bluejaysnation.com Open in urlscan Pro
2606:4700:3034::6815:56ca Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bluejaysnation.com/
Submission: On August 26 via api (August 26th 2022, 12:11:18 pm UTC) from US — Scanned from DE

Summary HTTP 333 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 89 IPs in 11 countries across 49 domains to perform 333 HTTP transactions. The main IP is 2606:4700:3034::6815:56ca, located in United States and belongs to CLOUDFLARENET, US. The main domain is bluejaysnation.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2022. Valid for: a year.

This is the only time bluejaysnation.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	2606:4700:303... 2606:4700:3034::6815:56ca	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
17	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
5	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2600:9000:201... 2600:9000:201f:2e00:c:4d8d:ebc0:21	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:cb0... 2a02:6ea0:cb00::2	60068 (CDN77 ^_^) (CDN77 ^_^)
5	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
4	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700:10:... 2606:4700:10::6816:3ca8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	65.9.71.118 65.9.71.118	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
2	157.90.0.13 157.90.0.13	24940 (HETZNER-AS) (HETZNER-AS)
1	35.159.6.175 35.159.6.175	16509 (AMAZON-02) (AMAZON-02)
2	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
2	3.65.74.222 3.65.74.222	16509 (AMAZON-02) (AMAZON-02)
2 7	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1	72.251.249.9 72.251.249.9	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2	89.149.192.65 89.149.192.65	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	13.36.17.92 13.36.17.92	16509 (AMAZON-02) (AMAZON-02)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	34.199.89.150 34.199.89.150	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:10:... 2606:4700:10::6816:3da8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1901:0:e... 2600:1901:0:e567::1	15169 (GOOGLE) (GOOGLE)
4	52.4.246.121 52.4.246.121	14618 (AMAZON-AES) (AMAZON-AES)
1 4	13.32.121.21 13.32.121.21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	92.123.21.200 92.123.21.200	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	135.181.181.105 135.181.181.105	24940 (HETZNER-AS) (HETZNER-AS)
4	2600:9000:214... 2600:9000:214f:9400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	151.101.65.194 151.101.65.194	54113 (FASTLY) (FASTLY)
2	54.234.151.247 54.234.151.247	14618 (AMAZON-AES) (AMAZON-AES)
2	23.20.158.212 23.20.158.212	14618 (AMAZON-AES) (AMAZON-AES)
1	18.136.115.17 18.136.115.17	16509 (AMAZON-02) (AMAZON-02)
1	35.86.50.147 35.86.50.147	16509 (AMAZON-02) (AMAZON-02)
1	54.73.196.234 54.73.196.234	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	162.55.236.225 162.55.236.225	24940 (HETZNER-AS) (HETZNER-AS)
1	198.47.127.18 198.47.127.18	62713 (AS-PUBMATIC) (AS-PUBMATIC)
8 11	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4 9	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	34.249.238.57 34.249.238.57	16509 (AMAZON-02) (AMAZON-02)
33	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
5	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 1	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.86.139.113 185.86.139.113	201081 (SMARTADSE...) (SMARTADSERVER)
3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	65.9.66.129 65.9.66.129	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
7	54.152.91.168 54.152.91.168	14618 (AMAZON-AES) (AMAZON-AES)
1	104.18.13.242 104.18.13.242	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.234.134.156 34.234.134.156	14618 (AMAZON-AES) (AMAZON-AES)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	35.170.30.54 35.170.30.54	14618 (AMAZON-AES) (AMAZON-AES)
1	18.66.139.38 18.66.139.38	16509 (AMAZON-02) (AMAZON-02)
1	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.65.41.66 3.65.41.66	16509 (AMAZON-02) (AMAZON-02)
1	185.94.180.124 185.94.180.124	35220 (SPOTX-AMS) (SPOTX-AMS)
3	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	74.125.140.156 74.125.140.156	15169 (GOOGLE) (GOOGLE)
3	52.16.177.107 52.16.177.107	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1 4	54.194.208.7 54.194.208.7	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:11::6	15169 (GOOGLE) (GOOGLE)
2	2600:1f18:1ac... 2600:1f18:1aca:4281:8c65:2d:98c7:6d3f	14618 (AMAZON-AES) (AMAZON-AES)
3	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 2	54.77.35.16 54.77.35.16	16509 (AMAZON-02) (AMAZON-02)
2	104.96.145.246 104.96.145.246	16625 (AKAMAI-AS) (AKAMAI-AS)
5 7	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:358d:1e8a:10d4:e287	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
333	89

31 2606:4700:3034::6815:56ca (United States)

ASN13335 (CLOUDFLARENET, US)

bluejaysnation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:201f:2e00:c:4d8d:ebc0:21 (United States)

ASN16509 (AMAZON-02, US)

d3e9zy76sv7y5r.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:cb00::2 (United Kingdom)

ASN60068 (CDN77 ^_^, GB)

futbol-cdn.relevant-digital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:3ca8 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.vuukle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 65.9.71.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-118.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.0.13 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.13.0.90.157.clients.your-server.de

shb.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.159.6.175 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-159-6-175.eu-central-1.compute.amazonaws.com

krk.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.65.74.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-74-222.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.89.210.153 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.9 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.149.192.65 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.17.92 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-17-92.eu-west-3.compute.amazonaws.com

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

futbolsites-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.89.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-89-150.compute-1.amazonaws.com

embed.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3da8 (United States)

ASN13335 (CLOUDFLARENET, US)

vuukle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
publish.vuukle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:e567::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

superficialspring.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.4.246.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-246-121.compute-1.amazonaws.com

powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.121.21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.21.200 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-21-200.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.181.181.105 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.105.181.181.135.clients.your-server.de

worker40-api.relevant-digital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:214f:9400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.194 (United States)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.234.151.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-151-247.compute-1.amazonaws.com

reporting.powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.20.158.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-158-212.compute-1.amazonaws.com

hb.brainlyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.136.115.17 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-115-17.ap-southeast-1.compute.amazonaws.com

pixel.zprk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.86.50.147 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-86-50-147.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.73.196.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-196-234.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.236.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.236.55.162.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.18 (United States)

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.184.226 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.19.126 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.249.238.57 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-238-57.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.180 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.113 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 65.9.66.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-129.fra56.r.cloudfront.net

d29xw9s9x32j3w.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.152.91.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-91-168.compute-1.amazonaws.com

s2l.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.13.242 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.resonate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.234.134.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-134-156.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.170.30.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-30-54.compute-1.amazonaws.com

timber.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-38.fra60.r.cloudfront.net

player.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.65.41.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-41-66.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.140.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.16.177.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-177-107.eu-west-1.compute.amazonaws.com

unified.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.194.208.7 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-208-7.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:11::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5lznez.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:1aca:4281:8c65:2d:98c7:6d3f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.35.16 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-35-16.eu-west-1.compute.amazonaws.com

intelcorp.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.96.145.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 69.173.144.139 (Frankfurt am Main, Germany) 5 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:358d:1e8a:10d4:e287 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:22::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.155.104 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 159 ade.googlesyndication.com — Cisco Umbrella Rank: 285	261 KB
35	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 280 r1---sn-4g5lznez.c.2mdn.net — Cisco Umbrella Rank: 724034 Failed gcdn.2mdn.net — Cisco Umbrella Rank: 970	2 MB
35	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 stats.g.doubleclick.net — Cisco Umbrella Rank: 108 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 cm.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 303 pubads.g.doubleclick.net — Cisco Umbrella Rank: 510 bid.g.doubleclick.net — Cisco Umbrella Rank: 474	300 KB
31	bluejaysnation.com bluejaysnation.com	267 KB
20	wp.com i1.wp.com — Cisco Umbrella Rank: 6981 i2.wp.com — Cisco Umbrella Rank: 6426 i0.wp.com — Cisco Umbrella Rank: 2991 stats.wp.com — Cisco Umbrella Rank: 2570 s0.wp.com — Cisco Umbrella Rank: 6642 pixel.wp.com — Cisco Umbrella Rank: 2431	1 MB
19	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2210 www.google.com — Cisco Umbrella Rank: 9 adservice.google.com — Cisco Umbrella Rank: 88	51 KB
15	cloudfront.net d3e9zy76sv7y5r.cloudfront.net d29xw9s9x32j3w.cloudfront.net	1 MB
13	adsafeprotected.com 1 redirects static.adsafeprotected.com — Cisco Umbrella Rank: 589 unified.adsafeprotected.com — Cisco Umbrella Rank: 1950 pixel.adsafeprotected.com — Cisco Umbrella Rank: 596 dt.adsafeprotected.com — Cisco Umbrella Rank: 526	141 KB
12	sendtonews.com embed.sendtonews.com — Cisco Umbrella Rank: 12852 s2l.sendtonews.com — Cisco Umbrella Rank: 14520 timber.sendtonews.com — Cisco Umbrella Rank: 14733 player.sendtonews.com — Cisco Umbrella Rank: 14809	7 KB
11	rubiconproject.com 5 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 519 prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1064 eus.rubiconproject.com — Cisco Umbrella Rank: 582 token.rubiconproject.com — Cisco Umbrella Rank: 711 pixel.rubiconproject.com — Cisco Umbrella Rank: 327	14 KB
11	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 304 s.amazon-adsystem.com — Cisco Umbrella Rank: 282	93 KB
10	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525 as-sec.casalemedia.com — Cisco Umbrella Rank: 1327 htlb.casalemedia.com — Cisco Umbrella Rank: 539	8 KB
8	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 230 secure.adnxs.com — Cisco Umbrella Rank: 463	8 KB
6	powerad.ai powerad.ai — Cisco Umbrella Rank: 14828 reporting.powerad.ai — Cisco Umbrella Rank: 15803	48 KB
6	vuukle.com cdn.vuukle.com — Cisco Umbrella Rank: 15538 vuukle.com — Cisco Umbrella Rank: 7257 publish.vuukle.com — Cisco Umbrella Rank: 17800	191 KB
6	yahoo.com 1 redirects c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 943 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 488 ads.yahoo.com — Cisco Umbrella Rank: 2295	2 KB
6	gstatic.com fonts.gstatic.com csi.gstatic.com	206 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54 imasdk.googleapis.com — Cisco Umbrella Rank: 440	353 KB
5	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 492 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 493 image8.pubmatic.com — Cisco Umbrella Rank: 603 image2.pubmatic.com — Cisco Umbrella Rank: 877	66 KB
4	cpx.to p.cpx.to — Cisco Umbrella Rank: 9782 s.cpx.to — Cisco Umbrella Rank: 2250	5 KB
4	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 146	1 KB
4	smartadserver.com 1 redirects prg.smartadserver.com — Cisco Umbrella Rank: 1497 sync.smartadserver.com — Cisco Umbrella Rank: 1678	2 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 371	920 B
3	google.de www.google.de — Cisco Umbrella Rank: 6076 adservice.google.de — Cisco Umbrella Rank: 8811	1 KB
3	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 617 eb2.3lift.com — Cisco Umbrella Rank: 418	4 KB
3	richaudience.com shb.richaudience.com — Cisco Umbrella Rank: 5442 sync.richaudience.com — Cisco Umbrella Rank: 1918	701 B
2	demdex.net 1 redirects intelcorp.demdex.net — Cisco Umbrella Rank: 35761	2 KB
2	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 836 id.rlcdn.com — Cisco Umbrella Rank: 592	460 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 219	25 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	87 KB
2	brainlyads.com hb.brainlyads.com — Cisco Umbrella Rank: 15151	185 KB
2	fastly.net confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1393	77 KB
2	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1509	34 KB
2	superficialspring.com superficialspring.com — Cisco Umbrella Rank: 108985	28 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	20 KB
2	openx.net futbolsites-d.openx.net — Cisco Umbrella Rank: 139642 u.openx.net — Cisco Umbrella Rank: 705	511 B
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 746	403 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2218	24 KB
2	relevant-digital.com futbol-cdn.relevant-digital.com — Cisco Umbrella Rank: 96861 worker40-api.relevant-digital.com — Cisco Umbrella Rank: 84489	148 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 370	703 B
1	spotxchange.com search.spotxchange.com — Cisco Umbrella Rank: 450	1 KB
1	rkdms.com id.sv.rkdms.com — Cisco Umbrella Rank: 4004	169 B
1	resonate.com cdn.resonate.com — Cisco Umbrella Rank: 8171	169 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 594	13 KB
1	ad.gt a.ad.gt — Cisco Umbrella Rank: 5070	4 KB
1	zprk.io pixel.zprk.io — Cisco Umbrella Rank: 17922	3 KB
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 654	650 B
1	kargo.com krk.kargo.com — Cisco Umbrella Rank: 2425	681 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	62 KB
333	49

