.adotmob.com Failed
0 crwdcntrl.net Failed
bcp.crwdcntrl.net Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 adgrx.com Failed
cm.adgrx.com Failed
0 w55c.net Failed
pm.w55c.net Failed
0 ctnsnet.com Failed
cm.ctnsnet.com Failed
0 sharethrough.com Failed
match.sharethrough.com Failed
0 advangelists.com Failed
nep.advangelists.com Failed
484 66
Domain Requested by
39 dsum-sec.casalemedia.com 13 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
32 sync.quantumdex.io assets.bilsyndication.com
sync.quantumdex.io
ssum-sec.casalemedia.com
32 cm.g.doubleclick.net 25 redirects googleads.g.doubleclick.net
6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
32 pagead2.googlesyndication.com securepubads.g.doubleclick.net
sports.creaders.net
6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
s0.2mdn.net
23 tpc.googlesyndication.com securepubads.g.doubleclick.net
6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
sports.creaders.net
tpc.googlesyndication.com
imasdk.googleapis.com
s0.2mdn.net
23 prebid.ad.smaato.net assets.bilsyndication.com
21 ssum-sec.casalemedia.com 6 redirects sync.quantumdex.io
ssum-sec.casalemedia.com
js-sec.indexww.com
19 ib.adnxs.com 16 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
15 googleads.g.doubleclick.net 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
sports.creaders.net
15 sports.creaders.net sports.creaders.net
14 targeting.unrulymedia.com assets.bilsyndication.com
13 ups.analytics.yahoo.com 12 redirects ssum-sec.casalemedia.com
13 ade.googlesyndication.com
11 px.vliplatform.com sports.creaders.net
10 ap.lijit.com 10 redirects
10 csi.gstatic.com imasdk.googleapis.com
10 s0.2mdn.net 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
sports.creaders.net
s0.2mdn.net
10 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
9 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
8 id5-sync.com 4 redirects sync.quantumdex.io
8 pixel.advertising.com 8 redirects
8 sync.go.sonobi.com sync.quantumdex.io
8 js-sec.indexww.com assets.bilsyndication.com
ssum-sec.casalemedia.com
8 ib.adnxs-simple.com assets.bilsyndication.com
8 pub.creaders.net sports.creaders.net
7 htlb.casalemedia.com assets.bilsyndication.com
7 c.amazon-adsystem.com biltag.bilsyndication.com
c.amazon-adsystem.com
7 imasdk.googleapis.com biltag.bilsyndication.com
6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
6 fonts.gstatic.com fonts.googleapis.com
6 googleads4.g.doubleclick.net sports.creaders.net
6 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 c2shb.ssp.yahoo.com assets.bilsyndication.com
5 match.adsrvr.org ssum-sec.casalemedia.com
5 ads.us.e-planning.net 1 redirects sports.creaders.net
assets.bilsyndication.com
5 www.creaders.net sports.creaders.net
4 beacon.lynx.cognitivlabs.com 4 redirects
4 sync.mathtag.com 4 redirects
4 onetag-sys.com sync.quantumdex.io
4 ms.quantumdex.io 4 redirects
4 r4---sn-4g5e6nsd.c.2mdn.net 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
4 hbopenbid.pubmatic.com assets.bilsyndication.com
4 prebid.a-mo.net assets.bilsyndication.com
4 bidder.criteo.com assets.bilsyndication.com
4 useast.quantumdex.io assets.bilsyndication.com
4 prebid-eu.creativecdn.com assets.bilsyndication.com
4 assets.bilsyndication.com biltag.bilsyndication.com
4 www.googletagservices.com sports.creaders.net
securepubads.g.doubleclick.net
6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 gcdn.2mdn.net 3 redirects
3 bid.g.doubleclick.net imasdk.googleapis.com
3 fonts.googleapis.com 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
3 biltag.bilsyndication.com services.bilsyndication.com
biltag.bilsyndication.com
2 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
2 gu.dyntrk.com 2 redirects
2 um.simpli.fi 2 redirects
2 rtb.adentifi.com ssum-sec.casalemedia.com
2 d.adroll.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 rtb.openx.net 2 redirects
2 e.dlx.addthis.com 2 redirects
2 static.criteo.net assets.bilsyndication.com
static.criteo.net
2 r4---sn-4g5ednse.c.2mdn.net
2 stats.bilsyndication.com biltag.bilsyndication.com
2 www.google.com 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
tpc.googlesyndication.com
2 ssl.google-analytics.com 1 redirects sports.creaders.net
2 services.bilsyndication.com sports.creaders.net
services.bilsyndication.com
1 ad.turn.com 1 redirects
1 secure.adnxs.com ssum-sec.casalemedia.com
1 dpm.demdex.net ssum-sec.casalemedia.com
1 match.deepintent.com ssum-sec.casalemedia.com
1 c1.adform.net ssum-sec.casalemedia.com
1 sync.extend.tv 1 redirects
1 u-ams02.e-planning.net
1 gum.criteo.com static.criteo.net
1 ag.innovid.com 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
1 pixel.rubiconproject.com 1 redirects
1 odr.mookie1.com 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
1 cms.quantserve.com 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
1 ad.atdmt.com s0.2mdn.net
1 www.googletagmanager.com biltag.bilsyndication.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com sports.creaders.net
1 certify.alexametrics.com sports.creaders.net
1 cdn.jsdelivr.net assets.bilsyndication.com
1 stats.g.doubleclick.net sports.creaders.net
1 rules.quantcount.com edge.quantserve.com
1 d31qbv1cthcecs.cloudfront.net sports.creaders.net
1 edge.quantserve.com sports.creaders.net
0 sync.adotmob.com Failed ssum-sec.casalemedia.com
0 bcp.crwdcntrl.net Failed ssum-sec.casalemedia.com
0 match.prod.bidr.io Failed ssum-sec.casalemedia.com
0 cm.adgrx.com Failed ssum-sec.casalemedia.com
0 pm.w55c.net Failed ssum-sec.casalemedia.com
0 cm.ctnsnet.com Failed ssum-sec.casalemedia.com
0 s.amazon-adsystem.com Failed ssum-sec.casalemedia.com
0 match.sharethrough.com Failed sync.quantumdex.io
0 nep.advangelists.com Failed sync.quantumdex.io
ssum-sec.casalemedia.com
0 ads.pubmatic.com Failed assets.bilsyndication.com
sync.quantumdex.io
484 99
Subject Issuer Validity Valid
*.creaders.net
Amazon		 2021-02-01 -
2022-03-02		 a year crt.sh
bilsyndication.com
Cloudflare Inc ECC CA-3		 2021-06-08 -
2022-06-07		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-28 -
2021-09-20		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
ads.us.e-planning.net
R3		 2021-08-01 -
2021-10-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
*.adnxs-simple.com
GeoTrust ECC CA 2018		 2021-03-17 -
2022-03-15		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-18 -
2021-09-08		 6 months crt.sh
*.a-mo.net
R3		 2021-07-16 -
2021-10-14		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
smaato.net
Sectigo ECC Organization Validation Secure Server CA		 2020-07-28 -
2022-10-04		 2 years crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
certify.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2020-09-10 -
2021-10-10		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-07-05 -
2021-09-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-07-05 -
2021-09-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2021-07-20 -
2021-09-28		 2 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.atlassolutions.com
DigiCert SHA2 High Assurance Server CA		 2021-07-06 -
2021-10-04		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018		 2020-02-07 -
2022-04-07		 2 years crt.sh
*.e-planning.net
R3		 2021-06-04 -
2021-09-02		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.id5-sync.com
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
onetag-sys.com
R3		 2021-07-26 -
2021-10-24		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
adentifi.com
Amazon		 2020-10-02 -
2021-11-02		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-22 -
2021-09-15		 6 months crt.sh
*.owneriq.net
GeoTrust RSA CA 2018		 2021-01-29 -
2022-02-02		 a year crt.sh

This page contains 55 frames:

Primary Page: https://sports.creaders.net/
Frame ID: 7A4791926471384175CD8273BEECE48E
Requests: 156 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Frame ID: 82E54EBBAED9833C9CE1C0A936C834E7
Requests: 10 HTTP requests in this frame

Frame: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3ED583DDCEB1497944F8DAF14ED0CE6B
Requests: 1 HTTP requests in this frame

Frame: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 706AD1DC6B1AA9DCD168DE31562C4A1B
Requests: 35 HTTP requests in this frame

Frame: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 71D1221D54756407524C67000F025833
Requests: 35 HTTP requests in this frame

Frame: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E1F1C724E4753A705E1E8D21C55CEC45
Requests: 14 HTTP requests in this frame

Frame: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7CC754592A227EB2B338E6B2FE9EE09A
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNiEVRDrv6gCGMnr5a0BMAE&v=APEucNXmDdkim_quF2hxh7PSLILN4insGcrbN5PCPeD7CPjv1ieLqtqs2oVw3Z2fBRpL1K__TzOQRsMYVrge8V1ThI1XjrW0t3uVRpU2FoGcpyRSjA0-rtLXhmnuuUEmy028HlorEjbzsnCSFnu-d_TnDh5535NngxLaVIQ84zmNwVqk_igcvSs
Frame ID: A6955C33D091B865FF84996C25392878
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: B93BAF91FCEC499CF7BD33587B0EC467
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 63FEC0B5014B4F336682916A658CA0FE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8E8F0AD6EC2C1EDAF561C05ACAA683C9
Requests: 3 HTTP requests in this frame

Frame: https://biltag.bilsyndication.com/passback/?t=1627751911&d=357&z=7050&divID=vi_3577050_490&w=1024&h=90
Frame ID: 93A36DE5DC76ACF1B655B79C9A561C05
Requests: 3 HTTP requests in this frame

Frame: https://biltag.bilsyndication.com/passback/?t=1627751911&d=357&z=7056&divID=vi_3577056_978&w=300&h=600
Frame ID: 89AC633D126A4CDCE5E2A6A55198FC50
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 7AD3A04419CD036BF32DF8AE0BFAFDFB
Requests: 3 HTTP requests in this frame

Frame: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BFADA40213BC99AF2C1E31245B0013CD
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 57D9E4CE911B00D28C768E0C9CD9EFD6
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-nKBD9yigYm9PkZzAB&v=APEucNWmcYXt7WTzVnKrHoWlak8UoNoAOFMf8QiiMtcOfbjdISsl1C35lKgr26azw27Zxag7y3naipeZwEHAijg5XRvzG_B8BSIjDfr1wJUClSkq7wp_ZvG1XpfAecQQXmSEhqTLUVS9Ad51DXP02CfE8xSHm0ICl_sn_trt1rSGAs6a7iepjJE
Frame ID: DC22EF8477698A02176E0ED1058F40E2
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 0C6068B63B73204A32D33D1E8BB13C9D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61777632/20210507023546467/index.html?e=69&leftOffset=0&topOffset=0&c=ryNUuQSWeo&t=1&renderingType=2
Frame ID: 04B08CB3CA35F50F97AF948E72AE62C7
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9ABC982AF9B9E3AE41CCFF6A0E56C292
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DDA28CD5C43E932011A272B1652FF6BF
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=sports.creaders.net&gdpr=1&gdpr_consent=
Frame ID: 201C311D923C18BF751331D814EBAC3C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
Frame ID: 4167CB1E776448DB4F33018159E5C428
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 51BB5C049288301B8E722EB58DB5233C
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 79F4B6EA3EE8425F21510DF26863204E
Requests: 11 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 913E5E22170D4DB209F88384B3967BF8
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
Frame ID: 4AC240D1BE7903E7B0B87DDD65800075
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
Frame ID: 3DAC0966AC5DBF383ADE2CA17433CDEE
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0AF3E9FD86BAC2E510AC034264196112
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 031DA9EB717D55802E476BFC9D8FF50E
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: C54C1DCA1CCDF65457D21C3B480C8B94
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
Frame ID: 08F9EA462E6062D9398020E1E8421792
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: FA2F7663DEC42000985B6C902FC1F990
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4FAD9562BB59D970265D48AB1AA74A50
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
Frame ID: 1B5C3584B208EC10011E92343A54D4E6
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: B95C676CE2D07D56607B219D7B6EED82
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: EAE1820F44B85C3A6486FFF0FB3AD8E7
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: A698B837AC5BE2A0FDBB20A555A21A37
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 2C537488A3E228FAC08B288E0928B793
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 93FC1B261C2D281B9D9A24B449605CA5
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: D0E7F95564CCFA4F94F7DB04334ED947
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 7A93768B1288A47D2D16EC08BA620164
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 2DCFFAA6D8C866E77D6563BD993E5787
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: C97F807D719F7D6789565259D6CD6376
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: D76A001DFDC9AFDFDB0DF4FCFB300897
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: BE5BBB81B0ABABC809987281C78A36AA
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 1F4F441515D8FCF5ACEB06DD75DFB65D
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 030C8452F8064A70D96050726A12EF06
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: D6E3A134A92B739747859F5626C4979F
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 842381FFF81409CE85EE7D45FDC2B968
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 3AC74FAE8FF15C114279051CF9ACD202
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 89611B829D1D760501E70CDEE63F2982
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: BA5F2FEE505D120BE7E85AAD924382BA
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: E06F80368070921B6C20F10440DAACE7
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5D0A0F3DE9158FE1470A2AAFFEB46E13
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Page Statistics

484
Requests

93 %
HTTPS

41 %
IPv6

66
Domains

99
Subdomains

66
IPs

9
Countries

13154 kB
Transfer

16995 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=89370913&utmhn=sports.creaders.net&utmcs=GBK&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E4%BD%93%E5%9D%9B%E5%B9%BF%E8%A7%92%20-%20%E4%B8%87%E7%BB%B4%E8%AF%BB%E8%80%85%E7%BD%91&utmhid=1008776955&utmr=-&utmp=%2F&utmht=1627917543174&utmac=UA-3412968-2&utmcc=__utma%3D77545162.561253751.1627917543.1627917543.1627917543.1%3B%2B__utmz%3D77545162.1627917543.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=702799221&utmredir=1&utmu=DBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3412968-2&cid=561253751.1627917543&jid=702799221&_v=5.7.2&z=89370913
Request Chain 48
  • https://ads.us.e-planning.net/pbjs/1/2c995/1/sports.creaders.net/ROS?rnd=0.027419579045198317&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fsports.creaders.net%2F&pbv=5.5.0&ncb=1&vs=F&crs=GBK&fr=https%3A%2F%2Fsports.creaders.net%2F&gdpr=1&gdprcs= HTTP 302
  • https://ads.us.e-planning.net/hb/1/2c995/1/sports.creaders.net/ROS?ct=1&r=pbjs&rnd=0.027419579045198317&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fsports.creaders.net%2F&pbv=5.5.0&ncb=1&vs=F&crs=GBK&fr=https%3A%2F%2Fsports.creaders.net%2F&gdpr=1&gdprcs=
Request Chain 228
  • https://gcdn.2mdn.net/videoplayback/id/61ae0c5f1ddc0749/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1659453544/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/8ED8BD9D503A9BA8DFDD2A5ED5EB484387AEA63D.99EB4D00D2DE55A50A7E56A33B4CAB3A86E09D5C/key/ck2/file/file.mp4 HTTP 302
  • https://r4---sn-4g5e6nsd.c.2mdn.net/videoplayback/id/61ae0c5f1ddc0749/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1659453544/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/19BF7D51FB25277218213314A5791444EDDE5FC8.3DB3A666957E7FAD5D23DC339A4DD28700B4EBBF/key/cms1/cms_redirect/yes/mh/sC/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nsd/ms/onc/mt/1627916444/mv/m/mvi/4/pl/52/file/file.mp4
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH2TESnxpv_E6CLI7Ot3dPY&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH2TESnxpv_E6CLI7Ot3dPY&google_cver=1&C=1
Request Chain 232
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YQgM6Sny7S9BASUqim0ZawAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH2TESnxpv_E6CLI7Ot3dPY&google_cver=1
Request Chain 233
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEI4USKEZX1FZdYbIeCS0x2s&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEI4USKEZX1FZdYbIeCS0x2s%26google_cver%3D1
Request Chain 234
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk5MTQ1NjczOTY2NDA0NTY4
Request Chain 236
  • https://gcdn.2mdn.net/videoplayback/id/61ae0c5f1ddc0749/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1659453544/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/48E99A6FD4E93307B543C551A008B8DD1B203B33.50EE03A80AFECCF70B391CB1DE73AD61C99DF3F5/key/ck2/file/file.mp4 HTTP 302
  • https://r4---sn-4g5ednse.c.2mdn.net/videoplayback/id/61ae0c5f1ddc0749/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1659453544/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5517CBE2289FD38538486ED954B05D6B7644F17C.74311AD0380B4C1C74B1D6CFA25E7B9DE24DDBE0/key/cms1/cms_redirect/yes/mh/sC/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednse/ms/onc/mt/1627917400/mv/m/mvi/4/pl/52/file/file.mp4
Request Chain 245
  • https://gcdn.2mdn.net/videoplayback/id/61ae0c5f1ddc0749/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1659453544/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/8D719EAD5301E7E428E41CD95270063FDA49B85D.7F99CF6062A7C653C28CADE7E23D73E2E413F9C7/key/ck2/file/file.mp4 HTTP 302
  • https://r4---sn-4g5e6nsd.c.2mdn.net/videoplayback/id/61ae0c5f1ddc0749/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1659453544/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0289D9FCAEB9463C1C569B1999F986C792C7ED0F.37E2B974C1BE3B097125A7EE5A02CC3F9ADC4DC3/key/cms1/cms_redirect/yes/mh/sC/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nsd/ms/onc/mt/1627916444/mv/m/mvi/4/pl/52/file/file.mp4
Request Chain 274
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH2TESnxpv_E6CLI7Ot3dPY&google_cver=1
Request Chain 275
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YQgM6Sl6EZkh9GFWFEzFZQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH2TESnxpv_E6CLI7Ot3dPY&google_cver=1
Request Chain 276
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEI4USKEZX1FZdYbIeCS0x2s&google_cver=1
Request Chain 277
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ2MTgzMTg0NjI2ODIyODQ3MQ%3D%3D
Request Chain 298
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPL_Oph1WeXYiAr6Gwt5MYV8WpzW0Kcx5QnwvtzvVXJuKEhRIpP24tS7VZrD-fOSwQi7BTw-Za3-vcuJHFYUMh21GypFJew&google_gid=CAESEOm-MyRkFSyriM_0S3OpUv8&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPL_Oph1WeXYiAr6Gwt5MYV8WpzW0Kcx5QnwvtzvVXJuKEhRIpP24tS7VZrD-fOSwQi7BTw-Za3-vcuJHFYUMh21GypFJew&google_gid=CAESEOm-MyRkFSyriM_0S3OpUv8&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MDIxNTE5MDYwMDA1MTk0NDMxNTgxNw%3D%3D&google_push=AYg5qPL_Oph1WeXYiAr6Gwt5MYV8WpzW0Kcx5QnwvtzvVXJuKEhRIpP24tS7VZrD-fOSwQi7BTw-Za3-vcuJHFYUMh21GypFJew
Request Chain 300
  • https://rtb.openx.net/sync/dds?google_gid=CAESENrwTn8H1v6o3Z5DirKacSo&google_cver=1&google_push=AYg5qPItMuQvZLu9yQilJl7KHIHw0kKLdAFhTNpiDxZHG3pbKHdD_naemYS8fOx7WnxhCIoTObkNCdtIY6tZ-5sv2PsvursjCuw HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESENrwTn8H1v6o3Z5DirKacSo&google_cver=1&google_push=AYg5qPItMuQvZLu9yQilJl7KHIHw0kKLdAFhTNpiDxZHG3pbKHdD_naemYS8fOx7WnxhCIoTObkNCdtIY6tZ-5sv2PsvursjCuw&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPItMuQvZLu9yQilJl7KHIHw0kKLdAFhTNpiDxZHG3pbKHdD_naemYS8fOx7WnxhCIoTObkNCdtIY6tZ-5sv2PsvursjCuw&google_hm=CeC_aiJ3yBEe_bAH8YQR4g==
Request Chain 301
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOHyqWsdjL54k14vtAmtfwM&google_cver=1&google_push=AYg5qPJTqH_Fx_eIvNWPu84L1fZ2bza7OtLmys2T3jxcfg-LOqOzMvssIo1ER-ZpAu61Kz2uQmSPVw4aG3hZIMkQSfSy9XnNYM8 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOHyqWsdjL54k14vtAmtfwM&google_cver=1&google_push=AYg5qPJTqH_Fx_eIvNWPu84L1fZ2bza7OtLmys2T3jxcfg-LOqOzMvssIo1ER-ZpAu61Kz2uQmSPVw4aG3hZIMkQSfSy9XnNYM8&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VUbBEmeAT8O8RP-GPh--mQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJTqH_Fx_eIvNWPu84L1fZ2bza7OtLmys2T3jxcfg-LOqOzMvssIo1ER-ZpAu61Kz2uQmSPVw4aG3hZIMkQSfSy9XnNYM8
Request Chain 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMtH2H9x8BmQluZddSjtrJs&google_cver=1&google_push=AYg5qPIWAeYzMlht5wW-y_V79u1s2-f0XVviBylktWqiStD9aBi1f4XsRKWFf0e0j1CVlwyGCuQbs5xvHecgrAvJee2JHjb9H6M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JVUzJQSVAtMTYtQ0pOVg==&google_push=AYg5qPIWAeYzMlht5wW-y_V79u1s2-f0XVviBylktWqiStD9aBi1f4XsRKWFf0e0j1CVlwyGCuQbs5xvHecgrAvJee2JHjb9H6M
Request Chain 337
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3Da480c21f339daaa2%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3Da480c21f339daaa2%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=a480c21f339daaa2&uid=5a16366db3c9033ce6281819
Request Chain 339
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6979629460396125427
Request Chain 340
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=434c2b17-0d20-4677-be69-647cca2dfbf1
Request Chain 342
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPfd75211f-f3a4-11eb-a60c-060fa35d3244 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfd75211f-f3a4-11eb-a60c-060fa35d3244
Request Chain 344
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 345
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=b276676ba9e9a77b13e7cb72
Request Chain 346
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-wwbUiyBE2uE5Pp_dMj.YQJnoB4Sa3cOm7P7ZkHg-~A
Request Chain 347
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6979629460396125427
Request Chain 350
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 353
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-20EuJiVE2uFSG3r6BA2rfqvFIFoGo.ZHkV0cw30-~A
Request Chain 354
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6979629460396125427
Request Chain 356
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6979629460396125427
Request Chain 357
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=1f206a50-3f4c-413f-af47-5279e486acb6
Request Chain 360
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPfd72d7ad-f3a4-11eb-821a-02407095623c HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfd72d7ad-f3a4-11eb-821a-02407095623c
Request Chain 361
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f1e48458acc48389f8f755f0
Request Chain 362
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 363
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 367
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2493422777243295428
Request Chain 368
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-fD4JdXNE2uH56R4tksH9vnGE1bP.XgI6ypWgAdw-~A
Request Chain 369
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2493422777243295428
Request Chain 371
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=533e196b-4641-4f54-8caa-9e6f65bc5cd0
Request Chain 374
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPfd72d7ad-f3a4-11eb-821a-02407095623c HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfd72d7ad-f3a4-11eb-821a-02407095623c
Request Chain 375
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=03fcf601c570f28d1150005f
Request Chain 376
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 377
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 382
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6979629460396125427
Request Chain 383
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=4bba8790-04cf-42cb-adbc-8648c8484b20
Request Chain 386
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPfd84152c-f3a4-11eb-825e-0688c0ee18ee HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfd84152c-f3a4-11eb-825e-0688c0ee18ee
Request Chain 387
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=6351de0ceb6ac9a01e361602
Request Chain 388
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 389
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ASpw5vVE2uFa0kzu_qtwU3LiEn_HjyuKjB3ioRU-~A
Request Chain 390
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6979629460396125427
Request Chain 391
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 396
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQgM679bwsdCcAmCqTYwIAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDtmUb9BpVlVv7IumP3Yazw&google_cver=1&gdpr=1
Request Chain 397
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQgM65m_RitZy6N1jRSiugAABHoAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YQgM65m_RitZy6N1jRSiugAABHoAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGtq4ZBUPVTu4zZTSJK5k1w&google_cver=1
Request Chain 399
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 402
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=b669caf3-5174-41fe-aecd-1e30f4fb8b25
Request Chain 405
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQgM679bwsdCcAmCqTYwIAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDtmUb9BpVlVv7IumP3Yazw&google_cver=1&gdpr=1
Request Chain 406
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQgM679bwsdCcAmCqTYwGwAABH0AAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YQgM679bwsdCcAmCqTYwGwAABH0AAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG-MtrIrquHMjqAxRvyEsnw&google_cver=1
Request Chain 408
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=3E90CDE22B8746A69F1AB1429FD30F1C&gdpr=1
Request Chain 411
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=fc3e6108-0cf6-4100-89e8-4857afe7ca46&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=fc3e6108-0cf6-4100-89e8-4857afe7ca46&gdpr=1&gdpr_consent=&C=1
Request Chain 413
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQgM679bwsdCcAmCqTYwIAAABJUAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YQgM679bwsdCcAmCqTYwIAAABJUAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEzWtfriwAk7ICmZvhtKUBk&google_cver=1
Request Chain 414
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQgM679bwsdCcAmCqTYwIAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDtmUb9BpVlVv7IumP3Yazw&google_cver=1&gdpr=1
Request Chain 417
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=1c4b32bf-7965-4a6c-a129-6b4d1b0ccf44&expiration=1659453559
Request Chain 419
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=787d6108-0cf6-4900-9315-6560708917aa&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=787d6108-0cf6-4900-9315-6560708917aa&gdpr=1&gdpr_consent=&C=1
Request Chain 422
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQgM679bwsdCcAmCqTYwIgAABHcAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YQgM679bwsdCcAmCqTYwIgAABHcAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENmAlUR34MJ-6JhwNKBczr0&google_cver=1
Request Chain 423
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQgM679bwsdCcAmCqTYwIgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDtmUb9BpVlVv7IumP3Yazw&google_cver=1&gdpr=1
Request Chain 426
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=05fd1016-7964-42f5-b61c-403c517e5a63&expiration=1659453559
Request Chain 429
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 439
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 440
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 444
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQgM78BOTUOAFbZELY3mzAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENXKpeFBgKvdRM9xQIBJn0Q&google_cver=1&gdpr=1
Request Chain 445
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQgM78BOTUOAFbZELY3mzAAABKQAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YQgM78BOTUOAFbZELY3mzAAABKQAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEIGydzzdOzCYgfGuIGalvzI&google_cver=1
Request Chain 453
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQgM78BOTUOAFbZELY3mzAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENXKpeFBgKvdRM9xQIBJn0Q&google_cver=1&gdpr=1
Request Chain 454
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQgM78BOTUOAFbZELY3mzAAABKQAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBHkNsDqJgOuWOHO-liPJ1M&google_cver=1
Request Chain 462
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQgM7wlFKlWrvDsRLyIriwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENXKpeFBgKvdRM9xQIBJn0Q&google_cver=1&gdpr=1
Request Chain 463
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQgM7wlFKlWrvDsRLyIriwAABGMAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECeSBF5uvpyhd4W1ZIPGDrI&google_cver=1
Request Chain 465
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F6C920E14DD5447B8ED663176CD22F03&gdpr=1
Request Chain 466
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 467
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9ca86108-0cf6-4800-bfd9-75bcdbe3c8e1&gdpr=1&gdpr_consent=
Request Chain 468
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=2e4f4a36-b1b5-495b-a8c2-d1957d274cc1&expiration=1659453559
Request Chain 473
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=454f6108-0cf6-4800-bb63-f706538680e8&gdpr=1&gdpr_consent=
Request Chain 474
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=afeceb3b-23b8-4642-9e24-ffb06c3360fb&expiration=1659453559
Request Chain 475
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6812039521422700970&uid=Q6812039521422700970&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 476
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3822592058279628007

484 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sports.creaders.net/ 		74 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sports.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
673f4b7149c8520a151e8faf182dce1761e752a05f4cb045b58f83b6e4576d7d

Request headers

:method
GET
:authority
sports.creaders.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:02 GMT
content-type
text/html
content-length
11648
server
Apache
last-modified
Mon, 02 Aug 2021 06:56:03 GMT
vary
Accept-Encoding
content-encoding
gzip
etag
0a66d31b71271d2795e3831579871c08
css_news.css
sports.creaders.net/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sports.creaders.net/css/css_news.css
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
029ac234ca70d4f4fe20ce0bae17d17899e66450c7f0a042640df204dd35713f

Request headers

:path
/css/css_news.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
sports.creaders.net
referer
https://sports.creaders.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:02 GMT
content-encoding
gzip
last-modified
Wed, 30 Jun 2021 02:02:10 GMT
server
Apache
etag
"21d3-5c5f21c3e35c8"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1695
index.css
sports.creaders.net/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sports.creaders.net/css/index.css
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
e5832426bfa99cbb796219cdaeb42831593dd5a932180bc517e9872d1e71c0f0

Request headers

:path
/css/index.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
sports.creaders.net
referer
https://sports.creaders.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:02 GMT
content-encoding
gzip
last-modified
Wed, 30 Jun 2021 02:02:10 GMT
server
Apache
etag
"f74-5c5f21c3e3d98"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1195
tpl.js
www.creaders.net/js/ 		1 KB
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.creaders.net/js/tpl.js
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
2f3ad0ffe6ce43c17ea893eef15fb5e5949ccdd71fcce39454ef371f3cbb6d53

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
content-encoding
gzip
last-modified
Wed, 26 Aug 2020 01:36:07 GMT
server
Apache
etag
"513-5adbdd7fe0ead"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
722
/
services.bilsyndication.com/adv1/ 		950 B
976 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.bilsyndication.com/adv1/?d=357
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04e7904cb250fb37f8402f9c67f588c7404b0cf76bd753b607c970ab38275d97
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 2 Aug 2021 15:19:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
678848419d23e003-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
on, 01 Jan 1970 00:00:00 GMT
n002.gif
pub.creaders.net/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/images/n002.gif
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
26c91f9904feb1cc67789d4326e2ad5f1424bbaa79c1656258b78fb04aaa74ca

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
last-modified
Sat, 18 Jul 2020 03:13:21 GMT
server
Apache
etag
"19f5-5aaaea7e07dfa"
vary
Host
content-type
image/gif
accept-ranges
bytes
content-length
6645
n003.gif
pub.creaders.net/images/ 		99 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/images/n003.gif
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
2994be2f45b82c0111c6aa02e0c0041213d6bc88c6f0ffaaac7b8698c6d28e33

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
last-modified
Sat, 18 Jul 2020 03:13:21 GMT
server
Apache
etag
"63-5aaaea7e07dfa"
vary
Host
content-type
image/gif
accept-ranges
bytes
content-length
99
index_18.gif
www.creaders.net/images/ 		170 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.creaders.net/images/index_18.gif
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
15d102746c4da4e0c776010d065962a5f3dbfbc5f03865314f1530bdf6b4ef1d

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
last-modified
Sat, 18 Jul 2020 03:13:20 GMT
server
Apache
accept-ranges
bytes
etag
"aa-5aaaea7d58563"
content-length
170
content-type
image/gif
n009.gif
pub.creaders.net/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/images/n009.gif
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
ff15386077cf11cff7a0f29be53c3e4dc22a2fbd97d11a252fa018a530c6e049

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
last-modified
Sat, 18 Jul 2020 03:13:21 GMT
server
Apache
etag
"b88-5aaaea7e081e2"
vary
Host
content-type
image/gif
accept-ranges
bytes
content-length
2952
sport_03.gif
sports.creaders.net/css/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.creaders.net/css/images/sport_03.gif
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
0939e17ea482277309565f2ff645472131847e9d6af541fd4326dd9d402cb00f

Request headers

:path
/css/images/sport_03.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sports.creaders.net
referer
https://sports.creaders.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
last-modified
Sat, 18 Jul 2020 03:13:21 GMT
server
Apache
accept-ranges
bytes
etag
"1b97-5aaaea7e2143a"
content-length
7063
content-type
image/gif
20210801_16278872525731.png
pub.creaders.net/upload_files/image/202108/ 		509 KB
510 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/upload_files/image/202108/20210801_16278872525731.png
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
ee8ee18080b951c2c1526a104a89004f43c20a76552f8e13d155b73d10150240

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
last-modified
Mon, 02 Aug 2021 06:54:13 GMT
server
AmazonS3
x-amz-request-id
T9FV0JBYC0HH8H9N
etag
"5709cc12f9da670835aa8e5f89ad91c8"
content-type
image/png
content-length
520878
x-amz-id-2
D9tbMmxHiO6YwaqzJR5902AJt5GQwAFQ6nAvSghImH5wigpPFMcc2ajubD+13Cg+0mwA/4P98f4=
ch.gif
sports.creaders.net/css/images/ 		44 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.creaders.net/css/images/ch.gif
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
88449c82e7a23c07452ad519b7f146375d4e7f76ea8454c83bca4cb5c0b99ac0

Request headers

:path
/css/images/ch.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sports.creaders.net
referer
https://sports.creaders.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
last-modified
Wed, 30 Jun 2021 02:02:10 GMT
server
Apache
accept-ranges
bytes
etag
"2c-5c5f21c3e35c8"
content-length
44
content-type
image/gif
site_footer.js
www.creaders.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.creaders.net/site_footer.js?lang=gb2312
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
d04743b817670ec7d457c36b9106e73d00b52572986fa762163963c2fe221eca

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:02 GMT
content-encoding
gzip
last-modified
Wed, 30 Jun 2021 02:02:10 GMT
server
Apache
etag
"623-5c5f21c3e35c8"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
881
quant.js
edge.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.quantserve.com/quant.js
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:02 GMT
content-encoding
gzip
etag
"WhyxmPkT7L77qVDcrjxwGw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 09 Aug 2021 15:19:02 GMT
gpt.js
www.googletagservices.com/tag/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d88101d98dde040d3c74ae33a33dfa4fc001d6a9a5bb51cf4370236546a2d91a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"946 / 473 of 1000 / last-modified: 1627902595"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24676
x-xss-protection
0
expires
Mon, 02 Aug 2021 15:19:02 GMT
/
services.bilsyndication.com/uv/ 		13 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.bilsyndication.com/uv/?page_url=https%3A%2F%2Fsports.creaders.net%2F&mtk=357
Requested by
Host: services.bilsyndication.com
URL: https://services.bilsyndication.com/adv1/?d=357
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:03 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 2 Aug 2021 15:19:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
access-control-allow-origin
https://sports.creaders.net
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
6788484379bb2c26-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
13
x-xss-protection
1; mode=block
expires
on, 01 Jan 1970 00:00:00 GMT
48fa7cd880dd48ce89b6a7d4785f9ea2.js
biltag.bilsyndication.com/v1/1627751911/ 		548 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://biltag.bilsyndication.com/v1/1627751911/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Requested by
Host: services.bilsyndication.com
URL: https://services.bilsyndication.com/adv1/?d=357
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
860b5e091460d215bed614dc09546612002a6dc4db5225961adabfc374ad49e1
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:02 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
165616
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-ray
678848436858e003-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
n001.gif
pub.creaders.net/images/ 		163 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/images/n001.gif
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
532d1b672b4e88e57516bfa7b7b1c1966d50b2dd69068d0bbbc6aaeda1183767

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
last-modified
Sat, 18 Jul 2020 03:13:21 GMT
server
Apache
etag
"a3-5aaaea7e07dfa"
vary
Host
content-type
image/gif
accept-ranges
bytes
content-length
163
n004.gif
pub.creaders.net/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/images/n004.gif
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
cddfefaea79ad2c90e1ad4a51487ea3819cbaeb0aed3e52636536116565a3e09

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
last-modified
Sat, 18 Jul 2020 03:13:21 GMT
server
Apache
etag
"55f-5aaaea7e07dfa"
vary
Host
content-type
image/gif
accept-ranges
bytes
content-length
1375
n005.gif
pub.creaders.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/images/n005.gif
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
83495b5cbb78284d01d23bd648fbbc0a713d674d9710064ecfddf89f78303730

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
last-modified
Sat, 18 Jul 2020 03:13:21 GMT
server
Apache
etag
"84f-5aaaea7e07dfa"
vary
Host
content-type
image/gif
accept-ranges
bytes
content-length
2127
n006.gif
pub.creaders.net/images/ 		344 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/images/n006.gif
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
275d7165ad5036632c0a917ac54e8d706f3bb125bf7ded6f8a98b1f69344eb02

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
last-modified
Sat, 18 Jul 2020 03:13:21 GMT
server
Apache
etag
"158-5aaaea7e07dfa"
vary
Host
content-type
image/gif
accept-ranges
bytes
content-length
344
breaking_07.gif
sports.creaders.net/css/images/ 		703 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.creaders.net/css/images/breaking_07.gif
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/css/css_news.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
468105a416628c4603144ba5cdbfd77ab46d1db51bbcb26b812222db144be10f

Request headers

:path
/css/images/breaking_07.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sports.creaders.net
referer
https://sports.creaders.net/css/css_news.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sports.creaders.net/css/css_news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
last-modified
Sat, 18 Jul 2020 03:13:21 GMT
server
Apache
accept-ranges
bytes
etag
"2bf-5aaaea7e20c6a"
content-length
703
content-type
image/gif
headline_27.gif
sports.creaders.net/css/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.creaders.net/css/images/headline_27.gif
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/css/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
303f05687a3f6f2cacd67b53725ce8e685c888a03004ef75088addc738e33f89

Request headers

:path
/css/images/headline_27.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sports.creaders.net
referer
https://sports.creaders.net/css/index.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sports.creaders.net/css/index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
last-modified
Wed, 30 Jun 2021 02:02:10 GMT
server
Apache
accept-ranges
bytes
etag
"747-5c5f21c3e35c8"
content-length
1863
content-type
image/gif
headline_15.gif
sports.creaders.net/css/images/ 		974 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.creaders.net/css/images/headline_15.gif
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/css/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
e861abb7755bd29d42ec2b19e515f49a839bd9489dbc80e08408aa26ab9376d6

Request headers

:path
/css/images/headline_15.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sports.creaders.net
referer
https://sports.creaders.net/css/index.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sports.creaders.net/css/index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
last-modified
Wed, 30 Jun 2021 02:02:10 GMT
server
Apache
accept-ranges
bytes
etag
"3ce-5c5f21c3e35c8"
content-length
974
content-type
image/gif
breaking_.gif
sports.creaders.net/css/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.creaders.net/css/images/breaking_.gif
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/css/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
3584cbc749907cd753e08ae52d676970b47e059641bbc172287648c07f453c95

Request headers

:path
/css/images/breaking_.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sports.creaders.net
referer
https://sports.creaders.net/css/index.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sports.creaders.net/css/index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
last-modified
Sat, 18 Jul 2020 03:13:21 GMT
server
Apache
accept-ranges
bytes
etag
"2312-5aaaea7e20c6a"
content-length
8978
content-type
image/gif
pubads_impl_2021072801.js
securepubads.g.doubleclick.net/gpt/ 		325 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
7a55fbb0fb94ea6ed9f0c1dcbca21e2b25263e908910b76723004db784786ed8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Jul 2021 08:38:40 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115904
x-xss-protection
0
expires
Mon, 02 Aug 2021 15:19:03 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		281 B
807 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=sports.creaders.net
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
215580481c6f4550e6a18d2bbf4c9cd48d385e08e5b625c24c32462c2f155325
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Aug 2021 15:19:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
150
x-xss-protection
0
expires
Mon, 02 Aug 2021 15:19:03 GMT
sport_07-03.gif
sports.creaders.net/css/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.creaders.net/css/images/sport_07-03.gif
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/css/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
c45ef9d5942ff84de20ac3fed59f8c769add4fdc7472d624577ab4314648a420

Request headers

:path
/css/images/sport_07-03.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sports.creaders.net
referer
https://sports.creaders.net/css/index.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sports.creaders.net/css/index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
last-modified
Sat, 18 Jul 2020 03:13:21 GMT
server
Apache
accept-ranges
bytes
etag
"f8a-5aaaea7e2143a"
content-length
3978
content-type
image/gif
no.png
sports.creaders.net/css/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.creaders.net/css/images/no.png
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/css/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
6e30a5af72433f14acab63380229f1bd8e789a1e2add432887b2ecf587dd2af7

Request headers

:path
/css/images/no.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sports.creaders.net
referer
https://sports.creaders.net/css/index.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sports.creaders.net/css/index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
last-modified
Wed, 30 Jun 2021 02:02:10 GMT
server
Apache
accept-ranges
bytes
etag
"71f-5c5f21c3e35c8"
content-length
1823
content-type
image/png
sport_07.jpg
sports.creaders.net/css/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.creaders.net/css/images/sport_07.jpg
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/css/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
d3e425bf2470258d90e637de907163f2723ea34e9b3e66c374abc8b638d1ed3b

Request headers

:path
/css/images/sport_07.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sports.creaders.net
referer
https://sports.creaders.net/css/index.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sports.creaders.net/css/index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
last-modified
Wed, 30 Jun 2021 02:02:10 GMT
server
Apache
accept-ranges
bytes
etag
"6fab-5c5f21c3e39b0"
content-length
28587
content-type
image/jpeg
sport_07-04.jpg
sports.creaders.net/css/images/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.creaders.net/css/images/sport_07-04.jpg
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/css/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
1becf557de72ddd37b27651828ff7913bcd3b44ddd1be1fe2bfa51a2564e0c8e

Request headers

:path
/css/images/sport_07-04.jpg
pragma
no-cache
cookie
__vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1627924743081}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sports.creaders.net
referer
https://sports.creaders.net/css/index.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sports.creaders.net/css/index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
last-modified
Wed, 30 Jun 2021 02:02:10 GMT
server
Apache
accept-ranges
bytes
etag
"6bc6-5c5f21c3e39b0"
content-length
27590
content-type
image/jpeg
cmp-v2.0.1.js
assets.bilsyndication.com/plugins/cmptcf2/ 		267 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627751911/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
896814
cf-polished
origSize=489839
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Tue, 29 Dec 2020 02:18:12 GMT
server
cloudflare
etag
W/"5fea91e4-7796f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
678848448a23e003-FRA
expires
Fri, 23 Jul 2021 06:42:09 GMT
prebid-v5.5.3.js
assets.bilsyndication.com/prebid/default/ 		442 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627751911/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a974efc87878229939b0d19942592a6e298be88c332e6821e7d6a5499f4f8088
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
341471
cf-polished
origSize=453257
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Thu, 29 Jul 2021 16:27:43 GMT
server
cloudflare
etag
W/"6102d6ff-6ea89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
678848448a27e003-FRA
expires
Thu, 29 Jul 2021 16:57:52 GMT
viPlayer_v47.min.js
assets.bilsyndication.com/plugins/vlPlayer/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bilsyndication.com/plugins/vlPlayer/viPlayer_v47.min.js
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627751911/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
820940626c8b0ea4d61278c472b9f3f4b02358cbba4c85c0bb22c1d14584b806
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
629722
cf-ray
678848448a26e003-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 26 Jul 2021 08:09:01 GMT
server
cloudflare
etag
W/"60fe6d9d-3700"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
x-robots-tag
noindex, nofollow
expires
Mon, 26 Jul 2021 08:53:41 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627751911/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119640
x-xss-protection
0
expires
Mon, 02 Aug 2021 15:19:03 GMT
sf_host.min.js
assets.bilsyndication.com/plugins/safeframe/src/js/ 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bilsyndication.com/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627751911/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2031094
cf-ray
678848448a29e003-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
etag
W/"5dbbbcf2-9806"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
x-robots-tag
noindex, nofollow
expires
Sat, 10 Jul 2021 03:37:29 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		123 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627751911/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cdBhoWYDE8U.miXtMaq72_QdUztpgDZw
content-encoding
gzip
server
Server
age
658
etag
f8520ea4ebd91256d6b4f461d472242a
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
cache-control
public, max-age=900
date
Mon, 02 Aug 2021 15:08:05 GMT
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
7YMejgnEAC_fULKYuvOe1GcvobQZ9RUFUFjRomGslaqqcAWdicuNeA==
sport_07-05.jpg
sports.creaders.net/css/images/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.creaders.net/css/images/sport_07-05.jpg
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/css/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
4e29c454521145f35a0efd7a0d7b35fb8674a76e8e4a228a21f615b0b01b8652