	Domain	Requested by
33	s0.2mdn.net	bluejaysnation.com s0.2mdn.net imasdk.googleapis.com 878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com
31	bluejaysnation.com	bluejaysnation.com
24	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com s0.2mdn.net imasdk.googleapis.com
13	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
11	d29xw9s9x32j3w.cloudfront.net	d3e9zy76sv7y5r.cloudfront.net
11	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net bluejaysnation.com
9	googleads.g.doubleclick.net	878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com bluejaysnation.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	c.amazon-adsystem.com	futbol-cdn.relevant-digital.com c.amazon-adsystem.com d3e9zy76sv7y5r.cloudfront.net
8	i1.wp.com	bluejaysnation.com
7	s2l.sendtonews.com	d3e9zy76sv7y5r.cloudfront.net
7	ib.adnxs.com	2 redirects futbol-cdn.relevant-digital.com googleads.g.doubleclick.net d29xw9s9x32j3w.cloudfront.net
7	i2.wp.com	bluejaysnation.com
5	googleads4.g.doubleclick.net	bluejaysnation.com
5	securepubads.g.doubleclick.net	bluejaysnation.com securepubads.g.doubleclick.net cdn.vuukle.com
5	fonts.gstatic.com	fonts.googleapis.com
4	token.rubiconproject.com	4 redirects
4	pixel.adsafeprotected.com	1 redirects static.adsafeprotected.com pixel.adsafeprotected.com
4	static.adsafeprotected.com	superficialspring.com imasdk.googleapis.com bluejaysnation.com
4	www.google.com	tpc.googlesyndication.com 878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com
4	sb.scorecardresearch.com	1 redirects bluejaysnation.com
4	powerad.ai	www.googletagmanager.com powerad.ai
4	cdn.vuukle.com	bluejaysnation.com cdn.vuukle.com
4	c2shb.pubgw.yahoo.com	futbol-cdn.relevant-digital.com
4	d3e9zy76sv7y5r.cloudfront.net	bluejaysnation.com d3e9zy76sv7y5r.cloudfront.net
3	s.amazon-adsystem.com	2 redirects bluejaysnation.com
3	pixel.rubiconproject.com	1 redirects bluejaysnation.com
3	ade.googlesyndication.com
3	unified.adsafeprotected.com	imasdk.googleapis.com
3	pubads.g.doubleclick.net	imasdk.googleapis.com
3	timber.sendtonews.com	d3e9zy76sv7y5r.cloudfront.net
3	imasdk.googleapis.com	d3e9zy76sv7y5r.cloudfront.net imasdk.googleapis.com
3	match.adsrvr.org	js-sec.indexww.com bluejaysnation.com
3	s.cpx.to	p.cpx.to
3	878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	fonts.googleapis.com	bluejaysnation.com d3e9zy76sv7y5r.cloudfront.net
2	eus.rubiconproject.com	d29xw9s9x32j3w.cloudfront.net eus.rubiconproject.com
2	intelcorp.demdex.net	1 redirects
2	dt.adsafeprotected.com
2	cdnjs.cloudflare.com	d3e9zy76sv7y5r.cloudfront.net
2	sync.smartadserver.com	1 redirects
2	www.googletagservices.com	878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com
2	hb.brainlyads.com	bluejaysnation.com powerad.ai
2	reporting.powerad.ai	powerad.ai
2	confiant-integrations.global.ssl.fastly.net	cdn.vuukle.com confiant-integrations.global.ssl.fastly.net
2	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
2	adservice.google.de	securepubads.g.doubleclick.net imasdk.googleapis.com
2	secure.cdn.fastclick.net	bluejaysnation.com
2	superficialspring.com	bluejaysnation.com superficialspring.com
2	www.google-analytics.com	www.googletagmanager.com
2	hbopenbid.pubmatic.com	futbol-cdn.relevant-digital.com d29xw9s9x32j3w.cloudfront.net
2	prg.smartadserver.com	futbol-cdn.relevant-digital.com
2	tlx.3lift.com	futbol-cdn.relevant-digital.com d29xw9s9x32j3w.cloudfront.net
2	onetag-sys.com	futbol-cdn.relevant-digital.com
2	shb.richaudience.com	futbol-cdn.relevant-digital.com
2	script.4dex.io	futbol-cdn.relevant-digital.com script.4dex.io
2	i0.wp.com	bluejaysnation.com
1	ads.yahoo.com	bluejaysnation.com
1	px.ads.linkedin.com	bluejaysnation.com
1	id.rlcdn.com	bluejaysnation.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	gcdn.2mdn.net	1 redirects
1	r1---sn-4g5lznez.c.2mdn.net
1	csi.gstatic.com	imasdk.googleapis.com
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	search.spotxchange.com	d29xw9s9x32j3w.cloudfront.net
1	prebid-server.rubiconproject.com	d29xw9s9x32j3w.cloudfront.net
1	htlb.casalemedia.com	d29xw9s9x32j3w.cloudfront.net
1	as-sec.casalemedia.com	js-sec.indexww.com
1	player.sendtonews.com	d3e9zy76sv7y5r.cloudfront.net
1	api.rlcdn.com	js-sec.indexww.com
1	id.sv.rkdms.com	js-sec.indexww.com
1	cdn.resonate.com	d3e9zy76sv7y5r.cloudfront.net
1	js-sec.indexww.com	d3e9zy76sv7y5r.cloudfront.net
1	image2.pubmatic.com
1	secure.adnxs.com	1 redirects
1	u.openx.net
1	image8.pubmatic.com
1	sync.richaudience.com
1	eb2.3lift.com
1	p.cpx.to	powerad.ai
1	a.ad.gt	powerad.ai
1	pixel.zprk.io	powerad.ai
1	worker40-api.relevant-digital.com	futbol-cdn.relevant-digital.com
1	www.google.de
1	publish.vuukle.com	cdn.vuukle.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	vuukle.com	cdn.vuukle.com
1	pixel.wp.com
1	embed.sendtonews.com	bluejaysnation.com
1	futbolsites-d.openx.net	futbol-cdn.relevant-digital.com
1	ap.lijit.com	futbol-cdn.relevant-digital.com
1	krk.kargo.com	futbol-cdn.relevant-digital.com
1	fastlane.rubiconproject.com	futbol-cdn.relevant-digital.com
1	www.googletagmanager.com	bluejaysnation.com
1	ads.pubmatic.com	futbol-cdn.relevant-digital.com
1	futbol-cdn.relevant-digital.com	bluejaysnation.com
1	s0.wp.com	bluejaysnation.com
1	stats.wp.com	bluejaysnation.com
333	100

This site contains links to these domains. Also see Links.

Domain
www.mlb.com
fanatics.93n6tx.net
www.facebook.com
twitter.com
www.instagram.com
wingsnation.com
canucksarmy.com
oilersnation.com
flamesnation.ca
jetsnation.ca
theleafsnation.com
puckpedia.com
www.dailyfaceoff.com
www.hockeyfights.com
allwrestling.com
de.oilersnation.com
www.playmaker.fans

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-11` - `2023-07-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
1402819064.rsc.cdn77.org R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-11` - `2023-03-10`	a year	crt.sh
*.dev.kargo.com Amazon	`2022-03-01` - `2023-03-29`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.sendtonews.com Amazon	`2022-05-18` - `2023-06-16`	a year	crt.sh
superficialspring.com R3	`2022-06-18` - `2022-09-16`	3 months	crt.sh
powerad.ai Amazon	`2022-06-28` - `2023-07-27`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2022-01-15` - `2023-01-17`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.relevant-digital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-22` - `2023-01-22`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-05-04` - `2023-06-05`	a year	crt.sh
*.powerad.ai Go Daddy Secure Certificate Authority - G2	`2021-08-13` - `2022-09-14`	a year	crt.sh
hb.brainlyads.com Go Daddy Secure Certificate Authority - G2	`2021-11-25` - `2022-12-27`	a year	crt.sh
*.zprk.io Amazon	`2021-11-18` - `2022-12-17`	a year	crt.sh
*.ad.gt Amazon	`2022-05-10` - `2023-06-08`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2022-01-13` - `2023-01-13`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2022-01-17` - `2023-01-17`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
securedvisit.com Amazon	`2021-11-30` - `2022-12-27`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2022-03-11` - `2023-03-29`	a year	crt.sh
wrapper-vast.adsafeprotected.com Amazon	`2021-11-18` - `2022-12-16`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://bluejaysnation.com/
Frame ID: C9C75CA3A196E90792BE2216A4EE6028
Requests: 190 HTTP requests in this frame

Frame: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CCC86D74BCE79E6CB3AC6EA77CAB0045
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/prebid.js
Frame ID: FFBEE44FE087C3881C4DFE2FDC7DD99C
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Frame ID: A077481B47831CF4B96C4A3AF043D4D4
Requests: 1 HTTP requests in this frame

Frame: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 92D630623FFD7ACA2E47A09E81191EAE
Requests: 15 HTTP requests in this frame

Frame: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2D20D5BBBCBCBE781ED33EE83619D489
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3CF690EB0E01ECD59ED29A708EAD1FBD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FD3CDA067C0E15F980E3D2676B3B6115
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiVs_fOATAB&v=APEucNUNsdhEi57s8CzgjVncAsKWtutanWBESMFu7svEhR0JHl8JQBsEFau26wPZZlm5O3svIrgO19NPcFqEnkkC_G2XJoFh9iCRy1-0OoEAf7TZx12hjlGxg0FXUlQfsLOeaCR-57pDaSSnX_bgcFcZDdC4uDKGUw
Frame ID: CAD9956C5970EEC8EE7D4433D44163FF
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKSDwQEQ27vuARjbwv_EATAB&v=APEucNXu5ekiJvElbRljf8qZI5ZOTfmgdWbBq6ymEwyMh5iaWIp0f_aAy3y75l_5NQs-AXgt9wkysga2jJc9wkh5YlMw8mG5G5_4T7GKKe4d5BEtNy-aXPMPG8UhO3bpaqZwLNoVsYxs7BbSqHQNTFPDsGJQuA-D0g
Frame ID: 056A7844167BF4A80231FCA95F7A7B9E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DFF99391A95C85E7276089238482C108
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
Frame ID: 9D05AC0D26ED66A6D3EECFDB2F7CC323
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FF1274C4A72AFE9976BE0090F4F483F7
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13370573997154231401/index.html?e=69&leftOffset=0&topOffset=0&c=q6De6oUBpt&t=1&renderingType=2&ev=01_247
Frame ID: 6D29A1B2C2D9B9D45FB6BD9D891FBD15
Requests: 15 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: 43F6D3EF90B7B4C79BE91A517FA3B7F2
Requests: 16 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.527.0_en.html
Frame ID: 4B91F7B73F91CB2E9D14D5BCF6D1F34D
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
Frame ID: 5E94FC888FD9A806A92C7C78FC54A0EF
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 2951C960D3BE33A92E4AF3BDB504B684
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: F87B9C62D2122F553D2AA5BF5F73BD4D
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 1F0358AD0AB6D17799FAC94DF482559A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: E8AC3DD4357BAE0F59C0CF8CFB262977
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Toronto Blue Jays News, Roster, Scores, Schedule

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter Emoji (Twemoji) (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

twemoji(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

333
Requests

93 %
HTTPS

35 %
IPv6

49
Domains

100
Subdomains

89
IPs

11
Countries

7668 kB
Transfer

14260 kB
Size

43
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mlb.com/bluejays/schedule
Title: Schedule

Search URL Search Domain Scan URL

URL: https://fanatics.93n6tx.net/kjv7Wv
Title: Fanatics Shop

Search URL Search Domain Scan URL

URL: https://www.facebook.com/theBlueJaysNation/

Search URL Search Domain Scan URL

URL: https://twitter.com/thejaysnation

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thejaysnation/

Search URL Search Domain Scan URL

URL: https://wingsnation.com/
Title: WINGSNATION

Search URL Search Domain Scan URL

URL: https://canucksarmy.com/
Title: CANUCKSARMY

Search URL Search Domain Scan URL

URL: https://oilersnation.com/
Title: OILERSNATION

Search URL Search Domain Scan URL

URL: https://flamesnation.ca/
Title: FLAMESNATION

Search URL Search Domain Scan URL

URL: https://jetsnation.ca/
Title: JETSNATION

Search URL Search Domain Scan URL

URL: https://theleafsnation.com/
Title: THELEAFSNATION

Search URL Search Domain Scan URL

URL: https://puckpedia.com/
Title: PUCKPEDIA

Search URL Search Domain Scan URL

URL: https://www.dailyfaceoff.com/
Title: DAILYFACEOFF

Search URL Search Domain Scan URL

URL: https://www.hockeyfights.com/

Search URL Search Domain Scan URL

URL: https://allwrestling.com/

Search URL Search Domain Scan URL

URL: https://oilersnation.com/2022/08/25/the-real-life-podcast-talkin-oilers-internet-celebs-and-making-movies-with-jordan-buhat/

Search URL Search Domain Scan URL

URL: https://flamesnation.ca/2022/08/25/the-salary-cap-could-be-going-up-a-lot-for-the-2024-25-season/

Search URL Search Domain Scan URL

URL: https://canucksarmy.com/2022/08/25/canucks-prospect-joni-jurmo-ups-downs-world-juniors-troublesome-2021-22-season/

Search URL Search Domain Scan URL

URL: https://theleafsnation.com/2022/08/26/shut-it-down-patrick-kane-to-the-leafs-would-be-a-disaster/

Search URL Search Domain Scan URL

URL: https://jetsnation.ca/2022/05/31/examining-three-players-jets-select-rangers-first-round-pick/

Search URL Search Domain Scan URL

URL: https://wingsnation.com/2022/05/31/detroit-red-wings-team-awards/

Search URL Search Domain Scan URL

URL: https://allwrestling.com/2020/03/19/wrestlemania-36-odds-lesnar-goldberg-both-underdogs/

Search URL Search Domain Scan URL

URL: https://de.oilersnation.com/2022/07/19/der-eismeister-und-die/

Search URL Search Domain Scan URL

URL: https://www.playmaker.fans/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 99

https://sb.scorecardresearch.com/c2/11441895/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7HRtSCa2gmxgV7KomRay0&google_cver=1

Request Chain 156

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ywi4XkI.lI1SAzGv9eN8fwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7HRtSCa2gmxgV7KomRay0&google_cver=1&google_hm=2

Request Chain 157

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEL8EqGag-FrTaSeDXwSEF9I&google_cver=1

Request Chain 158

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI2OTM3MDYwNzc3NjMzMjIxMA%3D%3D

Request Chain 159

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7HRtSCa2gmxgV7KomRay0&google_cver=1

Request Chain 160

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ywi4XkI.lI1SAzGv9eN8fwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7HRtSCa2gmxgV7KomRay0&google_cver=1&google_hm=2

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEL8EqGag-FrTaSeDXwSEF9I&google_cver=1

Request Chain 162

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI2OTM3MDYwNzc3NjMzMjIxMA%3D%3D

Request Chain 183

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=dd2c0024-d2c3-44cd-9774-0842f276de2a HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=dd2c0024-d2c3-44cd-9774-0842f276de2a&google_gid=CAESEKj6fx8SMY3O8JUsnSPVkdw&google_cver=1

Request Chain 184

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12967%26ref%3D%26url%3Dhttps%253A%252F%252Fbluejaysnation.com%252F%26hn_ver%3D40%26fid%3Ddd2c0024-d2c3-44cd-9774-0842f276de2a%26dsp%3Dpub_common%26dsp_uid%3Df17b91dc-d0a7-4ee3-b1b3-9e41d8b6826a HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=6269370607776332210&pid=12967&ref=&url=https%3A%2F%2Fbluejaysnation.com%2F&hn_ver=40&fid=dd2c0024-d2c3-44cd-9774-0842f276de2a&dsp=pub_common&dsp_uid=f17b91dc-d0a7-4ee3-b1b3-9e41d8b6826a

Request Chain 186

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Ddd2c0024-d2c3-44cd-9774-0842f276de2a&gdpr=0 HTTP 302
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=dd2c0024-d2c3-44cd-9774-0842f276de2a&gdpr=0&cklb=1

Request Chain 295

https://gcdn.2mdn.net/videoplayback/id/0ca56a060d27a0b4/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3802237073/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/46C80C58E858382923D36C54F63C2EA10BDDE67C.395DC47CDB656A017B0EA1A13595BA7A3D13CF03/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/0ca56a060d27a0b4/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3802237073/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/59E08C0ECA308082F39FC13F32B78FCF1C783E10.5E7E99D7895CF0B6FBF802B2D4404D05FDA654F1/key/cms1/cms_redirect/yes/mh/zn/mip/2001:1b60:2:240:3247::12/mm/42/mn/sn-4g5lznez/ms/onc/mt/1661515564/mv/u/mvi/1/pl/29/file/file.mp4

Request Chain 298

https://gcdn.2mdn.net/videoplayback/id/0ca56a060d27a0b4/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3802237073/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/46C80C58E858382923D36C54F63C2EA10BDDE67C.395DC47CDB656A017B0EA1A13595BA7A3D13CF03/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/0ca56a060d27a0b4/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3802237073/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2E4958E3EC6125AE03CE9052F83262125C58A2D3.59B425D94350B0ABE2C4B14BAD3D0D17B42973D7/key/cms1/cms_redirect/yes/mh/zn/mip/2001:1b60:2:240:3247::12/mm/42/mn/sn-4g5lznez/ms/onc/mt/1661515564/mv/u/mvi/1/pl/29/file/file.mp4

Request Chain 313

https://intelcorp.demdex.net/event?event=imp&d_campaign=28196010&d_site=5134578&d_placement=341348374&d_ad=533346838&d_creative=174606418 HTTP 302
https://intelcorp.demdex.net/firstevent?event=imp&d_campaign=28196010&d_site=5134578&d_placement=341348374&d_ad=533346838&d_creative=174606418

Request Chain 317

https://pixel.adsafeprotected.com/rfw/st/1104080/64470646/skeleton.gif?xmtp=v&xmapp=0&xsId=4a3d8f7d-c03c-49b2-897d-7fac65c86cd8&bidurl=&ias_campId=&ias_pubId=&ias_placementId=&ias_chanId=&ias_dealId=&ias_impId=v4~~&ias_dspId=3&ias_xappb=[ctv_appid]&mon=64470646 HTTP 302
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=4a3d8f7d-c03c-49b2-897d-7fac65c86cd8

Request Chain 324

https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdBRk5ENEwtMVItODAyUw==&us_privacy=1---

Request Chain 326

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/Ifqhyjc5qHt9pG4HRUDza8n5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7035370890915302953

Request Chain 328

https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7AFND4L-1R-802S&us_privacy=1---

Request Chain 329

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=RIwp09wcQbe_c7DbLcDzDA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=RIwp09wcQbe_c7DbLcDzDA

Request Chain 330

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELUD3v9gh9mOWxy93gsRDs0&google_cver=1

Request Chain 331

https://token.rubiconproject.com/token?pid=26594&us_privacy=1--- HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7AFND4L-1R-802S&sigv=1&esig=2~46d7aa936fd2033c9184168508027da1911565fa&us_privacy=1---

333 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bluejaysnation.com/ 78 KB
17 KB 1120ms
198ms Document
text/html 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bluejaysnation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f66c7a2d008bfef17fc94f03e1317b1a2d446ee7e311e09f4550dd49e3e0464

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://oilersnation.com
age: 142
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 740c77d92f2391e1-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 26 Aug 2022 12:11:07 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://bluejaysnation.com/wp-json/>; rel="https://api.w.org/", <https://wp.me/P8g68V-8wu>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nPcOVAGsRyXzdF3bH1A%2BLxudpGEjKUeXjQ9h7fLB0RsqH5U030azRnodW3vAxiJE%2FgeQMS6lnkrFfzfMxvcw7vpyaOayHhTYQDCgGEWo1IBPYe%2BlRH%2BI1vMp%2BhyO5%2BIkPBkzYZj1m9XG77kcOWzRjyo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: HIT