Request headers

:path
/css/images/sport_07-05.jpg
pragma
no-cache
cookie
__vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1627924743081}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sports.creaders.net
referer
https://sports.creaders.net/css/index.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sports.creaders.net/css/index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
last-modified
Wed, 30 Jun 2021 02:02:10 GMT
server
Apache
accept-ranges
bytes
etag
"6d1e-5c5f21c3e39b0"
content-length
27934
content-type
image/jpeg
sport_07-06.jpg
sports.creaders.net/css/images/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sports.creaders.net/css/images/sport_07-06.jpg
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/css/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
9f65d08c28b1ff5d7c481414c396df528494d52dd6c0515b97af5b1de7349ff5

Request headers

:path
/css/images/sport_07-06.jpg
pragma
no-cache
cookie
__vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1627924743081}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sports.creaders.net
referer
https://sports.creaders.net/css/index.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sports.creaders.net/css/index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
last-modified
Wed, 30 Jun 2021 02:02:10 GMT
server
Apache
accept-ranges
bytes
etag
"7405-5c5f21c3e39b0"
content-length
29701
content-type
image/jpeg
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-82.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
8370696
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
ZRH50-C1
X-Amz-Cf-Id
ZyjFyZG5N9mfPwNVlhAddVo5W7mprxCdOLxGjgwNVibBhV20s6LCuA==
rules-p-e4UytPLDQQKlw.js
rules.quantcount.com/ 		3 B
436 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-e4UytPLDQQKlw.js
Requested by
Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:1000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 05:44:58 GMT
via
1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
age
34480
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 21:01:36 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-amz-cf-id
JzsruhKnr2lxxDJ0522fLVyL8ieOoD9EFoxujte1WQ897t2crAVhQw==
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
2228
date
Mon, 02 Aug 2021 14:41:55 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Mon, 02 Aug 2021 16:41:55 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=89370913&utmhn=sports.creaders.net&utmcs=GBK&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E4%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3412968-2&cid=561253751.1627917543&jid=702799221&_v=5.7.2&z=89370913
35 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3412968-2&cid=561253751.1627917543&jid=702799221&_v=5.7.2&z=89370913
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 02 Aug 2021 15:19:03 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:03 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3412968-2&cid=561253751.1627917543&jid=702799221&_v=5.7.2&z=89370913
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
366
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://sports.creaders.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Mon, 02 Aug 2021 15:19:03 GMT
access-control-allow-origin
https://sports.creaders.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://sports.creaders.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Mon, 02 Aug 2021 15:19:03 GMT
access-control-allow-origin
https://sports.creaders.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UwMoja_wiYmXZ_L.v58hX8_8XzeYFzV9
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
36352
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 01 Jul 2021 22:05:10 GMT
server
AmazonS3
date
Mon, 02 Aug 2021 05:13:12 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
ijOcd7F5n4CJJTBTqjCiBS-3ssUEa6k3KIsFGH_v3KYkr2l9d_z_Qg==
config
c.amazon-adsystem.com/cdn/prod/ 		0
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsports.creaders.net%2F&pubid=9cf0c4f1-7630-476b-9141-f4472e005192
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://sports.creaders.net
cache-control
max-age=86087, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
3NhLxgw3TUNuw8Y7brpdNDokKJq3qaNwkqpPlD8lUbt7fAdP_5oTIQ==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210802
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
62290156a07fc7cfde54501840f4b04fcc9561d8d9ccb0e725b269b78e00fe44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
520
x-jsd-version
1.0.1057
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
948
etag
W/"69f-CcHxbwzDRPXildaUwMHfUSO6Gq8"
x-served-by
cache-fra19137-FRA
x-jsd-version-type
version
date
Mon, 02 Aug 2021 15:19:03 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sports.creaders.net
date
Mon, 02 Aug 2021 15:19:03 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
ROS
ads.us.e-planning.net/hb/1/2c995/1/sports.creaders.net/
Redirect Chain
  • https://ads.us.e-planning.net/pbjs/1/2c995/1/sports.creaders.net/ROS?rnd=0.027419579045198317&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fsports.creaders.net%2F&pbv=5.5.0&n...
  • https://ads.us.e-planning.net/hb/1/2c995/1/sports.creaders.net/ROS?ct=1&r=pbjs&rnd=0.027419579045198317&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fsports.creaders.net%2F&p...
494 B
912 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/2c995/1/sports.creaders.net/ROS?ct=1&r=pbjs&rnd=0.027419579045198317&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fsports.creaders.net%2F&pbv=5.5.0&ncb=1&vs=F&crs=GBK&fr=https%3A%2F%2Fsports.creaders.net%2F&gdpr=1&gdprcs=
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
bcb51defe2eacd40a2a444b834d0d4ac952935851e32f2dac1a0c9a78adea19e

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://sports.creaders.net
expires
Mon, 02 Aug 2021 15:19:03 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
494
x-sid
AMS-747

Redirect headers

date
Mon, 02 Aug 2021 15:19:03 GMT
server
openresty
access-control-allow-origin
https://sports.creaders.net
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2c995/1/sports.creaders.net/ROS?ct=1&r=pbjs&rnd=0.027419579045198317&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fsports.creaders.net%2F&pbv=5.5.0&ncb=1&vs=F&crs=GBK&fr=https%3A%2F%2Fsports.creaders.net%2F&gdpr=1&gdprcs=
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-747
quantumdex
useast.quantumdex.io/auction/ 		0
618 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://sports.creaders.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvklxM0DSxreNmNjCPTAb16rMWqPvBLIcUudpEjrOX%2Bs%2FzxqtFbiiGoQV8Q9qzide7oaaivNSDYvAT5srK8HEjY7U%2FtBhWjRsNJ8ov9k4PCNBM7x23R2qkr0IVVXOZ7TP%2FRjkCBvTwGCMPyX1%2F4tLV0b"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
678848464f07d6fd-FRA
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.5.0&cb=38781931417
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sports.creaders.net
date
Mon, 02 Aug 2021 15:19:02 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs-simple.com/ut/v3/ 		256 B
946 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
549111dcfbc4712627479bd74f1091a081dcf3a446fa1252051792e68d04b97f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-Proxy-Origin
82.102.19.124; 82.102.19.124; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid
a16150ae-643b-4286-8135-bc012e5df226
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sports.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
256
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs-simple.com/ut/v3/ 		250 B
940 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
cd8e163a8fe9b76f2dea46f1a38b172792a24d61b5b50ed046299b1e8f244232
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-Proxy-Origin
82.102.19.124; 82.102.19.124; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid
54c8e3e3-b3d2-439d-a47a-6e5ce40ac600
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sports.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
250
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3c46f80069&cmd=bid&secure=1&gdpr=1
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
49a853e29302663d9915afb18b5a968efa6547fa37eb70864ef443daf22dd52b

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 02 Aug 2021 15:19:03 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
c
prebid.a-mo.net/a/ 		0
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sports.creaders.net
date
Mon, 02 Aug 2021 15:19:03 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
33
vary
origin, Accept-Encoding
translator
hbopenbid.pubmatic.com/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sports.creaders.net
date
Mon, 02 Aug 2021 15:19:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		24 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=529072&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22252f1cb97800eb%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fsports.creaders.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A2%2C%22ren%22%3Atrue%2C%22version%22%3A%225.5.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222685ee2b4e5ff06%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22250x250%22%7D%7D%2C%7B%22w%22%3A200%2C%22h%22%3A200%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22200x200%22%7D%7D%2C%7B%22w%22%3A180%2C%22h%22%3A150%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22180x150%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valueimpression.com%22%2C%22sid%22%3A%22279%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6e1328eab517f20fb089677c4fa877a655ad8d220b34fac552e01cb7e473a962

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:03 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.124], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://sports.creaders.net
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
28
expires
Mon, 02 Aug 2021 15:19:03 GMT
cygnus
htlb.casalemedia.com/ 		24 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=529072&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22252f1cb97800eb%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fsports.creaders.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A2%2C%22ren%22%3Atrue%2C%22version%22%3A%225.5.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2227b952142741a69%22%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22300x168%22%7D%2C%22video%22%3A%7B%22maxduration%22%3A120%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22playbackmethod%22%3A%5B6%5D%2C%22playerSize%22%3A%5B%5B300%2C168%5D%5D%2C%22placement%22%3A4%2C%22w%22%3A300%2C%22h%22%3A168%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valueimpression.com%22%2C%22sid%22%3A%22279%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6e1328eab517f20fb089677c4fa877a655ad8d220b34fac552e01cb7e473a962

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:03 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.124], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://sports.creaders.net
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
28
expires
Mon, 02 Aug 2021 15:19:03 GMT
prebid
prebid.ad.smaato.net/oapi/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-SMT-SessionId
5a7e50d2-3422-45a5-8b95-94cf621c608e
prebid
prebid.ad.smaato.net/oapi/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-SMT-SessionId
a3608a69-6ebf-4619-a4bb-e51658c5c6d7
prebid
prebid.ad.smaato.net/oapi/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-SMT-SessionId
cf03ac16-6f1d-4443-9565-c106854f9683
prebid
prebid.ad.smaato.net/oapi/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-SMT-SessionId
b9e5ae7a-44d6-4b48-89fc-78e0f2aa88c2
prebid
prebid.ad.smaato.net/oapi/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-SMT-SessionId
43f0f520-7510-4cf7-8f27-e67cc4772c1b
unruly_prebid
targeting.unrulymedia.com/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://sports.creaders.net
pragma
no-cache
date
Mon, 02 Aug 2021 15:19:03 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
unruly_prebid
targeting.unrulymedia.com/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://sports.creaders.net
pragma
no-cache
date
Mon, 02 Aug 2021 15:19:03 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsports.creaders.net%2F&pid=ITzNNKwudXyyh&cb=0&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%5D%2C%22sn%22%3A%22Amazon%22%7D%5D&cfgv=0&schain=1.0%2C1!interdogmedia.com%2C279%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://sports.creaders.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
aHBny6K96DEeA4aEl_i4qnDs8M85jZiwLvtZC8zvKcZfSOA9pLNEFA==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsports.creaders.net%2F&pid=ITzNNKwudXyyh&cb=1&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22Amazon%22%7D%5D&cfgv=0&schain=1.0%2C1!interdogmedia.com%2C279%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://sports.creaders.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
0OxiqZaw8uoR6nJ5DzMr-ab19zMPWZ8BOtRQuOUbU0N63r6ioLwGQg==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsports.creaders.net%2F&pid=ITzNNKwudXyyh&cb=2&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%2C%22300x600%22%2C%22250x250%22%2C%22120x600%22%5D%2C%22sn%22%3A%22Amazon%22%7D%5D&cfgv=0&schain=1.0%2C1!interdogmedia.com%2C279%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://sports.creaders.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
sScGxYX7Az9101p_iSydES1bHWs_0QfL-iKMbx5aDHbgm6FbzOy9AA==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsports.creaders.net%2F&pid=ITzNNKwudXyyh&cb=3&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22Amazon%22%7D%5D&cfgv=0&schain=1.0%2C1!interdogmedia.com%2C279%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://sports.creaders.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
BgKeIbGDu_YoTCNrVOfF4sOdCTLAIGIeEEPOSfmfFhCdaL5o8QXMtw==
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=%E4%BD%93%E5%9D%9B%E5%B9%BF%E8%A7%92%20-%20%E4%B8%87%E7%BB%B4%E8%AF%BB%E8%80%85%E7%BD%91&time=1627917543477&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fsports.creaders.net%2F&random_number=19774004723&sess_cookie=a0dac10717b0772683196dd02de&sess_cookie_flag=1&user_cookie=a0dac10717b0772683196dd02de&user_cookie_flag=1&dynamic=true&domain=creaders.net&account=gYXUm1a4KM+2mh&jsv=20130128&user_lang=en-US
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-109.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 03:30:10 GMT
Via
1.1 4e0fd86f7afa735e772d6f7fe5e91f5b.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
42533
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
ZRH50-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
Vix8xZQyPHaoI1t8kyQq_6FvKDAMQuuDE8lIryT5GLkSHRrKjHLxXQ==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.142.157.144 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-142-157-144.us-east-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
server
Server
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://sports.creaders.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Mon, 02 Aug 2021 15:19:03 GMT
access-control-allow-origin
https://sports.creaders.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://sports.creaders.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Mon, 02 Aug 2021 15:19:03 GMT
access-control-allow-origin
https://sports.creaders.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
cygnus
htlb.casalemedia.com/ 		24 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=529072&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2237ea8e38900ba5%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fsports.creaders.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A4%2C%22msi%22%3A4%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A2%2C%22ren%22%3Atrue%2C%22version%22%3A%225.5.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22387c7bd68afd04%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22336x280%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22250x250%22%7D%7D%2C%7B%22w%22%3A200%2C%22h%22%3A200%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22200x200%22%7D%7D%2C%7B%22w%22%3A180%2C%22h%22%3A150%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22180x150%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valueimpression.com%22%2C%22sid%22%3A%22279%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e49713e70e94b33680d86e6b14851e72b6488600a384fa2c4fd2dff22ed01cb2

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:03 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.124], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://sports.creaders.net
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
28
expires
Mon, 02 Aug 2021 15:19:03 GMT
cygnus
htlb.casalemedia.com/ 		24 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=529072&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2237ea8e38900ba5%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fsports.creaders.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A2%2C%22ren%22%3Atrue%2C%22version%22%3A%225.5.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2239e564d0e722eb3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22336x189%22%7D%2C%22video%22%3A%7B%22maxduration%22%3A120%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22playbackmethod%22%3A%5B6%5D%2C%22playerSize%22%3A%5B%5B336%2C189%5D%5D%2C%22placement%22%3A4%2C%22w%22%3A336%2C%22h%22%3A189%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valueimpression.com%22%2C%22sid%22%3A%22279%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e49713e70e94b33680d86e6b14851e72b6488600a384fa2c4fd2dff22ed01cb2

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:03 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.124], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://sports.creaders.net
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
28
expires
Mon, 02 Aug 2021 15:19:03 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sports.creaders.net
date
Mon, 02 Aug 2021 15:19:03 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs-simple.com/ut/v3/ 		250 B
940 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
64cc87df35d66dc80113900c62bcd8f646c9be2ae4292a875ad691cdfd8dcc9c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-Proxy-Origin
82.102.19.124; 82.102.19.124; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid
148b1137-1065-4038-a3f6-4e9332c2f83b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sports.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
250
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.ad.smaato.net/oapi/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-SMT-SessionId
b7e4ceb2-a415-4ac1-9bf1-b39f22de9b7d
prebid
prebid.ad.smaato.net/oapi/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Mon, 02 Aug 2021 15:19:02 GMT
X-SMT-SessionId
f6b4e45c-e7b9-4302-a1e7-87001cd361d0
prebid
prebid.ad.smaato.net/oapi/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-SMT-SessionId
f63df90c-41c8-4e43-a624-f15dabaffaac
prebid
prebid.ad.smaato.net/oapi/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-SMT-SessionId
4a85f728-4c24-4eb6-bac3-0fd9706bbd33
prebid
prebid.ad.smaato.net/oapi/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-SMT-SessionId
1e897c4f-ecde-48f7-b0f3-c232521ea122
prebid
prebid.ad.smaato.net/oapi/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-SMT-SessionId
50da22aa-216f-4ff1-9f4b-424e9a889d1a
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sports.creaders.net
date
Mon, 02 Aug 2021 15:19:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ROS
ads.us.e-planning.net/pbjs/1/2c995/1/sports.creaders.net/ 		634 B
958 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/pbjs/1/2c995/1/sports.creaders.net/ROS?rnd=0.027419579045198317&e=300x250_0%3A300x250%2C250x250%2C336x280%2C200x200%2C180x150&ur=https%3A%2F%2Fsports.creaders.net%2F&pbv=5.5.0&ncb=1&vs=F&crs=GBK&fr=https%3A%2F%2Fsports.creaders.net%2F&gdpr=1&gdprcs=
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b03e49e0b58b9de249dd59bc6f5bb965f9e3e7c0859627d932e8bd1985f5590a

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://sports.creaders.net
expires
Mon, 02 Aug 2021 15:19:03 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
634
x-sid
AMS-747
prebid
ib.adnxs-simple.com/ut/v3/ 		262 B
952 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
acf1a557052a3bb1442975b9ee3a7cc6b7e2a40bdae30d04cde6a4acb69ab60a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:04 GMT
X-Proxy-Origin
82.102.19.124; 82.102.19.124; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid
ee44b96a-1d74-44f8-9d67-f9b897ad4b1d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sports.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
262
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sports.creaders.net
date
Mon, 02 Aug 2021 15:19:03 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
31
vary
origin, Accept-Encoding
quantumdex
useast.quantumdex.io/auction/ 		0
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://sports.creaders.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FB1TuIdDGgPJ5gzsAg8rjMjvey4RhcCeOaYGs7PoHvDH%2FVu1CHbaocv5AM3HXFqpYjD%2Be%2F83CL0E0suv%2FjYy%2F0M1AacI6x4ilYhbQ6uoLJI8grqer226ABFXWttP4hGsFuYXHdTJGP%2BpdHLnjl2eJJca"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6788484768d2d6fd-FRA
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3c46f80069&cmd=bid&secure=1&gdpr=1
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
59b82a140f4cf778b52718c2230b773b45736f3b3b41fa4aee7e713c9ed15688

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 02 Aug 2021 15:19:03 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.5.0&cb=50119574769
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sports.creaders.net
date
Mon, 02 Aug 2021 15:19:02 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
unruly_prebid
targeting.unrulymedia.com/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://sports.creaders.net
pragma
no-cache
date
Mon, 02 Aug 2021 15:19:03 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
unruly_prebid
targeting.unrulymedia.com/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://sports.creaders.net
pragma
no-cache
date
Mon, 02 Aug 2021 15:19:03 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://sports.creaders.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Mon, 02 Aug 2021 15:19:03 GMT
access-control-allow-origin
https://sports.creaders.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://sports.creaders.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Mon, 02 Aug 2021 15:19:03 GMT
access-control-allow-origin
https://sports.creaders.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
c
prebid.a-mo.net/a/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sports.creaders.net
date
Mon, 02 Aug 2021 15:19:03 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
33
vary
origin, Accept-Encoding
prebid
prebid.ad.smaato.net/oapi/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-SMT-SessionId
71d43259-59db-4355-96cc-d100e18ff066
prebid
prebid.ad.smaato.net/oapi/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-SMT-SessionId
60d15ca8-394c-4a44-9315-4f9340b6f6c4
prebid
prebid.ad.smaato.net/oapi/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-SMT-SessionId
8d251c48-5373-43f0-bafb-2fdc47054773
prebid
prebid.ad.smaato.net/oapi/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-SMT-SessionId
c740b101-64dc-40cc-82b3-b6a22e2010d2
prebid
prebid.ad.smaato.net/oapi/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-SMT-SessionId
d885022b-7f2e-4c60-baf4-aab8cb3f8ecb
prebid
prebid.ad.smaato.net/oapi/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-SMT-SessionId
21dbe3af-29dd-4f87-9036-aa6ffee8f752
prebid
prebid.ad.smaato.net/oapi/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-SMT-SessionId
776f8d0a-a538-49b4-bcdd-06a38fb580e2
prebid
prebid.ad.smaato.net/oapi/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-SMT-SessionId
25c35748-636e-4ca5-87d8-4fd135c05890
unruly_prebid
targeting.unrulymedia.com/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://sports.creaders.net
pragma
no-cache
date
Mon, 02 Aug 2021 15:19:03 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
unruly_prebid
targeting.unrulymedia.com/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://sports.creaders.net
pragma
no-cache
date
Mon, 02 Aug 2021 15:19:03 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
cygnus
htlb.casalemedia.com/ 		25 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=529072&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22916eae6280d9b4f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fsports.creaders.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A6%2C%22msi%22%3A6%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A2%2C%22ren%22%3Atrue%2C%22version%22%3A%225.5.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2292d013b7060c70b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22160x600%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22250x250%22%7D%7D%2C%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A200%2C%22h%22%3A200%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22200x200%22%7D%7D%2C%7B%22w%22%3A180%2C%22h%22%3A150%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22180x150%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valueimpression.com%22%2C%22sid%22%3A%22279%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
35d9ffdd9780cc7e136a20def60755e1b4ec5938dd48b00d3a372a1d40146e89

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:03 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.124], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://sports.creaders.net
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
28
expires
Mon, 02 Aug 2021 15:19:03 GMT
cygnus
htlb.casalemedia.com/ 		25 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=529072&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22916eae6280d9b4f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fsports.creaders.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A2%2C%22ren%22%3Atrue%2C%22version%22%3A%225.5.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%229329db652ecddf8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22300x168%22%7D%2C%22video%22%3A%7B%22maxduration%22%3A120%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22playbackmethod%22%3A%5B6%5D%2C%22playerSize%22%3A%5B%5B300%2C168%5D%5D%2C%22placement%22%3A4%2C%22w%22%3A300%2C%22h%22%3A168%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valueimpression.com%22%2C%22sid%22%3A%22279%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
35d9ffdd9780cc7e136a20def60755e1b4ec5938dd48b00d3a372a1d40146e89

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:03 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.124], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://sports.creaders.net
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
28
expires
Mon, 02 Aug 2021 15:19:03 GMT
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.5.0&cb=87601111967
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sports.creaders.net
date
Mon, 02 Aug 2021 15:19:03 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs-simple.com/ut/v3/ 		264 B
954 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c7952974dbadbbfa1d36410d96b0bab2fac39af26558de7d0fdb4daa81bc3c15
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-Proxy-Origin
82.102.19.124; 82.102.19.124; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid
f0a284f0-6b31-4064-9996-a0306cec0493
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sports.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
264
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
quantumdex
useast.quantumdex.io/auction/ 		0
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://sports.creaders.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=knhxYHErJAkfcWQOEJHa5cAt9QCsRrQ%2FN7aAEzldXZwu23F%2BdenE%2FPsSltO11WziqlJMV9s583NBcgCZmVgJ2W%2BMORC9b0Hg4VpboQFVN53BLgAPQO5TAWddY3nLeF9smi%2Fu6R8haNkJEHjrWQ7QWSCh"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
67884847e9aad6fd-FRA
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a40b18f0075&cmd=bid&secure=1&gdpr=1
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
534b71959c698411607df336f6df3315249967af485941536de9c95420e930a2

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 02 Aug 2021 15:19:03 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3ee5990072&cmd=bid&secure=1&gdpr=1
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
2a4ad160e04c81994eed554948e8bc0928de7de37977f99571acc7e850bfda59

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 02 Aug 2021 15:19:04 GMT
Server
ATS/7.1.2.128
Age
1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3c46f80069&cmd=bid&secure=1&gdpr=1
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
bde2e12eeb27d83d7d39b313bcf6b2bea7a6f7889cdc50c0d5a5f64c542f0032

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 02 Aug 2021 15:19:03 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sports.creaders.net
date
Mon, 02 Aug 2021 15:19:03 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
ROS
ads.us.e-planning.net/pbjs/1/2c995/1/sports.creaders.net/ 		646 B
970 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/pbjs/1/2c995/1/sports.creaders.net/ROS?rnd=0.027419579045198317&e=300x250_0%3A300x250%2C300x600%2C160x600%2C250x250%2C120x600%2C200x200%2C180x150&ur=https%3A%2F%2Fsports.creaders.net%2F&pbv=5.5.0&ncb=1&vs=F&crs=GBK&fr=https%3A%2F%2Fsports.creaders.net%2F&gdpr=1&gdprcs=
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
c2540de2d1d0e83eeaf969c3150bd951c3b7e0d6e911a4114b2b45c10516a09c

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://sports.creaders.net
expires
Mon, 02 Aug 2021 15:19:03 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
646
x-sid
AMS-747
prebid
ib.adnxs-simple.com/ut/v3/ 		251 B
941 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
7e450ee21af8028cfe0be376c1baee66e84a215817b962d806580ca1cd7fb0c9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-Proxy-Origin
82.102.19.124; 82.102.19.124; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid
905107c8-dab4-466d-b834-2b78a6937148
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sports.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
251
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sports.creaders.net
date
Mon, 02 Aug 2021 15:19:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
px.vliplatform.com/bi/ 		0
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNUrPeYyqa-AZyt-PPPr-MByZ-UKrYZPqYTYMaRrNBZKRmNTAPZRrtNheRlmNBAAbYZARdzNwqfftkRkjmNBAAbYZA,YZAbYZA,YAAbYAA,TMAbTZARwlNhxwdqzoe,ldqqzg,qhhftbxl,ob,jxqfzxdrtb,ekoztg,gftdgwost,gyzdtroq,kzwigxlt,thsqffofu,qdb,xfkxsn,qdqmgfRwkNRswyNRws0N
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGIFYBlJLsq9F8DXHMDMqQ5DjLMB68HGy3lOaWPxD45u1w5PaPHQqOIFEga%2F6XySrIm1zhOMdkyboax4OJQLBVkgqulWYsgRXEVGL8JhuYk6Py6ti10Gpe36VHhlS7wwXA7O8%2FuKFK8UkpiCwRVzuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
67884848682c1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
/
px.vliplatform.com/bi/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNyeyrZBTP-qAUU-PBAB-aAqr-AtYMaPrZAArBRrNBZKRmNTAPZRrtNheRlmNBAAbTUMRdzNcortgRkjmNBAAbTUMRwlNqhhftbxl,ob,jxqfzxdrtb,hxwdqzoe,ldqqzg,gyzdtroq,qdb,ekoztg,xfkxsnRwkNRswyNRws0N
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ea4ec7mqz2muXm%2FAvB%2B9p70z3ER1WBcQ4woz%2BgPccMvJRNXoi4lhyAo6CIQAt%2BxBkeEm%2BZNfEwocgqi9L8bUHQ9zZ5Zqb0VxUGRpxGgiRnkS0zl5%2FfN8kJ%2BqtIv%2FyqQ8gE6Z98hROaoTn%2FOA9CeD%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
67884848682e1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ Frame 82E5 		100 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627751911/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e8998b3698599d2d28468bd76f422c1f25a551ede04ce7ccd886297e472ec9e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40465
x-xss-protection
0
last-modified
Mon, 02 Aug 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 02 Aug 2021 15:19:03 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://sports.creaders.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Mon, 02 Aug 2021 15:19:03 GMT
access-control-allow-origin
https://sports.creaders.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
cygnus
htlb.casalemedia.com/ 		26 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=529072&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22122ce8c63dd5a46d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fsports.creaders.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.5.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2212308a3f23b3b36d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1024%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%221024x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22468x60%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valueimpression.com%22%2C%22sid%22%3A%22279%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
836a5b2f079b27442966cef74811aa165dd3493c2d17040a11d65754fe9a2d2e

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:03 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.124], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://sports.creaders.net
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
46
x-ak-client-geo
28
expires
Mon, 02 Aug 2021 15:19:03 GMT
unruly_prebid
targeting.unrulymedia.com/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://sports.creaders.net
pragma
no-cache
date
Mon, 02 Aug 2021 15:19:03 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
quantumdex
useast.quantumdex.io/auction/ 		0
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Aug 2021 15:19:04 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://sports.creaders.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhCFner%2BKKftqRmdDQgJ%2BG8iWmkma3BIWBuWNX6OrZZWblYn8S0Twrnr%2B6obujgt07vhiqPsjbttfLmLX9ny6uD2YMfEamu23QwTptTdqOVPIgiEkYv5UmNW8wqjd%2FhCfmJ89kJrzP%2BeA%2F8x%2FE0gLF9t"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
678848485a70d6fd-FRA
c
prebid.a-mo.net/a/ 		0
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sports.creaders.net
date
Mon, 02 Aug 2021 15:19:02 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
36
vary
origin, Accept-Encoding
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sports.creaders.net
date
Mon, 02 Aug 2021 15:19:03 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3db518006f&cmd=bid&secure=1&gdpr=1
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
06714b55c77666c8c868c31cfe56f42f0f7b5204c0003f82e5dd57bf62044c46

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 02 Aug 2021 15:19:04 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
ROS
ads.us.e-planning.net/pbjs/1/2c995/1/sports.creaders.net/ 		633 B
957 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/pbjs/1/2c995/1/sports.creaders.net/ROS?rnd=0.027419579045198317&e=728x90_0%3A728x90%2C970x90%2C468x60%2C1024x90&ur=https%3A%2F%2Fsports.creaders.net%2F&pbv=5.5.0&ncb=1&vs=F&crs=GBK&fr=https%3A%2F%2Fsports.creaders.net%2F&gdpr=1&gdprcs=
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
909debfed5e4d147d1e92ec707994da08b6eb0b8d29e9b30b2bd8f007b41387a