GET
H2 200 style.css
bluejaysnation.com/wp-includes/css/dist/block-library/ 41 KB
6 KB 31ms
29ms Stylesheet
text/css 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bluejaysnation.com/wp-includes/css/dist/block-library/style.css?ver=5.3.12
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2c1d443ee2efc897495af17b8dcabd8a50cbbb7d9db1fd9e174f3882b824b50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22228
cf-polished: origSize=49795
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 11 Jun 2020 08:54:45 GMT
server: cloudflare
etag: W/"5ee1f155-c283"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9isjoh0my52YobPu4Yex1vUe8u%2FnpqHHtnlRRgG4T6%2F%2BeYdsPRnK0IG2YaMwB28rw6i9DXNjHKeqXEVxUr5UiFmfyappu3Ina43f%2Fe8aw%2Fwfg8g42KStUyI2MQEBYR3o6AAXY9iM7DX1dSPyMlb%2FTeQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 740c77da894291e1-FRA
cf-bgj: minify

GET
H2 200 style.css
bluejaysnation.com/wp-content/themes/nationnetwork/ 0
341 B 31ms
29ms Stylesheet
text/css 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bluejaysnation.com/wp-content/themes/nationnetwork/style.css?ver=5.3.12
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22228
cf-polished: origSize=345
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 13 Feb 2020 18:41:00 GMT
server: cloudflare
etag: W/"5e45983c-159"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ny0JbIxbjMgp7w7KeHzbMTvqag7nGassAUgH9VJrer1jylK9856J9PJVg8WU79JNyRFnwFc%2FBrq0SlzN%2B9XkTaMv9L4E1Q24yJ60%2F%2FWZANcnL7hGu68mVla9Cyzb%2FKbJmFWfTS%2Frkgv7NAUSaEecn2U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 740c77da894491e1-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 85ms
32ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cairo%3A300%2C400%2C600%2C700%7CRoboto%3A300%2C400%2C700&ver=5.3.12

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

41ded8dcae370dbe5efdc102fc361a818f068cf0690f6926294198a65dbdbca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 12:11:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 26 Aug 2022 12:11:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Aug 2022 12:11:07 GMT

GET
H2 200 app.css
bluejaysnation.com/wp-content/themes/nationnetwork/assets/css/ 126 KB
22 KB 36ms
35ms Stylesheet
text/css 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bluejaysnation.com/wp-content/themes/nationnetwork/assets/css/app.css?ver=1.0.5
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4932b9abaeb96c84b4b29335d18379afe0c3b5caf288734c558a380d5abd435

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22228
cf-polished: origSize=129502
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 01 Apr 2022 01:39:57 GMT
server: cloudflare
etag: W/"624657ed-1f9de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWTv2N0hCRb4G1kYan3NN0oQ%2Bk7wKWWShOS2VWJZFiFYugKFzYmCumy4Aj6Jmr%2BT2z8F%2BMRyesaGzO2OVSHq%2B7RDIYZgxez6o05wiEtoMMW24RLW9pGTM7EctvzumVTaatnm5cYYtN%2Bgcxw%2FPTdITA4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 740c77da894691e1-FRA
cf-bgj: minify

GET
H2 200 jquery.js Show response
bluejaysnation.com/wp-includes/js/jquery/ 95 KB
35 KB 37ms
36ms Script
application/javascript 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bluejaysnation.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22228
cf-polished: origSize=96873
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 12 Feb 2020 19:55:41 GMT
server: cloudflare
etag: W/"5e44583d-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMpSQBLmapl0h%2B9bXzouDXGAoNIRwFnL9GmMq22fbOCdjyq8ozco0YTpdyXhXLSVqETLXDoVG3jZhJKs2LyIeuJMeJJq74r9iqjHu4BGCC6amFi9d2jGk2O9t3feyaezQHmsTnNEA3KLDjbxlE4zPiY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 740c77da894891e1-FRA
cf-bgj: minify

GET
H2 200 jquery-migrate.js Show response
bluejaysnation.com/wp-includes/js/jquery/ 14 KB
5 KB 31ms
31ms Script
application/javascript 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bluejaysnation.com/wp-includes/js/jquery/jquery-migrate.js?ver=1.4.1
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e22fdd35ef8fc1a8ce87251400d1c4399a0adaeeb4154dc4b92fd87e2b462157

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22228
cf-polished: origSize=23515
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 12 Feb 2020 19:55:41 GMT
server: cloudflare
etag: W/"5e44583d-5bdb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1DhLecccWLisjiclfuMiGbYVkM%2FbkZHB9c6hrCK6Ei%2BEEdnm0uwhjhPVwa5xdZFsIIcp0HrfS9EVhjqIHcenJHMQeEJC%2BoX8XM9NXeqpf4EhVx1D4Gg5rsHI4xUZY0L96uWogaYavsVu543GwqY00J8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 740c77da894991e1-FRA
cf-bgj: minify

GET
H2 200 ai-jquery.js Show response
bluejaysnation.com/wp-content/plugins/ad-inserter-pro/includes/js/ 14 B
379 B 31ms
30ms Script
application/javascript 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bluejaysnation.com/wp-content/plugins/ad-inserter-pro/includes/js/ai-jquery.js?ver=5.3.12+2.5.9
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b16f328161f671c5374c717a038def5bba21a4f37cdfb3509cda60ec262cf5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22228
cf-polished: origSize=18
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14
last-modified: Thu, 13 Feb 2020 18:40:59 GMT
server: cloudflare
etag: "5e45983b-12"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1cAX0yKrUTRXN7%2Ff6GqyXImPTYNgjQdh%2FS%2Bef%2FPTj%2BhJY2ejhUV1xakVlD8hDRfOyK5r%2FJMKwyE4SRFPiLy4jInkjUGPZEqnsgDObMwKSpGVk3IhyhIDud3Up9KY82baFcaoIUeXtdsDUlxgUNArR0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 740c77da894b91e1-FRA
cf-bgj: minify

GET
H3 200 bluejaysnation.png
bluejaysnation.com/wp-content/themes/nationnetwork/assets/img/logos/site-logos/ 14 KB
15 KB 194ms
194ms Image
image/png 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bluejaysnation.com/wp-content/themes/nationnetwork/assets/img/logos/site-logos/bluejaysnation.png
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15cbf86728c66fe5afc8e2ae6b00a7a420ce20530409fe9bc2468739283ce929

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Feb 2020 18:41:00 GMT
server: cloudflare
etag: "5e45983c-380b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyVlKk1VGkuLvAXixox9NQe9TwosSDW251kNgzhaoDjF1C5K%2F60r8BYO961PeXcJf4OXwV9KFNTYGs9eTI%2BTpZ00EX9d2n2PjdhBmV3sKsuYyyeI%2BQSFmbR2OQTdvPZ%2B9DlN9Eenp6q4Hb07Rqd5jj4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 740c77dadf12bb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14347

GET
H2 200 USATSI_18926680_168383996_lowres.jpg
i1.wp.com/bluejaysnation.com/wp-content/uploads/sites/8/2022/08/ 44 KB
44 KB 174ms
123ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/bluejaysnation.com/wp-content/uploads/sites/8/2022/08/USATSI_18926680_168383996_lowres.jpg?resize=1044%2C585&ssl=1

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

b920139948cc93221f42af688cca580d555f788d2b937b86aa5896894b740291

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc: MISS hhn 4
date: Fri, 26 Aug 2022 12:11:07 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Aug 2022 12:11:07 GMT
server: nginx
etag: "5146e9b313c15517"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bluejaysnation.com/wp-content/uploads/sites/8/2022/08/USATSI_18926680_168383996_lowres.jpg>; rel="canonical"
content-length: 44730
expires: Mon, 26 Aug 2024 00:11:07 GMT

GET
H2 200 Hagen-Danner.png
i1.wp.com/bluejaysnation.com/wp-content/uploads/sites/8/2022/08/ 85 KB
86 KB 96ms
58ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/bluejaysnation.com/wp-content/uploads/sites/8/2022/08/Hagen-Danner.png?resize=664%2C372&ssl=1

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

236718ff322405b7f59076ce5ec724769e272eb63b3c3d0764efacf501d0d454

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc: MISS hhn 4
date: Fri, 26 Aug 2022 12:11:07 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Aug 2022 04:52:13 GMT
server: nginx
etag: "67c5d609f088b528"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bluejaysnation.com/wp-content/uploads/sites/8/2022/08/Hagen-Danner.png>; rel="canonical"
content-length: 87380
expires: Sun, 25 Aug 2024 16:52:13 GMT

GET
H2 200 Berrios.jpeg
i2.wp.com/bluejaysnation.com/wp-content/uploads/sites/8/2021/08/ 17 KB
17 KB 77ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/bluejaysnation.com/wp-content/uploads/sites/8/2021/08/Berrios.jpeg?resize=664%2C372&ssl=1

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

28b618a599c7a5fcc078bc01081f71288dde3e1ae4035aa17475289e6976d0da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Fri, 26 Aug 2022 12:11:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Aug 2022 14:10:34 GMT
server: nginx
etag: "181dc104525fe690"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bluejaysnation.com/wp-content/uploads/sites/8/2021/08/Berrios.jpeg>; rel="canonical"
content-length: 17230
expires: Fri, 16 Aug 2024 02:10:34 GMT

GET
H2 200 USATSI_18921496_168383996_lowres.jpg
i2.wp.com/bluejaysnation.com/wp-content/uploads/sites/8/2022/08/ 26 KB
26 KB 146ms
88ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/bluejaysnation.com/wp-content/uploads/sites/8/2022/08/USATSI_18921496_168383996_lowres.jpg?resize=664%2C372&ssl=1

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

616cf2de396555da32c229fa4e4a1c2a5410aeb2d3ff30cbcb31d05234dced01

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc: MISS hhn 3
date: Fri, 26 Aug 2022 12:11:07 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Aug 2022 12:11:07 GMT
server: nginx
etag: "f22a4afd6a32f2ae"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bluejaysnation.com/wp-content/uploads/sites/8/2022/08/USATSI_18921496_168383996_lowres.jpg>; rel="canonical"
content-length: 26190
expires: Mon, 26 Aug 2024 00:11:07 GMT

GET
H2 200 rogers-centre-rendering-Aerial-1024x717-1.png
i1.wp.com/bluejaysnation.com/wp-content/uploads/sites/8/2022/07/ 322 KB
323 KB 58ms
20ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/bluejaysnation.com/wp-content/uploads/sites/8/2022/07/rogers-centre-rendering-Aerial-1024x717-1.png?resize=664%2C372&ssl=1

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

bdc4a642a2bfd6e80aece20f0933798daa9c9cb90dca5141c2b2b553bfd33ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Fri, 26 Aug 2022 12:11:07 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Aug 2022 06:15:31 GMT
server: nginx
etag: "151fc460e0086a31"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bluejaysnation.com/wp-content/uploads/sites/8/2022/07/rogers-centre-rendering-Aerial-1024x717-1.png>; rel="canonical"
content-length: 329708
expires: Sat, 24 Aug 2024 18:15:31 GMT

GET
H2 200 USATSI_18916902_168383996_lowres-scaled.jpg
i0.wp.com/bluejaysnation.com/wp-content/uploads/sites/8/2022/08/ 35 KB
35 KB 79ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/bluejaysnation.com/wp-content/uploads/sites/8/2022/08/USATSI_18916902_168383996_lowres-scaled.jpg?resize=664%2C372&ssl=1

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

42a236dffd27d9ec34ae91045cf5b5df6c94098ce961a92c55c5235ed70e2abf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 26 Aug 2022 12:11:07 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Aug 2022 13:08:26 GMT
server: nginx
etag: "9dca69eb68b12665"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bluejaysnation.com/wp-content/uploads/sites/8/2022/08/USATSI_18916902_168383996_lowres-scaled.jpg>; rel="canonical"
content-length: 35780
expires: Sun, 25 Aug 2024 01:08:26 GMT

GET
H2 200 Mayza.jpeg
i1.wp.com/bluejaysnation.com/wp-content/uploads/sites/8/2022/08/ 28 KB
28 KB 57ms
20ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/bluejaysnation.com/wp-content/uploads/sites/8/2022/08/Mayza.jpeg?resize=664%2C372&ssl=1

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

4cfe8abfa12ba29fa9864b013e094f02fdf03ce4436fbcd5bdaa1b199a3d35fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 26 Aug 2022 12:11:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Aug 2022 12:48:37 GMT
server: nginx
etag: "fd110d80b60482bd"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bluejaysnation.com/wp-content/uploads/sites/8/2022/08/Mayza.jpeg>; rel="canonical"
content-length: 28168
expires: Sat, 24 Aug 2024 00:48:37 GMT

GET
H2 200 Screen-Shot-2022-08-23-at-12.20.25-PM.png
i1.wp.com/bluejaysnation.com/wp-content/uploads/sites/8/2022/08/ 205 KB
206 KB 57ms
20ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/bluejaysnation.com/wp-content/uploads/sites/8/2022/08/Screen-Shot-2022-08-23-at-12.20.25-PM.png?resize=664%2C372&ssl=1

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

99fce66b22a67b737491bd0d07c35cabcb3ad72c5e1d6eab416f4db00c913b73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Fri, 26 Aug 2022 12:11:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Aug 2022 12:48:37 GMT
server: nginx
etag: "86424a1ae060d9d7"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bluejaysnation.com/wp-content/uploads/sites/8/2022/08/Screen-Shot-2022-08-23-at-12.20.25-PM.png>; rel="canonical"
content-length: 210380
expires: Sat, 24 Aug 2024 00:48:37 GMT

GET
H2 200 USATSI_18765981_168383996_lowres.jpg
i1.wp.com/bluejaysnation.com/wp-content/uploads/sites/8/2022/07/ 25 KB
26 KB 78ms
41ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/bluejaysnation.com/wp-content/uploads/sites/8/2022/07/USATSI_18765981_168383996_lowres.jpg?resize=664%2C372&ssl=1

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

1cf6e15695778191934df68e96d1e314251036cb8de4649f3c68d3ddfaadaaa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Fri, 26 Aug 2022 12:11:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Aug 2022 19:09:46 GMT
server: nginx
etag: "1e7cd894b8b7d33b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bluejaysnation.com/wp-content/uploads/sites/8/2022/07/USATSI_18765981_168383996_lowres.jpg>; rel="canonical"
content-length: 25892
expires: Fri, 23 Aug 2024 07:09:46 GMT

GET
H3 200 canuksarmy.png
bluejaysnation.com/wp-content/themes/nationnetwork/assets/img/logos/nn-mini/ 1 KB
2 KB 211ms
206ms Image
image/png 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bluejaysnation.com/wp-content/themes/nationnetwork/assets/img/logos/nn-mini/canuksarmy.png?v=2
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cc37234ea8f27fd1586cfb8b043c75d234b7a686f450e73438769eb62245cc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Feb 2020 18:41:00 GMT
server: cloudflare
etag: "5e45983c-5f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=or3uCrP%2B6CpYkP1TRf0HrjjH8n%2BNMrxrdOE7A5t9JiaZuWrBS1SBhrFqFzroPYIBwXehuM7yb5G6zbnQ71bs5G56wYkF2MMfQ%2FjY3%2BXIvoNM2rRwFAqf%2FPfU4cB2FCtSTkZXqZZF5JrXy2FOj5vPswI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 740c77db2fa3bb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1529

GET
H3 200 flamesnation.png
bluejaysnation.com/wp-content/themes/nationnetwork/assets/img/logos/nn-mini/ 2 KB
2 KB 195ms
191ms Image
image/png 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bluejaysnation.com/wp-content/themes/nationnetwork/assets/img/logos/nn-mini/flamesnation.png?v=2
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4eaf01abcf82d7099d04002025abaacc7fb0fd225c7c9b8e0bb24397d81c825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Feb 2020 18:41:00 GMT
server: cloudflare
etag: "5e45983c-60d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UWNiMU3QhqdR1dXQRzHH4%2B5QhWnu1XfPrYTgAFHP77BUjWCJWjKoPrLt6lRhuMuIMZHKJYxVfoRl6470wKcWVrvqqyeMKLqUmcLWcp%2FlaTlG%2BxKsw62ag2UDKzpg%2FfrrK%2FVvtBDIDeLa65O4NExJ76k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 740c77db2fa6bb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1549

GET
H3 200 oilersnation.png
bluejaysnation.com/wp-content/themes/nationnetwork/assets/img/logos/nn-mini/ 2 KB
2 KB 36ms
31ms Image
image/png 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bluejaysnation.com/wp-content/themes/nationnetwork/assets/img/logos/nn-mini/oilersnation.png?v=2
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0d218f5345371109ecf41126d4e2988a4b10333f13124b2b790769f1a6d845b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 408881
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1555
last-modified: Thu, 13 Feb 2020 18:41:00 GMT
server: cloudflare
etag: "5e45983c-613"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=giMFW2UY%2FEjPjlfu1W6Ri%2F1kGIoqJWUiAgXpCd6CJd5TVVUqCQA5sXbpgW2Z0FnWpUPmrI0Gl%2F0lbzeCJpYp71i4ZPKk3VZ%2Bvr4JADYuAWl%2FRzTGCKN3H8F%2FvhcN0hqUWhBrhF9lT75cOr2vG%2Bc9%2BCs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 740c77db2fa8bb85-FRA

GET
H3 200 jetsnation.png
bluejaysnation.com/wp-content/themes/nationnetwork/assets/img/logos/nn-mini/ 1 KB
2 KB 211ms
207ms Image
image/png 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bluejaysnation.com/wp-content/themes/nationnetwork/assets/img/logos/nn-mini/jetsnation.png?v=2
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c51a44aeee8e4633d6c0d5d1a0513772acfcdb08914f9104228494a6802295ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Feb 2020 18:41:00 GMT
server: cloudflare
etag: "5e45983c-5ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2nTcW77cnv980p6l6PWzoIkmK62MCoJUyKXJXEZsRr0u%2BB3HIzR8l0iFp8QjBJwI%2BHtiJNbpJPP3UeCOSwyqjsJFa8Yyi6%2F0pJXRmQHX4oieqpabMCewNpTQsdaD8d8EFGSIpmhU65wA1hi%2FP1PgBVc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 740c77db2fa9bb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1535

GET
H3 200 bluejaysnation.png
bluejaysnation.com/wp-content/themes/nationnetwork/assets/img/logos/nn-mini/ 1 KB
2 KB 190ms
186ms Image
image/png 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bluejaysnation.com/wp-content/themes/nationnetwork/assets/img/logos/nn-mini/bluejaysnation.png?v=2
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca165020626459914d0e98b3cfab78e373036b7b56ec4c450ed071f51aa50b46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Feb 2020 18:41:00 GMT
server: cloudflare
etag: "5e45983c-5c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPK1tgWtFhHT10oA6bv4FUMztNZbkv%2BnU4k0Ko3wLptKSXdJBwg03%2B1ee8jwuCB4EFiTklDGYMaRxZ7dMPd2ncDV5qurPxi6cyCJI79ojkPRqGhosgce0yhvo8XO4AJEIye8JWkIIAy98AjdhjtUuNU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 740c77db2faabb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1480

GET
H3 200 wingsnation.png
bluejaysnation.com/wp-content/themes/nationnetwork/assets/img/logos/nn-mini/ 1 KB
2 KB 211ms
207ms Image
image/png 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bluejaysnation.com/wp-content/themes/nationnetwork/assets/img/logos/nn-mini/wingsnation.png?v=2
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f94d6f24f9163bc5ee8977eea28a1d2650e4588129187eb2068f13a770e09d09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Feb 2020 18:41:00 GMT
server: cloudflare
etag: "5e45983c-5e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LT6Vyf27M2OSDP1grtShDOtt7dzZeeCXzBVxqtXvnqINo0nJcvqKVKRSk%2FzFMw%2FXwR6cmEEjIRiTIB4lPC%2FrHC4%2FybRfrKFlmiQz2WM4WMPjPPJ7SOMlKbbxvqiIuRWYsqOZUHJGV0jInRTx%2FpCIVTk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 740c77db2fabbb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1510

GET
H3 200 leafsnation.png
bluejaysnation.com/wp-content/themes/nationnetwork/assets/img/logos/nn-mini/ 1 KB
2 KB 211ms
207ms Image
image/png 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bluejaysnation.com/wp-content/themes/nationnetwork/assets/img/logos/nn-mini/leafsnation.png?v=2
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a3fcf5424cc26980738b78d74814a7b5b75bb44823beb0ef8cf57582b7dd1f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Feb 2020 18:41:00 GMT
server: cloudflare
etag: "5e45983c-57c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YgUtr3Zf%2B6a7JRtvNSREeGuJb2styiV6onCiH8cXNTjng82%2FVqKdWc3dWWsMZXWLejYC3CqXYFXr3OdgauyK3fVutgNgisfaab4SQ6EC3ORqxqy1aL0U9cxl%2BGDOHQZS82tqnn466%2Fckwi8UQNhzYc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 740c77db2fadbb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1404

GET
H3 200 hockeyfights.png
bluejaysnation.com/wp-content/themes/nationnetwork/assets/img/logos/nn-mini/ 2 KB
3 KB 230ms
226ms Image
image/png 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bluejaysnation.com/wp-content/themes/nationnetwork/assets/img/logos/nn-mini/hockeyfights.png?v=2
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6fa45f13cc3cc39c011dd5cf550113393a4ec16494529be43847971ef43270e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Feb 2020 18:41:00 GMT
server: cloudflare
etag: "5e45983c-9d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2XtKWbs8eC7eUqoqP%2BB%2B6RMXseSDgamUtZN5ed5K0%2FzCBKAMQSG6o3zOwOvU7r2Ha%2F8lEBpn8Q93nA%2BcPi1jpsKt1VbEyr777IUnVAWiK8M7jJlPem%2FQ7SHbK5DiiIycj7bGUn3%2FGlN%2B2emJhivAd4A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 740c77db2faebb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2513

GET
H3 200 dailyfaceoff.png
bluejaysnation.com/wp-content/themes/nationnetwork/assets/img/logos/nn-mini/ 2 KB
2 KB 189ms
185ms Image
image/png 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bluejaysnation.com/wp-content/themes/nationnetwork/assets/img/logos/nn-mini/dailyfaceoff.png?v=2
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f047fae854bed2c04e4427119f09e7a3e93a6b9f752041cebbaaaef59800457b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Apr 2022 01:39:57 GMT
server: cloudflare
etag: "624657ed-7a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBIW72G2Yz1bXzV85RCaIKLb6kecPSQ4xSk0ki4Huqqw%2BduOXQEU%2BfLLVCdmAJqwKzk3eY5OryeH2clE21LxSI%2FIsFU%2FP8JmLnmZHiUTqdi3jDHRRqE5qIrXn9GUoHQ6%2F3pgqnPjq67DzacnD62rx5g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 740c77db2fafbb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1960