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Aug 2021 15:19:03 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://sports.creaders.net
expires
Mon, 02 Aug 2021 15:19:03 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
633
x-sid
AMS-747
prebid
ib.adnxs-simple.com/ut/v3/ 		140 B
830 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0209d9d536c9914c9fda2e62080ca84bff264ca0e36edf7d2d0e08aaa91ca0b4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-Proxy-Origin
82.102.19.124; 82.102.19.124; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid
28a0b96c-2135-4959-a748-79bac10bd203
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sports.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sports.creaders.net
date
Mon, 02 Aug 2021 15:19:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.5.0&cb=89387303855
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sports.creaders.net
date
Mon, 02 Aug 2021 15:19:03 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs-simple.com/ut/v3/ 		140 B
830 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d01cd5d8bb0f4c13b6105d7a5a76232ff19b9e8646a62f7c05340cbe6a612482
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-Proxy-Origin
82.102.19.124; 82.102.19.124; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid
6e3f5e2b-04f3-45dc-9c0a-f4e3cbb15bee
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sports.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.ad.smaato.net/oapi/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-SMT-SessionId
6c39b2e5-af30-4e15-9233-e46a655e7efc
prebid
prebid.ad.smaato.net/oapi/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-SMT-SessionId
4685988a-8014-4b70-9ca2-7e2e8600b8ae
prebid
prebid.ad.smaato.net/oapi/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-SMT-SessionId
32e02b2f-5e84-4953-ade0-eb6d306aec98
prebid
prebid.ad.smaato.net/oapi/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://sports.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Mon, 02 Aug 2021 15:19:03 GMT
X-SMT-SessionId
92c36a84-f1ff-4ed8-b89b-740e81b8bfa2
analytics.js
www.google-analytics.com/ Frame 82E5 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
322
date
Mon, 02 Aug 2021 15:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Mon, 02 Aug 2021 17:13:41 GMT
collect
www.google-analytics.com/j/ Frame 82E5 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1906052149&t=pageview&_s=1&dl=https%3A%2F%2Fsports.creaders.net%2F&ul=en-us&de=UTF-8&dt=noBid_creaders.net_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=creaders.net&cm=noBid&cc=Default&_utma=77545162.561253751.1627917543.1627917543.1627917543.1&_utmz=77545162.1627917543.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1627917543804&_u=YQBCAUABAAAAAC~&jid=1028445092&gjid=823082747&cid=561253751.1627917543&tid=UA-128776493-30&_gid=442083696.1627917544&_r=1&gtm=2ou7s0&z=1816310174
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sports.creaders.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sports.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Aug 2021 15:19:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sports.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Aug 2021 15:19:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		173 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2424556705055294&correlator=3349895755943631&output=ldjh&impl=fifs&eid=31062048%2C31062087%2C20211866%2C31062064&vrg=2021072801&ptt=17&gdpr=1&sc=1&sfv=1-0-38&ecs=20210802&iu_parts=1619040%2CCreaders_Sports_160x600%2CCreaders_Sports_1x1%2CCreaders_Sports_300x250%2CCreaders_Sports_300x250_2%2CCreaders_Sports_728x90&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=160x600%2C1x1%2C300x250%2C300x250%2C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1627887363&dt=1627917543867&dlt=1627917542616&idt=723&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C-9%2C972%2C972%2C573&adys=-9%2C-9%2C348%2C910%2C98&adks=1587291564%2C600736409%2C247423296%2C108742588%2C1355190270&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsports.creaders.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C340x250%7C340x250%7C739x95&msz=0x-1%7C0x-1%7C340x-1%7C340x-1%7C728x-1&ga_vid=561253751.1627917543&ga_sid=1627917544&ga_hid=1008776955&ga_fc=true&fws=2%2C2%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&btvi=-1%7C-1%7C0%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
c1a3b23f26118ba89996e358e5404508b75d08bbb1c2b3d2f0019753255321a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42421
x-xss-protection
0
google-lineitem-id
-2,4956182603,-1,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,138352644261,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sports.creaders.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3ED5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sports.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sports.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 02 Aug 2021 15:19:03 GMT
expires
Tue, 02 Aug 2022 15:19:03 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
px.vliplatform.com/bi/ 		0
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNUTewqeye-ZATY-PAMe-qyrt-ZtKeYwqwawTMRrNBZKRmNKAZURrtNheRlmNBAAbUAARdzNwqfftkRkjmNBAAbYZA,TUAbUAA,BAAbUAA,YZAbYZA,TYAbUAA,YAAbYAA,TMAbTZARwlNhxwdqzoe,ldqqzg,qhhftbxl,ob,jxqfzxdrtb,ekoztg,gftdgwost,gyzdtroq,kzwigxlt,thsqffofu,qdb,xfkxsn,qdqmgfRwkNRswyNRws0N
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:04 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0a14rwiVS4orePONMJqti4ztF43%2Bb0fjQ7vnLP%2B7Ikj2I4xP1vBDG78%2F12OL1DQZ1uZ%2BGeqgpLMABveNf7365Sn4UTPOHCvkUOdv1Ash%2FiwiSS90o9rn2Hdcuu0Bi8TIUJnWMKVDvlliHAt%2ByQcKaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6788484aab911f35-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
/
px.vliplatform.com/bi/ 		0
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNUqaMBaBe-tUaY-PrUa-MtYP-UqKByMPrKTKPRrNBZKRmNKAZURrtNheRlmNBAAbTUMRdzNcortgRkjmNBAAbTUMRwlNqhhftbxl,ob,jxqfzxdrtb,hxwdqzoe,ldqqzg,gyzdtroq,qdb,ekoztg,xfkxsnRwkNRswyNRws0N
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:04 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ju7rUxC4URx%2F%2FP73lMSyCr40Y6U6p2CG%2FU5%2FbX%2BCqPeYVROMh3If5xMiH8aL3xJY02XmqopH8ymX9wxzW9NBRd7leiUH1Uzwx9BnqcvZG5rBO0fMKuvh0NGKPBwgNFFSvDt3eEbniH98HLb7BStMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6788484aab8f1f35-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
collect
www.google-analytics.com/ Frame 82E5 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=1906052149&t=pageview&_s=2&dl=https%3A%2F%2Fsports.creaders.net%2F&ul=en-us&de=UTF-8&dt=noBid_creaders.net_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=creaders.net&cm=noBid&cc=Default&_utma=77545162.561253751.1627917543.1627917543.1627917543.1&_utmz=77545162.1627917543.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1627917544090&_u=aQBCAUABAAAAAC~&jid=&gjid=&cid=561253751.1627917543&tid=UA-128776493-30&_gid=442083696.1627917544&gtm=2ou7s0&z=1821792585
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 06:21:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
32245
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
px.vliplatform.com/bi/ 		0
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNABeqYaqy-ATaM-PAKM-qKer-qaqAMPrTwMBTRrNBZKRmNKAZARrtNheRlmNTAYPbaARdzNwqfftkRkjmNKYMbaA,aKAbaA,PUMbUA,TAYPbaARwlNhxwdqzoe,ldqqzg,qhhftbxl,ob,jxqfzxdrtb,ekoztg,gftdgwost,gyzdtroq,kzwigxlt,thsqffofu,qdb,xfkxsn,qdqmgfRwkNRswyNRws0N
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:04 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBwpjiBv0A3XqziSioqn0LS0rVIkI5rPAIp17tXSFwOI2mILtnPmbQNNkH4g6JTgp8RBL9Akc649DpfZsdI5zZS0gXVi5gJUtTAQaeuufXmP2hKAwruMhY69JR3HUVnv%2FoW1f7vpTcM5%2FrAeTBO1hw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6788484aab921f35-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
collect
www.google-analytics.com/ Frame 82E5 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=1906052149&t=pageview&_s=3&dl=https%3A%2F%2Fsports.creaders.net%2F&ul=en-us&de=UTF-8&dt=noBid_creaders.net_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=creaders.net&cm=noBid&cc=Default&_utma=77545162.561253751.1627917543.1627917543.1627917543.1&_utmz=77545162.1627917543.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1627917544097&_u=aQBCAUABAAAAAC~&jid=&gjid=&cid=561253751.1627917543&tid=UA-128776493-30&_gid=442083696.1627917544&gtm=2ou7s0&z=1477905448
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 06:21:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
32245
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
px.vliplatform.com/bi/ 		0
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNAwqYYYAA-qBBT-PrZU-aKUZ-TUUBrayTZTTKRrNBZKRmNYBBMBRrtNheRlmNBBUbYMARdzNwqfftkRkjmNBAAbYZA,YZAbYZA,BBUbYMA,YAAbYAA,TMAbTZARwlNhxwdqzoe,ldqqzg,qhhftbxl,ob,jxqfzxdrtb,ekoztg,gftdgwost,gyzdtroq,kzwigxlt,thsqffofu,qdb,xfkxsn,qdqmgfRwkNRswyNRws0N
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:04 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9dEWzX9WxYYUy64%2BSXnmRx6TE5jwnNop7e3KHEqxNajFeUqvviblgc2kOXBJHBw0kQSO4s%2FgEa75W0uKxjgROm545tr8csgyg32QZhyNJQJMKw7E4len2FqS0ats116T9SrKlFbfGcvKJU7mm%2Fswg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6788484aab991f35-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
/
px.vliplatform.com/bi/ 		0
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNaBAyAawZ-BKUq-PMTY-wwYP-YaUYYeqTAyeKRrNBZKRmNYBBMBRrtNheRlmNBBUbTMaRdzNcortgRkjmNBBUbTMaRwlNqhhftbxl,ob,jxqfzxdrtb,hxwdqzoe,ldqqzg,gyzdtroq,qdb,ekoztg,xfkxsnRwkNRswyNRws0N
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:04 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZaLKzP2o3MiP4PLmvgWHeO3Rr78tdBls7IR9AIlA7iqfdti5v%2BpyzaeLVlCxCO7SfopcH%2FDVzp%2BKK89dYoPb0QTe2iKbLs%2BI%2BiQ0XsWNlvwbg4r9dSaCtV3q7PtAWjhKFi318LaKt%2Fbl2nkAGDZFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6788484aab9c1f35-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
collect
www.google-analytics.com/ Frame 82E5 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=1906052149&t=pageview&_s=4&dl=https%3A%2F%2Fsports.creaders.net%2F&ul=en-us&de=UTF-8&dt=noBid_creaders.net_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=creaders.net&cm=noBid&cc=Default&_utma=77545162.561253751.1627917543.1627917543.1627917543.1&_utmz=77545162.1627917543.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1627917544107&_u=aQBCAUABAAAAAC~&jid=&gjid=&cid=561253751.1627917543&tid=UA-128776493-30&_gid=442083696.1627917544&gtm=2ou7s0&z=621587469
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 06:21:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
32245
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sports.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Aug 2021 15:19:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sports.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Aug 2021 15:19:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		57 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2424556705055294&correlator=2271928015545910&output=ldjh&impl=fifs&eid=31062048%2C31062087%2C20211866%2C31062064&vrg=2021072801&ptt=17&gdpr=1&sc=1&sfv=1-0-38&ecs=20210802&iu_parts=21766281334%2C357_Creaders.net%2C357_Creaders.net_31&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C180x150&fluid=height&prev_scp=vli_adslot%3D1045%26vli_acc%3Dvli_9%26vli_adtype%3Ddisplay%26hb_width%3D300%26hb_height%3D250%26vli_sf%3D1%26vli_ad_type%3Dpassback&eri=1&cust_params=hb_domain%3Dcreaders.net&cookie_enabled=1&bc=31&abxe=1&lmt=1627887363&dt=1627917544238&dlt=1627917542616&idt=723&frm=20&biw=1600&bih=1200&oid=3&adxs=992&adys=1443&adks=2618413338&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsports.creaders.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=561253751.1627917543&ga_sid=1627917544&ga_hid=1008776955&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
1e965b424b13bec7078b50ac7cd27b3ca6ee2cc955b5de94b1619e454932ba9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15607
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sports.creaders.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
px.vliplatform.com/bi/ 		0
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNABUyePPw-TMBU-PPPT-wwMa-aMKatMaBPKTARrNBZKRmNTAPZRrtNheRlmNBAAbYZARdzNwqfftkRwlNcso_aRkjmNBAAbYZA,YZAbYZA,YAAbYAA,TMAbTZA,
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:04 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fnQ8h87YppLQVp%2Bzpff9kdRBdW41z84MVgf9UUIRhgUAcL%2FdmadDRleXEdcnN4TZKCiNIkkHCI6GCw0lfNqgPdcPoEJHpNlfjxU8XKWWJmeRz%2FsBTC4OODE7bDKKrHkmqDXFJYDwOS2XyR68nBFLUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6788484b7d071f35-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
container.html
6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 706A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sports.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sports.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 02 Aug 2021 15:19:03 GMT
expires
Tue, 02 Aug 2022 15:19:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 71D1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sports.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sports.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 02 Aug 2021 15:19:03 GMT
expires
Tue, 02 Aug 2022 15:19:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E1F1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sports.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sports.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 02 Aug 2021 15:19:03 GMT
expires
Tue, 02 Aug 2022 15:19:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
163ad32a13401b1f5387b23c7d749fccac8da49e9914584fe3aca42884532c09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:04 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627644667915703"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27995
x-xss-protection
0
expires
Mon, 02 Aug 2021 15:19:04 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021072801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa81101ad925c8b50d4484faad3a19d9ed37e37d07eb8e1c60369e3678100de9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Aug 2021 15:19:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8432
x-xss-protection
0
container.html
6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7CC7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sports.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sports.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 02 Aug 2021 15:19:03 GMT
expires
Tue, 02 Aug 2022 15:19:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/ Frame 82E5 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=1906052149&t=pageview&_s=5&dl=https%3A%2F%2Fsports.creaders.net%2F&ul=en-us&de=UTF-8&dt=vli_9_creaders.net_0_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0&cs=creaders.net&cm=vli_9&cc=Default&_utma=77545162.561253751.1627917543.1627917543.1627917543.1&_utmz=77545162.1627917543.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1627917544565&_u=aQBCAUABAAAAAC~&jid=&gjid=&cid=561253751.1627917543&tid=UA-128776493-30&_gid=442083696.1627917544&gtm=2ou7s0&z=147707080
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 06:21:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
32245
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Mon, 02 Aug 2021 15:19:04 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sports.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Aug 2021 15:19:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sports.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Aug 2021 15:19:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		457 B
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2424556705055294&correlator=2446828239376513&output=ldjh&impl=fifs&eid=31062048%2C31062087%2C20211866%2C31062064&vrg=2021072801&ptt=17&gdpr=1&sc=1&sfv=1-0-38&ecs=20210802&iu_parts=21766281334%2C357_Creaders.net%2C357_Creaders.net_33&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C160x600%7C300x600%7C250x250%7C120x600%7C200x200%7C180x150&fluid=height&prev_scp=vli_adslot%3D7056%26vli_acc%3Dvli_9%26vli_adtype%3Ddisplay%26hb_width%3D300%26hb_height%3D600%26vli_sf%3D1%26vli_ad_type%3Dpassback&eri=1&cust_params=hb_domain%3Dcreaders.net&cookie=ID%3D4d438bd93c0a73e7-22060e6a93c80024%3AT%3D1627917544%3AS%3DALNI_MYpTtxS5mm80F2orilPPdsntG7gcQ&bc=31&abxe=1&lmt=1627887363&dt=1627917544601&dlt=1627917542616&idt=723&frm=20&biw=1600&bih=1200&oid=3&adxs=992&adys=2349&adks=2419475616&ucis=7&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsports.creaders.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=561253751.1627917543&ga_sid=1627917544&ga_hid=1008776955&ga_fc=false&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
1a36494ae4d9ffcd927691206641e23f32bac00f05159e736061e88c4b8fb20d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
226
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sports.creaders.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
px.vliplatform.com/bi/ 		0
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNTPPPYwaa-AZrM-PAMB-qqty-TAMytKeBrAyrRrNBZKRmNKAZURrtNheRlmNBAAbUAARdzNwqfftkRwlNcso_aRkjmNBAAbYZA,TUAbUAA,BAAbUAA,YZAbYZA,TYAbUAA,YAAbYAA,TMAbTZA,
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:04 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3NmP5D%2B8Pyd538rkAKfyvZZLQzr4UwajNxRuYHDuT3Ik2NSKxZ7C8rH%2FU38jHobwKYJ5NnBdwEK9RCpGk2nV6d%2BskBCSlj5%2BVbR32cipy4YJmkmOkyNVddeJb9UKPSQWgsPGSkcv%2F7%2FGGArb76ZrsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6788484dc8c31f35-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
ads
securepubads.g.doubleclick.net/gampad/ 		457 B
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2424556705055294&correlator=560575522360309&output=ldjh&impl=fifs&eid=31062048%2C31062087%2C20211866%2C31062064&vrg=2021072801&ptt=17&gdpr=1&sc=1&sfv=1-0-38&ecs=20210802&iu_parts=21766281334%2C357_Creaders.net%2C357_Creaders.net_34&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x90%7C468x60%7C1024x90&fluid=height&prev_scp=vli_adslot%3D7050%26vli_acc%3Dvli_9%26vli_adtype%3Ddisplay%26hb_width%3D1024%26hb_height%3D90%26vli_sf%3D1%26vli_ad_type%3Dpassback&eri=1&cust_params=hb_domain%3Dcreaders.net&cookie=ID%3D4d438bd93c0a73e7-22060e6a93c80024%3AT%3D1627917544%3AS%3DALNI_MYpTtxS5mm80F2orilPPdsntG7gcQ&bc=31&abxe=1&lmt=1627887363&dt=1627917544609&dlt=1627917542616&idt=723&frm=20&biw=1600&bih=1200&oid=3&adxs=288&adys=3627&adks=3138217075&ucis=8&ifi=8&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsports.creaders.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x-1&msz=1024x-1&ga_vid=561253751.1627917543&ga_sid=1627917544&ga_hid=1008776955&ga_fc=false&fws=0&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
14d569d1d0455bdb16adf127f5d173273a02116876c0303219ce25228d99f68f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
226
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sports.creaders.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
px.vliplatform.com/bi/ 		0
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNYyTKKAyP-AZTB-PMrA-wUAw-KZwTMKYUKyTaRrNBZKRmNKAZARrtNheRlmNTAYPbaARdzNwqfftkRwlNcso_aRkjmNKYMbaA,aKAbaA,PUMbUA,TAYPbaA,
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:04 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQ1I5jhj2gqfsEPZwhQ%2BwpmKlh4LHTl8SubfGYD5P1kit2HF8pawcHUpUsCQcROUVHolmWkxgOs81OviT5sr%2Bab6dbiJxex03eKxe2gtgHi2ThM%2Bne8Tqo7IqI%2FWrZYDHlsfR2VFLX%2FOUpyMYor81Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6788484dc8d91f35-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame 71D1 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:18:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7612
x-xss-protection
0
server
cafe
etag
18375530890449129318
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 15:18:18 GMT
css
fonts.googleapis.com/ Frame 71D1 		8 KB
809 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 02 Aug 2021 15:15:21 GMT
server
ESF
date
Mon, 02 Aug 2021 15:19:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 Aug 2021 15:19:04 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/ Frame 71D1 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/outstream.min.css
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jul 2021 14:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
349898
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 04:54:07 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Jul 2022 14:07:26 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/ Frame 71D1 		354 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/outstream.min.js
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95a9cfbf7262fe01c09d9427d4ba9050052169c4db020a21dbbd268915291a4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jul 2021 14:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
349898
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125985
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 04:54:07 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Jul 2022 14:07:26 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 71D1 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:18:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6207
x-xss-protection
0
server
cafe
etag
18081889583213459188
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 15:18:31 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame 706A 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:18:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7612
x-xss-protection
0
server
cafe
etag
18375530890449129318
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 15:18:18 GMT
css
fonts.googleapis.com/ Frame 706A 		8 KB
786 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 02 Aug 2021 15:12:54 GMT
server
ESF
date
Mon, 02 Aug 2021 15:19:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 Aug 2021 15:19:04 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/ Frame 706A 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/outstream.min.css
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jul 2021 14:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
349898
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 04:54:07 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Jul 2022 14:07:26 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/ Frame 706A 		354 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/outstream.min.js
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95a9cfbf7262fe01c09d9427d4ba9050052169c4db020a21dbbd268915291a4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jul 2021 14:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
349898
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125985
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 04:54:07 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Jul 2022 14:07:26 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 706A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:18:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6207
x-xss-protection
0
server
cafe
etag
18081889583213459188
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 15:18:31 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A695 		624 B
593 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNiEVRDrv6gCGMnr5a0BMAE&v=APEucNXmDdkim_quF2hxh7PSLILN4insGcrbN5PCPeD7CPjv1ieLqtqs2oVw3Z2fBRpL1K__TzOQRsMYVrge8V1ThI1XjrW0t3uVRpU2FoGcpyRSjA0-rtLXhmnuuUEmy028HlorEjbzsnCSFnu-d_TnDh5535NngxLaVIQ84zmNwVqk_igcvSs
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CNiEVRDrv6gCGMnr5a0BMAE&v=APEucNXmDdkim_quF2hxh7PSLILN4insGcrbN5PCPeD7CPjv1ieLqtqs2oVw3Z2fBRpL1K__TzOQRsMYVrge8V1ThI1XjrW0t3uVRpU2FoGcpyRSjA0-rtLXhmnuuUEmy028HlorEjbzsnCSFnu-d_TnDh5535NngxLaVIQ84zmNwVqk_igcvSs
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 02 Aug 2021 15:19:04 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUmXrol8YGTQKWkclECYyFE3-ab3N9VYWWoI8vUpMCsmkTPCBFKrcwFTaFoX; expires=Sat, 27-Aug-2022 15:19:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 02 Aug 2021 15:19:04 GMT
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame E1F1 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:02:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
974
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7612
x-xss-protection
0
server
cafe
etag
18375530890449129318
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 15:02:50 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/elements/html/ Frame E1F1 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 14:11:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4047
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2627
x-xss-protection
0
server
cafe
etag
17449454297928180344
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 14:11:37 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E1F1 		0
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssya6z279873cEGYyRMAlMcS1z2eX3bSVQzonfCeYLzS0Ut1Yww3NhYpCPT7_77OUxfXQiz2uFoIkzWM3y3uJ5Cucabuz0yFwUXGwZysWaWmijQfQqybvPPR-vHuSDnF846dP3yBMWcvKf_SQmSUONJFMFGkluQLkH6GQxFIew1UGyt9bc8wJHaVWu1NsZ1P2hg-VMwoubvpSSJHEXZCd6f2nHh39IRFle8jAv2V9HCUkE_oj6Iq0b7rcSOpssgWZwFshj9ZBGl32r7X79ESMJ30zdXj8-Yav5Osg_3yWEbV_vyr2YA8DKYSCL38R9exh0iK53JnWFsk7YkXwebLoBinT2uudIzuXda5BoOeql-2EsNbQF7gizqqOYb6hMw6pakYW7CG_HJ1XVMr92j8_d3XMd6JmAqUlIs29Pr9Bo9d7UrLsuWJ3UXAvVF40_ugbo_FEIzWePSeicjfaF6bNEnV4OYompJ07nIGy6RG1AEk3uDgZs6eQEGVSZQ0xo024PzMwMIRQWeEDiGDoeAorDMZSF4F4qM2TUZdErnbWmol_jzYx3h1cfSVy_b6vkNdQheTzUbG1df06J_6GM2d8hPUNg0KJYlZ7HqdIa8AUCC3oi3KYxS-Wz9wSIKrKlvqbx1yunVQYWHzoRi3J0PfsMmdYzdQkWdTmn36iDNlVrRnZAF9ltUE6X0kWK-PbU9X55BcKj66ze2WEq1EFV08GjCiUH_-WR4_CDY3yRIx06_3zI8TM6SmyTFRMCwvfbJNsFd6BLKt-HfwnYA8yJnmmQBREV4WsKU2Bofn2HY-rcg3Bxm4aCG_H3tb20iPOZEs3jpwsdI1vhSSveRgOWyiIKqDOUcT-9W6bGyvsLQykLzg-rbX2B_QzPS_dq7eiUcVUgl60oWiQX0oVKAXmrvZdTx_adIJ32MROo4ar_vNnSnWf0t_uvcj7fAZKMJj8zfH0LNS4yQ0HIyIc6PthKtXYb_W8SP9JpAHY80BFYA2qkQUqWyacBk42VCiP9sUTU4X7KGfP8QfkCKMRc0X0aR7cm35AxyPRsL7sgcncIM29DAkCB1UlfeauCFUu6VIxT5J3CN3It2dkPqA4eoZ0kECnFCjXfEf3nEIgFFVfiqDG9IkM9cAhHntf2x3gwDnoR0jMyyrSTmdtmhpoGL&sai=AMfl-YRuNHV-yZI4YefNn5dlN5f8s4PkPJ7b5lVG4kQg_Lam2r8MK5pR6W55QRtblNrQaTrv2tK6WXFdjbxi1RJn_ojyrBaDRquWfD5FeWz9PlC3EuG3TS7V1vfQzjjI-fG4YOuAfeW7yt4P_izjE7c2g4QhYEqWJwAtlyXW_MEXjIgVzjveP8fgiQuS8ADp72FSp78SfLfUpYZLW5ExQBVNAumZqS43ga-FzakSlupBn_nHXxyRu58HzQ1gPzUrWystHKxe-XLjtx_ogYfYw3KW8706OBdBOAbWq-KUCZLhNQoD_pk39uAQNp7DMC9Fd5fVZqti5uT-W-CUnfhyMC__gmamr4obMEO8Fug9VqG4RmVaKzucPYRraC7GwOjGiOqcRw&sig=Cg0ArKJSzHSn8eOrQSx0EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210728.18478&adurl=
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 02 Aug 2021 15:19:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E1F1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 06:32:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Aug 2022 06:32:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E1F1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BU96_fQQsxpUPSYkjH0I8tKGZ-YUf0Ns9idk32d3qbYQ7jXc7uyCoolDNIuqFCR13OgFSGjtgEIeO3dDvFydKt9DwQWfczgESejDX4c1j8VQukioI
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame E1F1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 15:14:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E1F1 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0dc0de8e5e96c7703251d73a1804e8558151983afa3a2af5a7dfb29001dbe99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:04 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627644660751711"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38134
x-xss-protection
0
expires
Mon, 02 Aug 2021 15:19:04 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame E1F1 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:18:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6207
x-xss-protection
0
server
cafe
etag
18081889583213459188
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 15:18:31 GMT
l
www.google.com/ads/measurement/ Frame E1F1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2YjMEhMUsbjsd2Ncxr-AHHfl0WhPwEaDoHyfx7WhSjTShhO196MXXJxaixXH26aqsmiti46Itdshd0X3pZM6uAvO3Sg
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
6573396375353797813
s0.2mdn.net/simgad/ Frame E1F1 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6573396375353797813
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8eee98720ea00f99b96d77de662bb78af53a3f8ecce0a0dd4ac83d2ff72c4e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jul 2021 09:48:20 GMT
x-content-type-options
nosniff
age
365444
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102334
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 09:00:33 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Jul 2022 09:48:20 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame 7CC7 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:18:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7612
x-xss-protection
0
server
cafe
etag
18375530890449129318
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 15:18:18 GMT
css
fonts.googleapis.com/ Frame 7CC7 		8 KB
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 02 Aug 2021 15:13:54 GMT
server
ESF
date
Mon, 02 Aug 2021 15:19:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 Aug 2021 15:19:04 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/ Frame 7CC7 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/outstream.min.css
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jul 2021 14:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
349898
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 04:54:07 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Jul 2022 14:07:26 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/ Frame 7CC7 		354 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/outstream.min.js
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95a9cfbf7262fe01c09d9427d4ba9050052169c4db020a21dbbd268915291a4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jul 2021 14:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
349898
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125985
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 04:54:07 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Jul 2022 14:07:26 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 7CC7 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:18:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6207
x-xss-protection
0
server
cafe
etag
18081889583213459188
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 15:18:31 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2424556705055294&correlator=1242353554339289&output=ldjh&impl=fifs&eid=31062048%2C31062087%2C20211866%2C31062064&vrg=2021072801&ptt=17&gdpr=1&sc=1&sfv=1-0-38&ecs=20210802&iu_parts=21766281334%2C357_Creaders.net%2C357_Creaders.net_32&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C250x250%7C336x280%7C200x200%7C180x150&fluid=height&prev_scp=vli_adslot%3D23383%26vli_acc%3Dvli_9%26vli_adtype%3Ddisplay%26hb_width%3D336%26hb_height%3D280%26vli_sf%3D1%26vli_ad_type%3Dpassback&eri=1&cust_params=hb_domain%3Dcreaders.net&cookie=ID%3D4d438bd93c0a73e7-22060e6a93c80024%3AT%3D1627917544%3AS%3DALNI_MYpTtxS5mm80F2orilPPdsntG7gcQ&bc=31&abxe=1&lmt=1627887363&dt=1627917544672&dlt=1627917542616&idt=723&frm=20&biw=1600&bih=1200&oid=3&adxs=974&adys=1881&adks=2320425989&ucis=9&ifi=9&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsports.creaders.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x-1&msz=336x-1&ga_vid=561253751.1627917543&ga_sid=1627917544&ga_hid=1008776955&ga_fc=false&fws=0&ohw=0&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ebe1d49f9f9efa1fd2b3a1c735e693a6a61f82d26baf5caab429e4d929562d7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9060
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sports.creaders.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
px.vliplatform.com/bi/ 		0
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNtKKUTatZ-BPZe-PZKP-aUMB-PaZZYeTTMATPRrNBZKRmNYBBMBRrtNheRlmNBBUbYMARdzNwqfftkRwlNcso_aRkjmNBAAbYZA,YZAbYZA,BBUbYMA,YAAbYAA,TMAbTZA,
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:04 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYxAXBNqsLEAlc37g9DUxfnRAmK6UCKbPX23SrLh0OgSB1Ezq0HFEs86MBbbMbKMt2%2BkPqumL%2B2vYwKbnVoAfEsppaZYRCi8gxBA%2B4iE2WdIRxwsjiH%2FRCu4dpV8II6R8sdBqu12Ooo2Ff625HGcfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6788484e49821f35-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame B93B 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sports.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sports.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Mon, 02 Aug 2021 15:11:41 GMT
expires
Tue, 02 Aug 2022 15:11:41 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
443
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 63FE 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0a7b11be75b337891176e639e15209297639b0dc10af5ffc7fc38809582e36f3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lMFFQHW2gN6uwMCbcnWV7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sports.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=220=eiX0CwAMVsKz_B-nxhLyAqhOwmCbB9_3bjfw6QUyQq8muI0IdXv966wGS7fZglCrWI4ATK3mkBKXfK0SCw0dbjbYfXkjU-xEVRw-rF5Wy-07Qrx58f0pGqFksXolXNVAFoxRUVk39M9aQfMA_17useQtxu-utY0QLHAovYjdHGA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sports.creaders.net/

Response headers

expires
Mon, 02 Aug 2021 15:19:04 GMT
date
Mon, 02 Aug 2021 15:19:04 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-lMFFQHW2gN6uwMCbcnWV7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8E8F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Mon, 02 Aug 2021 06:32:03 GMT
expires
Tue, 02 Aug 2022 06:32:03 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
31621
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame E1F1 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d96bcaa8cb94077a775fd6bd0ca8202226b5ce8d203030e51b8a6b60fe8a3ac8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame 706A 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~krus2one&c=4020012804040&slotId=2010006402020&qqid=CJf6t7fRkvICFYHAEQgdcDwMDA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:804::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 706A 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 12:00:01 GMT
x-content-type-options
nosniff
age
530343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jul 2022 12:00:01 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 706A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:26:24 GMT
x-content-type-options
nosniff
age
593560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Jul 2022 18:26:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 706A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CGNWy5wwIYdfqOIGBx_AP8PiwYJPIteZj2Na2_v4N18eivcABEAEguMOVAmC5-MeA3AGgAemB3dgCyAEFqQJKtF6No--zPqgDAcgDmwSqBPMBT9BmY44mjzhSK_rZzMlEfEJbn_H15iaFGhIULKUqeiTTPhqdgr7z4g6wUSN1qQ10fu2f1IHYajwf935OVYvDT5JpvFG_MiK_EyK7ech3hq_hZyr5h5UBn4nCqL-74eesQaD3pn45slyALcFZ9oIPulxuntDTCT2CN53zwnycmb37rE1OUSWlmkcECc_NNAXQp_YRdYg2Lb-JUkI7ww4ssv7BksHI-pTV-Fo7agcpPakr2SiruVmoCmGxSU4YiAqcNjp-go8cwiWY9qB5KjPtrNHKGmMy87eSZrlzh4f6kwcqsmP8GsoBRoW45yjcOMqqig6NwASOrbChxwPgBAOQBgGgBnaAB__9oqcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoByAsB4AsBgAwBsBOyzIkMyBO-sdrdA9ATANgTCogUAtgUAdAVAYAXAQ&eventType=clickstring&clientTime=1627917544783&ai=CGNWy5wwIYdfqOIGBx_AP8PiwYJPIteZj2Na2_v4N18eivcABEAEguMOVAmC5-MeA3AGgAemB3dgCyAEFqQJKtF6No--zPqgDAcgDmwSqBPMBT9BmY44mjzhSK_rZzMlEfEJbn_H15iaFGhIULKUqeiTTPhqdgr7z4g6wUSN1qQ10fu2f1IHYajwf935OVYvDT5JpvFG_MiK_EyK7ech3hq_hZyr5h5UBn4nCqL-74eesQaD3pn45slyALcFZ9oIPulxuntDTCT2CN53zwnycmb37rE1OUSWlmkcECc_NNAXQp_YRdYg2Lb-JUkI7ww4ssv7BksHI-pTV-Fo7agcpPakr2SiruVmoCmGxSU4YiAqcNjp-go8cwiWY9qB5KjPtrNHKGmMy87eSZrlzh4f6kwcqsmP8GsoBRoW45yjcOMqqig6NwASOrbChxwPgBAOQBgGgBnaAB__9oqcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoByAsB4AsBgAwBsBOyzIkMyBO-sdrdA9ATANgTCogUAtgUAdAVAYAXAQ
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 706A 		28 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CDmb-lM5f-T7hLdrehJoqjH3AIlFsf5Qskdql5hLJ3nDJTN3a5qgxAfQA_75GXxOsmc9ZcaB8zpLqerfy134qhNCakdQ&cry=1&dbm_d=AKAmf-D4tNMplLrVprikxpGhYD4k3iCkN94gqlVzGtXUDQ81QBGy5jHU35ZpzJ27KmbUoLLlZ0bRRQJnzeJ9peyB-U-dmj_0BSTXyRUu__NYI5u9sYU0IviugluLkoSqa00t-9225Svu-vRXps3C6La0VkalNJDmB_4PtzJ6FvWry4KJhSPNYTX0tC_F1bb0bjldtSufffwE0fuM5XxxRqbq9WCiKJ9ovPBSLzWFd4fgx-kH-XW7tjliNafNQCvJtySFt_muMZPh52kE8L9eoSWIkcyquWcGlFNlkGMLX45o4rM_lXrGrn47xdr0XqhcZc24-k7eus2asI9SY60H_EDHBWI-n2f6JlEg-oBbnYBQ83tYPBo54OwunY4qoT35VglJ5B-M2Z4zvljcP60X0TvBadISm1qLGFep4h9Lx1MFf-AxPaMrrIZxKzX1sdNBbHoh-lhhJ_WQLfGvv3U04dF-MWeftXnMIELYLOYwpS7zOFsjOauCyha8R1OPaEFh08Cv5NJP15DqLMWZo85bDQF7pVPcCJUh0smAC9b--tPixBdYZUSXCnRu_q-Sw6qj3Zu430sHVswS0bZErqS50W1lH0EW4dsaCoBhwpXi8A_KSSG26ftBtQ7jX3Ns3hJTFK1B1xvD3zILGy0lj96D5Jn1zg79j_YkNDumHThaeN9rr5DlWTon_aYX3dbbWfXeG3l0ndkZSiKlDQfjdaoNUZbgveeBlWLTSRnM31TD2Uh7N5Dl8BFcqio1dUEXRYBTDa-bIXp27R15x0KVZFru7HEORtxz5PNSg19VpgENGutfiQdW71SsF3pv6y_cTlyY-W5HHFNr-E3O5ODeyrsC24Nvs-FRjsKZc0R1i1ALCQv7BFEBuJ9_8datSlPT151Ay_zpdTi2Rl457XqWuO-7aB3GVfk3qpbUJacmWaPL8bY0HQBU22AiJA5jOEU28RYwn4jVzR6yf_T7VsuATLlOw5OVMF28zyibPnzwa6Xge7HFVGelv9ABuMTrf08duAe4_Y7BD9cggxthOZasZ0dO9SdtbhFKeSvDJ2JvjZRPWMJfvoYL32ujOM4oz_U7iF693pmOf29tLTQAxo3gmAnI20R8i07CW0V99YHaqOevAmSmXR7R_cbtldDc7XFGBCyRCFI3M8qY1tingIsgfgXRrKw39d7om-ibhIuscatb3hYfRjobVsBoKwn8-uKhOvldjqp3e6J4GI8k3Nh94yKo42QmJ9WEgbWw9QxP6y3E4kbAUL5iNZQ-H1ZmnyHJFysZYvCZdqWz4miUHq5u0esIRjfpGLkpMZ0JniIuV0aGmpIvyq9-padtCfq6Iav82Xcvj115d88zB-AWLjUXmMJjn-W4r3jDKpLKScjJVlRlkBcuYbgRo5I4G29tveCkbCehrQfqH2Uwx8mJxuSJPxSSVVre43GCWK_2E2cOTMUVOiE_yY7Vji1Deo8FroJg5YoYUYu7a7bN32F_h76P_VlwrpuezvpfDn8uOH4lrwwlHytfTfS9X_mduDT4huiXXZL4HH9vnOEIaMgheT0aaIfn4Yfrp4YKG85b22EUGQk35vnRwroMI245MphI2-09zrM6B2sbYaN8SPFrC1dShIb4eZPz4zSU7jScaeViDmhLoaZxcNp8g6YZcvHPw18Zv_eB6_oLOUKBNKaEd4lpfrM3QWg1qeuXXAlJz38rldHhFllawW9Nae1csjjpxnjI6eaGad2VitaL4fHbtpIB2sLveD6O5VCT8dQ3RzXEsjRJXGe5va9WjzEKeOv4rVf1ubsBCiqJXLRs5MZYxQEwd73NaQ38HsMe4I7_ONg7saHE6xWkr-cfNad1Kw59u5GrdZqD5ZSmJcu6ls7KeF0wbAtOfEdDo3YG8mJ6oYOHsIRDSTVXsdwdjMaOpCffVzHRlo4LpPSIyJBlnvh8wG7uDw6gmrZJyuZE-JHMYd0-SLk-_geGS4t1IC73mZ8KwLKy2VJbQBAk6_xFmL3cU5q5zopkwBNwnyUB038HOdrOt9iQabZsDFO-fLwLIy9U6jLjMv_6R7OfO_UA7fO4hCcHuKL0iP2jgj9vmDdDfmZ-jRlpJUBBEoP__q-E0PsgOIZKe3yf2u6K4_8dGOvbqVMo6GRnixGY21xCkqvdhwDofWZDlPzn3yAVizpVHmtfnfDlKsUBu5JqJ4sN3OnfPpfJ4MMS-U2fSBHTc9bWGzMILcrPM7u1zPJIeaymqUQpQYTxrdodlj3dcKzhePpzW7t4vTsLm3SQ9Xuv1cnyfc8vI3lB0yPGNvdoLBjgMzr-LcJfNR8xzbq--MFJZe44AZ_Io5x_pKDqMme4Bzdzoj7SMwCFAedT2iP3QOS9C1sRLq--Lf8nMireegeFJ0eujqJNyqbStogMFdTdA8e0UnRHxw4JkScQT1lnNlUNpJppwC2WzfYXGSuTeGF2iZXtAAoVz_YvjddvVuwTqdqtJOkJLPX68rnjh7srrJq7hcuQia95PH7KKFD44HlAGXAg-FU5giUxvLs4AedO1XQ97ezeG2vRDyz3dVWulLdEAMdVBBzd5aAAEFr0VnWYzeu2Kwl5d9NFmvR0EpfQYgKgKsXjX6HEhPHLv7nWI5YQF50vATxzpefoybyVweiKOMjKFP7XcMykUR2ssIvhtqJq0kIdpWarJ9OukHZ0ZD6_dkPmoZvyKpo2dYgPYIOa-f74ClSxxYalEexaGdcpTQPrF4xwu_4ulIc3LoHz0J0komN1cQyQZFQ5GJBT8GlbcNHuChwUkIG27wBQaxNDTRpM6mE1KCg8_sf2nGh9kIczOp4oh7irgwo0mykTxUZbxsJA3CO7t3hBxM-FLPAgeiykCYNtrhxqHvo5uXwCHiaQr7KI7FGWyvFpyJA8gvXdjtdWt-5wNvK1Pdrab_MonVpz2KohX68ZPiZr1UlCEJKOkfz4yYJgMyo607i5eSDJzmMxk_LVCxwjW-qr4B93HS54vWujnQA0No_A8WTZ2eu-wdaWRbvMoXuZX-tUGFrnIMXHMgqkO0dW6wjPPbxui8HQq8-hN34zK1C7uh9Bsb1HZU-emlLX85k0ZFWwqYAAWdtvVkj0TFrDLhA5ijI9tHLLgJ_UmbHkJvDydPHZJ8i559n2X8a48cHwibdLRyTDYA42MKCx12DUyjZ3vknOf0ylO7wwjIz05nS_PZ0LVAn75wY-XV3zurEjm2FFsK8R2cyP9M_G6U36EGjyd6JYYVZc6gFn0W2pVtwrAhdXgfULjfV_1wwFH9BvD9vONLXrjMS2vLoWE4J57_Clr8kFJ3WhnRwFKA3AVZx3-R-iTlzBVMTkWXg46Wwj36L5pcDKl7VdPWXNZXDv5TK0Z6NfCc1wWgYh2OMYA_fgEAPQmddJQElo62Jwu5S8C1TH2VfZ7ROTbwD_ERkWL0iTewEK0AaD1ffW1Lfsk1HaDjE8jlK0IzT-n1ePj4RoavUveVtJsSSj3WcZXvUVV3Bue0y0ah_SGQ&cid=CAASFeRozdkzQafNlj9gUDiOR91TUChbxw&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f155.1e100.net
Software
cafe /
Resource Hash
24070eaf50abfea1fb1c2d172db3d5ccb9112a335e1532e09e15b41bfa00f3af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13878
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 706A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CufjO5wwIYdfqOIGBx_AP8PiwYJPIteZj2Na2_v4N18eivcABEAEguMOVAmC5-MeA3AGgAemB3dgCyAEFqQJKtF6No--zPqgDAcgDmwSqBPABT9BmY44mjzhSK_rZzMlEfEJbn_H15iaFGhIULKUqeiTTPhqdgr7z4g6wUSN1qQ10fu2f1IHYajwf935OVYvDT5JpvFG_MiK_EyK7ech3hq_hZyr5h5UBn4nCqL-74eesQaD3pn45slyALcFZ9oIPulxuntDTCT2CN53zwnycmb37rE1OUSWlmkcECc_NNAXQp_YRdYg2Lb-JUkI7ww4ssv7BksHI-pTV-Fo7agcpPakr2SiruVmoCmGxSU4YiAqcNjp-go8cwiWY9qB5KjPtrNHKGmNq8i1n9SsTFT4cflDKX3MPisX71qo7cQdfhpqywASOrbChxwPgBAOIBaSEr-4zkgUGCBsQAhgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAf__aKnAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUb2AcA8gcKELexGBi_oMKtAdIICQiI4YAQEAEYHYAKAcgLAbATssyJDMgTvrHa3QPQEwDYEwqIFALYFAHQFQGAFwGyFxoKGAgAEhRwdWItNjkwNjQ3NjY3ODYzMDgyNg&sigh=HZcK_OrXbTU&cid=CAQSPgCNIrLMZmuAAr7dvfnxvCQxtudgsGzZUmudifdEkrALOQXT13EWMkxXI8zhpyjCehKEh9uQjxEiwb-RqxDa&vt=10
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 706A 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a5889a3deb522f407e35802297c686e0c76716f549420ae80b3c589afda5149