GET
H3 200 puckpedia.png
bluejaysnation.com/wp-content/themes/nationnetwork/assets/img/logos/nn-mini/ 7 KB
7 KB 194ms
190ms Image
image/png 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bluejaysnation.com/wp-content/themes/nationnetwork/assets/img/logos/nn-mini/puckpedia.png
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a4665abadf62adb2e9a96bdffd104e811a58b190cd27a71a891eaf1d21e0e26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Feb 2020 18:41:00 GMT
server: cloudflare
etag: "5e45983c-1b5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nyggh6kM4raVeO%2FKxF6bPZmj%2FGV9Lvs9oljIPfawvDBuQTcmcRAO%2F8r%2FNxfJ3FUl1XkV5dIoEjb2JvUwaEVgV0RoZYA1xsHQaO6zBuXTaRK75xHHGmP788cpshmmsua82qI3AyKMpOLeEovuyLXFY0c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 740c77db2fb0bb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7004

GET
H3 200 allwrestling.png
bluejaysnation.com/wp-content/themes/nationnetwork/assets/img/logos/nn-mini/ 6 KB
6 KB 211ms
207ms Image
image/png 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bluejaysnation.com/wp-content/themes/nationnetwork/assets/img/logos/nn-mini/allwrestling.png
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f4e9fc24d74fe067aa7e55cf3c94afbe7ca045385fb2edd13a7567e610d21f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Feb 2020 18:41:00 GMT
server: cloudflare
etag: "5e45983c-176c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=007Iu0b8XTQbzYBupNZHZS2MIrKb1W1BlfOFiP%2FqdHYsfrKdBkNUne8yUD4HTq%2FRrCgVdlHO54GINpjCjXzVioI4vh4j48dHOWimTIQno4MM0Hz2WN6AcGGg0fJ5CWLia3hnTpDWAk8gxkMw%2Bb9LITI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 740c77db2fb1bb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5996

GET
H2 200 Jordan-Buhat.png
i0.wp.com/bluejaysnation.com/wp-content/uploads/2020/06/ 68 KB
68 KB 100ms
42ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/bluejaysnation.com/wp-content/uploads/2020/06/Jordan-Buhat.png?resize=308%2C172&ssl=1

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

109ac3ce29b16192885b8de76dc804fccb992bbdc76790170e4cfa892c42d9ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Fri, 26 Aug 2022 12:11:07 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Aug 2022 21:55:46 GMT
server: nginx
etag: "0b031c5e45a85ab2"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bluejaysnation.com/wp-content/uploads/2020/06/Jordan-Buhat.png>; rel="canonical"
content-length: 69344
expires: Sun, 25 Aug 2024 09:55:46 GMT

GET
H2 200 USATSI_17966612-scaled.jpg
i2.wp.com/bluejaysnation.com/wp-content/uploads/sites/2/2022/06/ 6 KB
6 KB 23ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/bluejaysnation.com/wp-content/uploads/sites/2/2022/06/USATSI_17966612-scaled.jpg?resize=308%2C172&ssl=1

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

78ec8ad90369228947b7db31a5c32c3fb8446b4de033ec1052a802b6ac420e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Fri, 26 Aug 2022 12:11:07 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Aug 2022 21:55:46 GMT
server: nginx
etag: "b91cf1a2800ad015"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bluejaysnation.com/wp-content/uploads/sites/2/2022/06/USATSI_17966612-scaled.jpg>; rel="canonical"
content-length: 5740
expires: Sun, 25 Aug 2024 09:55:46 GMT

GET
H2 200 B1E32F7B-E585-4B9E-8A11-02C45A68E0B6.jpeg
i2.wp.com/bluejaysnation.com/wp-content/uploads/sites/3/2022/08/ 65 KB
65 KB 22ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/bluejaysnation.com/wp-content/uploads/sites/3/2022/08/B1E32F7B-E585-4B9E-8A11-02C45A68E0B6.jpeg?resize=308%2C172&ssl=1

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

2ce8c4cf9176eb7527b257009540a70b9d5e9a2f0727d2503babf0fd7e980908

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 26 Aug 2022 12:11:07 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Aug 2022 21:55:46 GMT
server: nginx
etag: "ab78a820a5e56db3"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bluejaysnation.com/wp-content/uploads/sites/3/2022/08/B1E32F7B-E585-4B9E-8A11-02C45A68E0B6.jpeg>; rel="canonical"
content-length: 66364
expires: Sun, 25 Aug 2024 09:55:46 GMT

GET
H2 200 USATSI_18123892-scaled.jpg
i2.wp.com/bluejaysnation.com/wp-content/uploads/sites/4/2022/08/ 2 KB
3 KB 20ms
18ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/bluejaysnation.com/wp-content/uploads/sites/4/2022/08/USATSI_18123892-scaled.jpg?resize=308%2C172&ssl=1

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

66d4ee74e69c1be42332e9a92cf5c388c17e4db38049b120233943584ca5d02d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Fri, 26 Aug 2022 12:11:07 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Aug 2022 10:26:22 GMT
server: nginx
etag: "95c4411518f82b32"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bluejaysnation.com/wp-content/uploads/sites/4/2022/08/USATSI_18123892-scaled.jpg>; rel="canonical"
content-length: 2432
expires: Sun, 25 Aug 2024 22:26:22 GMT

GET
H2 200 FSAVg5ZX0AE5760.jpeg
i2.wp.com/bluejaysnation.com/wp-content/uploads/sites/5/2022/05/ 59 KB
60 KB 21ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/bluejaysnation.com/wp-content/uploads/sites/5/2022/05/FSAVg5ZX0AE5760.jpeg?resize=308%2C172&ssl=1

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

493458d05ce9d305d49c515a00dde2a1158be66a81949dddf859b44cd66d7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 26 Aug 2022 12:11:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 01 Jun 2022 06:56:20 GMT
server: nginx
etag: "095f8f0e22c05cbf"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bluejaysnation.com/wp-content/uploads/sites/5/2022/05/FSAVg5ZX0AE5760.jpeg>; rel="canonical"
content-length: 60710
expires: Fri, 31 May 2024 18:56:20 GMT

GET
H2 200 USATSI_18137211-scaled.jpg
i1.wp.com/bluejaysnation.com/wp-content/uploads/sites/7/2022/05/ 9 KB
10 KB 38ms
35ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/bluejaysnation.com/wp-content/uploads/sites/7/2022/05/USATSI_18137211-scaled.jpg?resize=308%2C172&ssl=1

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

95dff8d2986aa7f92ac2638b7062bae10d9bb6dc6d3db4f5afaf78b737711a43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Fri, 26 Aug 2022 12:11:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 01 Jun 2022 06:56:20 GMT
server: nginx
etag: "87bc0dcbddbe4c70"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bluejaysnation.com/wp-content/uploads/sites/7/2022/05/USATSI_18137211-scaled.jpg>; rel="canonical"
content-length: 9630
expires: Fri, 31 May 2024 18:56:20 GMT

GET
H2 200 Brock-Lesnar-2.jpg
i2.wp.com/bluejaysnation.com/wp-content/uploads/sites/9/2020/01/ 13 KB
13 KB 42ms
39ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/bluejaysnation.com/wp-content/uploads/sites/9/2020/01/Brock-Lesnar-2.jpg?resize=308%2C172&ssl=1

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

79a23ebd8fde3aa61913b3da60d827796cc1fac65a6078129fbc834cb02f942d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Fri, 26 Aug 2022 12:11:07 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 18:49:33 GMT
server: nginx
etag: "d5297fd148ee5c39"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bluejaysnation.com/wp-content/uploads/sites/9/2020/01/Brock-Lesnar-2.jpg>; rel="canonical"
content-length: 13210
expires: Sun, 06 Nov 2022 06:49:33 GMT

GET
H2 200 Alex_Z-1.jpg
i1.wp.com/bluejaysnation.com/wp-content/uploads/sites/10/2022/07/ 8 KB
8 KB 38ms
35ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/bluejaysnation.com/wp-content/uploads/sites/10/2022/07/Alex_Z-1.jpg?resize=308%2C172&ssl=1

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

086098dee9a23cd90a82448fdb6f4d764ff0981b960efdd503ed09d4d8db8a77

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Fri, 26 Aug 2022 12:11:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 20 Jul 2022 05:54:45 GMT
server: nginx
etag: "31f68f163d983b2d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bluejaysnation.com/wp-content/uploads/sites/10/2022/07/Alex_Z-1.jpg>; rel="canonical"
content-length: 7784
expires: Fri, 19 Jul 2024 17:54:45 GMT

GET
H3 200 playmakerbrand-logo-full-colour-rgb-300px@144ppi.png
bluejaysnation.com/wp-content/themes/nationnetwork/assets/img/logos/ 4 KB
5 KB 212ms
209ms Image
image/png 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bluejaysnation.com/wp-content/themes/nationnetwork/assets/img/logos/playmakerbrand-logo-full-colour-rgb-300px@144ppi.png
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 869ccd765422a97474224bf9538ee0572cb79c91ecb9bbf34f67dd20c4ff0f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 06:24:45 GMT
server: cloudflare
etag: "619b37ad-10a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=poyhkPUDVteWWTBj%2F4xHN2PaHYTaw8iBXKt6%2BI3Lj2hIFUIC7EaTZB3mQnUIwS7weE2iOQqd9X99xWdDfyNKwUfHz78g845g0ZjRonHOmW%2Bsb3j7HTCVNDWD%2Fevb%2FSe5dCHy8Zspq2cgZT4se3%2Fxz4M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 740c77db2fb3bb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4260

GET
H3 200 rocket-loader.min.js Show response
bluejaysnation.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 29ms
26ms Script
application/javascript 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluejaysnation.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Aug 2022 11:02:51 GMT
server: cloudflare
etag: W/"6304b3db-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3649T%2F2S0cOGmVBxQMdfgGoOdRVtGD%2FHtX3nqxyipZO5c1R09%2FZVDsz44SmcldtS3pLDoh0E8VUERrjxjj%2FCbP3mQX%2FttrB1mrHBt%2FWb%2BPS1Vmh8SvvAOslGLU%2FYcvFK4aj7H9yvTUUyEMk7MMqkzs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 740c77db2fb5bb85-FRA
vary: Accept-Encoding
expires: Sun, 28 Aug 2022 12:11:07 GMT

GET
H2 200 SLXGc1nY6HkvalIhTps.woff2
fonts.gstatic.com/s/cairo/v20/ 32 KB
33 KB 106ms
49ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v20/SLXGc1nY6HkvalIhTps.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo%3A300%2C400%2C600%2C700%7CRoboto%3A300%2C400%2C700&ver=5.3.12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e87849f221bbdc16a325dca3a1474301c20b365d2a27dce81ffe6ef2beb7eb44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bluejaysnation.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 04:25:15 GMT
x-content-type-options: nosniff
age: 27952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33172
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 19:42:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Aug 2023 04:25:15 GMT

GET
H3 200 fontawesome-webfont.woff2
bluejaysnation.com/wp-content/themes/nationnetwork/assets/fonts/ 70 KB
71 KB 212ms
210ms Font
application/font-woff2 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bluejaysnation.com/wp-content/themes/nationnetwork/assets/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/wp-content/themes/nationnetwork/assets/css/app.css?ver=1.0.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://bluejaysnation.com/wp-content/themes/nationnetwork/assets/css/app.css?ver=1.0.5
Origin: https://bluejaysnation.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Feb 2020 18:41:00 GMT
server: cloudflare
etag: "5e45983c-118d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRGnZq9q90ix7cDl9tskFc85dwkpqJJQg90GaRkefQJcyeHLsNaHOja5n3eIQJHg3AdUCJetd0F8R5DhunQ0wG1hw%2FgcTuQK%2FQM97taadFbdCGugghCEUXF0tQd0A5fN864RcCbAwHKv66kGUfidF%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 740c77db2fb7bb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71896

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 79ms
26ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo%3A300%2C400%2C600%2C700%7CRoboto%3A300%2C400%2C700&ver=5.3.12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bluejaysnation.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 101356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2023 08:01:51 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 58ms
28ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo%3A300%2C400%2C600%2C700%7CRoboto%3A300%2C400%2C700&ver=5.3.12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bluejaysnation.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 456086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Aug 2023 05:29:41 GMT

GET
H2 200 e-202234.js Show response
stats.wp.com/ 9 KB
3 KB 85ms
21ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202234.js
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc: HIT hhn
date: Fri, 26 Aug 2022 12:11:07 GMT
content-encoding: br
server: nginx
etag: W/"62f6b688-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 13 Aug 2023 23:03:42 GMT

GET
H3 200 wp-embed.js Show response
bluejaysnation.com/wp-includes/js/ 2 KB
1 KB 202ms
201ms Script
application/javascript 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bluejaysnation.com/wp-includes/js/wp-embed.js?ver=5.3.12
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db22b37c49a446a4aa73ef0938ef6bbff3f77224aa8412606eebd73f78816547

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3214
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 12 Feb 2020 19:55:41 GMT
server: cloudflare
etag: W/"5e44583d-c8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iccV3RqOVvJlVXWZ78EUCsYKi8bGBJr0F0svyvH1OVypFXYfrxK7n2fPNSR07w%2FNTdnNNP9Xi7vw0FFvEShWLBAfxcP%2FcPyYiFUeJ358xB9U1vJou%2BYyqx4Y18twK%2FLUykOwt3NGKKeX2kGkLjfC360%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 740c77db780ebb85-FRA
cf-bgj: minify

GET
H3 200 q2w3-fixed-widget.min.js Show response
bluejaysnation.com/wp-content/plugins/q2w3-fixed-widget/js/ 4 KB
2 KB 202ms
200ms Script
application/javascript 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bluejaysnation.com/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.1.9
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Feb 2020 18:41:00 GMT
server: cloudflare
etag: W/"5e45983c-1108"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHcSKlNGJ6%2BdeGhEo%2BtWd3FKT%2BMZ4XsHin0AKvU2e51f3zT9uk4bcUnOctRA5gHD5xIKkkRFhQ2EXXDNC%2BGiRG85qOE8YvqnD83RyS0x3%2B9ijAscNs4G0FtPFzmIiDDAfva5eEPQixeAwPW8Hpvi1tM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 740c77db7815bb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 skip-link-focus-fix.js Show response
bluejaysnation.com/wp-content/themes/nationnetwork/js/ 582 B
854 B 202ms
200ms Script
application/javascript 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bluejaysnation.com/wp-content/themes/nationnetwork/js/skip-link-focus-fix.js?ver=20151215
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38f6bd5c4d72b87f811178633afc64659a36d24c0f7a256e641b7bb6f1d2e6d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=880
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 13 Feb 2020 18:41:00 GMT
server: cloudflare
etag: W/"5e45983c-370"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTKsxJHxgIE2oIw0LfO6oIq5GjLQdNZbJINTaxPXGE3MuxCbcMd2zmMU8jIBYIC5oLp2KBZ5VEjIT6kgFTpgjLUDkMGMRcw09XTw0riWpauJRwoq4RJlw6YPfllykvikwqUARCvX98l5nkCmjZ3b3%2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 740c77db7817bb85-FRA
cf-bgj: minify

GET
H3 200 navigation.js Show response
bluejaysnation.com/wp-content/themes/nationnetwork/js/ 2 KB
1 KB 674ms
672ms Script
application/javascript 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bluejaysnation.com/wp-content/themes/nationnetwork/js/navigation.js?ver=20151215
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efbcbc42617c3c384b24f25a42e3166d8607750b5e62dd9e7357b86681c552b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3206
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 13 Feb 2020 18:41:00 GMT
server: cloudflare
etag: W/"5e45983c-c86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bxgojfXLPLw8Y%2BuhW2ls4HW9%2F0jgvBL7cjNRPJg1hOB1B%2F30byjOdWduqUF8hZC%2B868D%2BqlXgn5A8zCr3Essk1B%2BlaR%2B54UNiEsjhrSvFoNdC2h%2F7biUB6lEm1f34gnC8bSbJ8oH25%2FAO7W9jxCqhfw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 740c77db7818bb85-FRA
cf-bgj: minify

GET
H3 200 app.min.js Show response
bluejaysnation.com/wp-content/themes/nationnetwork/assets/js/ 6 KB
2 KB 202ms
200ms Script
application/javascript 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bluejaysnation.com/wp-content/themes/nationnetwork/assets/js/app.min.js?ver=5.3.12
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d64d79602d6c58f00202b1011e75320e556b560a692d25b1edd8741cad8ad10e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Feb 2020 18:41:00 GMT
server: cloudflare
etag: W/"5e45983c-18f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xcPSGqTNT46QS4lAnC6z4moMno%2FB9K2TZOqEZdVYLyMcgAcpWT6kezJ37k5ftAyrNHoaRkZndwaqxJKAWHnY4qi7qr%2FyoYiJpCYlPzJ2vHNTMLV%2BepbjGU8fuvZS9%2BNHcsSd%2Binsa%2FF3YgeuJSQBfII%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 740c77db781bbb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 vendor.min.js Show response
bluejaysnation.com/wp-content/themes/nationnetwork/assets/js/ 102 KB
36 KB 217ms
215ms Script
application/javascript 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bluejaysnation.com/wp-content/themes/nationnetwork/assets/js/vendor.min.js?ver=5.3.12
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04b9259d35e7b12826b38db61a542f3a4f4ff7cba5a41662683f0a0c5ddbb81d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Feb 2020 18:41:00 GMT
server: cloudflare
etag: W/"5e45983c-1970c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LH8Xug54VzTVZHW7cwHqGPWsk5faZ560YV%2FxN6cQ6G1vfEtsAuxmJTtIpkkP%2BifBfeulUPy9hm6t9EjLpKAzUNimBPxtyoLihYX4wzVFaqkp6Z1Vcryi6QB%2BYWkiDUiUADfGRfE7hjezRkS%2BUfRWhC4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 740c77db781cbb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.waypoints.min.js Show response
bluejaysnation.com/wp-content/themes/nationnetwork/assets/js/ 9 KB
3 KB 202ms
201ms Script
application/javascript 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bluejaysnation.com/wp-content/themes/nationnetwork/assets/js/jquery.waypoints.min.js?ver=5.3.12
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Feb 2020 18:41:00 GMT
server: cloudflare
etag: W/"5e45983c-2344"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxGxN%2BGwYgFbSPCDRYUjuce1NIZkqfYDC236lm0l3ulhEs6BJbJXigIGyXI%2BUc34BGacGEt8B6JtUfcf2YQJ4ADZwngDE74qO3r%2Ff0MCitrNVRWVJ8Av%2BvdCI2mkWDznLRrFIFXCnYfKm09O9qq58hE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 740c77db781dbb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 devicepx-jetpack.js Show response
s0.wp.com/wp-content/js/ 10 KB
3 KB 80ms
20ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=202234
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 26 Aug 2022 12:11:07 GMT
content-encoding: br
server: nginx
etag: W/"5bffef65-52b6"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-ac: 2.hhn _dca
timing-allow-origin: *
expires: Mon, 21 Aug 2023 23:44:00 GMT

GET
H2 200 embed.js Show response
d3e9zy76sv7y5r.cloudfront.net/shim/ 1 KB
1 KB 551ms
190ms Script
application/javascript 2600:9000:201f:2e00:c:4d8d:ebc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e9zy76sv7y5r.cloudfront.net/shim/embed.js
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201f:2e00:c:4d8d:ebc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 3817329b2b0306df1b2adbc5b0def56d41ca48ee151a09fc0fa6a919ff42035b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
content-encoding: gzip
last-modified: Wed, 04 May 2022 20:26:34 GMT
server: Apache
x-amz-cf-pop: LAX50-C2
etag: "505-5de3570ffd280-gzip"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 c591b9d4784301b692cc1051c256991a.cloudfront.net (CloudFront)
cache-control: max-age=3600
accept-ranges: bytes
content-length: 495
x-amz-cf-id: Ei97iqojOyYWucDMutxWa9Z501jVTSw_Y_hmoHGLv3MneUBFeYUk6w==
expires: Fri, 26 Aug 2022 13:11:07 GMT

GET
H2 200 621396644217042a46458eae.js Show response
futbol-cdn.relevant-digital.com/static/tags/ 685 KB
148 KB 455ms
339ms Script
application/javascript 2a02:6ea0:cb00::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://futbol-cdn.relevant-digital.com/static/tags/621396644217042a46458eae.js
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / Express
Resource Hash: 9cb4520913d2b9762e31cfec35700c329337d58c704a5f79ae011c69eacc1922

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-77-nzt: Abm0DAZvjVmh
x-accel-expires: @1687435867
date: Fri, 26 Aug 2022 12:11:07 GMT
content-encoding: br
etag: W/"ab476-182d8e84538"
last-modified: Fri, 26 Aug 2022 06:47:56 GMT
server: CDN77-Turbo
x-powered-by: Express
x-77-nzt-ray: r7mpKqhE6I8
vary: Accept-Encoding
x-77-cache: MISS
content-type: application/javascript; charset=UTF-8
cache-control: s-maxage=25920000, max-age=0
x-cache: MISS
x-77-pop: viennaAT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
29 KB 101ms
34ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

54f9d8d99eed3799cb578a2ab132647133ab2c01d9007a809c4b6e5adb50cdf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28605
x-xss-protection: 0
server: sffe
etag: "1314 / 419 of 1000 / last-modified: 1661512052"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 26 Aug 2022 12:11:07 GMT