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame 71D1 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~krus2ooo&c=612297734924&slotId=306148867462&qqid=CJj6t7fRkvICFYHAEQgdcDwMDA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:804::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 71D1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 12:00:01 GMT
x-content-type-options
nosniff
age
530343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jul 2022 12:00:01 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 71D1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:26:24 GMT
x-content-type-options
nosniff
age
593560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Jul 2022 18:26:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 71D1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CdwEq5wwIYdjqOIGBx_AP8PiwYJPIteZj2Na2_v4N18eivcABEAEguMOVAmC5-MeA3AGgAemB3dgCyAEFqQJKtF6No--zPqgDAcgDmwSqBPMBT9AXUMH2ip8BXj_pER0xqcYnrKsf4tQwvmt0cPVFEY7xwHtthR0lTf1VMfGGhyHSTeX9RCKEEzuFjkGVRp3_wBwW7-JswN703ccVqrqVQCHYxgPdufzJyD36fE_n0KWIRbAAsj5MFjvod2sY-QR0QXtshtSYBHonEap3kSWjbAI-ZeVxHRMo70E_mc5se8yv6CCCcaRzPDKhnXamn2z5uAA3TNK0AinFRAeEg6Inhcu2dVRrIYuFFsQrCIVA_Ji87fQvJczDAyGzDnNXhnCc00Kt2pC-O5RBI-ku-AJirMTwtfUdoldI4zeDlFoJAw1ACvWpwASOrbChxwPgBAOQBgGgBnaAB__9oqcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoByAsB4AsBgAwBsBOyzIkMyBO-sdrdA9ATANgTCogUAtgUAdAVAYAXAQ&eventType=clickstring&clientTime=1627917544827&ai=CdwEq5wwIYdjqOIGBx_AP8PiwYJPIteZj2Na2_v4N18eivcABEAEguMOVAmC5-MeA3AGgAemB3dgCyAEFqQJKtF6No--zPqgDAcgDmwSqBPMBT9AXUMH2ip8BXj_pER0xqcYnrKsf4tQwvmt0cPVFEY7xwHtthR0lTf1VMfGGhyHSTeX9RCKEEzuFjkGVRp3_wBwW7-JswN703ccVqrqVQCHYxgPdufzJyD36fE_n0KWIRbAAsj5MFjvod2sY-QR0QXtshtSYBHonEap3kSWjbAI-ZeVxHRMo70E_mc5se8yv6CCCcaRzPDKhnXamn2z5uAA3TNK0AinFRAeEg6Inhcu2dVRrIYuFFsQrCIVA_Ji87fQvJczDAyGzDnNXhnCc00Kt2pC-O5RBI-ku-AJirMTwtfUdoldI4zeDlFoJAw1ACvWpwASOrbChxwPgBAOQBgGgBnaAB__9oqcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoByAsB4AsBgAwBsBOyzIkMyBO-sdrdA9ATANgTCogUAtgUAdAVAYAXAQ
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 71D1 		28 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BQuma4N3AS-miLpBaEWMiun-uNdo4fj5EJSKbQtCvduvwVekitRKS0iy0n6eM2_HW1cvlaXXKDwweh7y6EG5jjfe9TZw&cry=1&dbm_d=AKAmf-B-qeNhzvU7clLyQvxdRoOA1mL6CflwLJsH-rud4hE2O3lj-Fx-rFWduhpD-eG7pD0njYRSAOZbzhwN3mywd23Avs8oScoP0ZP6OhNDxgP5Bi8kQ8Ux_aIrdlUKDiofPm9C6Nv4pFDLRGGf3xpzRis9pZYyZultqgzZYK0LBNNdBPuuOKwHuiw1M9kM7tjxibtMl4GLAfHeJi6w3pjx0cqKk_WFbSyKJEyurLPQ41Wl6AMwU0xIdVH0VliIQcEb0p2icHQp9VB7H49-258lsZbaE5_iWCB5_xiw51923AWLJkR3S6f2FLcoNXnyuiA6vSR6H50XsakaQhm4rdP-SAzJUNgFbjI6xYCIOq1fwS443JVuyS3o0xCCKR3e_Jjzt3SjV2F5u9X_PoTphH5p39Q0bjyRcur0CvA0GJLma6LuygVTFMWtKl5OoqSARKEXk2-GXOu-ot03D0go0-ji5w1tRXDVYMYv6bQFuL0zDZnEz4kXm7DWo0ddIaaRnyn-ATfcQugFUKig0uzBa4_bNG0A2lGzDKZKxAYQYvNMrlmZcF4E6ZcoVf7luxCtjbFBtTOeaEdqbU7THkRPkmiobAi8dFsrw5_1NVC0TedCY4PNzAx3KgTZd29lcm1Qgg0074f2rGLKo9otjuwA_rDMZHtTlS40F-Vp1HI1QY9P5nPphHvOK4lgQ3KnKsKZj8jJSvUvAOPfifv5dtICeDrze6RsiHFayBV5TIqj0XVi1HfCDd4qddXEcmrtSV84jhFG04HjNIliCjx9bSHgwFCFP6rwHIy3aVqyvWWRMbeaM3qQ-ly3Ljei5TyIjxyH9Up6is2trSVV_iBOUUk1ka3Hk7SLTOpxvcgBNa9kJGb1KsxzILyaakD6BCynv8Jcg4DTLHX_Mxu7gS4-yR0AYqn0_ZgzLHhpbzV7LDs0D4oksAzAk-PUmDS9zs0YHNcPl-d-VdN85kmd--q3QxFcc2QcsV-SfhsbYdY9Xh1QCKgywlpJXMp8KI8L2Dg_Fw1l3mbENpa2KPt6xQFZRZtYMfNy-25-j3qMIaEm7gwN9hD_Oz77BGhcxhsS9NqeJXeL7cKRHFtXqIvqrDfXw0XA63SVvQdzsCSAuL4T2td4uTL9Qx7YbifCgdqLMry1XgfwiZhor03RCbj3CFJUWrOVT_dxl6DDOMPwzj9-LgwGeNQMlzDuf1inubzllsz7mC8IryurWe5WAiTuAdp8qhyDVa_7LU2t1kmqUxBtt1N2pSFjkukPIiQrRG0qMZ0ijfNK9Fjp1bMPuODlI7Y8J1mNemgEkeXsyvqFjqAqNTZnjx-nIRGuhHnHNN-d7Jxi4IKYpKcPG18fdQ0JZvPnpsOPMq6XePZtpK0SRh58AcX6Cz5M3sTE7SS_9wX39Qe1dUcJz6mBDjMr6h_zi1PbkAXXYb8EWOzcJYIDkm4K72kdFk2wjJre-QV-z3AgFw9JaxrHA96LjiIvCYfstCIddAnCmBuXVcNw63zwu0BOQQ6DEe2WjL7WOkYV58eE_2W_aH7o0PkCTGnxFPwkhhnj_iJAfCpJBtVj9ys42A5uMCI7m0PyL8k8f19HXBydGnjucW2Fxj2DowKhkZ4QqYr802gomM5sNLEnt4TcmmDYVrIhD3QQ9iWAJB_OuJ9hXUim91TAxN8nKYKvLtGZKyMT8P_sZTpGbhcll8iVGSWKHaS102fqkxMkNa2fnzZhXUpFUfLm_mKoI_GaK07vdZJacUkJts0KKPc1QzAAl32KLmcLveXVjS-OmpM2qAMJbtWWyYRwTXC_GQ_I_szMg22zlZ1xMydYkK3cr1HlWjhh9VFDH5gpRHjo8AhMrEKf1cBBdwF9P5bkpuXJ_NnptKwn8CYRcqohML_8uY9EMfHX9apPeMqYApEwAz2aoLubZnGZUJqE1hxz9aufy1DMHB1PEjrhHSzQxWCkOvLAQiG3TJB8QRCqLCI7yFtwCPkjMlM23FAuSyqLbZSPzwKyhN4neaXEz_fA-qJb_YJ1Tkw__Gf_ifbfVZpZk6cXIM_CDD0NW3qhqV-ZVeyXRSvrE203rQptiKGQAF7lqEAFbw6nN__YxNJKuTl05WXbff3UBwlLubvhuflTZPauopXU9gCFjki9usnfIsm0gjenGFm8ayFa-En82RHIHNYMW5s3knVPDP0tTos5-OC2yr0cvAYnG6eZ_FTlUYG4cBNSm1_4BeKI0BtrCn6eoh99jD0rb_YNBA8p1H-0gOGCvpxAb2aW1NYk3BawAaW732H6cyh5eiBDQO95m9va6VCnj0FNPHOqJZ8pbAOQnfYMUR2kLMXGtqfeTimdqfQOcCw0xRs0LEjcudEwNumSo970WVfDQgjEb3sG-Prr14F8vusgTF6jlojpkuj50szU0kCGGXMlku288Zyb9ZQa3YvkoAT5mPGlVUFkjJKugW2Q4xUr9kAmaKBTT5T4NFpKv4NvIt_iprjCYTCx8g-EA1Un_BngKJDynCWrpZvumtaen1R5i2a5X5_vxbJDpSclJMh9-nE_d3TOmhX5DkMquE1BUFSA6nwTBPkISU5oq_dhNLuuir6iewALP8ZvV1Rg_Pn3AM04Lt5jdukyMe8l-qNermfilEgFOSIhaIt5LJI4DRb2aNermsm4iSkQZFgn8TAusz_tSCIbhktB97w-UgpE4ouXqExHw6NQFDc_qSEBjKdphC-alfgm0u3KsWrq7IlNoWSi8lWFeACybX_-5HJnecf_lvQR-h3cW1sXtV0OfQmB6BKLBjcOeev6pvTgn4d5TzYg4Xh7dr1cVM_d3dDpvtOf7SuObDtJO2YScCp973k1o0_Zag80LmoSdhUbL6b8fgZviivDifOt5z8u571CRiRQUHAjIe5gABN4xNRgAupf8yknKKE3L5GgkmL_Y65Rx8a4Qirn8hT1ggIxJeLkr2b_w-uI5fFLhqB-Dot9W5cgO4B19g5O_AJ0aB9lCaRdoxVkBO_regWEfQN_4ni329-dPpFxKNmjYzyvQDa6lTwl-mTjgqvwn_GOyTd7BQpn_uk6HD-ca4mT0QpeOXjCmjKy3N7oz3xP9SyRaENcnMVd-6wfws-gFY_pjLGB1dqGF2OefkueFD9REwg_jkemcu_LaWNUsFu6m-tLE3pDr-mBXxYE9c6UMq2QqPWLnXYE3VOkg_3aGbV9HQSU16O9PCNrYumRdII5Id2IoaQm3drDIyJU6_wAKXp04DI3R_-bdj2--kLZukGX5P6zsNpYWEk-tB2z3EbpQRkLiQ7V0klYZuBwFGaXdUMIkESJBrV5vwFhrXJ4G_cc5AFt6CfCT_qcRSfqDgp-DGhFB_EgH6z8xau1sJD3my9mQsOjQ1h9tsgn1Z44fPA4PClx_t43WWCFe5eqBy6B77gL4A5IrOHizX6txuTL1UGKc7zheFGyxwWn-agKcERzqsvpEDbyXZ9MrMgaayafs4MdguhgmIn5nn-JMNccTmUPPpzypXNmaw&cid=CAASFeRo5_QcmmQlCCtYZmJmklTYZf4dxw&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f155.1e100.net
Software
cafe /
Resource Hash
b9e8ede36ab8c0fe55f2f1ee9d12dd8cfbf43f8e63c6b33705e8ddcc31a211f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13728
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 71D1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CNnit5wwIYdjqOIGBx_AP8PiwYJPIteZj2Na2_v4N18eivcABEAEguMOVAmC5-MeA3AGgAemB3dgCyAEFqQJKtF6No--zPqgDAcgDmwSqBPABT9AXUMH2ip8BXj_pER0xqcYnrKsf4tQwvmt0cPVFEY7xwHtthR0lTf1VMfGGhyHSTeX9RCKEEzuFjkGVRp3_wBwW7-JswN703ccVqrqVQCHYxgPdufzJyD36fE_n0KWIRbAAsj5MFjvod2sY-QR0QXtshtSYBHonEap3kSWjbAI-ZeVxHRMo70E_mc5se8yv6CCCcaRzPDKhnXamn2z5uAA3TNK0AinFRAeEg6Inhcu2dVRrIYuFFsQrCIVA_Ji87fQvJczDAyGzDnNXhnCc00Kt2pDmOg60sHtOaruEQZMQWOXuMliycxgAAnWKvV1YwASOrbChxwPgBAOIBaSEr-4zkgUGCBsQAhgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAf__aKnAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUb2AcA8gcKEPjBFxi_oMKtAdIICQiI4YAQEAEYHYAKAcgLAbATssyJDMgTvrHa3QPQEwDYEwqIFALYFAHQFQGAFwGyFxoKGAgAEhRwdWItNjkwNjQ3NjY3ODYzMDgyNg&sigh=njrQgCp4b4w&cid=CAQSPgCNIrLMZmuAAr7dvfnxvCQxtudgsGzZUmudifdEkrALOQXT13EWMkxXI8zhpyjCehKEh9uQjxEiwb-RqxDa&vt=10
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 71D1 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38ff04e8decaaeaf77c37c433a049320d9446a9b8157966bb5a36cc225302eb6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
biltag.bilsyndication.com/passback/ Frame 93A3 		195 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://biltag.bilsyndication.com/passback/?t=1627751911&d=357&z=7050&divID=vi_3577050_490&w=1024&h=90
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627751911/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb5dc5ef6400175742731f1250e2e2d0bc28c7af8ecf630fc8e8c281ded5a64d
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:05 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-ray
6788484f6dc42fa5-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
/
stats.bilsyndication.com/pi/ Frame 93A3 		0
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.bilsyndication.com/pi/?e=zdNAAKrAyUe-aewr-Part-arBZ-BTTBYZyUeATPRzNhqllwqe0RrNBZKRmNKAZARrtNRcsokty_orN
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627751911/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6788484f6bc3e003-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/ Frame 82E5 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=1906052149&t=pageview&_s=6&dl=https%3A%2F%2Fsports.creaders.net%2F&ul=en-us&de=UTF-8&dt=Adx_noBid_creaders.net_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=creaders.net&cm=Adx_noBid&cc=Default&_utma=77545162.561253751.1627917543.1627917543.1627917543.1&_utmz=77545162.1627917543.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1627917544862&_u=aQBCAUABAAAAAC~&jid=&gjid=&cid=561253751.1627917543&tid=UA-128776493-30&_gid=442083696.1627917544&gtm=2ou7s0&z=1882045561
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 06:21:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
32245
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
biltag.bilsyndication.com/passback/ Frame 89AC 		195 B
502 B 		Script
General
Check archive.org
Download Go to
Full URL
https://biltag.bilsyndication.com/passback/?t=1627751911&d=357&z=7056&divID=vi_3577056_978&w=300&h=600
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627751911/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b73d7a159c9c0bc1f330fa05830de13187784e6a748724a0892dfac7b2fdd8a0
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:04 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
483
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-ray
6788484fae492fa5-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
/
stats.bilsyndication.com/pi/ Frame 89AC 		0
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.bilsyndication.com/pi/?e=zdNqyAMTePt-KPKK-PKaY-wKqe-PeMqeePtTKyaRzNhqllwqe0RrNBZKRmNKAZURrtNRcsokty_orN
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627751911/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6788484fac13e003-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/ Frame 82E5 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=1906052149&t=pageview&_s=7&dl=https%3A%2F%2Fsports.creaders.net%2F&ul=en-us&de=UTF-8&dt=Adx_noBid_creaders.net_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=creaders.net&cm=Adx_noBid&cc=Default&_utma=77545162.561253751.1627917543.1627917543.1627917543.1&_utmz=77545162.1627917543.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1627917544909&_u=aQBCAUABAAAAAC~&jid=&gjid=&cid=561253751.1627917543&tid=UA-128776493-30&_gid=442083696.1627917544&gtm=2ou7s0&z=1689054351
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 06:21:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
32245
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 7CC7 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~krus2or8&c=5355204838785&slotId=2677602419392.5&qqid=CPGrzbfRkvICFbm83godOsQGdA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426&nsei=44714510%2C44730769%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:804::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 7CC7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 12:00:01 GMT
x-content-type-options
nosniff
age
530343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jul 2022 12:00:01 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 7CC7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:26:24 GMT
x-content-type-options
nosniff
age
593560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Jul 2022 18:26:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7CC7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=ClX626AwIYfGXEbn5-ga6iJugB5PIteZj2Na2_v4N18eivcABEAEg1cfGLmC5-MeA3AGgAemB3dgCyAEFqQJKtF6No--zPqgDAcgDmwSqBPABT9ACCuk_zDuLTOEaMHDTlXI4ZGv4G2duAx9eJILfTLOCpoXyJOJPxf_dIYXibGlXxExUWWnfBRqMZW5z2uq4gKSXX1iuYWtJHwzi0x_PjQm_Fy5_nq69LtYoo2xsNU4ke4uz-Vd4qZ9l6fC8TtYW6DWJc5-NCDaWh5pyWV1Ox30iACLkK7olL32W04Pvh2DlsQHY-uPcR5_oz9LbTX_kddb3JriaWuzOa5olNLDbe4SMUJuZvqdLOvdO89poZDSx_5l0T0_tEBHkT8dODFmj6g6zYEPRvTBm4PBnPpsrymWQosC_sQsjZ2hhdRLmqOE-wASOrbChxwPgBAOQBgGgBnaAB__9oqcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoByAsB4AsBgAwBsBOyzIkMyBO-sdrdA9ATANgTCogUAtgUAdAVAYAXAQ&eventType=clickstring&clientTime=1627917544920&ai=ClX626AwIYfGXEbn5-ga6iJugB5PIteZj2Na2_v4N18eivcABEAEg1cfGLmC5-MeA3AGgAemB3dgCyAEFqQJKtF6No--zPqgDAcgDmwSqBPABT9ACCuk_zDuLTOEaMHDTlXI4ZGv4G2duAx9eJILfTLOCpoXyJOJPxf_dIYXibGlXxExUWWnfBRqMZW5z2uq4gKSXX1iuYWtJHwzi0x_PjQm_Fy5_nq69LtYoo2xsNU4ke4uz-Vd4qZ9l6fC8TtYW6DWJc5-NCDaWh5pyWV1Ox30iACLkK7olL32W04Pvh2DlsQHY-uPcR5_oz9LbTX_kddb3JriaWuzOa5olNLDbe4SMUJuZvqdLOvdO89poZDSx_5l0T0_tEBHkT8dODFmj6g6zYEPRvTBm4PBnPpsrymWQosC_sQsjZ2hhdRLmqOE-wASOrbChxwPgBAOQBgGgBnaAB__9oqcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoByAsB4AsBgAwBsBOyzIkMyBO-sdrdA9ATANgTCogUAtgUAdAVAYAXAQ
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 7CC7 		28 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Bk2fnDf5zHqfJdo5Op32znr8yJ2env8WPRZS3yR9qIzf-D5mQB5L_O2KJ4NGt1__HK-oHSvksgoZotecc91vVtfqEVDQ&cry=1&dbm_d=AKAmf-D7gMjspO5bT85VQQy9gJXmIMtPZf9ZwK7dE1glkRh5HHt2OqqMZPQomxsvkYq4Ts3TzUYPs7S-1bH6e4PGQe4qNjJiQ4487A9DffcuKonExbRCwg4DU3Dtooby-E4kxE6Gsz3AAT8kbpmxcexbMePq9x8PZmc1fZuUakFx8Vxb0dZ0rO_L-xBwRLocMQ-UrGuSUK-lsrUZ8AtZO0ki09yYsFmP96m9o5VJXHmmI4CUxy8Hyyw_rIRz-Jxl70IHWakLZIZMcSliYqe8Yad7s5BnS6pflb_Dp1iJ8_owhunlC979ZeuF9udU1Rw-Gp19IJAxt9keRzh4E5xsGKSllBipqQ8EC7WitxWsvcVsYvjij0N-B3fqr8RjnCGkVQ6LKXvREt-V2yd6KhdhHfIAXQROwn98itIXRr7grhPlEJGLgJqikmvc23oqgt1V7ZGfVIuEHEBJxYo3ctcBzR2UnfPl6uPmFp6OnP9Xr9aYVNxbYP2xwt_-l1Y27pi_jAQf6qL03ga9mD9-CJ6QJ4xfNEuKCcQ9agygcOzq_MRd5AUc0Hue_WPNx-oGamZxMha8YZp_86pv6kA40zJNMv0kbQIq-qOBhB2AnFLYLhO9SyWC0WKcMBXQX6rxpWCb_YUfG-ulp0Shj8ie9k11rc_pi0tvhS8FfC5g3XgpfWLzY3PqPg9HRjfatXdiPM6HaSf3zQPHxLSYJiH6nfLIKfXRfuI3WRt1zBnQp9IKI6Dic8lD8xjlDbC7IQI_NXhzr1Gb0095tb4HOKn1tr0BQuYKnuXn4F85BUeCZ8hY1v5XwXBgEPGTQOPCx58DfC6caSU8WiJB9B4uvknKe_1uXtAnomjD7z5m3YaCimGyo0P7OPPT3QjkveFOgnH6z7OE4IU_Yok4Y76fNjNomh_A7uzZgtYVKnYZyYkNtjmpqduK2plVUun_dGIeD8MvpOKmHbud4DO75GyUdLTS5A4NlKjkobYsOu9RZdJgpUbN29HrhS2ltGDwKvrGb2THCKH0IOdr_hdrt3fRcQf1j_JtsuamRxNxizdPO0mdYOsfsZyAwpjXNjzBVEAsFE91BsATaSW7vdTkHAP2XfCIAnJB5Af_SMthmdxYejo4_mvjPzIGVi9tlJG_9p5-o7NZnFTFfLv6qKAFbpEvG5OG-G59g2AwKJdAbZBEAnjl8Oj6pOaUa1Vh9mPHMgf1dv63eMs5dXXEMs_bzHQGtL2V7Y18D3e3ggB2C_IvX-ySj3sEmX_TAj9eFeJYU299FlaWzZnxK-fSbOOpaGhTYNRDSuCGdE8gIojtNPPE5NSmiyQ5lKMibgYPGCgC2SSku_TXmq7B-f9x8g1e99TtSuPH-SntJCQ9jM7_a8CSZP_1abp8n5o4t5FbEBf2adBJ44M5_5DdOrxgmXgyJRO3FMIfv3ZsdsGhd9hPkWykQ6S8Z2djecI9ysOEUJf9EKg0zwO8xkMJ6Vv3VbN0U_1tNvgI7oYEQBhom6-_RLPeUHRf2mVTvZ1xobp20AZuU-gjepbgWd-YBjMCH6zZUeh9Z4YI0ZM-euSAZH-cANkD0xDhYmOOYMttGe_P7HeGRkncUvi5zmKAFe2M69teaocYVz2pJMTFg07GaW3_27xQu2E4ruLNb6LSVJRMYpK2JefVAoIVabNz7SqwcCBcG0vBsRKJwdezNZrl3fWv7NLxfTK6RRDRGnfX3E5wdQ-uDKW_Y_GEy-m9s9NaBo-6xKswo1SkB80OU5WIXaZe8xhBNVSDdMfba4CN1GPETJlOP2UDUB0hucMg_3RN9qlNctuszczCAW6_hso6ZFht-mbtTbMPcyXtedYqpaHZafeaxO2jwboE0iabQWDR5jSBVXCoYXm5mOvk46MgYYiksoHQ8cJDM7XQPQHWDD31KAYop9llPtkthbe9xORmXVFt-pv6WgbunBrOcjFAPv7KxFF5r3QhlGuqX_HiyHyA54cFBkJfsZk9d7otpm_KrgcHcv429ygMtE7f5SVTYiTN4Hf7QuZrXWQCpgKD-CpTwNpLxjumZ29sRWsqCkjejWVHo3BjPrTWVCXGQq7HUaNq9B_ImYPtBE3C2NWucfxO_vpllWa1TPhzoP5t7buBjY9UZ41UsqdgwFVnvEActveeJKZBfy9cSJ-XFdeJHxeUIHxrmxa7TNEi9ZNKEXOphuc35Phn9wsPuiwhw1R_Bacpj2I3Y-k75cRjpDdOXu53bfag68ZO-E660BxswgW5ObwbSkthIzOfP_3RYp81PuKcdtrWd9XY8-QLv_uIYpB5evfSpwC5oG-GtKZ_SZ8TMa2A7DklrZML6LOme_JQpceHucQnuff06ntc6axb7iOFD9HSowADjMRIKyBNGuQBX2wiOcYoA-uy-U4-s7pQbbivBEHrtTFhebDPOGKUzlMNuByRB7Iud8GdkxZTsJ9fhZ7sex3sO33_2dW-tDywUd6qWV3iZ2DM0WNmqeWVq3m0y_tUAxX8ghgwKvMirDNzwht0QPEUic7rm8LZqthykxw1CdX-GPoSPe3mej8mb-i-xaAjlFcrUYOajpaF7RKx5yEjTbSFbtKs2hZvIYdcK5Y9fTPRsjRK5DopMwgIK3sJW5dNhKOi1yh6qmYP1Kjmrlgk0ECJv0_O8MY00zhlEsev347xYoOHOztvAfmYTmYb3sg3DcfotwnPJDyGSSv9mO4_Gi-xs5qI5ue9hjqjJOvh8Ua6s2k9NqYEQBLrhfMz1GlGplGoo-CePfjlxMGDcy16fro1EzOJxXR1tomf-zk9RqovXRwRljec_PsHILw0B1znYzZW0A5k3rG5BhqelFLuqhh2pSLScIjWfvvMhCZJfnW1Q7R5dJozcslusjiiTTPsu5YMESxDW-BJSN8YYrSKiSEcPrMNcQrVyuMZ3qwtvc0AdigDi2emPvFhBZuDjQpaji-fZDWfYo97YVY6pzRregzPQU_WjVVsSv6GWpxPQlx8j8eLJEA-0VphLztmLdQC9-nsUsm9t6cFIFpTmL7iE6JMeK1giwhqfnszFh4yXQ6ITS-JjeG_-siKGKB1xZ-e8IQxUED0zF6yeHCWYgX9iuXI7d6do3C-Vfqqjo7L0ohpNAL2MIzcB9OxxnS4lRelmlxlVvszyyRLr7Ae7cii3YqBm7tF7Y-DbZvWSQH_DzPkEOV6Y61LRt52pMnL32fgXq-4t9IixDWPwfk96FC3Uh1GT-npYoMYNvcaYN-QYQCBFCkdcWpmZr6lcwexCTkaE96voN_SSA_ETx3dOnNpd_kBzl77_2mcG9S5E0r3k2zHy2aii6wmQ-7YEN3g3zLnif6Oxg0pfzsfjO0frpneMPthbm0L4iIhxsiWVsw4nuSBmkyLPljBmOBDG-jDdkW4u0MukuVzE8lSUKt9pcz5QspXNBkGfSQnDwhFktR5a_qHVHaJBZ_cbjkfl_xpyDWtsVVX6rpIpOGBqlyRAaFyV8Ye&cid=CAASFeRoOevP_uVBSxi7BbRdb3bNK9NdpA&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/outstream.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
64.233.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f155.1e100.net
Software
cafe /
Resource Hash
90356317189f4ec1a2aa79b1801ba1811b99c10c4f8843f9090c19ea12290657
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13853
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7CC7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CObcX6AwIYfGXEbn5-ga6iJugB5PIteZj2Na2_v4N18eivcABEAEg1cfGLmC5-MeA3AGgAemB3dgCyAEFqQJKtF6No--zPqgDAcgDmwSqBO0BT9ACCuk_zDuLTOEaMHDTlXI4ZGv4G2duAx9eJILfTLOCpoXyJOJPxf_dIYXibGlXxExUWWnfBRqMZW5z2uq4gKSXX1iuYWtJHwzi0x_PjQm_Fy5_nq69LtYoo2xsNU4ke4uz-Vd4qZ9l6fC8TtYW6DWJc5-NCDaWh5pyWV1Ox30iACLkK7olL32W04Pvh2DlsQHY-uPcR5_oz9LbTX_kddb3JriaWuzOa5olNLDbe4SMUJuZvqdLOvdO89poZDSx_5l0T0_tEBHkT8dODFmj6g7rYdkkLqIGckmB08zLJ3VjMs9FISSg8Ufiy0L-wASOrbChxwPgBAOIBaSEr-4zkgUGCBsQAhgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAf__aKnAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUb2AcA8gcKEM3gGRi_oMKtAdIICQiI4YAQEAEYHYAKAcgLAbATssyJDMgTvrHa3QPQEwDYEwqIFALYFAHQFQGAFwGyFxoKGAgAEhRwdWItOTY2OTE3Njk4OTE2NDM3Mw&sigh=EHNj3xKft78&cid=CAQSPgCNIrLMEdhd1hiag8VqlRyX7wIc0LEYafKTlAMcvaW9BowtGag9NHuZfEKPTJXn9uW1olK7TiASmhLxy8Ch&vt=10
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 7CC7 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3ac803a65ac0ff2f3231f55c92ddb7c2e8da4006bddc26007f107a9b08427ca

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 71D1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/outstream.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 14:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
522554
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jul 2022 14:09:50 GMT
file.mp4
r4---sn-4g5e6nsd.c.2mdn.net/videoplayback/id/61ae0c5f1ddc0749/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1659453544/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 71D1
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/61ae0c5f1ddc0749/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1659453544/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r4---sn-4g5e6nsd.c.2mdn.net/videoplayback/id/61ae0c5f1ddc0749/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1659453544/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5e6nsd.c.2mdn.net/videoplayback/id/61ae0c5f1ddc0749/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1659453544/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/19BF7D51FB25277218213314A5791444EDDE5FC8.3DB3A666957E7FAD5D23DC339A4DD28700B4EBBF/key/cms1/cms_redirect/yes/mh/sC/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nsd/ms/onc/mt/1627916444/mv/m/mvi/4/pl/52/file/file.mp4
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:61::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 15:19:05 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2242277
Last-Modified
Thu, 17 Jun 2021 15:46:25 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Mon, 02 Aug 2021 15:19:05 GMT

Redirect headers

date
Mon, 02 Aug 2021 15:19:04 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
650
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r4---sn-4g5e6nsd.c.2mdn.net/videoplayback/id/61ae0c5f1ddc0749/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1659453544/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/19BF7D51FB25277218213314A5791444EDDE5FC8.3DB3A666957E7FAD5D23DC339A4DD28700B4EBBF/key/cms1/cms_redirect/yes/mh/sC/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nsd/ms/onc/mt/1627916444/mv/m/mvi/4/pl/52/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 71D1 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~krus2oos&c=612297734924&slotId=306148867462&qqid=CJj6t7fRkvICFYHAEQgdcDwMDA&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=997&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=16&vhc=0&msm=1&aits=0%2C17%2C36%2C18%2C22%2C37%2C43%2C44%2C45%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.u3
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:804::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E1F1 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssya6z279873cEGYyRMAlMcS1z2eX3bSVQzonfCeYLzS0Ut1Yww3NhYpCPT7_77OUxfXQiz2uFoIkzWM3y3uJ5Cucabuz0yFwUXGwZysWaWmijQfQqybvPPR-vHuSDnF846dP3yBMWcvKf_SQmSUONJFMFGkluQLkH6GQxFIew1UGyt9bc8wJHaVWu1NsZ1P2hg-VMwoubvpSSJHEXZCd6f2nHh39IRFle8jAv2V9HCUkE_oj6Iq0b7rcSOpssgWZwFshj9ZBGl32r7X79ESMJ30zdXj8-Yav5Osg_3yWEbV_vyr2YA8DKYSCL38R9exh0iK53JnWFsk7YkXwebLoBinT2uudIzuXda5BoOeql-2EsNbQF7gizqqOYb6hMw6pakYW7CG_HJ1XVMr92j8_d3XMd6JmAqUlIs29Pr9Bo9d7UrLsuWJ3UXAvVF40_ugbo_FEIzWePSeicjfaF6bNEnV4OYompJ07nIGy6RG1AEk3uDgZs6eQEGVSZQ0xo024PzMwMIRQWeEDiGDoeAorDMZSF4F4qM2TUZdErnbWmol_jzYx3h1cfSVy_b6vkNdQheTzUbG1df06J_6GM2d8hPUNg0KJYlZ7HqdIa8AUCC3oi3KYxS-Wz9wSIKrKlvqbx1yunVQYWHzoRi3J0PfsMmdYzdQkWdTmn36iDNlVrRnZAF9ltUE6X0kWK-PbU9X55BcKj66ze2WEq1EFV08GjCiUH_-WR4_CDY3yRIx06_3zI8TM6SmyTFRMCwvfbJNsFd6BLKt-HfwnYA8yJnmmQBREV4WsKU2Bofn2HY-rcg3Bxm4aCG_H3tb20iPOZEs3jpwsdI1vhSSveRgOWyiIKqDOUcT-9W6bGyvsLQykLzg-rbX2B_QzPS_dq7eiUcVUgl60oWiQX0oVKAXmrvZdTx_adIJ32MROo4ar_vNnSnWf0t_uvcj7fAZKMJj8zfH0LNS4yQ0HIyIc6PthKtXYb_W8SP9JpAHY80BFYA2qkQUqWyacBk42VCiP9sUTU4X7KGfP8QfkCKMRc0X0aR7cm35AxyPRsL7sgcncIM29DAkCB1UlfeauCFUu6VIxT5J3CN3It2dkPqA4eoZ0kECnFCjXfEf3nEIgFFVfiqDG9IkM9cAhHntf2x3gwDnoR0jMyyrSTmdtmhpoGL&sai=AMfl-YRuNHV-yZI4YefNn5dlN5f8s4PkPJ7b5lVG4kQg_Lam2r8MK5pR6W55QRtblNrQaTrv2tK6WXFdjbxi1RJn_ojyrBaDRquWfD5FeWz9PlC3EuG3TS7V1vfQzjjI-fG4YOuAfeW7yt4P_izjE7c2g4QhYEqWJwAtlyXW_MEXjIgVzjveP8fgiQuS8ADp72FSp78SfLfUpYZLW5ExQBVNAumZqS43ga-FzakSlupBn_nHXxyRu58HzQ1gPzUrWystHKxe-XLjtx_ogYfYw3KW8706OBdBOAbWq-KUCZLhNQoD_pk39uAQNp7DMC9Fd5fVZqti5uT-W-CUnfhyMC__gmamr4obMEO8Fug9VqG4RmVaKzucPYRraC7GwOjGiOqcRw&sig=Cg0ArKJSzHSn8eOrQSx0EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=301&vt=11&dtpt=300&dett=2&cstd=0&cisv=r20210728.18478&adurl=
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 02 Aug 2021 15:19:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rum
dsum-sec.casalemedia.com/ Frame A695
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH2TESnxpv_E6CLI7Ot3dPY&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH2TESnxpv_E6CLI7Ot3dPY&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH2TESnxpv_E6CLI7Ot3dPY&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNiEVRDrv6gCGMnr5a0BMAE&v=APEucNXmDdkim_quF2hxh7PSLILN4insGcrbN5PCPeD7CPjv1ieLqtqs2oVw3Z2fBRpL1K__TzOQRsMYVrge8V1ThI1XjrW0t3uVRpU2FoGcpyRSjA0-rtLXhmnuuUEmy028HlorEjbzsnCSFnu-d_TnDh5535NngxLaVIQ84zmNwVqk_igcvSs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:05 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH2TESnxpv_E6CLI7Ot3dPY&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Mon, 02 Aug 2021 15:19:05 GMT
rum
dsum-sec.casalemedia.com/ Frame A695
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YQgM6Sny7S9BASUqim0ZawAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH2TESnxpv_E6CLI7Ot3dPY&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH2TESnxpv_E6CLI7Ot3dPY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNiEVRDrv6gCGMnr5a0BMAE&v=APEucNXmDdkim_quF2hxh7PSLILN4insGcrbN5PCPeD7CPjv1ieLqtqs2oVw3Z2fBRpL1K__TzOQRsMYVrge8V1ThI1XjrW0t3uVRpU2FoGcpyRSjA0-rtLXhmnuuUEmy028HlorEjbzsnCSFnu-d_TnDh5535NngxLaVIQ84zmNwVqk_igcvSs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:05 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH2TESnxpv_E6CLI7Ot3dPY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame A695
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEI4USKEZX1FZdYbIeCS0x2s&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEI4USKEZX1FZdYbIeCS0x2s%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEI4USKEZX1FZdYbIeCS0x2s%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNiEVRDrv6gCGMnr5a0BMAE&v=APEucNXmDdkim_quF2hxh7PSLILN4insGcrbN5PCPeD7CPjv1ieLqtqs2oVw3Z2fBRpL1K__TzOQRsMYVrge8V1ThI1XjrW0t3uVRpU2FoGcpyRSjA0-rtLXhmnuuUEmy028HlorEjbzsnCSFnu-d_TnDh5535NngxLaVIQ84zmNwVqk_igcvSs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:05 GMT
X-Proxy-Origin
82.102.19.124; 82.102.19.124; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f8a4a03a-3d9b-43b7-bb24-264ac883d412
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:05 GMT
X-Proxy-Origin
82.102.19.124; 82.102.19.124; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
64480db7-95b3-4e45-948f-d23698e7d6b9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEI4USKEZX1FZdYbIeCS0x2s%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A695
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk5MTQ1NjczOTY2NDA0NTY4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk5MTQ1NjczOTY2NDA0NTY4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNiEVRDrv6gCGMnr5a0BMAE&v=APEucNXmDdkim_quF2hxh7PSLILN4insGcrbN5PCPeD7CPjv1ieLqtqs2oVw3Z2fBRpL1K__TzOQRsMYVrge8V1ThI1XjrW0t3uVRpU2FoGcpyRSjA0-rtLXhmnuuUEmy028HlorEjbzsnCSFnu-d_TnDh5535NngxLaVIQ84zmNwVqk_igcvSs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:05 GMT
X-Proxy-Origin
82.102.19.124; 82.102.19.124; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
4061cf8b-c246-4fad-bbcf-45541e553b79
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk5MTQ1NjczOTY2NDA0NTY4
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 706A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/outstream.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 14:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
522554
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jul 2022 14:09:50 GMT
file.mp4
r4---sn-4g5ednse.c.2mdn.net/videoplayback/id/61ae0c5f1ddc0749/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1659453544/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 706A
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/61ae0c5f1ddc0749/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1659453544/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r4---sn-4g5ednse.c.2mdn.net/videoplayback/id/61ae0c5f1ddc0749/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1659453544/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5ednse.c.2mdn.net/videoplayback/id/61ae0c5f1ddc0749/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1659453544/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5517CBE2289FD38538486ED954B05D6B7644F17C.74311AD0380B4C1C74B1D6CFA25E7B9DE24DDBE0/key/cms1/cms_redirect/yes/mh/sC/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednse/ms/onc/mt/1627917400/mv/m/mvi/4/pl/52/file/file.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:69::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 15:19:05 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2242277
Last-Modified
Thu, 17 Jun 2021 15:46:25 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Mon, 02 Aug 2021 15:19:05 GMT

Redirect headers

date
Mon, 02 Aug 2021 15:19:04 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
650
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r4---sn-4g5ednse.c.2mdn.net/videoplayback/id/61ae0c5f1ddc0749/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1659453544/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5517CBE2289FD38538486ED954B05D6B7644F17C.74311AD0380B4C1C74B1D6CFA25E7B9DE24DDBE0/key/cms1/cms_redirect/yes/mh/sC/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednse/ms/onc/mt/1627917400/mv/m/mvi/4/pl/52/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 706A 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~krus2onl&c=4020012804040&slotId=2010006402020&qqid=CJf6t7fRkvICFYHAEQgdcDwMDA&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=997&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=16&vhc=0&msm=1&aits=0%2C17%2C36%2C18%2C22%2C37%2C43%2C44%2C45%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.ur
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:804::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ts300x600.gif
www.creaders.net/ads/banners/ts/ Frame 89AC 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.creaders.net/ads/banners/ts/ts300x600.gif
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
a837dd26b780a9339401754a2df04be6048a5bd8771fe79915f04439ddd5ea4f

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:05 GMT
last-modified
Sat, 15 May 2021 19:08:34 GMT
server
Apache
accept-ranges
bytes
etag
"1d7b78-5c2631639f080"
content-length
1932152
content-type
image/gif
tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js
pagead2.googlesyndication.com/bg/ Frame 8E8F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Aug 2021 09:00:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
109133
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13260
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 01 Aug 2022 09:00:12 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 7AD3 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/H0ZEmIz7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8727
date
Tue, 27 Jul 2021 14:21:51 GMT
expires
Wed, 27 Jul 2022 14:21:51 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
521834
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BFAD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sports.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sports.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 02 Aug 2021 15:19:03 GMT
expires
Tue, 02 Aug 2022 15:19:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/ Frame 82E5 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=1906052149&t=pageview&_s=8&dl=https%3A%2F%2Fsports.creaders.net%2F&ul=en-us&de=UTF-8&dt=vli_9_creaders.net_0_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0&cs=creaders.net&cm=vli_9&cc=Default&_utma=77545162.561253751.1627917543.1627917543.1627917543.1&_utmz=77545162.1627917543.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1627917545023&_u=aQBCAUABAAAAAC~&jid=&gjid=&cid=561253751.1627917543&tid=UA-128776493-30&_gid=442083696.1627917544&gtm=2ou7s0&z=11945361
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 06:21:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
32246
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 57D9 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/H0ZEmIz7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8727
date
Tue, 27 Jul 2021 14:21:51 GMT
expires
Wed, 27 Jul 2022 14:21:51 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
521834
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 7CC7 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/outstream.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 14:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
522555
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jul 2022 14:09:50 GMT
file.mp4
r4---sn-4g5e6nsd.c.2mdn.net/videoplayback/id/61ae0c5f1ddc0749/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1659453544/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 7CC7
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/61ae0c5f1ddc0749/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1659453544/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r4---sn-4g5e6nsd.c.2mdn.net/videoplayback/id/61ae0c5f1ddc0749/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1659453544/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5e6nsd.c.2mdn.net/videoplayback/id/61ae0c5f1ddc0749/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1659453544/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0289D9FCAEB9463C1C569B1999F986C792C7ED0F.37E2B974C1BE3B097125A7EE5A02CC3F9ADC4DC3/key/cms1/cms_redirect/yes/mh/sC/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nsd/ms/onc/mt/1627916444/mv/m/mvi/4/pl/52/file/file.mp4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:61::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:05 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2242277
client-protocol
quic
last-modified
Thu, 17 Jun 2021 15:46:25 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
null
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
null
expires
Mon, 02 Aug 2021 15:19:05 GMT

Redirect headers

date
Mon, 02 Aug 2021 15:19:05 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
650
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r4---sn-4g5e6nsd.c.2mdn.net/videoplayback/id/61ae0c5f1ddc0749/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1659453544/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0289D9FCAEB9463C1C569B1999F986C792C7ED0F.37E2B974C1BE3B097125A7EE5A02CC3F9ADC4DC3/key/cms1/cms_redirect/yes/mh/sC/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nsd/ms/onc/mt/1627916444/mv/m/mvi/4/pl/52/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
pagead2.googlesyndication.com/bg/ Frame B93B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 10:41:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
189475
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13367
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 31 Jul 2022 10:41:10 GMT
file.mp4
r4---sn-4g5e6nsd.c.2mdn.net/videoplayback/id/61ae0c5f1ddc0749/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1659453544/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 71D1 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5e6nsd.c.2mdn.net/videoplayback/id/61ae0c5f1ddc0749/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1659453544/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/19BF7D51FB25277218213314A5791444EDDE5FC8.3DB3A666957E7FAD5D23DC339A4DD28700B4EBBF/key/cms1/cms_redirect/yes/mh/sC/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nsd/ms/onc/mt/1627916444/mv/m/mvi/4/pl/52/file/file.mp4
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:61::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
477b4fd763c0b63fe3e615ea043359a805f37bb64027a3766cd8837c8e8bde59
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 02 Aug 2021 15:19:05 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2242276/2242277
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2242277
expires
Mon, 02 Aug 2021 15:19:05 GMT
last-modified
Thu, 17 Jun 2021 15:46:25 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
client-protocol
quic
csi
csi.gstatic.com/ Frame 71D1 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~krus2os7&c=612297734924&slotId=306148867462&qqid=CJj6t7fRkvICFYHAEQgdcDwMDA&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=997&mt=video%2Fmp4&vs=640x360&ple=1&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fgcdn.2mdn.net%252Fvideoplayback%252Fid%252F61ae0c5f1ddc0749%252Fitag%252F343%252Fsource%252Fweb_video_ads%252Fctier%252FL%252Facao%252Fyes%252Fip%252F0.0.0.0%252Fipbits%252F0%252Fexpire%252F1659453544%252Fsparams%252Fip%252Cipbits%252Cexpire%252Cid%252Citag%252Csource%252Cctier%252Cacao%252Fsignature%252F8ED8BD9D503A9BA8DFDD2A5ED5EB484387AEA63D.99EB4D00D2DE55A50A7E56A33B4CAB3A86E09D5C%252Fkey%252Fck2%252Ffile%252Ffile.mp4&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:804::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame DC22 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-nKBD9yigYm9PkZzAB&v=APEucNWmcYXt7WTzVnKrHoWlak8UoNoAOFMf8QiiMtcOfbjdISsl1C35lKgr26azw27Zxag7y3naipeZwEHAijg5XRvzG_B8BSIjDfr1wJUClSkq7wp_ZvG1XpfAecQQXmSEhqTLUVS9Ad51DXP02CfE8xSHm0ICl_sn_trt1rSGAs6a7iepjJE
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CM-nKBD9yigYm9PkZzAB&v=APEucNWmcYXt7WTzVnKrHoWlak8UoNoAOFMf8QiiMtcOfbjdISsl1C35lKgr26azw27Zxag7y3naipeZwEHAijg5XRvzG_B8BSIjDfr1wJUClSkq7wp_ZvG1XpfAecQQXmSEhqTLUVS9Ad51DXP02CfE8xSHm0ICl_sn_trt1rSGAs6a7iepjJE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmeJLIRPHfZ8igkcv6K8GmnUHBIYV7kjaUzs_ihP6W7Ao9uGksUJtZ52QwdJiI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 02 Aug 2021 15:19:05 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame BFAD 		66 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4TAOsKcCKAyguL5sc2KWbWEQaSxQfnH9sQdxjKff07DkyVJevzW8Bqx62LDNQJwb_5DAYnVvWBojhrL6ZQQKdUa1dh_S2AdpGDBux1fuA9c49lZK8eIOU07Jr_8_gh_x0FyxUQ_ce6sVPd_QTPAjelDspqQ&dbm_d=AKAmf-AEYsd3XNpHNPuGnmiU_srdL_iRsQHlZMPMTY7Uka5wC_icvff_bwBAEsBlsqW8bBWjhGq-E10bXU9IhuxQXF4ko0t3XYEL5hl_Se6JrAoPMzQWjfeNwc2ohTDzN6r9sxhdJWJub79eX6vCP2RfgwWA9S1biGy7WjmICUmeQcqwTmO2uUeuz_6sVSiWcYkYj_bpZulzr--Bxx8tx8ewNwCV5gXABkISJoGU-VsK5oBWb8jwQCxZeWezR3eyGeD67Q5TE8WyzM9ZqzK93YIT1X0bdoiPDRXz3PNqjnv1zfKy33le7J8aLs7WrwcsM0DnRXXYPzZH9TY9n4e6ChSAJXHOSqW1Rqa7l0jWAKPFDx-_h7Nt3QC9ZNGahWZoZs7BtaxE7uX0BFzPtXnq1GeF8ZId0AVrhvDl4m4K7Lpoj0tLSRUm3Mg04yGY6BX3C8ZsyRex44fLf6dlCbptPxgeUTYkfGD9UAWXKI9m6QsqwWTka-2dL95hPqi0VogAa1VJKV9eZqFDis4vE-SMI_EjQFYxnITjHQQNe8kpP8c_vcrO5jFxprZPOcDYT4gnuFFakYBC9zqdV9MTqSzjeoeWcSfrQvYtElEtMtSPbbUqNuDjul-MMmSXYxKH8Do00pDRrgaO9uPVcllrGqhIki7I8k2PQLpN126XVw1vTY4iai6chVdfrf6eyFaaMJC9IrFmyF7iec2uVU1hRy56n8IYHCDXg_pCEVMRhh-ClhWgjyYJdcju8ivL9mA77JpTRIB0u8-by9unqBnxYYF72PhMNvLjXlRpkzcObaDMkJA3LobYIl0EeqIL8AHIG7ayt4yzf9LiJKcMa42rk8mFpuyErtKcYCKwWGeWAccFq8QpR2ed3j8PZG0C1Mpr8ENVUm2Gqt3_8OYreI0BgrsFI98h9jHJLCZXHLbsbiLlj6oimTI71WVUASpZAy-0WwshuJZwHqhj1qY4rhBWLvLZzJA1i26YeWti20XXAi0mQiMpfrr4nWqSSAzOKfvqW9LnQuNHjMzy0UtcirlbcEOVO-DL_OHRBBtRB2QBNq52EJTx13Dtj8WecN5NIGZ_WTWfkJkd_0ovYPvZM7b0pApWppuYsctjqDDmRhmrVg0PHdbPLsLpRfEI64h1rN7GamzfZj0KpfCW-_Ew7tLeXFHs8jc3SxzwtH2Qhqu27FrN1PdGCcuTuhCdUUppONMzRWutHNxtW3IPPrV7J5b9KmEQbP2VbFdFJ_k9r30HWfnd9tyDhu9D9FHvglXrJ4BN3Uxu3j1wucPTZ3B1uurPA18iB3127GdoWhXEUCp8vNt5hXaqRVIwS-aX6fCSHleUTupAA0E9sXVDdCvKbt8Hj1b2z0RmnSduPp4Cv8VNrX7kttX13bnPr2vGiHsbYPnvM6sIVYlMxI_Jw-QbFyJuTNNZu5YgBxqsj3G38OJYTMIinKEonZnBOT3LD7z3F4fPWHeoIH4ScIw1r1yu3c6dIbGNpSRn602nFk-k-eF9S4b_GdbnIbr3DhPLJ-1ufIsHp0OrGaDOFAWDD6ChC9q8KO0dn52qtq6t-QTJ2_jwKuT8mypBkkbmwPEHe2GDKn6DSgRSTqvVrGYVdV9A0KAdwhG2nkZwNZiwzj8qNiGx-0IacFb4RW2tqqCrXOVPhpBaY5egevwOnevYrCiJoJOBNl9pkDz8RWOPw5UapSR7mOpQIDDrPo6geuL5VauVS_l5k65AityvCAE3f9mVln2tUmoRijBQn0WTNiY_YlozMA9e7QDCr9zOQBxY4cQnUazQFt2N9nEaHaLtzmSCAyTAjbqOihfZn_Fx6HLkSs9jLvDjiaj164tEtDTrrspwBAe3zYMMcZI4y6x4uoPCO2YAWob1rRO39HYfqJgyxbFCx2VbNE-8zfUBzNjPQOCck8DmEDQZbiDMf_q6S5s8LJMuLsPQJWuTIzXR_v4OhaygTPboCDKzZH466q63PNxPlWG_ghtpOzJMpM9yXG1MgXcUkY1Jy9qal9CilzFCy_dKYLdVrwMn6eUAo8gu7f9rTUu7uOMIKF3X2qYwhwcE9q_DjqByhEzgJCNNYIYL0MYwjALQf-WN6RK8kjUtwNH6ZoRFPBJDcmTHMFNyqWNAOwDstVfkm_XUrOaKjBNbb3ff3AWschY7ROrbVAXzF5TfCxQrU_21A7UUgl0b_tlQYRm-tLkE3a8waEpaHFnNuxwH4ywCFTJzUPhJDCKWch_UxjW7LAKdvu4oyco_a8pzpj1JpGnsdU_xPn-2OzkA4lkjE3onUG0KbL2Gaz4i40RwNu-5CqHJp97p5K5MlkowPfn03xdam-JeJJ0SopYrw_MG1MAv1CftTeHmKPFkZc7jJ8KSIz93DzYUa2-NRKO1fe46F5y0xfibZXAZFKIs7FhcJep0ASZV3G8M2UCBK4U5Dk84vojeZFXhkeAufXi4NQBrX2OEOcE9oM-fehmZTdS-EWlWmIoOtO45L8ExnMTmC6ktGYj1GsDgqHh2DR6Wz0ilcbr9C61XJOF31HPLYRVeYMGPH4JDYJwiCrs4ESj4-tz261LQNHadBRERu2bGoESSwkcZq5qPZg6uzfa-71344nd3Vt9naJX0H9wiYo4zAzK-BQN6GCDGHacLa6FUkZzpUAwdbebr-zbe54Uya0l0ZkLmD0Ttxz-6-vCUiKKDlMZlYo0-YhTx_LI98szBc6_kXFmo-7OqCE6W0FALCdmcmW6EeFptipek0UfXkVf6Ku5ytKG5Uxu7yW2W3MXOBgR00KO02ycMFrJQXAxtCPBj-NLv218WGYih1InIp4Cf362musrzDAM3JHq75HPb1sl8s7UumejRANTBVF7PZSP9bgs33o7cIQQbowF3DPBL43rr7IZjUqxH9Q-h-tcT5dwCZ5U_7mUfWLXN9QRopLSjIQDUoyGJhA-cmNklGoJIHld1fOX-kQBd_VwNkMrowz0DiymF3aVM1GtG19oDkS4mrGikrol59Tj7mnPT5gP83FfaoSEgq7pjTSKhcQXzqlckwHX0Dc8HShsNSBJ98A&cid=CAASEuRo2ntgELRfSeImKI0JHS0m4g&rfl=1%2Chttps%253A%252F%252Fsports.creaders.net%252F%240
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e615f21aa637d844394b206c8d7e32a83382507ca8df50142d49f5c5517af51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BFAD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A0TqJ5fVNc1UEUla6V5YExQFr3Hi7Xdt5zB8ZtG3whqfC7mviiY1jyEr3GCRcGCvq6tTXF_CZjehpUvgboiSeYpfF4XE18RL1nYyzsmUP4pISmZ94
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame BFAD 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 15:14:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BFAD 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0dc0de8e5e96c7703251d73a1804e8558151983afa3a2af5a7dfb29001dbe99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:05 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627644660751711"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38134
x-xss-protection
0
expires
Mon, 02 Aug 2021 15:19:05 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame BFAD 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:18:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6207
x-xss-protection
0
server
cafe
etag
18081889583213459188
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 15:18:31 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 0C60 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/H0ZEmIz7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8727
date
Tue, 27 Jul 2021 14:21:51 GMT
expires
Wed, 27 Jul 2022 14:21:51 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
521834
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
file.mp4
r4---sn-4g5ednse.c.2mdn.net/videoplayback/id/61ae0c5f1ddc0749/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1659453544/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 706A 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5ednse.c.2mdn.net/videoplayback/id/61ae0c5f1ddc0749/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1659453544/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5517CBE2289FD38538486ED954B05D6B7644F17C.74311AD0380B4C1C74B1D6CFA25E7B9DE24DDBE0/key/cms1/cms_redirect/yes/mh/sC/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednse/ms/onc/mt/1627917400/mv/m/mvi/4/pl/52/file/file.mp4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:69::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
477b4fd763c0b63fe3e615ea043359a805f37bb64027a3766cd8837c8e8bde59
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 02 Aug 2021 15:19:05 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2242276/2242277
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2242277
expires
Mon, 02 Aug 2021 15:19:05 GMT
last-modified
Thu, 17 Jun 2021 15:46:25 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
client-protocol
quic
csi
csi.gstatic.com/ Frame 706A 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~krus2osv&c=4020012804040&slotId=2010006402020&qqid=CJf6t7fRkvICFYHAEQgdcDwMDA&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=997&mt=video%2Fmp4&vs=640x360&ple=1&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fgcdn.2mdn.net%252Fvideoplayback%252Fid%252F61ae0c5f1ddc0749%252Fitag%252F343%252Fsource%252Fweb_video_ads%252Fctier%252FL%252Facao%252Fyes%252Fip%252F0.0.0.0%252Fipbits%252F0%252Fexpire%252F1659453544%252Fsparams%252Fip%252Cipbits%252Cexpire%252Cid%252Citag%252Csource%252Cctier%252Cacao%252Fsignature%252F48E99A6FD4E93307B543C551A008B8DD1B203B33.50EE03A80AFECCF70B391CB1DE73AD61C99DF3F5%252Fkey%252Fck2%252Ffile%252Ffile.mp4&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/outstream.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:804::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r4---sn-4g5e6nsd.c.2mdn.net/videoplayback/id/61ae0c5f1ddc0749/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1659453544/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 7CC7 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5e6nsd.c.2mdn.net/videoplayback/id/61ae0c5f1ddc0749/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1659453544/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0289D9FCAEB9463C1C569B1999F986C792C7ED0F.37E2B974C1BE3B097125A7EE5A02CC3F9ADC4DC3/key/cms1/cms_redirect/yes/mh/sC/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nsd/ms/onc/mt/1627916444/mv/m/mvi/4/pl/52/file/file.mp4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:61::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
477b4fd763c0b63fe3e615ea043359a805f37bb64027a3766cd8837c8e8bde59
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 02 Aug 2021 15:19:05 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2242276/2242277
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2242277
expires
Mon, 02 Aug 2021 15:19:05 GMT
last-modified
Thu, 17 Jun 2021 15:46:25 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
client-protocol
quic
tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js
pagead2.googlesyndication.com/bg/ Frame 7AD3 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Aug 2021 09:00:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
109133
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13260
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 01 Aug 2022 09:00:12 GMT
dc_oe=ChMIxbLyt9GS8gIVwcPeCh3msgF7EAAYACCshPVIOhoIvrHApwEQjq2woccDGL6x2t0DINjWtv7-DUITCJj6t7fRkvICFYHAEQgdcDwMDA;dc_rmcid=CAASFeRo5_QcmmQlCCtYZmJmklTYZf4dxw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D902%26c...
ade.googlesyndication.com/ddm/activity/ Frame 71D1 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxbLyt9GS8gIVwcPeCh3msgF7EAAYACCshPVIOhoIvrHApwEQjq2woccDGL6x2t0DINjWtv7-DUITCJj6t7fRkvICFYHAEQgdcDwMDA;dc_rmcid=CAASFeRo5_QcmmQlCCtYZmJmklTYZf4dxw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D902%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D0%26dur%3D15018%26vmtime%3D17%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103%26avms%3Dnio%26qi%3D367631237%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200103c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1627917545179;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 71D1 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CdwEq5wwIYdjqOIGBx_AP8PiwYJPIteZj2Na2_v4N18eivcABEAEguMOVAmC5-MeA3AGgAemB3dgCyAEFqQJKtF6No--zPqgDAcgDmwSqBPMBT9AXUMH2ip8BXj_pER0xqcYnrKsf4tQwvmt0cPVFEY7xwHtthR0lTf1VMfGGhyHSTeX9RCKEEzuFjkGVRp3_wBwW7-JswN703ccVqrqVQCHYxgPdufzJyD36fE_n0KWIRbAAsj5MFjvod2sY-QR0QXtshtSYBHonEap3kSWjbAI-ZeVxHRMo70E_mc5se8yv6CCCcaRzPDKhnXamn2z5uAA3TNK0AinFRAeEg6Inhcu2dVRrIYuFFsQrCIVA_Ji87fQvJczDAyGzDnNXhnCc00Kt2pC-O5RBI-ku-AJirMTwtfUdoldI4zeDlFoJAw1ACvWpwASOrbChxwPgBAOQBgGgBnaAB__9oqcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoByAsB4AsBgAwBsBOyzIkMyBO-sdrdA9ATANgTCogUAtgUAdAVAYAXAQ&sigh=h3EF9bS9aJE&label=part2viewed&ad_mt=18&acvw=sv%3D902%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D0%26dur%3D15018%26vmtime%3D17%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103%26avms%3Dnio%26qi%3D367631237%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200103c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1627917545179
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 71D1 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstYRncvh33gjz2Q4M5bCow6WnnQWuUhniA0ZKeD_6Y2LwkHYSCNRPK-gJhcrf9ERssLf8rA3cuNwefO1GtGpozsQdWT63sQIPJFZUjjGxXquDAoeSWE7oN7XTIiasaHmn0dCVuS86pFIVNbIEUwlozJFl2mOBnJCYp_cnqA7UL-1y9xHPlgwrIQHvxt-VIymm2bOsEw-7osbRQ5omYkfZ2H8GdRkB7UAPvCV49TjHkMq6gryXttoqT7LySDJ7Qjl50FQe7edS6fF_KjC3YJbGQaL76wgWTbuFMYYoSPR-kVrexIMl-02m37eLsXtXEGq6grwKaEC-SD92FpJBsqh8qHc8-vvtX7s05ZCO3pkdkx1PGC71PVYP9Ap9x_CbjaGxPVcgUWU8myfpClg69p9damgAsj4isVQ5MJXqPDOpEEN3j-y4biDP6-ROePeE5aEpuxBIq1W699JdOznYVsTovqME-dK8HJS4VDra3xK37IOuxK6A8kQban-ENoLFvv_3IkJzpzm6ugSkA0gbe42zIWmhafTAo2nUwbkdHtq5_MKFT2P-6o76pp8qXqHvnjKHUoH1vcjj1Zi7BZzcIMN_UDsKlVZI3UAWdPZBzbyzcOOel0lOa2tDaX6Vyogo6f9AnnzyF0e04RKem_74LfeHnZctMWBbx3F5A8uM7IacJ0f5Cd7_lSNDqjLg4WlIYA5HeXqsnwJaqsbm-TYmaD2pPMmRBKQWIv-FY7LTFOlhDKoU0LOeQ7EFeD2F90TYg-Vu-soBathTiVLDpR6Y1ovMsQbthsUmiFpyq7Rr5e6O4cEZhuXhnVW5XDQW3GiA1W10_Ls_8FyydHk8Uq7JKXvwUurq7Y3FIrc1vq2DkItpQR4tos5JTDrvV1_tF08xyB8nyhdP_3q-ULB2Ra0BdlUDjXuk_RQcD-tEm6RyZpSLmEg659XtYj2vtmu7hEjM74bFf1T9mn-fjaUnvTJ8jMnRtzr4ZFeqCUNJAqCelgjkMKwZOeEb7sSBrA4CE7nkLwBAqfMuqGgIUWXWjFRhC13XeB9_ocXhNv0UwoC6EPJrJCYLH09bzH0_VNjoBdfRFTYKzvBU3UlSi29Ld-vgoCvzyT3WiaIbaeSP0UigqKP5Ylo-3lMHg922zfE9_cuAGzrx2klzXkOqruv8fS4w&sai=AMfl-YR_WDemFFzxgcNKft-lypjWtsY4dS6Y_5AevzoBzoT7z009bnXZybimZGkHZZHONwhmj6ev6U776QKLzo3wWggYwvsP7n6hFx0X_U0QqiYojlB4j_pN79mGXG3RZ0T831dpTbScLYl9NtwuEbzzmLaPARnT7AX4aJjD8j4&sig=Cg0ArKJSzJXh26VgrrkiEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 02 Aug 2021 15:19:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel
googleads.g.doubleclick.net/xbbe/ Frame 71D1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNiEVRDrv6gCGL-gwq0BIAEwAQ&v=APEucNV3Em04k1A_M-chsFSD8UMmsRNYTErJLApEzw5MG6E5CjX12g5lwekEyWp8zgvh1NcOCZTf3_6bKuHuteROKJbchvTzQA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 71D1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIxbLyt9GS8gIVwcPeCh3msgF7EAAYACCshPVIOhoIvrHApwEQjq2woccDGL6x2t0DINjWtv7-DUITCJj6t7fRkvICFYHAEQgdcDwMDA;dc_rmcid=CAASFeRo5_QcmmQlCCtYZmJmklTYZf4dxw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D902%26c...
ade.googlesyndication.com/ddm/activity/ Frame 71D1 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxbLyt9GS8gIVwcPeCh3msgF7EAAYACCshPVIOhoIvrHApwEQjq2woccDGL6x2t0DINjWtv7-DUITCJj6t7fRkvICFYHAEQgdcDwMDA;dc_rmcid=CAASFeRo5_QcmmQlCCtYZmJmklTYZf4dxw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D902%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D0%26dur%3D15018%26vmtime%3D17%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103%26avms%3Dnio%26qi%3D367631237%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200103c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1627917545179;ecn1=1;etm1=0;eid1=200101;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 71D1 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudIRHFEBJtu0F-YFbETyVGm3QvzZ0EOhA0ea_K510m5_GF5Qc0DcCNYawmz4cCvZYF636A9WpWrIb-Xd3D5k6lK64hMxyXGSLikCoPPM9AxjZHa4BqyqYDTJkuaw&sai=AMfl-YTmeCEgdMNukRbsMcB2MgKxkuUDPr0gvQ74jXjDLhf7tkY92V4LYOELx2LROIAYQSSIXU6ioUbrIhg2UOf-6uLTtkELre8El3kCRpOdMeqMkyOUNwUOh49AjfPEJRQ&sig=Cg0ArKJSzOP1nGU741NXEAE&cid=CAASFeRo5_QcmmQlCCtYZmJmklTYZf4dxw&id=lidarv&acvw=sv%3D902%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D0%26dur%3D15018%26vmtime%3D17%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103%26avms%3Dnio%26qi%3D367631237%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200103c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1627917545179&avm=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 71D1 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CdwEq5wwIYdjqOIGBx_AP8PiwYJPIteZj2Na2_v4N18eivcABEAEguMOVAmC5-MeA3AGgAemB3dgCyAEFqQJKtF6No--zPqgDAcgDmwSqBPMBT9AXUMH2ip8BXj_pER0xqcYnrKsf4tQwvmt0cPVFEY7xwHtthR0lTf1VMfGGhyHSTeX9RCKEEzuFjkGVRp3_wBwW7-JswN703ccVqrqVQCHYxgPdufzJyD36fE_n0KWIRbAAsj5MFjvod2sY-QR0QXtshtSYBHonEap3kSWjbAI-ZeVxHRMo70E_mc5se8yv6CCCcaRzPDKhnXamn2z5uAA3TNK0AinFRAeEg6Inhcu2dVRrIYuFFsQrCIVA_Ji87fQvJczDAyGzDnNXhnCc00Kt2pC-O5RBI-ku-AJirMTwtfUdoldI4zeDlFoJAw1ACvWpwASOrbChxwPgBAOQBgGgBnaAB__9oqcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoByAsB4AsBgAwBsBOyzIkMyBO-sdrdA9ATANgTCogUAtgUAdAVAYAXAQ&sigh=h3EF9bS9aJE&label=vast_creativeview&ad_mt=18&acvw=sv%3D902%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D0%26dur%3D15018%26vmtime%3D17%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103%26avms%3Dnio%26qi%3D367631237%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200103c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1627917545179
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 71D1 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~krus2ov2&c=612297734924&slotId=306148867462&qqid=CJj6t7fRkvICFYHAEQgdcDwMDA&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=997&mt=video%2Fmp4&vs=640x360&dm=15000&event_name=first_play&asset_bytes=204868&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=videopreviewstarted.116
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/outstream.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:804::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js
pagead2.googlesyndication.com/bg/ Frame 57D9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Aug 2021 09:00:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
109133
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13260
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 01 Aug 2022 09:00:12 GMT
ts1024x90.gif
www.creaders.net/ads/banners/ts/ Frame 93A3 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.creaders.net/ads/banners/ts/ts1024x90.gif
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-243-235.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
7b60fc98a62157104091cf99214a34ae5e5d81bea08f4abf84cbcbda75139045

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:05 GMT
last-modified
Sat, 15 May 2021 19:08:31 GMT
server
Apache
accept-ranges
bytes
etag
"1956ce-5c263160c29c0"
content-length
1660622
content-type
image/gif
html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame BFAD 		169 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 14:30:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2939
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59842
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Aug 2021 14:30:06 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/elements/html/ Frame BFAD 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4TAOsKcCKAyguL5sc2KWbWEQaSxQfnH9sQdxjKff07DkyVJevzW8Bqx62LDNQJwb_5DAYnVvWBojhrL6ZQQKdUa1dh_S2AdpGDBux1fuA9c49lZK8eIOU07Jr_8_gh_x0FyxUQ_ce6sVPd_QTPAjelDspqQ&dbm_d=AKAmf-AEYsd3XNpHNPuGnmiU_srdL_iRsQHlZMPMTY7Uka5wC_icvff_bwBAEsBlsqW8bBWjhGq-E10bXU9IhuxQXF4ko0t3XYEL5hl_Se6JrAoPMzQWjfeNwc2ohTDzN6r9sxhdJWJub79eX6vCP2RfgwWA9S1biGy7WjmICUmeQcqwTmO2uUeuz_6sVSiWcYkYj_bpZulzr--Bxx8tx8ewNwCV5gXABkISJoGU-VsK5oBWb8jwQCxZeWezR3eyGeD67Q5TE8WyzM9ZqzK93YIT1X0bdoiPDRXz3PNqjnv1zfKy33le7J8aLs7WrwcsM0DnRXXYPzZH9TY9n4e6ChSAJXHOSqW1Rqa7l0jWAKPFDx-_h7Nt3QC9ZNGahWZoZs7BtaxE7uX0BFzPtXnq1GeF8ZId0AVrhvDl4m4K7Lpoj0tLSRUm3Mg04yGY6BX3C8ZsyRex44fLf6dlCbptPxgeUTYkfGD9UAWXKI9m6QsqwWTka-2dL95hPqi0VogAa1VJKV9eZqFDis4vE-SMI_EjQFYxnITjHQQNe8kpP8c_vcrO5jFxprZPOcDYT4gnuFFakYBC9zqdV9MTqSzjeoeWcSfrQvYtElEtMtSPbbUqNuDjul-MMmSXYxKH8Do00pDRrgaO9uPVcllrGqhIki7I8k2PQLpN126XVw1vTY4iai6chVdfrf6eyFaaMJC9IrFmyF7iec2uVU1hRy56n8IYHCDXg_pCEVMRhh-ClhWgjyYJdcju8ivL9mA77JpTRIB0u8-by9unqBnxYYF72PhMNvLjXlRpkzcObaDMkJA3LobYIl0EeqIL8AHIG7ayt4yzf9LiJKcMa42rk8mFpuyErtKcYCKwWGeWAccFq8QpR2ed3j8PZG0C1Mpr8ENVUm2Gqt3_8OYreI0BgrsFI98h9jHJLCZXHLbsbiLlj6oimTI71WVUASpZAy-0WwshuJZwHqhj1qY4rhBWLvLZzJA1i26YeWti20XXAi0mQiMpfrr4nWqSSAzOKfvqW9LnQuNHjMzy0UtcirlbcEOVO-DL_OHRBBtRB2QBNq52EJTx13Dtj8WecN5NIGZ_WTWfkJkd_0ovYPvZM7b0pApWppuYsctjqDDmRhmrVg0PHdbPLsLpRfEI64h1rN7GamzfZj0KpfCW-_Ew7tLeXFHs8jc3SxzwtH2Qhqu27FrN1PdGCcuTuhCdUUppONMzRWutHNxtW3IPPrV7J5b9KmEQbP2VbFdFJ_k9r30HWfnd9tyDhu9D9FHvglXrJ4BN3Uxu3j1wucPTZ3B1uurPA18iB3127GdoWhXEUCp8vNt5hXaqRVIwS-aX6fCSHleUTupAA0E9sXVDdCvKbt8Hj1b2z0RmnSduPp4Cv8VNrX7kttX13bnPr2vGiHsbYPnvM6sIVYlMxI_Jw-QbFyJuTNNZu5YgBxqsj3G38OJYTMIinKEonZnBOT3LD7z3F4fPWHeoIH4ScIw1r1yu3c6dIbGNpSRn602nFk-k-eF9S4b_GdbnIbr3DhPLJ-1ufIsHp0OrGaDOFAWDD6ChC9q8KO0dn52qtq6t-QTJ2_jwKuT8mypBkkbmwPEHe2GDKn6DSgRSTqvVrGYVdV9A0KAdwhG2nkZwNZiwzj8qNiGx-0IacFb4RW2tqqCrXOVPhpBaY5egevwOnevYrCiJoJOBNl9pkDz8RWOPw5UapSR7mOpQIDDrPo6geuL5VauVS_l5k65AityvCAE3f9mVln2tUmoRijBQn0WTNiY_YlozMA9e7QDCr9zOQBxY4cQnUazQFt2N9nEaHaLtzmSCAyTAjbqOihfZn_Fx6HLkSs9jLvDjiaj164tEtDTrrspwBAe3zYMMcZI4y6x4uoPCO2YAWob1rRO39HYfqJgyxbFCx2VbNE-8zfUBzNjPQOCck8DmEDQZbiDMf_q6S5s8LJMuLsPQJWuTIzXR_v4OhaygTPboCDKzZH466q63PNxPlWG_ghtpOzJMpM9yXG1MgXcUkY1Jy9qal9CilzFCy_dKYLdVrwMn6eUAo8gu7f9rTUu7uOMIKF3X2qYwhwcE9q_DjqByhEzgJCNNYIYL0MYwjALQf-WN6RK8kjUtwNH6ZoRFPBJDcmTHMFNyqWNAOwDstVfkm_XUrOaKjBNbb3ff3AWschY7ROrbVAXzF5TfCxQrU_21A7UUgl0b_tlQYRm-tLkE3a8waEpaHFnNuxwH4ywCFTJzUPhJDCKWch_UxjW7LAKdvu4oyco_a8pzpj1JpGnsdU_xPn-2OzkA4lkjE3onUG0KbL2Gaz4i40RwNu-5CqHJp97p5K5MlkowPfn03xdam-JeJJ0SopYrw_MG1MAv1CftTeHmKPFkZc7jJ8KSIz93DzYUa2-NRKO1fe46F5y0xfibZXAZFKIs7FhcJep0ASZV3G8M2UCBK4U5Dk84vojeZFXhkeAufXi4NQBrX2OEOcE9oM-fehmZTdS-EWlWmIoOtO45L8ExnMTmC6ktGYj1GsDgqHh2DR6Wz0ilcbr9C61XJOF31HPLYRVeYMGPH4JDYJwiCrs4ESj4-tz261LQNHadBRERu2bGoESSwkcZq5qPZg6uzfa-71344nd3Vt9naJX0H9wiYo4zAzK-BQN6GCDGHacLa6FUkZzpUAwdbebr-zbe54Uya0l0ZkLmD0Ttxz-6-vCUiKKDlMZlYo0-YhTx_LI98szBc6_kXFmo-7OqCE6W0FALCdmcmW6EeFptipek0UfXkVf6Ku5ytKG5Uxu7yW2W3MXOBgR00KO02ycMFrJQXAxtCPBj-NLv218WGYih1InIp4Cf362musrzDAM3JHq75HPb1sl8s7UumejRANTBVF7PZSP9bgs33o7cIQQbowF3DPBL43rr7IZjUqxH9Q-h-tcT5dwCZ5U_7mUfWLXN9QRopLSjIQDUoyGJhA-cmNklGoJIHld1fOX-kQBd_VwNkMrowz0DiymF3aVM1GtG19oDkS4mrGikrol59Tj7mnPT5gP83FfaoSEgq7pjTSKhcQXzqlckwHX0Dc8HShsNSBJ98A&cid=CAASEuRo2ntgELRfSeImKI0JHS0m4g&rfl=1%2Chttps%253A%252F%252Fsports.creaders.net%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
120
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 15:17:05 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame BFAD 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4TAOsKcCKAyguL5sc2KWbWEQaSxQfnH9sQdxjKff07DkyVJevzW8Bqx62LDNQJwb_5DAYnVvWBojhrL6ZQQKdUa1dh_S2AdpGDBux1fuA9c49lZK8eIOU07Jr_8_gh_x0FyxUQ_ce6sVPd_QTPAjelDspqQ&dbm_d=AKAmf-AEYsd3XNpHNPuGnmiU_srdL_iRsQHlZMPMTY7Uka5wC_icvff_bwBAEsBlsqW8bBWjhGq-E10bXU9IhuxQXF4ko0t3XYEL5hl_Se6JrAoPMzQWjfeNwc2ohTDzN6r9sxhdJWJub79eX6vCP2RfgwWA9S1biGy7WjmICUmeQcqwTmO2uUeuz_6sVSiWcYkYj_bpZulzr--Bxx8tx8ewNwCV5gXABkISJoGU-VsK5oBWb8jwQCxZeWezR3eyGeD67Q5TE8WyzM9ZqzK93YIT1X0bdoiPDRXz3PNqjnv1zfKy33le7J8aLs7WrwcsM0DnRXXYPzZH9TY9n4e6ChSAJXHOSqW1Rqa7l0jWAKPFDx-_h7Nt3QC9ZNGahWZoZs7BtaxE7uX0BFzPtXnq1GeF8ZId0AVrhvDl4m4K7Lpoj0tLSRUm3Mg04yGY6BX3C8ZsyRex44fLf6dlCbptPxgeUTYkfGD9UAWXKI9m6QsqwWTka-2dL95hPqi0VogAa1VJKV9eZqFDis4vE-SMI_EjQFYxnITjHQQNe8kpP8c_vcrO5jFxprZPOcDYT4gnuFFakYBC9zqdV9MTqSzjeoeWcSfrQvYtElEtMtSPbbUqNuDjul-MMmSXYxKH8Do00pDRrgaO9uPVcllrGqhIki7I8k2PQLpN126XVw1vTY4iai6chVdfrf6eyFaaMJC9IrFmyF7iec2uVU1hRy56n8IYHCDXg_pCEVMRhh-ClhWgjyYJdcju8ivL9mA77JpTRIB0u8-by9unqBnxYYF72PhMNvLjXlRpkzcObaDMkJA3LobYIl0EeqIL8AHIG7ayt4yzf9LiJKcMa42rk8mFpuyErtKcYCKwWGeWAccFq8QpR2ed3j8PZG0C1Mpr8ENVUm2Gqt3_8OYreI0BgrsFI98h9jHJLCZXHLbsbiLlj6oimTI71WVUASpZAy-0WwshuJZwHqhj1qY4rhBWLvLZzJA1i26YeWti20XXAi0mQiMpfrr4nWqSSAzOKfvqW9LnQuNHjMzy0UtcirlbcEOVO-DL_OHRBBtRB2QBNq52EJTx13Dtj8WecN5NIGZ_WTWfkJkd_0ovYPvZM7b0pApWppuYsctjqDDmRhmrVg0PHdbPLsLpRfEI64h1rN7GamzfZj0KpfCW-_Ew7tLeXFHs8jc3SxzwtH2Qhqu27FrN1PdGCcuTuhCdUUppONMzRWutHNxtW3IPPrV7J5b9KmEQbP2VbFdFJ_k9r30HWfnd9tyDhu9D9FHvglXrJ4BN3Uxu3j1wucPTZ3B1uurPA18iB3127GdoWhXEUCp8vNt5hXaqRVIwS-aX6fCSHleUTupAA0E9sXVDdCvKbt8Hj1b2z0RmnSduPp4Cv8VNrX7kttX13bnPr2vGiHsbYPnvM6sIVYlMxI_Jw-QbFyJuTNNZu5YgBxqsj3G38OJYTMIinKEonZnBOT3LD7z3F4fPWHeoIH4ScIw1r1yu3c6dIbGNpSRn602nFk-k-eF9S4b_GdbnIbr3DhPLJ-1ufIsHp0OrGaDOFAWDD6ChC9q8KO0dn52qtq6t-QTJ2_jwKuT8mypBkkbmwPEHe2GDKn6DSgRSTqvVrGYVdV9A0KAdwhG2nkZwNZiwzj8qNiGx-0IacFb4RW2tqqCrXOVPhpBaY5egevwOnevYrCiJoJOBNl9pkDz8RWOPw5UapSR7mOpQIDDrPo6geuL5VauVS_l5k65AityvCAE3f9mVln2tUmoRijBQn0WTNiY_YlozMA9e7QDCr9zOQBxY4cQnUazQFt2N9nEaHaLtzmSCAyTAjbqOihfZn_Fx6HLkSs9jLvDjiaj164tEtDTrrspwBAe3zYMMcZI4y6x4uoPCO2YAWob1rRO39HYfqJgyxbFCx2VbNE-8zfUBzNjPQOCck8DmEDQZbiDMf_q6S5s8LJMuLsPQJWuTIzXR_v4OhaygTPboCDKzZH466q63PNxPlWG_ghtpOzJMpM9yXG1MgXcUkY1Jy9qal9CilzFCy_dKYLdVrwMn6eUAo8gu7f9rTUu7uOMIKF3X2qYwhwcE9q_DjqByhEzgJCNNYIYL0MYwjALQf-WN6RK8kjUtwNH6ZoRFPBJDcmTHMFNyqWNAOwDstVfkm_XUrOaKjBNbb3ff3AWschY7ROrbVAXzF5TfCxQrU_21A7UUgl0b_tlQYRm-tLkE3a8waEpaHFnNuxwH4ywCFTJzUPhJDCKWch_UxjW7LAKdvu4oyco_a8pzpj1JpGnsdU_xPn-2OzkA4lkjE3onUG0KbL2Gaz4i40RwNu-5CqHJp97p5K5MlkowPfn03xdam-JeJJ0SopYrw_MG1MAv1CftTeHmKPFkZc7jJ8KSIz93DzYUa2-NRKO1fe46F5y0xfibZXAZFKIs7FhcJep0ASZV3G8M2UCBK4U5Dk84vojeZFXhkeAufXi4NQBrX2OEOcE9oM-fehmZTdS-EWlWmIoOtO45L8ExnMTmC6ktGYj1GsDgqHh2DR6Wz0ilcbr9C61XJOF31HPLYRVeYMGPH4JDYJwiCrs4ESj4-tz261LQNHadBRERu2bGoESSwkcZq5qPZg6uzfa-71344nd3Vt9naJX0H9wiYo4zAzK-BQN6GCDGHacLa6FUkZzpUAwdbebr-zbe54Uya0l0ZkLmD0Ttxz-6-vCUiKKDlMZlYo0-YhTx_LI98szBc6_kXFmo-7OqCE6W0FALCdmcmW6EeFptipek0UfXkVf6Ku5ytKG5Uxu7yW2W3MXOBgR00KO02ycMFrJQXAxtCPBj-NLv218WGYih1InIp4Cf362musrzDAM3JHq75HPb1sl8s7UumejRANTBVF7PZSP9bgs33o7cIQQbowF3DPBL43rr7IZjUqxH9Q-h-tcT5dwCZ5U_7mUfWLXN9QRopLSjIQDUoyGJhA-cmNklGoJIHld1fOX-kQBd_VwNkMrowz0DiymF3aVM1GtG19oDkS4mrGikrol59Tj7mnPT5gP83FfaoSEgq7pjTSKhcQXzqlckwHX0Dc8HShsNSBJ98A&cid=CAASEuRo2ntgELRfSeImKI0JHS0m4g&rfl=1%2Chttps%253A%252F%252Fsports.creaders.net%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e0b072e0b1f96186a779eee12b838fb8ac4372baff6c3af22d3d27caeb18bf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9340
x-xss-protection
0
server
cafe
etag
14963318235020188028
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 15:18:07 GMT
rum
dsum-sec.casalemedia.com/ Frame DC22
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH2TESnxpv_E6CLI7Ot3dPY&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH2TESnxpv_E6CLI7Ot3dPY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-nKBD9yigYm9PkZzAB&v=APEucNWmcYXt7WTzVnKrHoWlak8UoNoAOFMf8QiiMtcOfbjdISsl1C35lKgr26azw27Zxag7y3naipeZwEHAijg5XRvzG_B8BSIjDfr1wJUClSkq7wp_ZvG1XpfAecQQXmSEhqTLUVS9Ad51DXP02CfE8xSHm0ICl_sn_trt1rSGAs6a7iepjJE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:05 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH2TESnxpv_E6CLI7Ot3dPY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DC22
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YQgM6Sl6EZkh9GFWFEzFZQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH2TESnxpv_E6CLI7Ot3dPY&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH2TESnxpv_E6CLI7Ot3dPY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-nKBD9yigYm9PkZzAB&v=APEucNWmcYXt7WTzVnKrHoWlak8UoNoAOFMf8QiiMtcOfbjdISsl1C35lKgr26azw27Zxag7y3naipeZwEHAijg5XRvzG_B8BSIjDfr1wJUClSkq7wp_ZvG1XpfAecQQXmSEhqTLUVS9Ad51DXP02CfE8xSHm0ICl_sn_trt1rSGAs6a7iepjJE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:05 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH2TESnxpv_E6CLI7Ot3dPY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame DC22
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEI4USKEZX1FZdYbIeCS0x2s&google_cver=1
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEI4USKEZX1FZdYbIeCS0x2s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-nKBD9yigYm9PkZzAB&v=APEucNWmcYXt7WTzVnKrHoWlak8UoNoAOFMf8QiiMtcOfbjdISsl1C35lKgr26azw27Zxag7y3naipeZwEHAijg5XRvzG_B8BSIjDfr1wJUClSkq7wp_ZvG1XpfAecQQXmSEhqTLUVS9Ad51DXP02CfE8xSHm0ICl_sn_trt1rSGAs6a7iepjJE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:05 GMT
X-Proxy-Origin
82.102.19.124; 82.102.19.124; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
bc4921d3-0826-41e9-bbad-4c2276cced91
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEI4USKEZX1FZdYbIeCS0x2s&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DC22
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ2MTgzMTg0NjI2ODIyODQ3MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ2MTgzMTg0NjI2ODIyODQ3MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-nKBD9yigYm9PkZzAB&v=APEucNWmcYXt7WTzVnKrHoWlak8UoNoAOFMf8QiiMtcOfbjdISsl1C35lKgr26azw27Zxag7y3naipeZwEHAijg5XRvzG_B8BSIjDfr1wJUClSkq7wp_ZvG1XpfAecQQXmSEhqTLUVS9Ad51DXP02CfE8xSHm0ICl_sn_trt1rSGAs6a7iepjJE
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:05 GMT
X-Proxy-Origin
82.102.19.124; 82.102.19.124; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
75d2166c-ac1f-4f70-abdf-0cb5d95e315c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ2MTgzMTg0NjI2ODIyODQ3MQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js
pagead2.googlesyndication.com/bg/ Frame 0C60 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Aug 2021 09:00:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
109133
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13260
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 01 Aug 2022 09:00:12 GMT
dc_oe=ChMI2r_yt9GS8gIVLLpRCh3BMQBlEAAYACCshPVIOhoIvrHApwEQjq2woccDGL6x2t0DINjWtv7-DUITCJf6t7fRkvICFYHAEQgdcDwMDA;dc_rmcid=CAASFeRozdkzQafNlj9gUDiOR91TUChbxw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D902%26c...
ade.googlesyndication.com/ddm/activity/ Frame 706A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2r_yt9GS8gIVLLpRCh3BMQBlEAAYACCshPVIOhoIvrHApwEQjq2woccDGL6x2t0DINjWtv7-DUITCJf6t7fRkvICFYHAEQgdcDwMDA;dc_rmcid=CAASFeRozdkzQafNlj9gUDiOR91TUChbxw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D902%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D0%26dur%3D15018%26vmtime%3D18%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103%26avms%3Dnio%26qi%3D91181791%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200103c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1627917545365;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 706A 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGNWy5wwIYdfqOIGBx_AP8PiwYJPIteZj2Na2_v4N18eivcABEAEguMOVAmC5-MeA3AGgAemB3dgCyAEFqQJKtF6No--zPqgDAcgDmwSqBPMBT9BmY44mjzhSK_rZzMlEfEJbn_H15iaFGhIULKUqeiTTPhqdgr7z4g6wUSN1qQ10fu2f1IHYajwf935OVYvDT5JpvFG_MiK_EyK7ech3hq_hZyr5h5UBn4nCqL-74eesQaD3pn45slyALcFZ9oIPulxuntDTCT2CN53zwnycmb37rE1OUSWlmkcECc_NNAXQp_YRdYg2Lb-JUkI7ww4ssv7BksHI-pTV-Fo7agcpPakr2SiruVmoCmGxSU4YiAqcNjp-go8cwiWY9qB5KjPtrNHKGmMy87eSZrlzh4f6kwcqsmP8GsoBRoW45yjcOMqqig6NwASOrbChxwPgBAOQBgGgBnaAB__9oqcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoByAsB4AsBgAwBsBOyzIkMyBO-sdrdA9ATANgTCogUAtgUAdAVAYAXAQ&sigh=4pUthp-_g5k&label=part2viewed&ad_mt=18&acvw=sv%3D902%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D0%26dur%3D15018%26vmtime%3D18%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103%26avms%3Dnio%26qi%3D91181791%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200103c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1627917545365
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 706A 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssBvWNGOlJFWZ0ASW6pQBQLzEb93XZXMZ8azrenNv7gWcyyKRvMmNRfMWHtREFxma23YIgueZmBYw1TYA_uOS7KAfne36MdVY39llZ-GcPWTvSFk62x-DkTug3VcqWdhl9SRRlFXNqjHab7e6WJqZGOU4cKlez4wYd0btEGy2Mg6oMmgHcTWa34nXw8cUQ4271LiQykcuV6Rx3Pj_HahJQrXfaW_7ZPLrp3WuYiDlchbCsDo780KucATXm1rEgu-hLZ3dydp3cLv3SMrWF-lYBwa4tCtPGxsgpz54v1wjpAwrnK__0y5fuPvxO6oKrIRFq-oEzAJNKVfe-nmfd64xTWJ93_Nog3wZClmfWxs_Z2BFlAAQDrFx5ghGLLjXpNk87Y9ZWKCC2Ew84yj2ld8gf_9eqvseXsl5Y77X-7OjbBw2sJeS1EnIGgdLsbBUC8WxSuCO1tw_xK8sSf5BoCjCRbxaNIZ_Dq8zh7YXolT7RSBZszosm8fswJQMbAqKgATSnz72NDGJHGd4TfofT6AYb39Fbbp3DwLX6XJO1lhPmhsnOsSWfuXQyC4mug94tL1zEHQ42nWQAM3KmaEsNiouclh5RLkZht13iCz15oZWYn1-Ma87iJ42Jvak-q3K3P80VLZWM350-GNlur5yEE-NZSF-ffieH-HCc0bVNYakZzewD8nfZVz7uEN6MskKtlPRRd1_aEp9G773M8Sc7NAzWzxee5QOD_YLhq1r8eiiS4P7hKgkphetlB5l-wDmuGM6MW4eyrtQePS8l8uAL77HQSxE2dwPvoCOdi13fC208-7r4-nvGhvzODzV_V0K5Z-xhNRhKMXagWssgJQ8PMjUxQDzzF6XlLng2iNwFZ6VxZ6JQZPA6d9YGM5kYgPrAUnchkAh1irjkjBoCN-U7R_NEoFVDmQ2OhfcPjiam-gVuLVQIw6f8qJM9P-NupBeVe7cVk-e0ZajZFFiu4d9c6EhAqqUlgMHoOBl7-dfowQw1BslSmg3VjvT6_GFGcSogDUG1diJiz3V8UgRc1clCmLjSFb9JpWkJpQcqAkyA7vGRi8n79psUsLhG3USXyDiz_s0SSHI_bCWv1Peme6_dtjiC1861uO9I64A3apTUL_tJ4mQD3W77Dbez7y0Fozkvbsu-9VFS7IcHIFWK7Wg&sai=AMfl-YTinb3NKWa747qh_1f6i4bxvo2TQZ7keFEYTpWDXUsTp6ch2_mcu7krqeB_xzresK6v7PPDnjGGolhlnvmFFIP2bpD1DE_8K_dEUZIJpXZLVxsfPVSWW7c1jGFB_yKqok61utfBv4v2r0acecrGknkwOnBOJ6LyKv89e1s&sig=Cg0ArKJSzMEgfCe0zwEcEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 02 Aug 2021 15:19:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel
googleads.g.doubleclick.net/xbbe/ Frame 706A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNiEVRDrv6gCGL-gwq0BIAEwAQ&v=APEucNW1pOXaSYQ_KTpLa1x3iU4no_f1kNBKW3owYqhit4_EQA6TSwxiVH3Ne1fWQdpS-MoVHENqRdQOBme5ruToWAdL6Dd3QA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 706A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI2r_yt9GS8gIVLLpRCh3BMQBlEAAYACCshPVIOhoIvrHApwEQjq2woccDGL6x2t0DINjWtv7-DUITCJf6t7fRkvICFYHAEQgdcDwMDA;dc_rmcid=CAASFeRozdkzQafNlj9gUDiOR91TUChbxw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D902%26c...
ade.googlesyndication.com/ddm/activity/ Frame 706A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2r_yt9GS8gIVLLpRCh3BMQBlEAAYACCshPVIOhoIvrHApwEQjq2woccDGL6x2t0DINjWtv7-DUITCJf6t7fRkvICFYHAEQgdcDwMDA;dc_rmcid=CAASFeRozdkzQafNlj9gUDiOR91TUChbxw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D902%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D0%26dur%3D15018%26vmtime%3D18%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103%26avms%3Dnio%26qi%3D91181791%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200103c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1627917545365;ecn1=1;etm1=0;eid1=200101;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 706A 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOsa5nLG5hedf2LS_8ywWBpfDzdERCL-CZbAMQz9KlQgGtw2w9T4QF46Q5CPfr04bKhryPVF1Fe1JgH3xF3RW-KZYnxtAfOMl_hjDKmz_BDXx_alfpZNDoibrK_Q&sai=AMfl-YRaRauJ9jIpulW_bkphea5wd4x45uhLhR2Uz8WwyL5g-4-8wVAUIfSqK6VJLUlQJZNMZUdy_BVqQr8faW0UkzG7PRChpo-3mR8Z4NtUbvEOyiFyCKBWnICK4tbHAVc&sig=Cg0ArKJSzFalKj2aL2WcEAE&cid=CAASFeRozdkzQafNlj9gUDiOR91TUChbxw&id=lidarv&acvw=sv%3D902%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D0%26dur%3D15018%26vmtime%3D18%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103%26avms%3Dnio%26qi%3D91181791%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200103c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1627917545365&avm=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 706A 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGNWy5wwIYdfqOIGBx_AP8PiwYJPIteZj2Na2_v4N18eivcABEAEguMOVAmC5-MeA3AGgAemB3dgCyAEFqQJKtF6No--zPqgDAcgDmwSqBPMBT9BmY44mjzhSK_rZzMlEfEJbn_H15iaFGhIULKUqeiTTPhqdgr7z4g6wUSN1qQ10fu2f1IHYajwf935OVYvDT5JpvFG_MiK_EyK7ech3hq_hZyr5h5UBn4nCqL-74eesQaD3pn45slyALcFZ9oIPulxuntDTCT2CN53zwnycmb37rE1OUSWlmkcECc_NNAXQp_YRdYg2Lb-JUkI7ww4ssv7BksHI-pTV-Fo7agcpPakr2SiruVmoCmGxSU4YiAqcNjp-go8cwiWY9qB5KjPtrNHKGmMy87eSZrlzh4f6kwcqsmP8GsoBRoW45yjcOMqqig6NwASOrbChxwPgBAOQBgGgBnaAB__9oqcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoByAsB4AsBgAwBsBOyzIkMyBO-sdrdA9ATANgTCogUAtgUAdAVAYAXAQ&sigh=4pUthp-_g5k&label=vast_creativeview&ad_mt=18&acvw=sv%3D902%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D0%26dur%3D15018%26vmtime%3D18%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103%26avms%3Dnio%26qi%3D91181791%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200103c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1627917545365
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 706A 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~krus2oxo&c=4020012804040&slotId=2010006402020&qqid=CJf6t7fRkvICFYHAEQgdcDwMDA&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=997&mt=video%2Fmp4&vs=640x360&dm=15000&event_name=first_play&asset_bytes=213261&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=11&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=videopreviewstarted.15y
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/outstream.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:804::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t.js;adv=11297208284209;ec=11297212736296;adv.a=9080429;c.a=23712927;s.a=2103608;p.a=264941189;a.a=501691639;cache=3927782977;%22async
ad.atdmt.com/i/ Frame BFAD 		43 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.atdmt.com/i/t.js;adv=11297208284209;ec=11297212736296;adv.a=9080429;c.a=23712927;s.a=2103608;p.a=264941189;a.a=501691639;cache=3927782977;%22async
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8004:face:b00c:0:8c Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
x-xss-protection
0
pragma
no-cache
x-fb-debug
HVn4whaEI3jWRNl/6ZpC2Pxp11rLZypgBaRblEKM0GczDZEFmnNBXzHDp1vJKxY0k10Z099b4wJgkjvrAc3x+Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
x-frame-options
DENY
date
Mon, 02 Aug 2021 15:19:05 GMT
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-fb-rlafr
0
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61777632/20210507023546467/ Frame 04B0 		98 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61777632/20210507023546467/index.html?e=69&leftOffset=0&topOffset=0&c=ryNUuQSWeo&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481027fc66b87516f11c8047495dad1ebc34665a3f69b462bff7fe01ee20bda4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/61777632/20210507023546467/index.html?e=69&leftOffset=0&topOffset=0&c=ryNUuQSWeo&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
25268
date
Mon, 02 Aug 2021 15:19:05 GMT
expires
Tue, 03 Aug 2021 15:19:05 GMT
cache-control
public, max-age=86400
last-modified
Fri, 07 May 2021 09:35:46 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame BFAD 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstX5-NVV9ykDtQvtDzeCokjgovGhebNCEdTygMdOFBiqUR5MT9MAMaKNHGGsT9W_g6iQq0nG2ofgrudt0gRtc_ZOL8wNFAMi7XqnPW-ZG6Kgd0fkicac0duhkJl6Njc09xX7ddIV7dylCC7kUkvqF_FrFNCRhymqIlxgJcJLAGherHyEhzyrLzUIwvRiRcArmj9ra40t3eyIoEF-4AEJKVt4OcYsfcFTBINpvGxshFA4WGNrsf5x0rQPFIje2Dodv7arnpMej8OJlrbJVPg5Q4pOMbXbEHO3a8-AVOelAjnlh8Mqrt9-y9iSX3dcAOX3LzN9GazEjZfByrfsih-IIoN4O5ScTAiKwqOECerqyq8VziiOd89ex_pU5huawEvgYzs9cXw_Zxg0r0rbr_Zl_LA5qMeAJ8T3DNM8kcr-gljROnR3gaPPJzxfrY32vbx9feAdZv9nGRm1Ouew2532AUr1tB6iL8p-V7kEftlRfsXmjcnBsvpem6SU-35p570TPvWybRk1GqVXfRS8ugQ2S65wpVyn98Zyv6A8B6LbKVZmZIT6uS3CiLmwepzKwE-8UxAJECSBlLDVW8KkabJuUIDn5DRMnL1n-uRAzMxLQUvk5LCwMza6WXbK0s3yVXB1QMzIDNoVzMiENbv79peNdS7L_e2epFIbRm88yUflxF-xES6PDbQulfoAXl0qNcxBhjmu2LkoWMKWiT6DHF2H0ME8J8ObrHh_Hsrsycv8JOcEpgzddfhxW_bfwo5vFYHKguGVMrCK7_sKDyVZCFu-C7NUL_st0ffQ7-ReLJYDLTCDNrp22Y_ieP_rA903CNqmbj_O-N7m3h1uPqwvE2dOBaeIF_7vH9LQH-AtoEGPSN9O68N6_UZg5EW0sGrPUID3Jl1GTyBcY-wu4Uj_sOsLHGLggmmDHtBfrbTOdJ-hoDT4Yl6Cc_-rFnFJMy-GCmH4xSab9JLcL0Pv9DLXriVHeEFbytk5JtC5YeuA05sNoiVImbhlXxuuuUoO-euHtJIhcdZ_awH36wtncdIY9f1v517CU5LyMpGNpJp8ZIFnI92dSljZwIWLB8SngOez18db9mzd1FLWBnOzpBLRw0-751cpXilrubZ1scH4ZMlKEB9HD5wHkt9i0RHyYw7I5J31JeRW_i69EgyYpA7VdeKlRrgLkWsU9WNCUYnlHaA0QGLXqe21djVsmkOdshYK0p1CzBFZnplWb2SHu5UNeaqcal-i83SQPEB_ipxJiy0O_X8SAOAbmarfeq5D5FS4wFFuCoSNbi9XaP-n1KDHoNLk21zkbxi5viYMxk&sai=AMfl-YTfpQBVFlM7TBlDYVOptBORioXmauSjklUhw-KNre97QmhUtd6ugQtGx-2CkMn9zLcAuQsisljgeTOrx1cVi7oYuezGYvQmkJ4S5sRvW1aG5lkcu95p2h9BNjehJwHbKRuAagPvyxv-HUhs3rFNf_T9yGEda_4yMRlMDrHX9qiPxMcKVRi9&sig=Cg0ArKJSzMXO1ktEZwDGEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=170&cbvp=1&cstd=163&cisv=r20210728.41507&adurl=
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 02 Aug 2021 15:19:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BFAD 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 06:32:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31623
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Aug 2022 06:32:02 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9ABC 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 02 Aug 2021 03:09:05 GMT
expires
Tue, 03 Aug 2021 03:09:05 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
43800
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame BFAD 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3779f0a48a5443790e46bba8290c47bbe993437f7f024b444f913c928955d982

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
publishertag.prebid.105.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.105.js
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:05 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 11:00:30 GMT
server
nginx
etag
W/"6034e04e-14008"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 03 Aug 2021 15:19:05 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DDA2 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Mon, 02 Aug 2021 06:32:03 GMT
expires
Tue, 02 Aug 2022 06:32:03 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
31622
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enabler_01_245.js
s0.2mdn.net/879366/ Frame 04B0 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61777632/20210507023546467/index.html?e=69&leftOffset=0&topOffset=0&c=ryNUuQSWeo&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61777632/20210507023546467/index.html?e=69&leftOffset=0&topOffset=0&c=ryNUuQSWeo&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 14:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2887
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Aug 2021 14:30:58 GMT
dpixel
cms.quantserve.com/ Frame 9ABC 		35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJgqji93xURPep8V4yyMhFM&google_cver=1&google_push=AYg5qPIsWoDu5pH2n8Oy1fzLrrUJkmocCjnLfRrIdjRLxNq-XOIDaKswaQ9RjuXCmcJzdUbETrCizOzu_kdMhDrXexUFJU-g79A
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9ABC
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPL_Oph1...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPL_Oph1...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MDIxNTE5MDYwMDA1MTk0NDMxNTgxNw%3D%3D&google_push=AYg5qPL_Oph1WeXYiAr6Gwt5MYV8WpzW0Kcx5QnwvtzvVXJuKEhRIpP24tS7VZrD-fOSwQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MDIxNTE5MDYwMDA1MTk0NDMxNTgxNw%3D%3D&google_push=AYg5qPL_Oph1WeXYiAr6Gwt5MYV8WpzW0Kcx5QnwvtzvVXJuKEhRIpP24tS7VZrD-fOSwQi7BTw-Za3-vcuJHFYUMh21GypFJew
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MDIxNTE5MDYwMDA1MTk0NDMxNTgxNw%3D%3D&google_push=AYg5qPL_Oph1WeXYiAr6Gwt5MYV8WpzW0Kcx5QnwvtzvVXJuKEhRIpP24tS7VZrD-fOSwQi7BTw-Za3-vcuJHFYUMh21GypFJew
pragma
no-cache
date
Mon, 02 Aug 2021 15:19:06 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Mon, 02 Aug 2021 15:19:06 GMT
sync
odr.mookie1.com/t/v2/ Frame 9ABC 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEC8k4z2MLvf0PukgClWIcbM&google_push=AYg5qPLop5_zLgrzrRP6RAHM7j29hM_ivICmlztnD7XZdii6LtRRaMJYP_Q2TePp9Rb-Q_Ek0ZFr0YQ8F2Aj4cj031SLswSL4Ps&google_cver=1
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9ABC
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESENrwTn8H1v6o3Z5DirKacSo&google_cver=1&google_push=AYg5qPItMuQvZLu9yQilJl7KHIHw0kKLdAFhTNpiDxZHG3pbKHdD_naemYS8fOx7WnxhCIoTObkNCdtIY6tZ-5sv2PsvursjCuw
  • https://rtb.openx.net/sync/dds?google_gid=CAESENrwTn8H1v6o3Z5DirKacSo&google_cver=1&google_push=AYg5qPItMuQvZLu9yQilJl7KHIHw0kKLdAFhTNpiDxZHG3pbKHdD_naemYS8fOx7WnxhCIoTObkNCdtIY6tZ-5sv2PsvursjCuw&o...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPItMuQvZLu9yQilJl7KHIHw0kKLdAFhTNpiDxZHG3pbKHdD_naemYS8fOx7WnxhCIoTObkNCdtIY6tZ-5sv2PsvursjCuw&google_hm=CeC_aiJ3yBEe_bAH8YQR4g==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPItMuQvZLu9yQilJl7KHIHw0kKLdAFhTNpiDxZHG3pbKHdD_naemYS8fOx7WnxhCIoTObkNCdtIY6tZ-5sv2PsvursjCuw&google_hm=CeC_aiJ3yBEe_bAH8YQR4g==
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPItMuQvZLu9yQilJl7KHIHw0kKLdAFhTNpiDxZHG3pbKHdD_naemYS8fOx7WnxhCIoTObkNCdtIY6tZ-5sv2PsvursjCuw&google_hm=CeC_aiJ3yBEe_bAH8YQR4g==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
1elsa1oa8j339pm8fj5odoq28fkiddbc
pixel
cm.g.doubleclick.net/ Frame 9ABC
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VUbBEmeAT8O8RP-GPh--mQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VUbBEmeAT8O8RP-GPh--mQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJTqH_Fx_eIvNWPu84L1fZ2bza7OtLmys2T3jxcfg-LOqOzMvssIo1ER-ZpAu61Kz2uQmSPVw4aG3hZIMkQSfSy9XnNYM8
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VUbBEmeAT8O8RP-GPh--mQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJTqH_Fx_eIvNWPu84L1fZ2bza7OtLmys2T3jxcfg-LOqOzMvssIo1ER-ZpAu61Kz2uQmSPVw4aG3hZIMkQSfSy9XnNYM8
date
Mon, 02 Aug 2021 15:19:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 9ABC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMtH2H9x8BmQluZddSjtrJs&google_cver=1&google_push=AYg5qPIWAeYzMlht5wW-y_V79u1s2-f0XVviBylktWqiStD9aBi1f4XsRKWFf0e0j1CVlwyGCuQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JVUzJQSVAtMTYtQ0pOVg==&google_push=AYg5qPIWAeYzMlht5wW-y_V79u1s2-f0XVviBylktWqiStD9aBi1f4XsRKWFf0e0j1CVlwyGCuQbs5xvHecgrAvJee2JHjb9H6M
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JVUzJQSVAtMTYtQ0pOVg==&google_push=AYg5qPIWAeYzMlht5wW-y_V79u1s2-f0XVviBylktWqiStD9aBi1f4XsRKWFf0e0j1CVlwyGCuQbs5xvHecgrAvJee2JHjb9H6M
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JVUzJQSVAtMTYtQ0pOVg==&google_push=AYg5qPIWAeYzMlht5wW-y_V79u1s2-f0XVviBylktWqiStD9aBi1f4XsRKWFf0e0j1CVlwyGCuQbs5xvHecgrAvJee2JHjb9H6M
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
trk
ag.innovid.com/ Frame 9ABC 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEI68SCv87GyBRjE4Hgjz74U&google_cver=1&google_push=AYg5qPKG38o8zOKtMsWqAQUHvq510WGNTywgLlazFLaZlMuqapKfOzTKFaNKa6BYZQyP9fbTbXUTUjYtU2NRpw2Nj7rNjl4hFtY
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8101:939a:325c:ab79:c5b3 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:05 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 9ABC 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jl4jGrVgFvDfI9RMyHaOwuy2aWivqx2K4zDxl8LaHr3EH1F0JqgUbsEMwSprf7gsdoRezy
Requested by
Host: 6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
URL: https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:05 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Gilroy-SemiBold.ttf
s0.2mdn.net/ads/richmedia/studio/pv2/61777632/20210507023546467/ Frame 04B0 		54 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61777632/20210507023546467/Gilroy-SemiBold.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61777632/20210507023546467/index.html?e=69&leftOffset=0&topOffset=0&c=ryNUuQSWeo&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
893226097160c1a1ecf1b86b31905d2facaceacf19a2d7f23c3c4f9653f7587d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61777632/20210507023546467/index.html?e=69&leftOffset=0&topOffset=0&c=ryNUuQSWeo&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Aug 2021 17:26:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78737
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33205
x-xss-protection
0
last-modified
Fri, 07 May 2021 09:35:46 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 Aug 2021 17:26:48 GMT
Gilroy-Medium.ttf
s0.2mdn.net/ads/richmedia/studio/pv2/61777632/20210507023546467/ Frame 04B0 		54 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61777632/20210507023546467/Gilroy-Medium.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61777632/20210507023546467/index.html?e=69&leftOffset=0&topOffset=0&c=ryNUuQSWeo&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10ec4f1e4a8f58a5e4a9ac21ef915302cc20d1acb21f20ed514ca99395c85d23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61777632/20210507023546467/index.html?e=69&leftOffset=0&topOffset=0&c=ryNUuQSWeo&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Aug 2021 17:26:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78737
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33366
x-xss-protection
0
last-modified
Fri, 07 May 2021 09:35:46 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 Aug 2021 17:26:48 GMT
syncframe
gum.criteo.com/ Frame 201C 		291 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=sports.creaders.net&gdpr=1&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=sports.creaders.net&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sports.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sports.creaders.net/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
387
date
Mon, 02 Aug 2021 15:19:05 GMT
content-length
321
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:05 GMT
content-encoding
gzip
last-modified
Mon, 12 Jul 2021 10:59:58 GMT
server
nginx
etag
W/"60ec20ae-14aab"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 03 Aug 2021 15:19:05 GMT
Gilroy.ttf
s0.2mdn.net/ads/richmedia/studio/pv2/61777632/20210507023546467/ Frame 04B0 		79 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61777632/20210507023546467/Gilroy.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61777632/20210507023546467/index.html?e=69&leftOffset=0&topOffset=0&c=ryNUuQSWeo&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1fb6e650db17c77fd2ceaa266b2218f2ef34c34753d003288b06e07589176c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61777632/20210507023546467/index.html?e=69&leftOffset=0&topOffset=0&c=ryNUuQSWeo&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Aug 2021 17:26:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78737
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-media
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35327
x-xss-protection
0
last-modified
Fri, 07 May 2021 09:35:46 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 Aug 2021 17:26:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E8F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKXPS5wwIYdnqOIGBx_AP8PiwYAAAAAA4AeAEAg&bg=!ZmWlZSHNAAals0SOpbM7ACkAdvg8Wpo5sWV_Nvh2eecWzFH3VV_mIyb6WeROJfNWsiMVLIpiMmCrigIAAAJBUgAAAK5oAQeZAsmcoDBY0LfcPbDGZL5aOzV_P5HkHp7A9E8DVYHLUrhanWOJqLDvKct1QAAQpxSCV6RFmAbk4G0MYxyZgbm6OfdSsOnT_YN15KWAS2g9rnOLcE1OiERh1Ie7vOY2Ze1vH8ntMh8Uw65gDHkkfA7XriVCGkbAIbB29R7oGdWxvY45xcbTYTnYl6tD8tbXAtyiMvpmnRn1Uq3s5lGqJY4yRZ1d01QGbnhi8PeB1kb23daNFoHz2gj92JeBMCk6Ydbd7rhYTyeIwg9gkGTECC3c79H51T55IcQ0HAcvxndnc5rDPtFnNpNcL06UZhKZVf2jG109Eu8YWP0WzwiSYCajSlfmfpkzltLuHmRpxWGs-3N1S_aqMVq7xFXeoavXntVdC-zIueBpiVd8amgJXgbmhq0Gkk52mSYhPHX4ZsQrCjJkBFE6dp7evnNGEpb6PATB5Ja-j_tQ4MkmBdE36tcEQtN3DzyN0-ECax6tRhkgjd0k2GGjNbc5RP3Jz8lKsuVN031AayVlqk6vgW47vty0W5hK8G0b693f8sS-MkVUI68t7eSHqVksEYBJLRI_UptZZya0_GBEwq_3w6T-fOTwiL8uhsplSTOapl7Aw7wJLK7cAZDsL8iNNI9HRFLLh9zrzgOxFjVP5rJxOd2_BXNSDSDbPf8isXqG3K-Kuh1pFpEypgk0BBGPv6HwKz6U702KehKBsTS4CwAkJCMwZOa7lE-2f4ZdedVZi3aOyiopPq-w0dyEIX38C8XIJHNKYG8ZLLkWjj7lomofAsJC3lLqAJ1sL4jSfwEbbavK8z-EHBnMXHJdJJH2sd2GPWKGL27JC7K7GYaDxs_Wkfhnef-5DwN5R6R4mg87JO-4Fve5W00Un2jZ5y9ShFsi39NumZZCbcnQKwAlDVoQMd--yobwktEiPhtHvutxD4CMW0E8hPPkEdPxsH9qFdmXvw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame BFAD 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstX5-NVV9ykDtQvtDzeCokjgovGhebNCEdTygMdOFBiqUR5MT9MAMaKNHGGsT9W_g6iQq0nG2ofgrudt0gRtc_ZOL8wNFAMi7XqnPW-ZG6Kgd0fkicac0duhkJl6Njc09xX7ddIV7dylCC7kUkvqF_FrFNCRhymqIlxgJcJLAGherHyEhzyrLzUIwvRiRcArmj9ra40t3eyIoEF-4AEJKVt4OcYsfcFTBINpvGxshFA4WGNrsf5x0rQPFIje2Dodv7arnpMej8OJlrbJVPg5Q4pOMbXbEHO3a8-AVOelAjnlh8Mqrt9-y9iSX3dcAOX3LzN9GazEjZfByrfsih-IIoN4O5ScTAiKwqOECerqyq8VziiOd89ex_pU5huawEvgYzs9cXw_Zxg0r0rbr_Zl_LA5qMeAJ8T3DNM8kcr-gljROnR3gaPPJzxfrY32vbx9feAdZv9nGRm1Ouew2532AUr1tB6iL8p-V7kEftlRfsXmjcnBsvpem6SU-35p570TPvWybRk1GqVXfRS8ugQ2S65wpVyn98Zyv6A8B6LbKVZmZIT6uS3CiLmwepzKwE-8UxAJECSBlLDVW8KkabJuUIDn5DRMnL1n-uRAzMxLQUvk5LCwMza6WXbK0s3yVXB1QMzIDNoVzMiENbv79peNdS7L_e2epFIbRm88yUflxF-xES6PDbQulfoAXl0qNcxBhjmu2LkoWMKWiT6DHF2H0ME8J8ObrHh_Hsrsycv8JOcEpgzddfhxW_bfwo5vFYHKguGVMrCK7_sKDyVZCFu-C7NUL_st0ffQ7-ReLJYDLTCDNrp22Y_ieP_rA903CNqmbj_O-N7m3h1uPqwvE2dOBaeIF_7vH9LQH-AtoEGPSN9O68N6_UZg5EW0sGrPUID3Jl1GTyBcY-wu4Uj_sOsLHGLggmmDHtBfrbTOdJ-hoDT4Yl6Cc_-rFnFJMy-GCmH4xSab9JLcL0Pv9DLXriVHeEFbytk5JtC5YeuA05sNoiVImbhlXxuuuUoO-euHtJIhcdZ_awH36wtncdIY9f1v517CU5LyMpGNpJp8ZIFnI92dSljZwIWLB8SngOez18db9mzd1FLWBnOzpBLRw0-751cpXilrubZ1scH4ZMlKEB9HD5wHkt9i0RHyYw7I5J31JeRW_i69EgyYpA7VdeKlRrgLkWsU9WNCUYnlHaA0QGLXqe21djVsmkOdshYK0p1CzBFZnplWb2SHu5UNeaqcal-i83SQPEB_ipxJiy0O_X8SAOAbmarfeq5D5FS4wFFuCoSNbi9XaP-n1KDHoNLk21zkbxi5viYMxk&sai=AMfl-YTfpQBVFlM7TBlDYVOptBORioXmauSjklUhw-KNre97QmhUtd6ugQtGx-2CkMn9zLcAuQsisljgeTOrx1cVi7oYuezGYvQmkJ4S5sRvW1aG5lkcu95p2h9BNjehJwHbKRuAagPvyxv-HUhs3rFNf_T9yGEda_4yMRlMDrHX9qiPxMcKVRi9&sig=Cg0ArKJSzMXO1ktEZwDGEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=793&vt=11&dtpt=623&dett=3&cstd=163&cisv=r20210728.41507&adurl=
Requested by
Host: sports.creaders.net
URL: https://sports.creaders.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 02 Aug 2021 15:19:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame E1F1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssY7dXBJ_Uxd5pgqg_pQsI_Fk81_nR-kP0uHEsx1L7upbItr5vCiP6LtK8Z4Ae86lIryfXH3RdK8UZPtt7VNX8DJCpqrPfK1TNcdXSf_dlYOqZ9ES-VIzBuqH8ffQ&sai=AMfl-YQZmqjRqXaGrBDoc5K61Xcet4hrQTcGgt3I7eDlfddKXQnROBUANxzIotS1Vyu18zzrBQc_3-P8MoTqdB4qE1lPVI8zMCOJiq3bcRdg5Q39iDeyzykJF72Q-BBEvI8&sig=Cg0ArKJSzNj9dXBSMRixEAE&cid=CAASFeRo8gjp8tro4SqvCr_kzeW3i8Eewg&id=lidar2&mcvt=1059&p=98,573,192,1301&mtos=0,1059,1059,1059,1059&tos=0,1059,0,0,0&v=20210730&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=1355190270&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627917544545&dlt=36&rpt=291&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 04B0 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dec393ab1dd152dc7c2ef0a0c3ef12325f75aee7a8bb10dc2d432434e2f81432
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Aug 2021 15:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4324
x-xss-protection
0
Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
pagead2.googlesyndication.com/bg/ Frame DDA2 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 10:41:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
189476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13367
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 31 Jul 2022 10:41:10 GMT
csi
csi.gstatic.com/ Frame 7CC7 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~krus2ord&c=5355204838785&slotId=2677602419392.5&qqid=CPGrzbfRkvICFbm83godOsQGdA&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=997&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=16&vhc=0&msm=1&aits=0%2C17%2C36%2C18%2C22%2C37%2C43%2C44%2C45%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210728_RC00/outstream.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:804::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021072801&jk=2424556705055294&bg=!U1ClUBTNAAals0SOpbM7ACkAdvg8WkxGZnP34zGZEFYyGBW_2MCUyD2uA41pafZtXor28-Q8N9Ns5QIAAAKXUgAAAK1oAQeZAn6ESRU00JUeiGgZ9sOalnbMxkgBcz7SW9-OxWOO0I6QF-AOk_nGGQ7dfJO8K-W21ZovLEYghhYw9x_FXrxwPn2oOcNIK0Mh8HhVnfMJNPf0V_4qFIiIl3663dbBbshYUlt1pGK8DGHPPB-WPoM_-MNvOOAGjEzITSzcCISR-Y-HAsZ-YADTA_piNgT6X2MWnwDnNBFf6elhukpMQ-n6fKzWlF2ti1TgOURRFvIDLqtwH_4aTAWwnO-9_8TzY20OOedtB6aSD0ztdPqCV1q8xjvMTYmG48JulqGEypRgoz4A9dedjqsY6ljh0aGEYVoVp_ixkxRaKx1jtYC9rZzq5MzKby-vCzV9-W1zUdkpD5v-DmYqTzvArZxSrvwWaniifeWxj2rQ3j34k_h_kjDKqdrxMDvam9o7s_7g2suo8_uhCDWPdh1yKpvdKlC9d4VFfh4w9vGNjWjs9AiR-jcLmL1xpfPNK0Iqj-k_ovzMroKG90RV0oR73Acu5Zknf4yOOzul3aJzf0wWjZ7jKpYcr1rgGWhumb1rUr-BMKRQWptm5uEOPrAiDGZXUQ9fBGQZnJ9fNdB7LpS_16TzcIiDcue9U9CAf541KAkn-IB20sfUA_wYpsuWDIsZUbol0KKqDNN-RmkBx9GinCeKHcsQnkmfTIoqxsu6GyoedcWyjHKMPj1PdYRsZTvD7-Rp39bRXtAEsK5saabIbFPwzQBH0LrSTPd7WspHDuyTk_D9uZkrLHy8va0NXjmJQ6meKiZpnW4Qp38wbtnM1ZvAznqP8UfDIwDNaEAlph6GVYeCjUfxRnW2ay1SjvgNqoa2IpqEFfXx3o50GKD1w6PlyybkSQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
backup_300x250.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61777632/20210507023546467/ Frame 04B0 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61777632/20210507023546467/backup_300x250.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f0a0b6e96b6a83dee549af751a6997017c0a979aa23bf539bd4069db4a93843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61777632/20210507023546467/index.html?e=69&leftOffset=0&topOffset=0&c=ryNUuQSWeo&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Aug 2021 17:26:50 GMT
x-content-type-options
nosniff
last-modified
Fri, 07 May 2021 09:35:46 GMT
server
sffe
age
78736
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33101
x-xss-protection
0
expires
Mon, 02 Aug 2021 17:26:50 GMT
WR_logo_white.png
s0.2mdn.net/ads/richmedia/studio/pv2/61777632/20210507023546467/ Frame 04B0 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61777632/20210507023546467/WR_logo_white.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
367a776a93aef9e68b49eeedd7fe25b043e8156bb3e8cb93bd47e9d6893f1ecf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61777632/20210507023546467/index.html?e=69&leftOffset=0&topOffset=0&c=ryNUuQSWeo&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Aug 2021 17:26:50 GMT
x-content-type-options
nosniff
last-modified
Fri, 07 May 2021 09:35:46 GMT
server
sffe
age
78736
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13782
x-xss-protection
0
expires
Mon, 02 Aug 2021 17:26:50 GMT
37838195_20210506060736581_bg_300x250.jpg
s0.2mdn.net/ads/richmedia/studio/37838195/ Frame 04B0 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/37838195/37838195_20210506060736581_bg_300x250.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f90919b20c24ca1a48071c6324dce17c446e63613b0296251e111c11f81cf7df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61777632/20210507023546467/index.html?e=69&leftOffset=0&topOffset=0&c=ryNUuQSWeo&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Aug 2021 17:26:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 13:07:36 GMT
server
sffe
age
78729
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57457
x-xss-protection
0
expires
Mon, 02 Aug 2021 17:26:57 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 04B0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Mon, 02 Aug 2021 15:19:06 GMT
Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
pagead2.googlesyndication.com/bg/ Frame 4167 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 10:41:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
189476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13367
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 31 Jul 2022 10:41:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 57D9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BZtOe6AwIYdqrNqz0xgLB44CoBgAAAAA4AeAEAg&bg=!zc6lzorNAAals0SOpbM7ACkAdvg8Wv7ap66e_3z8OYcMu_5ot-7ZrRq-EZRpUoO5w60wrzq9bTgynwIAAANaUgAAAEhoAQeZAsTkjjwbdiM5zy7OZKFvYcv3y73K-jrC0Vk__AVRcqb_Qwl5sqa2j1TJ9BGusirJ9Nd4RNsoWmkS9fqHKVgost8H8wG9a1BvuQo0kOkRU2rMbKfBeJT2--_QKSV59jGjWENn3cDxfkKaGv-yVvgp2aB2Buw2PSZj7Z-6U-bbup_WLZLcMscl8Yju6Q18pOQgOxyeCIXVjqF045CEf04W2m7-9wgo5Aws4Rq9Np_mKMHRfe-R3NHXlww34so2Vk39mSNHJV9sgS9koqCMSeb_jYEhxR8X4L8MWKshzMFTyekAxD_60byWIBliaXhDSC6droyPnHbtkm_9BR7ywoZNv-gNY2X4ywu-Xm6_hssYF6Ce_7fU-QQvJfhML7PXUfNk-H-Pvrv45W53eWJxbVLYtC-2AWx_m7kcrUvCewJ6GMziXS6xRe91iovWWKaH9EIzjsmIihxFroLATbexCzTJ9SeFpOT3cU0pVGEFF0b7QpRMkO-Jq00S08fXciHOG0yAj-aaficKIO8Fg03F-fR_6Q1XLWtW_dOsPH5HWT5keSrrnKpexb6oyO0ThviIBI9yVG5BXsCY1odIbhKtsvK3eT1SkuuYxeJ-APddeWm1HSaGKOjXmCpxzFDfk9fGWPk5LH3370gMz-896c_mba_VzK6NYDdwTgX6osCsrFR1cQ0db5n6vuZfFZn7zXcajwupvCVND5EeQSw8wBwLOD87hkPkOFGZn9aK0HeZWeMuP9qsKIC0h2km5Ul7dAorFErWJCcJq_bZgJNEmDJ1FRtiTjoX7xvPF8UABIBD2WVTU5TofaW97BRT1hZOSmDZige9-R8yMjsBfb35X2NmKpmqiWn10ib-Gu9MRW4WoGeQtSysIErwpyInfVyL5_gqQ5DPSp8wHxoaxk-Xh6AsK2sQOGMeeIeFeDIvP3UgR4OSa3Ip0WAI3tc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AD3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BnKjY6AwIYcWeNsGH-wbm5YbYBwAAAAA4AeAEAg&bg=!SkmlSQ3NAAals0SOpbM7ACkAdvg8WhDBGRJknzW67qfz_5Im5kRu7TksRIwz4rNC3unifO8FM_uEZwIAAAOQUgAAAGVoAQeZAuC6XP05MYl8kdsVNG8wNdo_38RuK98moWmaOMX3e0yz_zMp2RFuypjO6Uy_hwrRIQOHRsI6hZNgPyuvXSQTv8qgaDo5AchhW2FSv-Ns5i7tUxdyZHkjT8GETxn54Jurz4tsrLn2il1NLiWI-U5hoA5A1hZh3PwafGgKaiFSUalgWO9EQuHwlyjKRJfcDC2DGTAUMYhvVzQJiimqQZN4ypC3-Px9tD3VmC1fmwAuOuv9HGj7LwxMn8s9HlZ-X_sYgNZq6mdecilpltTgHyDJKlQoXrFck8djEXx_Law9060-4WJ0UrHwEAZMC66r6XObgGPyVhGpwqBvgCicxbdAtqXZc-vkz6J6C4u_U76tUfY4XXprzvfyErLNCSk9vNY1f1G8ajNm-t-5ujFsvs-zmc8NLL6peLG8KMabMPyTzZ_A96vl-er-QPlJnqzItluEsrJi3IVRade-BSw9iPe0cSD--R8tXtAs6OBzvDxXOF8FOsVGDSUQZsdDm_jDa04ny8SaM_DJQqDkBwkjS82AqMApv45GHWszEgoE4Cvt301_Ud2rn-gcFRbNmh2tP1BwdwTAnmIBcq2JcPNDoFOFZOZ9Quox4YBWBGqwxJ6lVIC4MTsx2vbvoPNpYg7HvKI3pSRzgoejeVs5Xdr28s_m72q-OcFjbkvkYLEdX-WUrFdqyEoS70PJC1XtPRgn4biW3rfWFeTeJY5qoXAH__L6LUWY-VzC6eI-Y9eFR6slWpbB3sd30ysPr9EyBnQJ3FOHBBk-SN0TkDsOR6oUkWRj-FFjmoGjy8OSArCgN1fES5jM1mqZhtdWZL32vJc9T5pTo2CZYsrDMkvNUzSPh4lxGF4mzM1aJsJlUXAR14DH3-JoK6GW53fg3H0rUTxxy--9HreYeHxa7V7Fgb4nksg6niExU0_k7xWI3gYIRTY9ArjchCQBvZXGNfI3c6vBfa3ubTiuZPFSxLwYoRehv5ZBgpEP
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C60 		0
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BYF1_6AwIYbeTO7TIlgS4yobICgAAAAA4AeAEAg&bg=!7O-l76vNAAals0SOpbM7ACkAdvg8WkFe7w4PghmsaWsr6hqlR0kFNICLFi3b7cSAuuo1Slm4TX2hlwIAAANxUgAAAHloAQcKAMgJRYEonMTAPXOKfSLjTUfg7Ln0x6Dflr1U0XzAaUiT44EzieeRv_GziGCSss3tyQ91PJ6V_StJX0fmFXOQ38VGWlHFVizpAr89gOTQA3q_dKxfBmpDY9zCJtwkYrtFsOi_qXbcYMLZpGUMrzBMKpf9BeFezEfCPUlVIMcPrWsXwf1UcmYWQQyXMTLhKejX0ivWwBzUn-vTY-Ug6bBTyWsqlVJDKXLqgDRhN41Axe-ACVLQ98fAewBRWaf2PiPmMWZVjHJNVfkgQZkCwTz3-ZpHynXA69z7sPFAxcytJP74Q43Cjz5ncy7JkMqWPiZaGoGvAbolNTViWba0n34uVlIMlVq6SwAUYUFTW6cmDfY5OK3BQWPjeCz-Co1dHITfzBpVWfvJB5YHtLUf87htkMs9dqFynyo0TDRvQU0jqSO2hAMmCzVNu9dtZf3s_b59QmT94MZi3ToNfAK5QfoqWlfIeo0nkm_OSZ0ibs3_pOcs476A2g84B0SFmQ-b_lEf3tIyJsRJdtg5g3vLFQNY2S0Sg_OZmS6HEEF5rbE3NHAFgMuE3Qf9c8Z0kzW--tzg39u9bPSNpMXo6M6_5zkz4mFLNxvlgUsSrVvSNj-y_BQtx1nj9Wcfc8l2XYclZ_wDTUnNgdCjitnYnr_Pkd2nD8tLtSghFabMADBiG6FEqNNsDyASLAsDkPrXOApP0xvR49ZdxZS1wR5bgVuGTJFAKUMYOs1yep17hkLtLsHyyPGItb7Ji-OM-zT6ZImlVwgR_W1hJWgoU2dfhIJDzhielevyJmQIb0daM-I_ALTDwFjusbu5IKT5b8_epZw805Q2mtRl4nQrhZk9i6qW48-5sevASzDNWqfEVSylDLzSE_0RkwINH5QNplbNAOY8d8Twqt7rgMQbX2y_sHe7DeUF2InxzsdyM03xUuZP_2RbPgtd75heAvt5eG_VwyVTndqi6YJiQQrRKls20BoFU89TME1uCrpZ4wgmb8PkeHMJLCUZy3B8TL0RLOKYPNcSff6d1hLsGqAkdDMRGdhTA6NgQRZnbTJq57VqJDuIZIEN3Qx7jFqkOmVQ1xry6EhM2uAn6oYGZSkLRRsLjGf-pAuYKzfqUYRYhVSSgiixU3Dk6w-z_1BJXolEsjWUOguPsZE6XoYiKaARTMIDgyDic_B0O7-hQKQfXjOkzodgtXX9klw2C7zRYuHZBnZ27TU2Gw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 51BB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sports.creaders.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sports.creaders.net/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 02 Aug 2021 15:19:11 GMT
Connection
keep-alive
quantumdex
sync.quantumdex.io/usersync/ Frame 79F4 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4a0c92ac7b238ccb4df8e037c8a57cf0b4b4dae44a57d1486e01b09c6eaa0c7

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sports.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sports.creaders.net/

Response headers

date
Mon, 02 Aug 2021 15:19:06 GMT
content-type
text/html
set-cookie
uid=e7cb4d8b-011d-49c6-9214-eccc5daf6e59; expires=Sun, 22 Aug 2021 15:19:06 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FolGEppJVZiWyp3FteG4ydarNAqF51vri0iCALR6R5dH3eix04YEy1OChgS6Rhw0c1iTBVeazFDOrIR2oPtp%2FVs8Xr7920CQdWldJbN7mE7SrNK%2BdSRSJXUhi%2FsPcdd5NfC8eGKKY3P%2FTup8vapZUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6788485b3f65d6fd-FRA
content-encoding
br
quantumdex
sync.quantumdex.io/usersync/ Frame 913E 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c9b02bc45ea0d75ddee5cc0c3764078f874fd43e2ec2a36f0545592a1ece25b

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sports.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sports.creaders.net/

Response headers

date
Mon, 02 Aug 2021 15:19:06 GMT
content-type
text/html
set-cookie
uid=fceab2e3-a28a-4543-8489-50dc2bdcb02f; expires=Sun, 22 Aug 2021 15:19:06 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LcxUBHKlHQMtaCiHxq7tHv3H2LhidmxdtFpk0ikDAVJXE8klJ7L1ixSHPhplO8NcCz4O17mMZ%2B7XAqT0sSDZiFCSrtS%2FYlAn80I07kTD1DZvPOwZu%2BsAj5Q%2FgQucktus6UeWk9%2F6Zva4mawSO9eZ3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6788485b3f66d6fd-FRA
content-encoding
br
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4AC2 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3DAC 		0
0
ixmatch.html
js-sec.indexww.com/um/ Frame 0AF3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sports.creaders.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sports.creaders.net/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 02 Aug 2021 15:19:11 GMT
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame 031D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sports.creaders.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sports.creaders.net/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 02 Aug 2021 15:19:11 GMT
Connection
keep-alive
quantumdex
sync.quantumdex.io/usersync/ Frame C54C 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6fff83603fb75bf74450885e2d3b50fa4c553aabdaf737f7f07675b30ad8677

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sports.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sports.creaders.net/

Response headers

date
Mon, 02 Aug 2021 15:19:06 GMT
content-type
text/html
set-cookie
uid=c68bab4c-c49d-4cd6-8390-31f8d954fc27; expires=Sun, 22 Aug 2021 15:19:06 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNqMq%2BTzRJ3QJrsWMjOrW4uYLJEt4SeQFOPFY6Md1sEzQcWydeEEdQF4wFaWlm6j8zt%2BFf0MR7xeharWlm1TgDvS7asY%2BmlXj%2Fpyg6TEPsnMk9Kjbwbxz01YK5wbHi8LjN8nY%2FeKBM6yPk4dgj6yrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6788485b3f67d6fd-FRA
content-encoding
br
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 08F9 		0
0
quantumdex
sync.quantumdex.io/usersync/ Frame FA2F 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5af7a1f097ddb6649cbcd406ecad23b40821e8ac63faafe039243315eb0d76f6

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sports.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sports.creaders.net/

Response headers

date
Mon, 02 Aug 2021 15:19:06 GMT
content-type
text/html
set-cookie
uid=3f2f1983-fe37-46f2-b458-5a610d3bdf73; expires=Sun, 22 Aug 2021 15:19:06 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6zUB2CLbyhYh97QsNGC9HHYOuUucQc53JWiGOYreMHK8ero87X1va6DNFO98PKId0ITbfByQcuv0sZJEeN7VfMmOKA0d%2BfKoQlCpWyjARdx%2FI35PcSyDpr9UdIxW%2Bt1xgO0rXMF5kiXM9tPVtYDDwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6788485b4f6cd6fd-FRA
content-encoding
br
ixmatch.html
js-sec.indexww.com/um/ Frame 4FAD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sports.creaders.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sports.creaders.net/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 02 Aug 2021 15:19:11 GMT
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1B5C 		0
0
um
u-ams02.e-planning.net/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3Da480c21f339daaa2%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3Da480c21f339daaa2%26uid%3D%24UID&sovrn_retry=true
  • https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=a480c21f339daaa2&uid=5a16366db3c9033ce6281819
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=a480c21f339daaa2&uid=5a16366db3c9033ce6281819
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://sports.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:19 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Mon, 02 Aug 2021 15:19:19 GMT
Server
nginx
Location
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=a480c21f339daaa2&uid=5a16366db3c9033ce6281819
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame DDA2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuNVt6QwIYYKCB5OD3wOEk6zYBwAAAAA4AeAEAg&bg=!mZqlmt7NAAals0SOpbM7ACkAdvg8Wj_crpfRiwAKjOrAMbbrUJGTVWOQgy9YZDfSPWGRVFn-gbJmpwIAAAIVUgAAAA1oAQcKAF_CZGAXkd6PcijoNiph4ISSqegWrISzuV3jXqkmlq7ZXrK971FTaTS4wJgp9BNNP31kYMhQv2r4U55Bj-8wsepKy5A47wyZe2LklULfvCU93XlJParDsQhZGTCJQkBEqJkCxA13lGV5APYid6F17dz_b4zigbP0xcmFLUZ6OyUyFHYaPTE3nJFCSBCARdTLKjp5yLpYWc2JPqMIWFRF-k4LVdHZehCo5gVbrXJ1O-vxMNoqdFnHlm2HTaKMpDQFTK6jXFRlEGUx-6KWjGaIehbaFMooH-CPGD5d1JnvytWVrdHX49mIIHLxdFXde-C8JQrcba_QjBgVEBAY8E-B3F7e7xldwZeqz0AYEWvFuRTnq7htrD6o64hxAP7BOhUonhjVItbCcfW2GauRpeP4xsbSXy1zwTbX_vnUWXO0MwQ_gMc-sKwBexyHA4FT639u45nS29LOrKJmSUbknICRXHMixVfofg4ch1RIkFjGxBrkhX6bzsLmmkqVuzoPJp31gYpZQVmb77YtTtoTIm2lWrK1HK40oW5vVWGSeKiRzMyi1XLLS6_N46x9TQo261G61_BN69aINPJkql0yNhr7KT1Lqc4OZ8Ab2fgo9-Y_PEDXfRhr3roxOscGj3yJ1toUKDHz8DjOcUMDEJxJ10NKJUVdz6lk-kX_6MrreuLPuC4__yx1mB8YaQY-7QKmQE7C7JhkTqe1gzeyrmyzSxqal1kgkMtaIWUwbgOVhTJ3QHP3HFJi3Egiu8jVNarq2j_-el1z5pF9WhusNg2OvCuMxIrQlnGUpF67YKrbeasnwUe98LNV9o42kPXRB2VyLYEKYpWSV4Kl-2V1Z6VsDUjoy_Gx0pIlu2AwwDffFrF2vt6nEO313yniDt30PuBgTn-1O-j-UQNujbkWfN6HhGbvKxX08wf3O0kVvrLnTOMxmtCW3T0ROZ_3MIHIMGGUM9y5nRZLiFNjSy3oHKU5EvdD04jyg_dAflYWFYkV3XncWrJmgpzUZsevr4GqHgQTbcDqwSQHwlp4nAAj1k8SPWNXbLYZXeAm--YpcKYb55qQqW-GHoxfn7ai2Q
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
sync.quantumdex.io/ Frame C54C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6979629460396125427
43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6979629460396125427
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:07 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5S9HIqNVUiyL%2B1AlOuj4Z%2FVomCQoD7bZ%2F1hdxnLGbhDdJz2WtSuLGus%2FqRkXKeZ7kDSCP3I703%2FQJ203CV%2F1pw%2FeLpwYNRbDxT4fS3SGfPm8BaALEZ3jh4OMo7UvPs8ZAOH6NruZP3c1G2yTIoYumw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6788485d0afed6fd-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:07 GMT
X-Proxy-Origin
82.102.19.124; 82.102.19.124; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c63655b9-4b08-4653-beb8-0396a3cbe98a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6979629460396125427
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame C54C
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=434c2b17-0d20-4677-be69-647cca2dfbf1
43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=434c2b17-0d20-4677-be69-647cca2dfbf1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:07 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLBedlSGWZt%2FSepCHD5BsOWly71smmXzZfjPk2xpcxmZXTjHwGt%2Ff6Z0mplp4A082KfsCDnf3%2FFep72%2BEhYAnfqpW1kS5dDWv0BF1tIcQQe7u7wHN5CXYhAPO15VdpZQf6xOLc0a3Cod82yArYzw3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6788485d5babd6fd-FRA
content-length
43

Redirect headers

date
Mon, 02 Aug 2021 15:19:07 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzTiJMvgdAaHb16yTqcIC0N%2BJ%2Bl3Ik4Mldlc8gTzC8IQVuz1yyjHdiDgSyd5q4xr0Brrff7L1fpUtPG%2BwWmtJgPa8Vidul7FKz2rNjTtizWl6XfeCbOLjPase3yigqhx%2FM49le7RRuMQPunXa2k%3D"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=434c2b17-0d20-4677-be69-647cca2dfbf1
cf-ray
6788485c2948d6fd-FRA
content-length
0
us
sync.go.sonobi.com/ Frame C54C 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:07 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame C54C
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPfd75211f-f3a4-11eb-a60c-060fa35d3244
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfd75211f-f3a4-11eb-a60c-060fa35d3244
43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfd75211f-f3a4-11eb-a60c-060fa35d3244
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:11 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaNhLwhiIyR3dEdrIC0Fd77Ls4HpUxtBH%2B00gjsrDhkG2xOag7hI8NwaWaTAl5QgL%2FQsS5cG%2BggwWAJgTISC9r5dmM7zelmFBMqoAlxktLVkOc3k6XRyWECXeInbOr2M8ggyajucciYWeI7eCVX2xg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6788487adaacd6fd-FRA
content-length
43

Redirect headers

Date
Mon, 02 Aug 2021 15:19:11 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfd75211f-f3a4-11eb-a60c-060fa35d3244
Connection
keep-alive
Content-Length
0
user-sync
nep.advangelists.com/xp/ Frame C54C 		0
0
1.gif
id5-sync.com/c/495/0/0/ Frame C54C
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.75.146.200 , France, ASN16276 (OVH, FR),
Reverse DNS
p11.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 15:19:11 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Mon, 02 Aug 2021 15:19:11 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame C54C
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=b276676ba9e9a77b13e7cb72
43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=b276676ba9e9a77b13e7cb72
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZTERe%2BTFEsHsDD8yc12yTmemMYYidu%2BMpEtgbxKqFkr1boc7eqHKPwy6rJBVk3sifLDlaD5u9xzgceJZiB5HeMU0VLVNWLqdYBT1wAD5lmYR%2BRvic5L0tbEXCL8ffP2sokYw5skOjjnTxW%2B1MwCu1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
678848a8990bd6fd-FRA
content-length
43

Redirect headers

Date
Mon, 02 Aug 2021 15:19:19 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=b276676ba9e9a77b13e7cb72
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame C54C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-wwbUiyBE2uE5Pp_dMj.YQJnoB4Sa3cOm7P7ZkHg-~A
43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-wwbUiyBE2uE5Pp_dMj.YQJnoB4Sa3cOm7P7ZkHg-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:10 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYUl0uLYvkZoxEmUFeK3Tndd6Ho9cQcMPYag75EYxpO8Occw%2F3g3HWe5wdOTqDa6tSfZawZK%2F0Nnxa%2BgCApBVq7w7my3%2FJQ2IGEyFf4%2FZ%2FFxLoa2XU%2Br4JuVvFdWfcUcY5TYq%2FDQg8ZrZIg2mnUOKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6788487079c0d6fd-FRA
content-length
43

Redirect headers

Date
Mon, 02 Aug 2021 15:19:10 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-wwbUiyBE2uE5Pp_dMj.YQJnoB4Sa3cOm7P7ZkHg-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame C54C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6979629460396125427
43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6979629460396125427
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:07 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4zdcWUEmU9AjhAuqG4fcVgb4pl61hGLBk3niUvBwuCYHnLgPj0UXWkTaZBF0d8L%2F1yuVKfrqFGWnk0hHlBy4m3ulFOMtldrZ%2FnPpBnjVed5N%2FtyJ%2BwlBZelncv8YPDCPi%2F%2Fs%2BVe6aRh%2FA4AToSFXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6788485d1b02d6fd-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:07 GMT
X-Proxy-Origin
82.102.19.124; 82.102.19.124; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
eba6559d-a989-4aaa-9507-0fed82f2046c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6979629460396125427
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/FGMrCMMc/ Frame C54C 		0
0
Cookie set uc.html
sync.go.sonobi.com/ Frame B95C 		43 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Mon, 02 Aug 2021 15:19:06 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s579|YQgM7; path=/; domain=.go.sonobi.com
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame EAE1
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fa60a8476199881f817a752cd30bbfbf03671688019258b2a390ee94823e1be6

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YQgM65m-RitZy6N1jRSiugAA; CMPS=1125
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|45|230|39|105|109|188|152
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1582
Expires
Mon, 02 Aug 2021 15:19:07 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:07 GMT
Connection
keep-alive
Set-Cookie
CMID=YQgM65m-RitZy6N1jRSiugAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 15:19:07 GMT CMPS=1125;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 15:19:07 GMT CMPRO=1146;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 15:19:07 GMT CMRUM3=e661080ceb2760&6961080ceb05a0&9861080ceb05a00&2d61080ceb05a0&bc61080ceb05a00&f161080ceb05a0&6d61080ceb05a0&2761080ceb0b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 15:19:07 GMT CMST=YQgM62EIDOsA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 03 Aug 2021 15:19:07 GMT

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 02 Aug 2021 15:19:07 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:07 GMT
Connection
keep-alive
Set-Cookie
CMID=YQgM65m-RitZy6N1jRSiugAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 15:19:07 GMT CMPS=1125;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 15:19:07 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A698 		0
0
/
onetag-sys.com/usync/ Frame 2C53 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
setuid
sync.quantumdex.io/ Frame 79F4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-20EuJiVE2uFSG3r6BA2rfqvFIFoGo.ZHkV0cw30-~A
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-20EuJiVE2uFSG3r6BA2rfqvFIFoGo.ZHkV0cw30-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:10 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4jccYYjhdihPy7UbwRpo4AL0D6JpLuV7n02uGwv5z4bKXB1KycEO%2B0dzbE1mSl2vWqY1WHoOxeY9TSwmQYz1oIp0fNbnjUASqJhY86p5ISwgHK2S7y59%2ByCWG6Li31xVv2qEMrnoha7dwf1AJjFDEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6788487099f3d6fd-FRA
content-length
43

Redirect headers

Date
Mon, 02 Aug 2021 15:19:10 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-20EuJiVE2uFSG3r6BA2rfqvFIFoGo.ZHkV0cw30-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 79F4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6979629460396125427
43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6979629460396125427
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:07 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scfUaZh72eb8C59mOuqrigybnSf6IyIlNUWR%2FldCiTftOzOFK2cm0jsGPhw7pmOBF6cknmdPgIzE1pLaC45mJCFmO5U03KVNSeV4Yn9D9Hcwoh470vHVT2m4oIvNTMlZd36s8vSH9yd0o3JHppPH0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6788485d1b06d6fd-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:07 GMT
X-Proxy-Origin
82.102.19.124; 82.102.19.124; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
40fc4d54-ee99-4620-9e9d-156b676b6f09
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6979629460396125427
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/FGMrCMMc/ Frame 79F4 		0
0
setuid
sync.quantumdex.io/ Frame 79F4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6979629460396125427
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6979629460396125427
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:07 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SP2axyMbaJEMWxMuLuCy%2B%2Fpw5MCSFXVESMWyPfO4K2IxhSxFo19ZQxwF7DfJn4wTghjABqCVi8DRpL93rgi8Wcxkqlz2U2md0fl5it2sC3ZJttF71gZkXYiTz4zuEh3f9%2BrB8bONwemOnCLKs5lvUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6788485c99f5d6fd-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:06 GMT
X-Proxy-Origin
82.102.19.124; 82.102.19.124; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a353d163-9002-4b30-85cc-a943e4a99538
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6979629460396125427
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 79F4
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=1f206a50-3f4c-413f-af47-5279e486acb6
43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=1f206a50-3f4c-413f-af47-5279e486acb6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:07 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QsxA%2BYMVOzmqL3AIg7ypsX73%2BobAUKTMJzOwISQfdpYvPaPbCNfm7KPGz3QWiiSAmBDxAHGKYB1%2FLNn4OAn3MZdSGJMRhf9ndmsSfos04vJQjVVIVK0zrqC%2BSQr%2F2XNJs3%2FC9bDYKRdA2ouOR92OQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6788485d1b09d6fd-FRA
content-length
43

Redirect headers

date
Mon, 02 Aug 2021 15:19:07 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKRessFx6wpJ%2F2JjnXJAckBX4Fnkr5tZXnHlGFWkAvObi076%2BYjFDUIOVSCmZGHXfZ3j0VwKhzkbK%2ButFrZtuKoNPLLyIyIb4gXSqtdyqjLsT7a%2F%2FOSfPNEb7uuzSGzOx%2B%2BzxDY%2Fg%2BKrpEwJy0U%3D"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=1f206a50-3f4c-413f-af47-5279e486acb6
cf-ray
6788485c5983d6fd-FRA
content-length
0
us
sync.go.sonobi.com/ Frame 79F4 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:07 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
user-sync
nep.advangelists.com/xp/ Frame 79F4 		0
0
setuid
sync.quantumdex.io/ Frame 79F4
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPfd72d7ad-f3a4-11eb-821a-02407095623c
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfd72d7ad-f3a4-11eb-821a-02407095623c
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfd72d7ad-f3a4-11eb-821a-02407095623c
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:11 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VuR2MiEtvPU%2Bsx1opDR%2BPflEzfbW7xNH8klVtocb8KMuMnHs81JujCh9g8XMRHDnPQ7Bp8NM%2B2QBZmLa7a%2FohrVYd7CYCVOsTRDZFCMyelWRatdZpIAsg3VKiWDJqMVja%2F86xH9k05bGNCIZJVPuvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6788487aba71d6fd-FRA
content-length
43

Redirect headers

Date
Mon, 02 Aug 2021 15:19:11 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfd72d7ad-f3a4-11eb-821a-02407095623c
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 79F4
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f1e48458acc48389f8f755f0
43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f1e48458acc48389f8f755f0
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqnlBhVK3N%2Bha6hzoUMu%2Fe3nYMPxX%2Fqbd5lQMfo1YbOtAvNITUdzgVXFyupheunw5UnfrHwkCAQZcKHhf%2B8U24uH7TjozVf3UK7qch0IQa3ayeYXTPoH6eXB4aW3C7ISpCa9NZsHNGtR9RqceU8cyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
678848a8a91fd6fd-FRA
content-length
43

Redirect headers

Date
Mon, 02 Aug 2021 15:19:19 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f1e48458acc48389f8f755f0
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
1.gif
id5-sync.com/c/495/0/0/ Frame 79F4
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.75.146.200 , France, ASN16276 (OVH, FR),
Reverse DNS
p11.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 15:19:11 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Mon, 02 Aug 2021 15:19:11 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 93FC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
226fa48b93fbc075b20c02938e4c4f2df395bd970d2aa52d35cef33cde5bfa32

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=1125; CMID=YQgM679bwsdCcAmCqTYwGwAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|45|230|241|90|195|47|3
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1994
Expires
Mon, 02 Aug 2021 15:19:07 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:07 GMT
Connection
keep-alive
Set-Cookie
CMID=YQgM679bwsdCcAmCqTYwGwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 15:19:07 GMT CMPS=1125;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 15:19:07 GMT CMPRO=1149;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 15:19:07 GMT CMRUM3=2761080ceb0b40&f161080ceb05a0&c361080ceb05a00&2d61080ceb05a0&5a61080ceb05a0&2f61080ceb05a0&0361080ceb05a0&e661080ceb2760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 15:19:07 GMT CMST=YQgM62EIDOsA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 03 Aug 2021 15:19:07 GMT

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 02 Aug 2021 15:19:07 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:07 GMT
Connection
keep-alive
Set-Cookie
CMID=YQgM679bwsdCcAmCqTYwGwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 15:19:07 GMT CMPS=1125;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 15:19:07 GMT
/
onetag-sys.com/usync/ Frame D0E7 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7A93 		0
0
Cookie set uc.html
sync.go.sonobi.com/ Frame 2DCF 		43 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Mon, 02 Aug 2021 15:19:06 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s579|YQgM7; path=/; domain=.go.sonobi.com
setuid
sync.quantumdex.io/ Frame 913E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2493422777243295428
43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2493422777243295428
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:07 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WCaPhnQYsRIptRqn03fMxwd2kuc%2FANZ15NevtGnZm94MxgfXV8TJECk8122LqfMkfsi4C%2B813xMol3mskdL%2FOFZ53tSNDkcYvmkSDwsEQqBzUq1vMydMIzsX%2B01HiM13U8IfhibTIT6pVbYSFScTzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6788485cca58d6fd-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:06 GMT
X-Proxy-Origin
82.102.19.124; 82.102.19.124; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
b3c9928d-a35e-46df-ba69-013c106a2996
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2493422777243295428
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 913E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-fD4JdXNE2uH56R4tksH9vnGE1bP.XgI6ypWgAdw-~A
43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-fD4JdXNE2uH56R4tksH9vnGE1bP.XgI6ypWgAdw-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:10 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=356Jf2N9cAW9bq%2FoBt0L0rmU8VaUdDEM%2F%2FnAiHh7PIxmhaq5h%2FuEq%2F7abo%2B8Av23liuHRKq2PEHw1paCLEUIng1r6O4ViPI7BjcEZyKlFDaTaRawonclFETVrKAxj4yot7WsbHkVNeh05GeGgncWjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67884870a9fed6fd-FRA
content-length
43

Redirect headers

Date
Mon, 02 Aug 2021 15:19:10 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-fD4JdXNE2uH56R4tksH9vnGE1bP.XgI6ypWgAdw-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 913E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2493422777243295428
43 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2493422777243295428
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:07 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9vL3TzDNdCy3gQXdeEnNjf2HIRVsU2%2BpwJd5ekroMU2nJHZFjQ3V4WvHyXsv6b9BAQ5Jz%2Bp8k6HFw2TOPvAjR6W1JRnV7ROQgKeDqXFikxrCVQW9%2F%2Fcz%2BfXiteSQ1yeHgX14AhJAaolPRIt1NFbyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6788485cca57d6fd-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:06 GMT
X-Proxy-Origin
82.102.19.124; 82.102.19.124; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
ec0bd081-8468-4ea5-a31f-4fdfbbe5e53e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2493422777243295428
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/FGMrCMMc/ Frame 913E 		0
0
setuid
sync.quantumdex.io/ Frame 913E
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=533e196b-4641-4f54-8caa-9e6f65bc5cd0
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=533e196b-4641-4f54-8caa-9e6f65bc5cd0
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:07 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4ecXDdoP1l1%2FgQCzTzC%2Fcd2o4RK5dax7yebXG1LVTxMvPxV6v6lSX%2BcFL3gSggSJkBVBvhpXgkwwh3EQHsyiR9tjQUGpST7o9bhd5RNov4w%2BoVt7gvL1nwlqirTnYvsyO2Gd5f1vbNP5%2Blvc%2BZ8YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6788485d2b26d6fd-FRA
content-length
43

Redirect headers

date
Mon, 02 Aug 2021 15:19:07 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTsYEaXeSUbFto%2BKWYmKeN%2FWM%2FPGKBtnp5wJ7r84AeCADA1dRaI8CUHfENZGvy406Q9Qn6CmJ9jazreu1vQ31Xx7A9pV%2Bwg%2BVHQfnpNu4gMOxZrSMqOZNf1Etq0ftPS8PRoM6eufDf86yvjTMBA%3D"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=533e196b-4641-4f54-8caa-9e6f65bc5cd0
cf-ray
6788485c79cdd6fd-FRA
content-length
0
us
sync.go.sonobi.com/ Frame 913E 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:07 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
user-sync
nep.advangelists.com/xp/ Frame 913E 		0
0
setuid
sync.quantumdex.io/ Frame 913E
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPfd72d7ad-f3a4-11eb-821a-02407095623c
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfd72d7ad-f3a4-11eb-821a-02407095623c
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfd72d7ad-f3a4-11eb-821a-02407095623c
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:11 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhaA3jbpAbJAujF1%2BsxUaYWv5b%2BfU%2FhDk9KzJC4aTLlVDWeObxDl1M81EShd9juRxgx0GO2StAaalvbOtDx3YymU8zrVEBtRbyyuy7Wwk4Ltebnwg%2FS43jvUUrHGM4CmHx4yCnLPNboOBbx9v0ving%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6788487b0aefd6fd-FRA
content-length
43

Redirect headers

Date
Mon, 02 Aug 2021 15:19:11 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfd72d7ad-f3a4-11eb-821a-02407095623c
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 913E
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=03fcf601c570f28d1150005f
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=03fcf601c570f28d1150005f
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yaJXqKfePlazh87rnT0cyqYqoC9MAO8oRPgM9WLy2%2B3eyNKs3deNT5e1KUtjwdoBzDhgFINBxGFFbD%2Bwdmh3L265e%2F%2BjNKejIpUAWEELhSG6wfhbgxWAWwOizneUfMSgqhpOuqlJlqKXOgx%2BkvIzrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
678848a8c963d6fd-FRA
content-length
43

Redirect headers

Date
Mon, 02 Aug 2021 15:19:19 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=03fcf601c570f28d1150005f
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
1.gif
id5-sync.com/c/495/0/0/ Frame 913E
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.75.146.200 , France, ASN16276 (OVH, FR),
Reverse DNS
p11.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 15:19:11 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Mon, 02 Aug 2021 15:19:11 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame C97F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
da2535606b74a9f702b64271cede2bbd3c388b963fe8c6d9e8b7c949b951387b

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=1125; CMID=YQgM679bwsdCcAmCqTYwIAAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|45|241|39|8|41|3|130
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1726
Expires
Mon, 02 Aug 2021 15:19:07 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:07 GMT
Connection
keep-alive
Set-Cookie
CMID=YQgM679bwsdCcAmCqTYwIAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 15:19:07 GMT CMPS=1125;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 15:19:07 GMT CMPRO=1173;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 15:19:07 GMT CMRUM3=2961080ceb05a0&0361080ceb05a0&e661080ceb2760&2d61080ceb05a0&0861080ceb05a00&f161080ceb05a0&8261080ceba8c0&2761080ceb0b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 15:19:07 GMT CMST=YQgM62EIDOsA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 03 Aug 2021 15:19:07 GMT

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 02 Aug 2021 15:19:07 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:07 GMT
Connection
keep-alive
Set-Cookie
CMID=YQgM679bwsdCcAmCqTYwIAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 15:19:07 GMT CMPS=1125;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 15:19:07 GMT
/
onetag-sys.com/usync/ Frame D76A 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BE5B 		0
0
Cookie set uc.html
sync.go.sonobi.com/ Frame 1F4F 		43 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Mon, 02 Aug 2021 15:19:07 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s579|YQgM7; path=/; domain=.go.sonobi.com
v1
match.sharethrough.com/FGMrCMMc/ Frame FA2F 		0
0
setuid
sync.quantumdex.io/ Frame FA2F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6979629460396125427
43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6979629460396125427
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:07 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VxCCeTd5pA3VQiZaqunXIatFmmt7q7qGpbuhJJGI9ejywKFYIYr1viCkaXE0CHq3QvRLVPD61QypQ8nq4FuoIbGqzWGfpn5xbY%2B%2FqNabJWHwEViZ6uM7M%2FmkN2ihDH1%2Fo0Om7x6vAdTJxt0YQ3SnUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6788485cca54d6fd-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:06 GMT
X-Proxy-Origin
82.102.19.124; 82.102.19.124; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
d5c65e45-962d-404f-904d-1ea1bcaa5d45
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6979629460396125427
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame FA2F
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=4bba8790-04cf-42cb-adbc-8648c8484b20
43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=4bba8790-04cf-42cb-adbc-8648c8484b20
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:07 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYfTD1UOXYOGARF8oi6Lq2g12HACc3r7m7lmDfFvB%2Fps7h%2B2XAZHL81IuYODqi9tnFufIOK2k%2BYwLtP1DIIxG6%2BhHXIQHkOsw7U2ZMaz%2Bm7IppoMsrqCYFB%2BVbaFwNzUDRAU%2Fkmr4RSuShSXfiZa9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6788485d3b36d6fd-FRA
content-length
43

Redirect headers

date
Mon, 02 Aug 2021 15:19:07 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbg0qYmyKt6jcc8qeRosr6KPAzbXQcS8ezR5ZSex%2BX5ZyMkMza94xXdhWmGyK9OOT6WbJlWPeNnk2r%2BrFuc%2B8yaG4NgI%2FA82IQ0IAuRPmNSyG%2F7520T%2FKic8ikeGUyrJqudVa63TxMFxV%2BvBpDo%3D"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=4bba8790-04cf-42cb-adbc-8648c8484b20
cf-ray
6788485c99f2d6fd-FRA
content-length
0
us
sync.go.sonobi.com/ Frame FA2F 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:07 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
user-sync
nep.advangelists.com/xp/ Frame FA2F 		0
0
setuid
sync.quantumdex.io/ Frame FA2F
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPfd84152c-f3a4-11eb-825e-0688c0ee18ee
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfd84152c-f3a4-11eb-825e-0688c0ee18ee
43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfd84152c-f3a4-11eb-825e-0688c0ee18ee
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:12 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBXkFiPBQAlcvp9v9KNuKJT21UkIGrYwJPaQNq7SG0DeYcVcH2NDZ9AV5%2BeFC7fk11CdBwQqJlnDohpzm4Q%2BmLgamTk8KCxalR9%2F2MP5u7v1SOlT4c3mWpEMu3Cys6flvhZMHPLV4ShuATJu6TxSsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6788487b6b88d6fd-FRA
content-length
43

Redirect headers

Date
Mon, 02 Aug 2021 15:19:11 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPfd84152c-f3a4-11eb-825e-0688c0ee18ee
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame FA2F
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=6351de0ceb6ac9a01e361602
43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=6351de0ceb6ac9a01e361602
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3orbgKtOXeOJ%2BQjsoGbwiI9Es2B4bvDSqSrYAqFLAh9PfKVq5y71YMydMWGT9e7Vr20ivGp1dTJUMPtJUot0ZSOUZ%2FinKrxj3NLPz%2Fee%2Bmnwnjr621ul%2B6Vc2QDktJSchCwm6cly%2F6XaHWziu%2Bni%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
678848a8e98ad6fd-FRA
content-length
43

Redirect headers

Date
Mon, 02 Aug 2021 15:19:19 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=6351de0ceb6ac9a01e361602
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
1.gif
id5-sync.com/c/495/0/0/ Frame FA2F
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.75.146.200 , France, ASN16276 (OVH, FR),
Reverse DNS
p11.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 15:19:11 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Mon, 02 Aug 2021 15:19:11 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame FA2F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ASpw5vVE2uFa0kzu_qtwU3LiEn_HjyuKjB3ioRU-~A
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ASpw5vVE2uFa0kzu_qtwU3LiEn_HjyuKjB3ioRU-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:10 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPhJp%2F4QrzlHugimYisE1GhRP6ks7Fc5%2FNT1vZja5BoQZRuQ7mspFyX1GHn4yyDn3a0zIFDrrnDoE0xhLPPV6nshB7RBqBbMr%2FFxTA4m9Z7HuG8cjYw0eT2T%2FOKRVdyYw69ALsBuMzyHkm%2BLPZGqsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67884870da5cd6fd-FRA
content-length
43

Redirect headers

Date
Mon, 02 Aug 2021 15:19:10 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ASpw5vVE2uFa0kzu_qtwU3LiEn_HjyuKjB3ioRU-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame FA2F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6979629460396125427
43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6979629460396125427
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:07 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SupYCFfrYtWfyj0s3Jaw1jCghhMah771HFCfP8r%2BQbcw4GgX2jrJIcMHANycPoKESrlPhWZehLMBHGOIPOoriofuzvSgb9Dm6d0Ze2knCMzzTkfC042xNHhcX%2BHDlipC2h50GaFDbR2ZW4mOiHqMoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6788485cca5ad6fd-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:06 GMT
X-Proxy-Origin
82.102.19.124; 82.102.19.124; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
fdd191bb-924b-4010-8a25-31b4de1090a8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6979629460396125427
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 030C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
689c4e483188819672608cb06cb6560aea4e14296b02b3a74f429f7bb75c5631

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=1125; CMID=YQgM679bwsdCcAmCqTYwIgAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|45|241|39|8|195|111|196
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1753
Expires
Mon, 02 Aug 2021 15:19:07 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:07 GMT
Connection
keep-alive
Set-Cookie
CMID=YQgM679bwsdCcAmCqTYwIgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 15:19:07 GMT CMPS=1125;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 15:19:07 GMT CMPRO=1143;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 15:19:07 GMT CMST=YQgM62EIDOsA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 03 Aug 2021 15:19:07 GMT CMRUM3=f161080ceb05a0&c461080ceb05a0&2761080ceb0b40&6f61080ceb05a0&e661080ceb2760&0861080ceb05a00&c361080ceb05a00&2d61080ceb05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 15:19:07 GMT

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 02 Aug 2021 15:19:07 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:07 GMT
Connection
keep-alive
Set-Cookie
CMID=YQgM679bwsdCcAmCqTYwIgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 15:19:07 GMT CMPS=1125;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 15:19:07 GMT
Cookie set uc.html
sync.go.sonobi.com/ Frame D6E3 		43 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Mon, 02 Aug 2021 15:19:07 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s579|YQgM7; path=/; domain=.go.sonobi.com
/
onetag-sys.com/usync/ Frame 8423 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3AC7 		0
0
dcm
s.amazon-adsystem.com/ Frame EAE1 		0
0
crum
dsum-sec.casalemedia.com/ Frame EAE1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQgM679bwsdCcAmCqTYwIAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDtmUb9BpVlVv7IumP3Yazw&google_cver=1&gdpr=1
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDtmUb9BpVlVv7IumP3Yazw&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:07 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDtmUb9BpVlVv7IumP3Yazw&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame EAE1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQgM65m_RitZy6N1jRSiugAABHoAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YQgM65m_RitZy6N1jRSiugAABHoAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGtq4ZBUPVTu4zZTSJK5k1w&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGtq4ZBUPVTu4zZTSJK5k1w&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:08 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGtq4ZBUPVTu4zZTSJK5k1w&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame EAE1 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YQgM65m-RitZy6N1jRSiugAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:07 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame EAE1
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:15 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Mon, 02 Aug 2021 15:19:15 GMT
server
nginx/1.20.0
content-length
76
cm
cm.ctnsnet.com/int/ Frame EAE1 		0
0
CookieIndex
rtb.adentifi.com/ Frame EAE1 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.62.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
crum
dsum-sec.casalemedia.com/ Frame EAE1
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=b669caf3-5174-41fe-aecd-1e30f4fb8b25
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=b669caf3-5174-41fe-aecd-1e30f4fb8b25
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:15 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:13 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=b669caf3-5174-41fe-aecd-1e30f4fb8b25
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
setuid
sync.quantumdex.io/ Frame EAE1 		43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YQgM65m_RitZy6N1jRSiugAABHoAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:07 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2FlUJfhSFYHymqzQXAGpxD3qtkEiSRRFLVeT00VXOri2DKRheoVz9qG%2FE4M8wutonZGSKORFhGX91gO%2BgxfUfLtV3fFpZgDyalhyhZFWu8sumPfXPZfHbnXk6jIgNa0UaoGHoJhnuwGf52Cz8OKJHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6788485decced6fd-FRA
content-length
43
casale
match.adsrvr.org/track/cmf/ Frame 93FC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YQgM679bwsdCcAmCqTYwGwAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:07 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 93FC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQgM679bwsdCcAmCqTYwIAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDtmUb9BpVlVv7IumP3Yazw&google_cver=1&gdpr=1
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDtmUb9BpVlVv7IumP3Yazw&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:07 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDtmUb9BpVlVv7IumP3Yazw&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 93FC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQgM679bwsdCcAmCqTYwGwAABH0AAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YQgM679bwsdCcAmCqTYwGwAABH0AAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG-MtrIrquHMjqAxRvyEsnw&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG-MtrIrquHMjqAxRvyEsnw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:08 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG-MtrIrquHMjqAxRvyEsnw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 93FC 		0
0
crum
dsum-sec.casalemedia.com/ Frame 93FC
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=3E90CDE22B8746A69F1AB1429FD30F1C&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=3E90CDE22B8746A69F1AB1429FD30F1C&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:15 GMT

Redirect headers

date
Mon, 02 Aug 2021 15:19:12 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=3E90CDE22B8746A69F1AB1429FD30F1C&gdpr=1
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Sun, 01 Aug 2021 15:19:12 GMT
user-sync
nep.advangelists.com/xp/ Frame 93FC 		0
0
ping_match.gif
pm.w55c.net/ Frame 93FC 		0
0
crum
dsum-sec.casalemedia.com/ Frame 93FC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=fc3e6108-0cf6-4100-89e8-4857afe7ca46&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=fc3e6108-0cf6-4100-89e8-4857afe7ca46&gdpr=1&gdpr_consent=&C=1
43 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=fc3e6108-0cf6-4100-89e8-4857afe7ca46&gdpr=1&gdpr_consent=&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:19 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=fc3e6108-0cf6-4100-89e8-4857afe7ca46&gdpr=1&gdpr_consent=&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
328
Expires
Mon, 02 Aug 2021 15:19:19 GMT
setuid
sync.quantumdex.io/ Frame 93FC 		43 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YQgM679bwsdCcAmCqTYwGwAABH0AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:07 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4Lv%2F96VkBw6hyLeG4g3MuX4mP8D2iHQ%2BAi5h4B8pA5T1xjCuc0KjU6FAEEn5jmJbQqykdgD8qMjLZgCqwn3sx4vWhcVAAxV4%2FEFIY8ntZcpNiXXQsCftGh1jrwsVFWG%2BrAtfC%2F7N9hji5VvUiXl0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6788485dfcdfd6fd-FRA
content-length
43
usermatchredir
ssum-sec.casalemedia.com/ Frame C97F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQgM679bwsdCcAmCqTYwIAAABJUAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YQgM679bwsdCcAmCqTYwIAAABJUAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEzWtfriwAk7ICmZvhtKUBk&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEzWtfriwAk7ICmZvhtKUBk&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:08 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEzWtfriwAk7ICmZvhtKUBk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C97F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQgM679bwsdCcAmCqTYwIAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDtmUb9BpVlVv7IumP3Yazw&google_cver=1&gdpr=1
43 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDtmUb9BpVlVv7IumP3Yazw&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:07 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDtmUb9BpVlVv7IumP3Yazw&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame C97F 		0
0
casale
match.adsrvr.org/track/cmf/ Frame C97F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YQgM679bwsdCcAmCqTYwIAAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:07 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame C97F
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=1c4b32bf-7965-4a6c-a129-6b4d1b0ccf44&expiration=1659453559
43 B
954 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=1c4b32bf-7965-4a6c-a129-6b4d1b0ccf44&expiration=1659453559
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:19 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=1c4b32bf-7965-4a6c-a129-6b4d1b0ccf44&expiration=1659453559
date
Mon, 02 Aug 2021 15:19:19 GMT
server
Kestrel
content-length
0
bridge
cm.adgrx.com/ Frame C97F 		0
0
crum
dsum-sec.casalemedia.com/ Frame C97F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=787d6108-0cf6-4900-9315-6560708917aa&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=787d6108-0cf6-4900-9315-6560708917aa&gdpr=1&gdpr_consent=&C=1
43 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=787d6108-0cf6-4900-9315-6560708917aa&gdpr=1&gdpr_consent=&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:19 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=787d6108-0cf6-4900-9315-6560708917aa&gdpr=1&gdpr_consent=&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
328
Expires
Mon, 02 Aug 2021 15:19:19 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame C97F 		0
0
setuid
sync.quantumdex.io/ Frame C97F 		43 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YQgM679bwsdCcAmCqTYwIAAABJUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:07 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnO1j%2BKYa453P%2FUI0kNZ09ZkFbZW%2FruEycOuyYHG7Q%2BzEHLcWZkZZeX7xLAp6J3RkISRup6zIPSd5hl%2Bs5sjFBcx1kCs7oxt5a2SrO6521OipYmvll3mZ25ild7RJ4%2FIndM%2B0k1fQhpqcElRd0iESA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6788485dfcead6fd-FRA
content-length
43
usermatchredir
ssum-sec.casalemedia.com/ Frame 030C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQgM679bwsdCcAmCqTYwIgAABHcAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YQgM679bwsdCcAmCqTYwIgAABHcAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENmAlUR34MJ-6JhwNKBczr0&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENmAlUR34MJ-6JhwNKBczr0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:08 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENmAlUR34MJ-6JhwNKBczr0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 030C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQgM679bwsdCcAmCqTYwIgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDtmUb9BpVlVv7IumP3Yazw&google_cver=1&gdpr=1
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDtmUb9BpVlVv7IumP3Yazw&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:07 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDtmUb9BpVlVv7IumP3Yazw&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 030C 		0
0
casale
match.adsrvr.org/track/cmf/ Frame 030C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YQgM679bwsdCcAmCqTYwIgAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:07 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 030C
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=05fd1016-7964-42f5-b61c-403c517e5a63&expiration=1659453559
43 B
954 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=05fd1016-7964-42f5-b61c-403c517e5a63&expiration=1659453559
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:19 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=05fd1016-7964-42f5-b61c-403c517e5a63&expiration=1659453559
date
Mon, 02 Aug 2021 15:19:19 GMT
server
Kestrel
content-length
0
user-sync
nep.advangelists.com/xp/ Frame 030C 		0
0
match
c1.adform.net/serving/cookie/ Frame 030C 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:11 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 030C
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:11 GMT

Redirect headers

date
Mon, 02 Aug 2021 15:19:11 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
setuid
sync.quantumdex.io/ Frame 030C 		43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YQgM679bwsdCcAmCqTYwIgAABHcAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:07 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMrkWAMxHsItk3RQhP73cCQhdR6zGYHWFjrzr3pJjKsAE2ITYbJ82Qf%2B95hwG4GP%2BbhF8DsZpWTMXvbREK6O64if1RcgExCkLrlA1kTe4%2FhlcOxU20%2B9rrYukC7meR%2FF9pYp%2BNmer487rtYW4hjEeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6788485e1d1ad6fd-FRA
content-length
43
dc_oe=ChMIxbLyt9GS8gIVwcPeCh3msgF7EAAYACCshPVIOhoIvrHApwEQjq2woccDGL6x2t0DINjWtv7-DUITCJj6t7fRkvICFYHAEQgdcDwMDA;dc_rmcid=CAASFeRo5_QcmmQlCCtYZmJmklTYZf4dxw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D902%26c...
ade.googlesyndication.com/ddm/activity/ Frame 71D1 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxbLyt9GS8gIVwcPeCh3msgF7EAAYACCshPVIOhoIvrHApwEQjq2woccDGL6x2t0DINjWtv7-DUITCJj6t7fRkvICFYHAEQgdcDwMDA;dc_rmcid=CAASFeRo5_QcmmQlCCtYZmJmklTYZf4dxw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D902%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D2072,0,0,0,0%26mtos%3D2072,2072,2072,2072,2072%26amtos%3D0,0,0,0,0%26mcvt%3D2072%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2354%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D43%26pst%3D0%26dur%3D15018%26vmtime%3D2375%26dtos%3D2072%26dtoss%3D1%26dvs%3D2072%26dfvs%3D2072%26dvpt%3D2354%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103%26avms%3Dnio%26qi%3D367631237%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200103c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2072;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1627917545179;ecn1=1;etm1=0;eid1=200000;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 71D1 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudIRHFEBJtu0F-YFbETyVGm3QvzZ0EOhA0ea_K510m5_GF5Qc0DcCNYawmz4cCvZYF636A9WpWrIb-Xd3D5k6lK64hMxyXGSLikCoPPM9AxjZHa4BqyqYDTJkuaw&sai=AMfl-YTmeCEgdMNukRbsMcB2MgKxkuUDPr0gvQ74jXjDLhf7tkY92V4LYOELx2LROIAYQSSIXU6ioUbrIhg2UOf-6uLTtkELre8El3kCRpOdMeqMkyOUNwUOh49AjfPEJRQ&sig=Cg0ArKJSzOP1nGU741NXEAE&cid=CAASFeRo5_QcmmQlCCtYZmJmklTYZf4dxw&id=lidarv&acvw=sv%3D902%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D2072,0,0,0,0%26mtos%3D2072,2072,2072,2072,2072%26amtos%3D0,0,0,0,0%26mcvt%3D2072%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2354%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D43%26pst%3D0%26dur%3D15018%26vmtime%3D2375%26dtos%3D2072%26dtoss%3D1%26dvs%3D2072%26dfvs%3D2072%26dvpt%3D2354%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103%26avms%3Dnio%26qi%3D367631237%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200103c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2072&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1627917545179
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI2r_yt9GS8gIVLLpRCh3BMQBlEAAYACCshPVIOhoIvrHApwEQjq2woccDGL6x2t0DINjWtv7-DUITCJf6t7fRkvICFYHAEQgdcDwMDA;dc_rmcid=CAASFeRozdkzQafNlj9gUDiOR91TUChbxw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D902%26c...
ade.googlesyndication.com/ddm/activity/ Frame 706A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2r_yt9GS8gIVLLpRCh3BMQBlEAAYACCshPVIOhoIvrHApwEQjq2woccDGL6x2t0DINjWtv7-DUITCJf6t7fRkvICFYHAEQgdcDwMDA;dc_rmcid=CAASFeRozdkzQafNlj9gUDiOR91TUChbxw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D902%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D2043,0,0,0,0%26mtos%3D2043,2043,2043,2043,2043%26amtos%3D0,0,0,0,0%26mcvt%3D2043%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2269%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D32%26pst%3D0%26dur%3D15018%26vmtime%3D2298%26dtos%3D2043%26dtoss%3D1%26dvs%3D2043%26dfvs%3D2043%26dvpt%3D2269%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103%26avms%3Dnio%26qi%3D91181791%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200103c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2043;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1627917545365;ecn1=1;etm1=0;eid1=200000;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 706A 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOsa5nLG5hedf2LS_8ywWBpfDzdERCL-CZbAMQz9KlQgGtw2w9T4QF46Q5CPfr04bKhryPVF1Fe1JgH3xF3RW-KZYnxtAfOMl_hjDKmz_BDXx_alfpZNDoibrK_Q&sai=AMfl-YRaRauJ9jIpulW_bkphea5wd4x45uhLhR2Uz8WwyL5g-4-8wVAUIfSqK6VJLUlQJZNMZUdy_BVqQr8faW0UkzG7PRChpo-3mR8Z4NtUbvEOyiFyCKBWnICK4tbHAVc&sig=Cg0ArKJSzFalKj2aL2WcEAE&cid=CAASFeRozdkzQafNlj9gUDiOR91TUChbxw&id=lidarv&acvw=sv%3D902%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D2043,0,0,0,0%26mtos%3D2043,2043,2043,2043,2043%26amtos%3D0,0,0,0,0%26mcvt%3D2043%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2269%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D32%26pst%3D0%26dur%3D15018%26vmtime%3D2298%26dtos%3D2043%26dtoss%3D1%26dvs%3D2043%26dfvs%3D2043%26dvpt%3D2269%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200103%26avms%3Dnio%26qi%3D91181791%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200103c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2043&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1627917545365
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIxbLyt9GS8gIVwcPeCh3msgF7EAAYACCshPVIOhoIvrHApwEQjq2woccDGL6x2t0DINjWtv7-DUITCJj6t7fRkvICFYHAEQgdcDwMDA;dc_rmcid=CAASFeRo5_QcmmQlCCtYZmJmklTYZf4dxw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D902%26c...
ade.googlesyndication.com/ddm/activity/ Frame 71D1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxbLyt9GS8gIVwcPeCh3msgF7EAAYACCshPVIOhoIvrHApwEQjq2woccDGL6x2t0DINjWtv7-DUITCJj6t7fRkvICFYHAEQgdcDwMDA;dc_rmcid=CAASFeRo5_QcmmQlCCtYZmJmklTYZf4dxw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D902%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D3656,0,0,0,0%26mtos%3D3656,3656,3656,3656,3656%26amtos%3D0,0,0,0,0%26mcvt%3D3656%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3938%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D45%26pst%3D0%26dur%3D15018%26vmtime%3D3960%26dtos%3D1584%26dtoss%3D2%26dvs%3D1584%26dfvs%3D1584%26dvpt%3D1584%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3656,3656,3656,3656,3656%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103%26avms%3Dnio%26qi%3D367631237%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200103c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,3656;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1627917545179;ecn1=1;etm1=0;eid1=960584;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 71D1 		42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CdwEq5wwIYdjqOIGBx_AP8PiwYJPIteZj2Na2_v4N18eivcABEAEguMOVAmC5-MeA3AGgAemB3dgCyAEFqQJKtF6No--zPqgDAcgDmwSqBPMBT9AXUMH2ip8BXj_pER0xqcYnrKsf4tQwvmt0cPVFEY7xwHtthR0lTf1VMfGGhyHSTeX9RCKEEzuFjkGVRp3_wBwW7-JswN703ccVqrqVQCHYxgPdufzJyD36fE_n0KWIRbAAsj5MFjvod2sY-QR0QXtshtSYBHonEap3kSWjbAI-ZeVxHRMo70E_mc5se8yv6CCCcaRzPDKhnXamn2z5uAA3TNK0AinFRAeEg6Inhcu2dVRrIYuFFsQrCIVA_Ji87fQvJczDAyGzDnNXhnCc00Kt2pC-O5RBI-ku-AJirMTwtfUdoldI4zeDlFoJAw1ACvWpwASOrbChxwPgBAOQBgGgBnaAB__9oqcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoByAsB4AsBgAwBsBOyzIkMyBO-sdrdA9ATANgTCogUAtgUAdAVAYAXAQ&sigh=h3EF9bS9aJE&label=videoplaytime25&ad_mt=3960&acvw=sv%3D902%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D3656,0,0,0,0%26mtos%3D3656,3656,3656,3656,3656%26amtos%3D0,0,0,0,0%26mcvt%3D3656%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3938%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D45%26pst%3D0%26dur%3D15018%26vmtime%3D3960%26dtos%3D1584%26dtoss%3D2%26dvs%3D1584%26dfvs%3D1584%26dvpt%3D1584%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3656,3656,3656,3656,3656%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103%26avms%3Dnio%26qi%3D367631237%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200103c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,3656&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1627917545179
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI2r_yt9GS8gIVLLpRCh3BMQBlEAAYACCshPVIOhoIvrHApwEQjq2woccDGL6x2t0DINjWtv7-DUITCJf6t7fRkvICFYHAEQgdcDwMDA;dc_rmcid=CAASFeRozdkzQafNlj9gUDiOR91TUChbxw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D902%26c...
ade.googlesyndication.com/ddm/activity/ Frame 706A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2r_yt9GS8gIVLLpRCh3BMQBlEAAYACCshPVIOhoIvrHApwEQjq2woccDGL6x2t0DINjWtv7-DUITCJf6t7fRkvICFYHAEQgdcDwMDA;dc_rmcid=CAASFeRozdkzQafNlj9gUDiOR91TUChbxw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D902%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D3698,0,0,0,0%26mtos%3D3698,3698,3698,3698,3698%26amtos%3D0,0,0,0,0%26mcvt%3D3698%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3924%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D34%26pst%3D0%26dur%3D15018%26vmtime%3D3955%26dtos%3D1655%26dtoss%3D2%26dvs%3D1655%26dfvs%3D1655%26dvpt%3D1655%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3698,3698,3698,3698,3698%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103%26avms%3Dnio%26qi%3D91181791%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200103c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,3698;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1627917545365;ecn1=1;etm1=0;eid1=960584;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 706A 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGNWy5wwIYdfqOIGBx_AP8PiwYJPIteZj2Na2_v4N18eivcABEAEguMOVAmC5-MeA3AGgAemB3dgCyAEFqQJKtF6No--zPqgDAcgDmwSqBPMBT9BmY44mjzhSK_rZzMlEfEJbn_H15iaFGhIULKUqeiTTPhqdgr7z4g6wUSN1qQ10fu2f1IHYajwf935OVYvDT5JpvFG_MiK_EyK7ech3hq_hZyr5h5UBn4nCqL-74eesQaD3pn45slyALcFZ9oIPulxuntDTCT2CN53zwnycmb37rE1OUSWlmkcECc_NNAXQp_YRdYg2Lb-JUkI7ww4ssv7BksHI-pTV-Fo7agcpPakr2SiruVmoCmGxSU4YiAqcNjp-go8cwiWY9qB5KjPtrNHKGmMy87eSZrlzh4f6kwcqsmP8GsoBRoW45yjcOMqqig6NwASOrbChxwPgBAOQBgGgBnaAB__9oqcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoByAsB4AsBgAwBsBOyzIkMyBO-sdrdA9ATANgTCogUAtgUAdAVAYAXAQ&sigh=4pUthp-_g5k&label=videoplaytime25&ad_mt=3956&acvw=sv%3D902%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D3698,0,0,0,0%26mtos%3D3698,3698,3698,3698,3698%26amtos%3D0,0,0,0,0%26mcvt%3D3698%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3924%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D34%26pst%3D0%26dur%3D15018%26vmtime%3D3955%26dtos%3D1655%26dtoss%3D2%26dvs%3D1655%26dfvs%3D1655%26dvpt%3D1655%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3698,3698,3698,3698,3698%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103%26avms%3Dnio%26qi%3D91181791%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200103c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,3698&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1627917545365
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 8961
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e94e6f069cf76b214f52c46205d344132dc0553fc404def984d4b7c636a2b9c4

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YQgM78BOTUOAFbZELY3mzAAA; CMPS=1125
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|241|45|230|176|218|190|47
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1813
Expires
Mon, 02 Aug 2021 15:19:11 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:11 GMT
Connection
keep-alive
Set-Cookie
CMID=YQgM78BOTUOAFbZELY3mzAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 15:19:11 GMT CMPS=1125;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 15:19:11 GMT CMPRO=1188;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 15:19:11 GMT CMRUM3=da61080cef2760&2761080cef0b40&b061080cef05a00&f161080cef05a0&2f61080cef05a0&be61080cef05a0&2d61080cef05a0&e661080cef2760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 15:19:11 GMT CMST=YQgM72EIDO8A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 03 Aug 2021 15:19:11 GMT

Redirect headers

Server
Apache
Content-Length
371
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 02 Aug 2021 15:19:11 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:11 GMT
Connection
keep-alive
Set-Cookie
CMID=YQgM78BOTUOAFbZELY3mzAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 15:19:11 GMT CMPS=1125;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 15:19:11 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame BA5F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c1be583366039e73c8e48a908037b2affa67c4f7a1d4dbf3011086bc260ff4b

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=1125; CMID=YQgM7wlFKlWrvDsRLyIriwAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|45|230|39|90|105|3|8
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1768
Expires
Mon, 02 Aug 2021 15:19:11 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:11 GMT
Connection
keep-alive
Set-Cookie
CMID=YQgM7wlFKlWrvDsRLyIriwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 15:19:11 GMT CMPS=1125;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 15:19:11 GMT CMPRO=1123;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 15:19:11 GMT CMST=YQgM72EIDO8A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 03 Aug 2021 15:19:11 GMT CMRUM3=2761080cef0b40&f161080cef05a0&2d61080cef05a0&5a61080cef05a0&0861080cef05a00&0361080cef05a0&e661080cef2760&6961080cef05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 15:19:11 GMT

Redirect headers

Server
Apache
Content-Length
371
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 02 Aug 2021 15:19:11 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:11 GMT
Connection
keep-alive
Set-Cookie
CMID=YQgM7wlFKlWrvDsRLyIriwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 15:19:11 GMT CMPS=1125;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 15:19:11 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame E06F 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5d7bb9a5b4001fd6865f6f780c6628f36ad2e609c6e51c99dfddd4a1f8301868

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YQgM78BOTUOAFbZELY3mzAAA; CMPS=1125
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|45|230|39|221|73|13|41
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1891
Expires
Mon, 02 Aug 2021 15:19:11 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:11 GMT
Connection
keep-alive
Set-Cookie
CMID=YQgM78BOTUOAFbZELY3mzAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 15:19:11 GMT CMPS=1125;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 15:19:11 GMT CMPRO=1188;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 15:19:11 GMT CMST=YQgM72EIDO8A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 03 Aug 2021 15:19:11 GMT CMRUM3=e661080cef2760&dd61080cef2760&2961080cef05a0&0d61080cef05a0&2d61080cef05a0&f161080cef05a0&2761080cef0b40&4961080cef05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 15:19:11 GMT
casale
match.adsrvr.org/track/cmf/ Frame 8961 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YQgM78BOTUOAFbZELY3mzAAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:11 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 8961 		0
0
crum
dsum-sec.casalemedia.com/ Frame 8961
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQgM78BOTUOAFbZELY3mzAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENXKpeFBgKvdRM9xQIBJn0Q&google_cver=1&gdpr=1
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENXKpeFBgKvdRM9xQIBJn0Q&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:15 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENXKpeFBgKvdRM9xQIBJn0Q&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 8961
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQgM78BOTUOAFbZELY3mzAAABKQAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YQgM78BOTUOAFbZELY3mzAAABKQAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEIGydzzdOzCYgfGuIGalvzI&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEIGydzzdOzCYgfGuIGalvzI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:12 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEIGydzzdOzCYgfGuIGalvzI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
113
match.deepintent.com/usersync/ Frame 8961 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:14 GMT
content-length
0
server
b
ibs:dpid=23728&dpuuid=YQgM78BOTUOAFbZELY3mzAAA%261188
dpm.demdex.net/ Frame 8961 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YQgM78BOTUOAFbZELY3mzAAA%261188?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.168.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
getuid
ib.adnxs.com/ Frame 8961 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ping_match.gif
pm.w55c.net/ Frame 8961 		0
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 8961 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YQgM78BOTUOAFbZELY3mzAAA%261188?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 15:19:13 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1533
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:44:46 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 5D0A 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4d31a7665b8c3d094c12c249e7c9753bd178ba8aa481c0db230b24daf7876d5f

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=1125; CMID=YQgM78BOTUOAFbZELY3mzAAA; CMPRO=1188; CMRUM3=da61080cef2760&2761080cef0b40&b061080cef05a00&f161080cef05a0&2f61080cef05a0&be61080cef05a0&2d61080cef05a0&e661080cef2760; CMST=YQgM72EIDO8A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|206|3|8|31|4|188
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1560
Expires
Mon, 02 Aug 2021 15:19:11 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:11 GMT
Connection
keep-alive
Set-Cookie
CMID=YQgM78BOTUOAFbZELY3mzAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 15:19:11 GMT CMPS=1125;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 15:19:11 GMT CMPRO=1188;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 15:19:11 GMT CMRUM3=b061080cef05a00&f161080cef05a0&da61080cef2760&4961080cef05a0&2e61080cef05a0&0361080cef05a0&e661080cef2760&2f61080cef05a0&1f61080cef05a00&2d61080cef05a0&bc61080cef05a00&ce61080cef05a0&2761080cef0b40&0461080cef05a0&be61080cef05a0&0861080cef05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 15:19:11 GMT
dcm
s.amazon-adsystem.com/ Frame E06F 		0
0
crum
dsum-sec.casalemedia.com/ Frame E06F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQgM78BOTUOAFbZELY3mzAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENXKpeFBgKvdRM9xQIBJn0Q&google_cver=1&gdpr=1
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENXKpeFBgKvdRM9xQIBJn0Q&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:15 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENXKpeFBgKvdRM9xQIBJn0Q&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame E06F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQgM78BOTUOAFbZELY3mzAAABKQAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBHkNsDqJgOuWOHO-liPJ1M&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBHkNsDqJgOuWOHO-liPJ1M&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:12 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBHkNsDqJgOuWOHO-liPJ1M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame E06F 		0
0
tpid=YQgM78BOTUOAFbZELY3mzAAA%261188
bcp.crwdcntrl.net/map/c=6725/tp=INDX/ Frame E06F 		0
0
YQgM78BOTUOAFbZELY3mzAAABKQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E06F 		43 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YQgM78BOTUOAFbZELY3mzAAABKQAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:12 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
indexexchange
sync.adotmob.com/cookie/ Frame E06F 		0
0
bridge
cm.adgrx.com/ Frame E06F 		0
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame E06F 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YQgM78BOTUOAFbZELY3mzAAA%261188?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 15:19:13 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1533
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:44:46 GMT
dcm
s.amazon-adsystem.com/ Frame BA5F 		0
0
crum
dsum-sec.casalemedia.com/ Frame BA5F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQgM7wlFKlWrvDsRLyIriwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENXKpeFBgKvdRM9xQIBJn0Q&google_cver=1&gdpr=1
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENXKpeFBgKvdRM9xQIBJn0Q&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:15 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENXKpeFBgKvdRM9xQIBJn0Q&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame BA5F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQgM7wlFKlWrvDsRLyIriwAABGMAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECeSBF5uvpyhd4W1ZIPGDrI&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECeSBF5uvpyhd4W1ZIPGDrI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:12 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECeSBF5uvpyhd4W1ZIPGDrI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame BA5F 		0
0
crum
dsum-sec.casalemedia.com/ Frame BA5F
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F6C920E14DD5447B8ED663176CD22F03&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F6C920E14DD5447B8ED663176CD22F03&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:15 GMT

Redirect headers

date
Mon, 02 Aug 2021 15:19:12 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F6C920E14DD5447B8ED663176CD22F03&gdpr=1
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Sun, 01 Aug 2021 15:19:12 GMT
crum
dsum-sec.casalemedia.com/ Frame BA5F
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:15 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Mon, 02 Aug 2021 15:19:15 GMT
server
nginx/1.20.0
content-length
76
crum
dsum-sec.casalemedia.com/ Frame BA5F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9ca86108-0cf6-4800-bfd9-75bcdbe3c8e1&gdpr=1&gdpr_consent=
43 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9ca86108-0cf6-4800-bfd9-75bcdbe3c8e1&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:19 GMT

Redirect headers

Date
Mon, 02 Aug 2021 15:19:19 GMT
Server
MT3 3810 5cb7d7e master zrh-pixel-x14
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9ca86108-0cf6-4800-bfd9-75bcdbe3c8e1&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 02 Aug 2021 15:19:18 GMT
crum
dsum-sec.casalemedia.com/ Frame BA5F
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=2e4f4a36-b1b5-495b-a8c2-d1957d274cc1&expiration=1659453559
43 B
954 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=2e4f4a36-b1b5-495b-a8c2-d1957d274cc1&expiration=1659453559
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:19 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=2e4f4a36-b1b5-495b-a8c2-d1957d274cc1&expiration=1659453559
date
Mon, 02 Aug 2021 15:19:19 GMT
server
Kestrel
content-length
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame BA5F 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YQgM7wlFKlWrvDsRLyIriwAA%261123?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 15:19:13 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1533
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:44:46 GMT
getuid
secure.adnxs.com/ Frame 5D0A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
YQgM78BOTUOAFbZELY3mzAAABKQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5D0A 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YQgM78BOTUOAFbZELY3mzAAABKQAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 15:19:12 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame 5D0A 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YQgM78BOTUOAFbZELY3mzAAABKQAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 15:19:13 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 5D0A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=454f6108-0cf6-4800-bb63-f706538680e8&gdpr=1&gdpr_consent=
43 B
903 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=454f6108-0cf6-4800-bb63-f706538680e8&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:19 GMT

Redirect headers

Date
Mon, 02 Aug 2021 15:19:19 GMT
Server
MT3 3810 5cb7d7e master zrh-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=454f6108-0cf6-4800-bb63-f706538680e8&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 02 Aug 2021 15:19:18 GMT
crum
dsum-sec.casalemedia.com/ Frame 5D0A
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=afeceb3b-23b8-4642-9e24-ffb06c3360fb&expiration=1659453559
43 B
954 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=afeceb3b-23b8-4642-9e24-ffb06c3360fb&expiration=1659453559
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:19 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=afeceb3b-23b8-4642-9e24-ffb06c3360fb&expiration=1659453559
date
Mon, 02 Aug 2021 15:19:19 GMT
server
Kestrel
content-length
0
noop
px.owneriq.net/ Frame 5D0A
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6812039521422700970&uid=Q6812039521422700970&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 15:19:13 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Mon, 02 Aug 2021 15:19:13 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 5D0A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3822592058279628007
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3822592058279628007
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 15:19:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:19:15 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3822592058279628007
pragma
no-cache
date
Mon, 02 Aug 2021 15:19:11 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
CookieIndex
rtb.adentifi.com/ Frame 5D0A 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.62.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 5D0A 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YQgM78BOTUOAFbZELY3mzAAA%261188?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://sports.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 15:19:13 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1533
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Aug 2021 15:44:46 GMT
dc_oe=ChMIxbLyt9GS8gIVwcPeCh3msgF7EAAYACCshPVIOhoIvrHApwEQjq2woccDGL6x2t0DINjWtv7-DUITCJj6t7fRkvICFYHAEQgdcDwMDA;dc_rmcid=CAASFeRo5_QcmmQlCCtYZmJmklTYZf4dxw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D902%26c...
ade.googlesyndication.com/ddm/activity/ Frame 71D1 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxbLyt9GS8gIVwcPeCh3msgF7EAAYACCshPVIOhoIvrHApwEQjq2woccDGL6x2t0DINjWtv7-DUITCJj6t7fRkvICFYHAEQgdcDwMDA;dc_rmcid=CAASFeRo5_QcmmQlCCtYZmJmklTYZf4dxw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D902%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D7401,0,0,0,0%26mtos%3D7401,7401,7401,7401,7401%26amtos%3D0,0,0,0,0%26mcvt%3D7401%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7683%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D50%26pst%3D0%26dur%3D15018%26vmtime%3D7710%26dtos%3D3745%26dtoss%3D3%26dvs%3D3745%26dfvs%3D3745%26dvpt%3D3745%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3745,3745,3745,3745,3745%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103%26avms%3Dnio%26qi%3D367631237%26psm%3D255%26psv%3D254%26psfv%3D254%26psa%3D0%26pngs%3D9s,14,200103c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,7401;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1627917545179;ecn1=1;etm1=0;eid1=18;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 71D1 		42 B
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CdwEq5wwIYdjqOIGBx_AP8PiwYJPIteZj2Na2_v4N18eivcABEAEguMOVAmC5-MeA3AGgAemB3dgCyAEFqQJKtF6No--zPqgDAcgDmwSqBPMBT9AXUMH2ip8BXj_pER0xqcYnrKsf4tQwvmt0cPVFEY7xwHtthR0lTf1VMfGGhyHSTeX9RCKEEzuFjkGVRp3_wBwW7-JswN703ccVqrqVQCHYxgPdufzJyD36fE_n0KWIRbAAsj5MFjvod2sY-QR0QXtshtSYBHonEap3kSWjbAI-ZeVxHRMo70E_mc5se8yv6CCCcaRzPDKhnXamn2z5uAA3TNK0AinFRAeEg6Inhcu2dVRrIYuFFsQrCIVA_Ji87fQvJczDAyGzDnNXhnCc00Kt2pC-O5RBI-ku-AJirMTwtfUdoldI4zeDlFoJAw1ACvWpwASOrbChxwPgBAOQBgGgBnaAB__9oqcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoByAsB4AsBgAwBsBOyzIkMyBO-sdrdA9ATANgTCogUAtgUAdAVAYAXAQ&sigh=h3EF9bS9aJE&label=videoplaytime50&ad_mt=7710&acvw=sv%3D902%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D7401,0,0,0,0%26mtos%3D7401,7401,7401,7401,7401%26amtos%3D0,0,0,0,0%26mcvt%3D7401%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7683%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D50%26pst%3D0%26dur%3D15018%26vmtime%3D7710%26dtos%3D3745%26dtoss%3D3%26dvs%3D3745%26dfvs%3D3745%26dvpt%3D3745%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3745,3745,3745,3745,3745%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103%26avms%3Dnio%26qi%3D367631237%26psm%3D255%26psv%3D254%26psfv%3D254%26psa%3D0%26pngs%3D9s,14,200103c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,7401&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1627917545179
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI2r_yt9GS8gIVLLpRCh3BMQBlEAAYACCshPVIOhoIvrHApwEQjq2woccDGL6x2t0DINjWtv7-DUITCJf6t7fRkvICFYHAEQgdcDwMDA;dc_rmcid=CAASFeRozdkzQafNlj9gUDiOR91TUChbxw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D902%26c...
ade.googlesyndication.com/ddm/activity/ Frame 706A 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2r_yt9GS8gIVLLpRCh3BMQBlEAAYACCshPVIOhoIvrHApwEQjq2woccDGL6x2t0DINjWtv7-DUITCJf6t7fRkvICFYHAEQgdcDwMDA;dc_rmcid=CAASFeRozdkzQafNlj9gUDiOR91TUChbxw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D902%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D7440,0,0,0,0%26mtos%3D7440,7440,7440,7440,7440%26amtos%3D0,0,0,0,0%26mcvt%3D7440%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7666%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D0%26dur%3D15018%26vmtime%3D7705%26dtos%3D3742%26dtoss%3D3%26dvs%3D3742%26dfvs%3D3742%26dvpt%3D3742%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3742,3742,3742,3742,3742%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103%26avms%3Dnio%26qi%3D91181791%26psm%3D255%26psv%3D254%26psfv%3D254%26psa%3D0%26pngs%3D9s,14,200103c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,7440;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1627917545365;ecn1=1;etm1=0;eid1=18;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 706A 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGNWy5wwIYdfqOIGBx_AP8PiwYJPIteZj2Na2_v4N18eivcABEAEguMOVAmC5-MeA3AGgAemB3dgCyAEFqQJKtF6No--zPqgDAcgDmwSqBPMBT9BmY44mjzhSK_rZzMlEfEJbn_H15iaFGhIULKUqeiTTPhqdgr7z4g6wUSN1qQ10fu2f1IHYajwf935OVYvDT5JpvFG_MiK_EyK7ech3hq_hZyr5h5UBn4nCqL-74eesQaD3pn45slyALcFZ9oIPulxuntDTCT2CN53zwnycmb37rE1OUSWlmkcECc_NNAXQp_YRdYg2Lb-JUkI7ww4ssv7BksHI-pTV-Fo7agcpPakr2SiruVmoCmGxSU4YiAqcNjp-go8cwiWY9qB5KjPtrNHKGmMy87eSZrlzh4f6kwcqsmP8GsoBRoW45yjcOMqqig6NwASOrbChxwPgBAOQBgGgBnaAB__9oqcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoByAsB4AsBgAwBsBOyzIkMyBO-sdrdA9ATANgTCogUAtgUAdAVAYAXAQ&sigh=4pUthp-_g5k&label=videoplaytime50&ad_mt=7706&acvw=sv%3D902%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D7440,0,0,0,0%26mtos%3D7440,7440,7440,7440,7440%26amtos%3D0,0,0,0,0%26mcvt%3D7440%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7666%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D0%26dur%3D15018%26vmtime%3D7705%26dtos%3D3742%26dtoss%3D3%26dvs%3D3742%26dfvs%3D3742%26dvpt%3D3742%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3742,3742,3742,3742,3742%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103%26avms%3Dnio%26qi%3D91181791%26psm%3D255%26psv%3D254%26psfv%3D254%26psa%3D0%26pngs%3D9s,14,200103c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,7440&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1627917545365
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIwpqAuNGS8gIVk8F3Ch2ECQt7EAAYACC979JJQhMI0prot9GS8gIV86zeCh042QJd;met=1;&timestamp=1627917556146;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame BFAD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIwpqAuNGS8gIVk8F3Ch2ECQt7EAAYACC979JJQhMI0prot9GS8gIV86zeCh042QJd;met=1;&timestamp=1627917556146;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIxbLyt9GS8gIVwcPeCh3msgF7EAAYACCshPVIOhoIvrHApwEQjq2woccDGL6x2t0DINjWtv7-DUITCJj6t7fRkvICFYHAEQgdcDwMDA;dc_rmcid=CAASFeRo5_QcmmQlCCtYZmJmklTYZf4dxw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D902%26c...
ade.googlesyndication.com/ddm/activity/ Frame 71D1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxbLyt9GS8gIVwcPeCh3msgF7EAAYACCshPVIOhoIvrHApwEQjq2woccDGL6x2t0DINjWtv7-DUITCJj6t7fRkvICFYHAEQgdcDwMDA;dc_rmcid=CAASFeRo5_QcmmQlCCtYZmJmklTYZf4dxw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D902%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D11147,0,0,0,0%26mtos%3D11147,11147,11147,11147,11147%26amtos%3D0,0,0,0,0%26mcvt%3D11147%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11429%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D55%26pst%3D0%26dur%3D15018%26vmtime%3D11460%26dtos%3D3746%26dtoss%3D4%26dvs%3D3746%26dfvs%3D3746%26dvpt%3D3746%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3746,3746,3746,3746,3746%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103%26avms%3Dnio%26qi%3D367631237%26psm%3D4095%26psv%3D4094%26psfv%3D4094%26psa%3D0%26pngs%3D9s,14,200103c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,11147;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1627917545179;ecn1=1;etm1=0;eid1=960585;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 71D1 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CdwEq5wwIYdjqOIGBx_AP8PiwYJPIteZj2Na2_v4N18eivcABEAEguMOVAmC5-MeA3AGgAemB3dgCyAEFqQJKtF6No--zPqgDAcgDmwSqBPMBT9AXUMH2ip8BXj_pER0xqcYnrKsf4tQwvmt0cPVFEY7xwHtthR0lTf1VMfGGhyHSTeX9RCKEEzuFjkGVRp3_wBwW7-JswN703ccVqrqVQCHYxgPdufzJyD36fE_n0KWIRbAAsj5MFjvod2sY-QR0QXtshtSYBHonEap3kSWjbAI-ZeVxHRMo70E_mc5se8yv6CCCcaRzPDKhnXamn2z5uAA3TNK0AinFRAeEg6Inhcu2dVRrIYuFFsQrCIVA_Ji87fQvJczDAyGzDnNXhnCc00Kt2pC-O5RBI-ku-AJirMTwtfUdoldI4zeDlFoJAw1ACvWpwASOrbChxwPgBAOQBgGgBnaAB__9oqcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoByAsB4AsBgAwBsBOyzIkMyBO-sdrdA9ATANgTCogUAtgUAdAVAYAXAQ&sigh=h3EF9bS9aJE&label=videoplaytime75&ad_mt=11460&acvw=sv%3D902%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D11147,0,0,0,0%26mtos%3D11147,11147,11147,11147,11147%26amtos%3D0,0,0,0,0%26mcvt%3D11147%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11429%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D55%26pst%3D0%26dur%3D15018%26vmtime%3D11460%26dtos%3D3746%26dtoss%3D4%26dvs%3D3746%26dfvs%3D3746%26dvpt%3D3746%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3746,3746,3746,3746,3746%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103%26avms%3Dnio%26qi%3D367631237%26psm%3D4095%26psv%3D4094%26psfv%3D4094%26psa%3D0%26pngs%3D9s,14,200103c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,11147&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1627917545179
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI2r_yt9GS8gIVLLpRCh3BMQBlEAAYACCshPVIOhoIvrHApwEQjq2woccDGL6x2t0DINjWtv7-DUITCJf6t7fRkvICFYHAEQgdcDwMDA;dc_rmcid=CAASFeRozdkzQafNlj9gUDiOR91TUChbxw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D902%26c...
ade.googlesyndication.com/ddm/activity/ Frame 706A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2r_yt9GS8gIVLLpRCh3BMQBlEAAYACCshPVIOhoIvrHApwEQjq2woccDGL6x2t0DINjWtv7-DUITCJf6t7fRkvICFYHAEQgdcDwMDA;dc_rmcid=CAASFeRozdkzQafNlj9gUDiOR91TUChbxw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D902%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D11183,0,0,0,0%26mtos%3D11183,11183,11183,11183,11183%26amtos%3D0,0,0,0,0%26mcvt%3D11183%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11409%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D49%26pst%3D0%26dur%3D15018%26vmtime%3D11455%26dtos%3D3743%26dtoss%3D4%26dvs%3D3743%26dfvs%3D3743%26dvpt%3D3743%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3743,3743,3743,3743,3743%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103%26avms%3Dnio%26qi%3D91181791%26psm%3D4095%26psv%3D4094%26psfv%3D4094%26psa%3D0%26pngs%3D9s,14,200103c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,11183;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1627917545365;ecn1=1;etm1=0;eid1=960585;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 706A 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGNWy5wwIYdfqOIGBx_AP8PiwYJPIteZj2Na2_v4N18eivcABEAEguMOVAmC5-MeA3AGgAemB3dgCyAEFqQJKtF6No--zPqgDAcgDmwSqBPMBT9BmY44mjzhSK_rZzMlEfEJbn_H15iaFGhIULKUqeiTTPhqdgr7z4g6wUSN1qQ10fu2f1IHYajwf935OVYvDT5JpvFG_MiK_EyK7ech3hq_hZyr5h5UBn4nCqL-74eesQaD3pn45slyALcFZ9oIPulxuntDTCT2CN53zwnycmb37rE1OUSWlmkcECc_NNAXQp_YRdYg2Lb-JUkI7ww4ssv7BksHI-pTV-Fo7agcpPakr2SiruVmoCmGxSU4YiAqcNjp-go8cwiWY9qB5KjPtrNHKGmMy87eSZrlzh4f6kwcqsmP8GsoBRoW45yjcOMqqig6NwASOrbChxwPgBAOQBgGgBnaAB__9oqcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIjhgBAQARgdgAoByAsB4AsBgAwBsBOyzIkMyBO-sdrdA9ATANgTCogUAtgUAdAVAYAXAQ&sigh=4pUthp-_g5k&label=videoplaytime75&ad_mt=11456&acvw=sv%3D902%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D11183,0,0,0,0%26mtos%3D11183,11183,11183,11183,11183%26amtos%3D0,0,0,0,0%26mcvt%3D11183%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11409%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D49%26pst%3D0%26dur%3D15018%26vmtime%3D11455%26dtos%3D3743%26dtoss%3D4%26dvs%3D3743%26dfvs%3D3743%26dvpt%3D3743%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3743,3743,3743,3743,3743%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200103%26avms%3Dnio%26qi%3D91181791%26psm%3D4095%26psv%3D4094%26psfv%3D4094%26psa%3D0%26pngs%3D9s,14,200103c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,11183&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1627917545365
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 15:19:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
Domain
nep.advangelists.com
URL
https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Domain
nep.advangelists.com
URL
https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Domain
nep.advangelists.com
URL
https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Domain
nep.advangelists.com
URL
https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQgM65m_RitZy6N1jRSiugAABHoAAAIB
Domain
cm.ctnsnet.com
URL
https://cm.ctnsnet.com/int/cm?exc=19&gdpr=1
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQgM679bwsdCcAmCqTYwGwAABH0AAAIB
Domain
nep.advangelists.com
URL
https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQgM679bwsdCcAmCqTYwIAAABJUAAAAB
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQgM679bwsdCcAmCqTYwIgAABHcAAAIB
Domain
nep.advangelists.com
URL
https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQgM78BOTUOAFbZELY3mzAAABKQAAAIB
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQgM78BOTUOAFbZELY3mzAAABKQAAAIB
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YQgM78BOTUOAFbZELY3mzAAA&gdpr=1
Domain
bcp.crwdcntrl.net
URL
https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YQgM78BOTUOAFbZELY3mzAAA%261188?gdpr_consent=&us_privacy=&gdpr=1
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQgM7wlFKlWrvDsRLyIriwAABGMAAAIB
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YQgM7wlFKlWrvDsRLyIriwAA&gdpr=1

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| googletag object| _VLIOBJ object| vitag object| ggeac object| google_js_reporting_queue object| regeneratorRuntime string| tagApi object| viAPItag function| __tcfapi function| __uspapi boolean| _isUserInEU boolean| _isUserInUS boolean| __VLICMP object| observeElementInViewport function| set_site_foot string| width string| font_style object| _atrk_opts object| _qoptions function| quantserve function| __qc object| _qevents object| ezt function| qtrack string| gaJsHost string| tpl_host function| langTo function| newsnlink function| langlink object| _gat object| _gaq object| pageTracker object| gaGlobal function| vlPlayer object| $sf function| __tcfapiui object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google function| vlipbChunk object| vlipb object| _pbjsGlobals string| nobidVersion object| nobid function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing string| pubcidCookie boolean| apstagLOADED object| apstag object| Criteo function| atrk boolean| _atrk_fired object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| criteo_pubtag object| criteo_pubtag_prebid_105 object| Criteo_prebid_105 object| google_image_requests

13 Cookies

Domain/Path Name / Value
.creaders.net/ Name: _gat_gtag_UA_128776493_30
Value: 1
.creaders.net/ Name: _gid
Value: GA1.2.442083696.1627917544
.creaders.net/ Name: __utmb
Value: 77545162.1.10.1627917543
sports.creaders.net/ Name: sf_ck_tst
Value: test
.creaders.net/ Name: _ga
Value: GA1.2.561253751.1627917543
.creaders.net/ Name: __auc
Value: a0dac10717b0772683196dd02de
.creaders.net/ Name: __asc
Value: a0dac10717b0772683196dd02de
sports.creaders.net/ Name: __vliIPL
Value: {"value":["2a01:4f8:192:5414::2"],"expiredAt":1627924743081}
.creaders.net/ Name: __utmt
Value: 1
.creaders.net/ Name: __utmc
Value: 77545162
sports.creaders.net/ Name: _pubcid
Value: f44bd99f-b05d-4533-be12-0f944ae6c97d
.creaders.net/ Name: __utmz
Value: 77545162.1627917543.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.creaders.net/ Name: __utma
Value: 77545162.561253751.1627917543.1627917543.1627917543.1

1 Console Messages

Source Level URL
Text
console-api error URL: https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js(Line 439)
Message:
TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6db60429303cea30b5e5ded787516309.safeframe.googlesyndication.com
ad.atdmt.com
ad.turn.com
ade.googlesyndication.com
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.com
adservice.google.de
ag.innovid.com
ap.lijit.com
assets.bilsyndication.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bid.g.doubleclick.net
bidder.criteo.com
biltag.bilsyndication.com
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.jsdelivr.net
certify.alexametrics.com
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
d.adroll.com
d31qbv1cthcecs.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
e.dlx.addthis.com
edge.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs-simple.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
ms.quantumdex.io
nep.advangelists.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.advertising.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.ad.smaato.net
pub.creaders.net
px.owneriq.net
px.vliplatform.com
r4---sn-4g5e6nsd.c.2mdn.net
r4---sn-4g5ednse.c.2mdn.net
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.adentifi.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
services.bilsyndication.com
sports.creaders.net
ssl.google-analytics.com
ssum-sec.casalemedia.com
static.criteo.net
stats.bilsyndication.com
stats.g.doubleclick.net
sync.adotmob.com
sync.extend.tv
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
targeting.unrulymedia.com
tpc.googlesyndication.com
u-ams02.e-planning.net
um.simpli.fi
ups.analytics.yahoo.com
useast.quantumdex.io
www.creaders.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
ads.pubmatic.com
bcp.crwdcntrl.net
cm.adgrx.com
cm.ctnsnet.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
nep.advangelists.com
pm.w55c.net
s.amazon-adsystem.com
sync.adotmob.com
104.111.242.53
13.224.90.44
13.224.96.109
13.224.96.82
135.125.8.70
142.250.181.226
142.250.184.226
142.250.185.130
142.250.185.98
142.250.186.98
147.75.38.124
169.197.150.7
169.50.137.190
178.162.133.149
178.250.2.131
18.156.0.31
18.156.195.47
18.197.99.6
184.31.84.150
185.184.8.65
185.29.132.241
185.33.221.89
185.64.189.112
185.64.189.115
2.18.234.21
2001:678:cb4:bbbb::11
213.19.147.43
23.45.99.241
2600:9000:2190:1000:6:44e3:f8c0:93a1
2606:4700:10::ac43:1faa
2606:4700:20::ac43:47f1
2606:4700:21::681b:cf5c
2607:f8b0:4006:804::2003
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1450:4001:61::9
2a00:1450:4001:69::9
2a00:1450:4001:800::2003
2a00:1450:4001:802::2008
2a00:1450:4001:809::200e
2a00:1450:4001:810::2008
2a00:1450:4001:810::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2006
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a00:1450:400c:c07::9c
2a02:2638:1::13
2a02:2638:1::3
2a03:2880:f01c:8004:face:b00c:0:8c
2a04:4e42:3::485
2a05:d01c:1d8:8101:939a:325c:ab79:c5b3
3.142.157.144
3.228.62.17
34.98.67.61
35.227.252.103
37.157.3.29
37.252.172.249
37.252.173.38
46.249.52.248
5.178.65.245
51.75.146.200
51.89.9.254
52.207.62.93
52.24.243.235
52.86.210.192
54.155.97.90
54.171.168.191
63.35.200.21
64.233.167.155
69.173.144.139
72.251.249.13
76.223.111.131
0209d9d536c9914c9fda2e62080ca84bff264ca0e36edf7d2d0e08aaa91ca0b4
029ac234ca70d4f4fe20ce0bae17d17899e66450c7f0a042640df204dd35713f
04e7904cb250fb37f8402f9c67f588c7404b0cf76bd753b607c970ab38275d97
06714b55c77666c8c868c31cfe56f42f0f7b5204c0003f82e5dd57bf62044c46
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0939e17ea482277309565f2ff645472131847e9d6af541fd4326dd9d402cb00f
0a7b11be75b337891176e639e15209297639b0dc10af5ffc7fc38809582e36f3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10ec4f1e4a8f58a5e4a9ac21ef915302cc20d1acb21f20ed514ca99395c85d23
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1
14d569d1d0455bdb16adf127f5d173273a02116876c0303219ce25228d99f68f
15d102746c4da4e0c776010d065962a5f3dbfbc5f03865314f1530bdf6b4ef1d
163ad32a13401b1f5387b23c7d749fccac8da49e9914584fe3aca42884532c09
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1a36494ae4d9ffcd927691206641e23f32bac00f05159e736061e88c4b8fb20d
1becf557de72ddd37b27651828ff7913bcd3b44ddd1be1fe2bfa51a2564e0c8e
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e965b424b13bec7078b50ac7cd27b3ca6ee2cc955b5de94b1619e454932ba9c
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
215580481c6f4550e6a18d2bbf4c9cd48d385e08e5b625c24c32462c2f155325
226fa48b93fbc075b20c02938e4c4f2df395bd970d2aa52d35cef33cde5bfa32
24070eaf50abfea1fb1c2d172db3d5ccb9112a335e1532e09e15b41bfa00f3af
26c91f9904feb1cc67789d4326e2ad5f1424bbaa79c1656258b78fb04aaa74ca
275d7165ad5036632c0a917ac54e8d706f3bb125bf7ded6f8a98b1f69344eb02
2994be2f45b82c0111c6aa02e0c0041213d6bc88c6f0ffaaac7b8698c6d28e33
2a4ad160e04c81994eed554948e8bc0928de7de37977f99571acc7e850bfda59
2a5889a3deb522f407e35802297c686e0c76716f549420ae80b3c589afda5149
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
2e0b072e0b1f96186a779eee12b838fb8ac4372baff6c3af22d3d27caeb18bf4
2f3ad0ffe6ce43c17ea893eef15fb5e5949ccdd71fcce39454ef371f3cbb6d53
303f05687a3f6f2cacd67b53725ce8e685c888a03004ef75088addc738e33f89
3584cbc749907cd753e08ae52d676970b47e059641bbc172287648c07f453c95
35d9ffdd9780cc7e136a20def60755e1b4ec5938dd48b00d3a372a1d40146e89
367a776a93aef9e68b49eeedd7fe25b043e8156bb3e8cb93bd47e9d6893f1ecf
3779f0a48a5443790e46bba8290c47bbe993437f7f024b444f913c928955d982
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38ff04e8decaaeaf77c37c433a049320d9446a9b8157966bb5a36cc225302eb6
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
468105a416628c4603144ba5cdbfd77ab46d1db51bbcb26b812222db144be10f
477b4fd763c0b63fe3e615ea043359a805f37bb64027a3766cd8837c8e8bde59
481027fc66b87516f11c8047495dad1ebc34665a3f69b462bff7fe01ee20bda4
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
49a853e29302663d9915afb18b5a968efa6547fa37eb70864ef443daf22dd52b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d31a7665b8c3d094c12c249e7c9753bd178ba8aa481c0db230b24daf7876d5f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e29c454521145f35a0efd7a0d7b35fb8674a76e8e4a228a21f615b0b01b8652
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
532d1b672b4e88e57516bfa7b7b1c1966d50b2dd69068d0bbbc6aaeda1183767
534b71959c698411607df336f6df3315249967af485941536de9c95420e930a2
549111dcfbc4712627479bd74f1091a081dcf3a446fa1252051792e68d04b97f
59b82a140f4cf778b52718c2230b773b45736f3b3b41fa4aee7e713c9ed15688
5af7a1f097ddb6649cbcd406ecad23b40821e8ac63faafe039243315eb0d76f6
5d7bb9a5b4001fd6865f6f780c6628f36ad2e609c6e51c99dfddd4a1f8301868
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e615f21aa637d844394b206c8d7e32a83382507ca8df50142d49f5c5517af51
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
62290156a07fc7cfde54501840f4b04fcc9561d8d9ccb0e725b269b78e00fe44
63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
64cc87df35d66dc80113900c62bcd8f646c9be2ae4292a875ad691cdfd8dcc9c
673f4b7149c8520a151e8faf182dce1761e752a05f4cb045b58f83b6e4576d7d
689c4e483188819672608cb06cb6560aea4e14296b02b3a74f429f7bb75c5631
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c9b02bc45ea0d75ddee5cc0c3764078f874fd43e2ec2a36f0545592a1ece25b
6e1328eab517f20fb089677c4fa877a655ad8d220b34fac552e01cb7e473a962
6e30a5af72433f14acab63380229f1bd8e789a1e2add432887b2ecf587dd2af7
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
7a55fbb0fb94ea6ed9f0c1dcbca21e2b25263e908910b76723004db784786ed8
7b60fc98a62157104091cf99214a34ae5e5d81bea08f4abf84cbcbda75139045
7c1be583366039e73c8e48a908037b2affa67c4f7a1d4dbf3011086bc260ff4b
7e450ee21af8028cfe0be376c1baee66e84a215817b962d806580ca1cd7fb0c9
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
820940626c8b0ea4d61278c472b9f3f4b02358cbba4c85c0bb22c1d14584b806
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83495b5cbb78284d01d23bd648fbbc0a713d674d9710064ecfddf89f78303730
836a5b2f079b27442966cef74811aa165dd3493c2d17040a11d65754fe9a2d2e
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f
860b5e091460d215bed614dc09546612002a6dc4db5225961adabfc374ad49e1
88449c82e7a23c07452ad519b7f146375d4e7f76ea8454c83bca4cb5c0b99ac0
893226097160c1a1ecf1b86b31905d2facaceacf19a2d7f23c3c4f9653f7587d
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eee98720ea00f99b96d77de662bb78af53a3f8ecce0a0dd4ac83d2ff72c4e1e
90356317189f4ec1a2aa79b1801ba1811b99c10c4f8843f9090c19ea12290657
909debfed5e4d147d1e92ec707994da08b6eb0b8d29e9b30b2bd8f007b41387a
95a9cfbf7262fe01c09d9427d4ba9050052169c4db020a21dbbd268915291a4f
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818
9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8
9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6
9f0a0b6e96b6a83dee549af751a6997017c0a979aa23bf539bd4069db4a93843
9f65d08c28b1ff5d7c481414c396df528494d52dd6c0515b97af5b1de7349ff5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0dc0de8e5e96c7703251d73a1804e8558151983afa3a2af5a7dfb29001dbe99
a1fb6e650db17c77fd2ceaa266b2218f2ef34c34753d003288b06e07589176c8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a837dd26b780a9339401754a2df04be6048a5bd8771fe79915f04439ddd5ea4f
a974efc87878229939b0d19942592a6e298be88c332e6821e7d6a5499f4f8088
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa81101ad925c8b50d4484faad3a19d9ed37e37d07eb8e1c60369e3678100de9
acf1a557052a3bb1442975b9ee3a7cc6b7e2a40bdae30d04cde6a4acb69ab60a
b03e49e0b58b9de249dd59bc6f5bb965f9e3e7c0859627d932e8bd1985f5590a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b73d7a159c9c0bc1f330fa05830de13187784e6a748724a0892dfac7b2fdd8a0
b9e8ede36ab8c0fe55f2f1ee9d12dd8cfbf43f8e63c6b33705e8ddcc31a211f2
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bcb51defe2eacd40a2a444b834d0d4ac952935851e32f2dac1a0c9a78adea19e
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bde2e12eeb27d83d7d39b313bcf6b2bea7a6f7889cdc50c0d5a5f64c542f0032
c1a3b23f26118ba89996e358e5404508b75d08bbb1c2b3d2f0019753255321a9
c2540de2d1d0e83eeaf969c3150bd951c3b7e0d6e911a4114b2b45c10516a09c
c45ef9d5942ff84de20ac3fed59f8c769add4fdc7472d624577ab4314648a420
c6fff83603fb75bf74450885e2d3b50fa4c553aabdaf737f7f07675b30ad8677
c7952974dbadbbfa1d36410d96b0bab2fac39af26558de7d0fdb4daa81bc3c15
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd8e163a8fe9b76f2dea46f1a38b172792a24d61b5b50ed046299b1e8f244232
cddfefaea79ad2c90e1ad4a51487ea3819cbaeb0aed3e52636536116565a3e09
d01cd5d8bb0f4c13b6105d7a5a76232ff19b9e8646a62f7c05340cbe6a612482
d04743b817670ec7d457c36b9106e73d00b52572986fa762163963c2fe221eca
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d3e425bf2470258d90e637de907163f2723ea34e9b3e66c374abc8b638d1ed3b
d4a0c92ac7b238ccb4df8e037c8a57cf0b4b4dae44a57d1486e01b09c6eaa0c7
d88101d98dde040d3c74ae33a33dfa4fc001d6a9a5bb51cf4370236546a2d91a
d96bcaa8cb94077a775fd6bd0ca8202226b5ce8d203030e51b8a6b60fe8a3ac8
da2535606b74a9f702b64271cede2bbd3c388b963fe8c6d9e8b7c949b951387b
dec393ab1dd152dc7c2ef0a0c3ef12325f75aee7a8bb10dc2d432434e2f81432
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49713e70e94b33680d86e6b14851e72b6488600a384fa2c4fd2dff22ed01cb2
e5832426bfa99cbb796219cdaeb42831593dd5a932180bc517e9872d1e71c0f0
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624
e861abb7755bd29d42ec2b19e515f49a839bd9489dbc80e08408aa26ab9376d6
e8998b3698599d2d28468bd76f422c1f25a551ede04ce7ccd886297e472ec9e4
e94e6f069cf76b214f52c46205d344132dc0553fc404def984d4b7c636a2b9c4
ebe1d49f9f9efa1fd2b3a1c735e693a6a61f82d26baf5caab429e4d929562d7c
ee8ee18080b951c2c1526a104a89004f43c20a76552f8e13d155b73d10150240
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3ac803a65ac0ff2f3231f55c92ddb7c2e8da4006bddc26007f107a9b08427ca
f90919b20c24ca1a48071c6324dce17c446e63613b0296251e111c11f81cf7df
fa60a8476199881f817a752cd30bbfbf03671688019258b2a390ee94823e1be6
fb5dc5ef6400175742731f1250e2e2d0bc28c7af8ecf630fc8e8c281ded5a64d
ff15386077cf11cff7a0f29be53c3e4dc22a2fbd97d11a252fa018a530c6e049