GET
H3 200 twemoji.js Show response
bluejaysnation.com/wp-includes/js/ 12 KB
4 KB 213ms
212ms Script
application/javascript 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bluejaysnation.com/wp-includes/js/twemoji.js?ver=5.3.12
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff914e0b84f99bbc8d913b50c9b3e7acf656aace84e7c67a3fd5b75d284c815a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=27665
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 12 Feb 2020 19:55:41 GMT
server: cloudflare
etag: W/"5e44583d-6c11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yoD9Js9t1SwLwezc1Dhxxoz7tSv%2FCo0%2FSWobMmxQCksFWFHCBnjkHPyjGv76FJs9KxlYzWdzAeATwoZ2jy3L%2FjfjcUnRiItdp9TF6Hci6CfuFtGRh4md3JbO9khGPMxNmPhUJukUZU76F62gnFqNrmM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 740c77dcda62bb85-FRA
cf-bgj: minify

GET
H3 200 wp-emoji.js Show response
bluejaysnation.com/wp-includes/js/ 4 KB
2 KB 185ms
184ms Script
application/javascript 2606:4700:3034::6815:56ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bluejaysnation.com/wp-includes/js/wp-emoji.js?ver=5.3.12
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:56ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4d15af9bd67fe77ac0050ac96a9cc9e173c23fbe76a8a144e29566e57fdbb41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=8990
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 12 Feb 2020 19:55:41 GMT
server: cloudflare
etag: W/"5e44583d-231e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXX%2Fmj0jHlumcT5wYdyFgLcGGEQDrmzDZRH6OfCYfVr8j0Q5c10j8QHnHrdV3aJ7O%2BoRzvxHEsx1Ic3m%2BPK%2FPkJIOI8RhsomeGM6y0Kgu7a5fpbTvgV%2BVSOuO7SYeJw7c%2B74QN2E6x44TUdv2AgT2Mk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 740c77dcda63bb85-FRA
cf-bgj: minify

GET
H3 200 pubads_impl_2022082202.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
131 KB 66ms
21ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

07572f31a00b1843fc6d9a1eb3155eaf2a46089213d6740f302cf34f83738040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 11:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 689
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133587
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 21:21:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 26 Aug 2023 11:59:38 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 191 B
149 B 106ms
61ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bluejaysnation.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e172b046e9a0570e3d3cbeca815fb6baed275d184a90682bbbf64b5fec2e73aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Aug 2022 12:11:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124
x-xss-protection: 0
expires: Fri, 26 Aug 2022 12:11:07 GMT

GET
H2 200 213794966 Show response
fundingchoicesmessages.google.com/i/ 104 KB
37 KB 116ms
52ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/213794966?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad106d0c62cfc71d1eb4bd2fc221fbffa3f8938f72142e75f56934b4ba749499

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-AnA-aaEe3Bpg3JPWTZIYoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-AnA-aaEe3Bpg3JPWTZIYoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXIh76xaETkt0UbroCR0nL0M2ZqkexcpNARdI9piMzLpSfljGM2CcXil-igOHZAJijxwYTotsoN12XQ8GDd8zw= Show response
fundingchoicesmessages.google.com/f/ 6 KB
3 KB 98ms
47ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXIh76xaETkt0UbroCR0nL0M2ZqkexcpNARdI9piMzLpSfljGM2CcXil-igOHZAJijxwYTotsoN12XQ8GDd8zw=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYxNTE1ODY4LDUyMDAwMDAwXSwiRDM1NDgyQ0ItNDVDQi00RkUwLUExMzQtQkFGQUQyQjM4Rjg5IixudWxsLG51bGwsW251bGwsWzddLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCx0cnVlLHRydWVdLCJodHRwczovL2JsdWVqYXlzbmF0aW9uLmNvbS8iLG51bGwsW11d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YM-KW1lR2ug.es5.O/d=1/rs=AJlcJMwYo7CwqTYfHPlnZy9CqTKjW0Fcig/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

86feaeb453ee90f3dd2ec6bfe49dbd0934910aef2ed9605254babc67b3b6011a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-rAXqZxy2lZBRLo7Gp266NQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-rAXqZxy2lZBRLo7Gp266NQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Fri, 26 Aug 2022 12:11:08 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/159835/2737/ 213 KB
65 KB 130ms
25ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/159835/2737/pwt.js
Requested by: Host: futbol-cdn.relevant-digital.com
URL: https://futbol-cdn.relevant-digital.com/static/tags/621396644217042a46458eae.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e88470732ece3e06c73e9e91b7b58f9b699aa913a0fdd35bc2aca2abd7fa9068

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:08 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 21:36:36 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=164002
accept-ranges: bytes
content-type: application/javascript
content-length: 66310
expires: Sun, 28 Aug 2022 09:44:30 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 198ms
25ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://bluejaysnation.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://bluejaysnation.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 26 Aug 2022 12:11:08 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 198ms
25ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://bluejaysnation.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://bluejaysnation.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 26 Aug 2022 12:11:08 GMT
server: ATS/9.1.10.25

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 169 KB
62 KB 129ms
45ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KNF38RQ

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f4d23ddc36e482a8e3b19b27b91e2eb575c8a145a46972f76a8f88f32b0d3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:08 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62577
x-xss-protection: 0
expires: Fri, 26 Aug 2022 12:11:08 GMT

GET
H2 200 platform.js Show response
cdn.vuukle.com/ 200 KB
52 KB 129ms
46ms Script
application/javascript 2606:4700:10::6816:3ca8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vuukle.com/platform.js
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57f79a53b4ba83604b0fde1338ebe31f07ea1623917064f470f5b0e9f735a78a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 1031
cf-polished: origSize=204841
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 26 Aug 2022 11:52:47 GMT
server: cloudflare
etag: W/"6308b40f-32029"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=1800
cf-ray: 740c77e05fe168fd-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-bgj: minify

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 161 KB
41 KB 161ms
30ms Script
application/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: futbol-cdn.relevant-digital.com
URL: https://futbol-cdn.relevant-digital.com/static/tags/621396644217042a46458eae.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a17bf5a5e1a1e1c69faa10ec7a45118181b51ca287bb2374c32798eff7edbb09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 26 Aug 2022 11:50:08 GMT
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront), 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 16:04:10 GMT
server: AmazonS3
age: 1261
etag: W/"a702d6a9b82e18143638cd1f28cbb7a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA56-C1
content-encoding: gzip
x-amz-cf-id: ANghXI8yneAqzv67n29gglFue7DJYs7p41pBoEP_JFESXj8hlPdSLA==

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
945 B 132ms
28ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: futbol-cdn.relevant-digital.com
URL: https://futbol-cdn.relevant-digital.com/static/tags/621396644217042a46458eae.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1552275
x-amz-request-id: txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2: txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XPzQ0%2BFRYLhZQ9yD6T9yFYGwwecg%2F4JDxAoZ0hluKLb3oRro32tDoN04UbEBX8ul0T6bHy7%2F4kIeWZ57d9EqWQMvYAfaBYSpiwkc4bxClv6w69B2vqpYrXoccD1Y%2BL%2FK%2FE9vE2%2Fm9Q90lESL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 740c77e0be1c92b4-FRA

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 350 B
2 KB 668ms
394ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14194&site_id=412062&zone_id=2317694%3B2317706&size_id=2%3B15&rf=https%3A%2F%2Fbluejaysnation.com%2F&tk_flint=pbjs_lite_v6.16.0&x_source.tid=d5b89fa5-c0f2-4577-9a28-2f465bfbc7bb%3Bc63ab794-0c0c-4971-bc5a-4926d41693e0&l_pb_bid_id=2cbb06070ec287%3B3ae00956472c5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.3387008025494187
Requested by: Host: futbol-cdn.relevant-digital.com
URL: https://futbol-cdn.relevant-digital.com/static/tags/621396644217042a46458eae.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 96642c2ca6d1f203995efba74efbeae2602693b731b061571827f755211a75ea

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 26 Aug 2022 12:11:08 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://bluejaysnation.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 350
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 / Show response
shb.richaudience.com/hb/ 7 B
241 B 202ms
101ms XHR
text/html 157.90.0.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: futbol-cdn.relevant-digital.com
URL: https://futbol-cdn.relevant-digital.com/static/tags/621396644217042a46458eae.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.13.0.90.157.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 248f486825ebe8a89d233c887e012d5e5576715ed0398fe7d5aa2038a540fd0c

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 26 Aug 2022 12:11:08 GMT
content-encoding: gzip
server: nginx/1.14.2
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://bluejaysnation.com
access-control-max-age: 86400
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
237 B 228ms
129ms XHR
text/html 157.90.0.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: futbol-cdn.relevant-digital.com
URL: https://futbol-cdn.relevant-digital.com/static/tags/621396644217042a46458eae.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.13.0.90.157.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 26 Aug 2022 12:11:08 GMT
content-encoding: gzip
server: nginx/1.14.2
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://bluejaysnation.com
access-control-max-age: 86400
access-control-allow-credentials: true

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
681 B 159ms
30ms XHR
application/json 35.159.6.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22d0593a10-ac28-4b63-a2d9-64a3484049c8%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A1000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1661515868172%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2282d2f67d54d8fb%22%3A%22_jBHr4l4oJE%22%2C%2297486cdb9740c1%22%3A%22_jAZ4qJ4thH%22%7D%2C%22bidSizes%22%3A%7B%2282d2f67d54d8fb%22%3A%5B%5B728%2C90%5D%5D%2C%2297486cdb9740c1%22%3A%5B%5B300%2C250%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22__rlvId%22%3A%22628fbd6ddb7fe2f7409f5990%22%2C%22params%22%3A%7B%22placementId%22%3A%22_jBHr4l4oJE%22%7D%2C%22auctionId%22%3A%22c501519a-aa2e-444a-99b6-1a57030b1065%22%2C%22floorData%22%3A%7B%22skipped%22%3Atrue%2C%22skipRate%22%3A0%2C%22location%22%3A%22noData%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22%2F63317524%2Fbluejaysnation%2Fhome%2Fbluejaysnation_home_leaderboard%22%2C%22transactionId%22%3A%22d5b89fa5-c0f2-4577-9a28-2f465bfbc7bb%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22bidId%22%3A%2282d2f67d54d8fb%22%2C%22bidderRequestId%22%3A%2278513f8710402e%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22__rlvId%22%3A%22628fbdc62d94b69ecd9f5996%22%2C%22params%22%3A%7B%22placementId%22%3A%22_jAZ4qJ4thH%22%7D%2C%22auctionId%22%3A%22c501519a-aa2e-444a-99b6-1a57030b1065%22%2C%22floorData%22%3A%7B%22skipped%22%3Atrue%2C%22skipRate%22%3A0%2C%22location%22%3A%22noData%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22%2F63317524%2Fbluejaysnation%2Fhome%2Fbluejaysnation_home_box_1%22%2C%22transactionId%22%3A%22c63ab794-0c0c-4971-bc5a-4926d41693e0%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22bidId%22%3A%2297486cdb9740c1%22%2C%22bidderRequestId%22%3A%2278513f8710402e%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fbluejaysnation.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: futbol-cdn.relevant-digital.com
URL: https://futbol-cdn.relevant-digital.com/static/tags/621396644217042a46458eae.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.159.6.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-159-6-175.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 26 Aug 2022 12:11:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://bluejaysnation.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Krk-No-Bid-Reason: consent
Content-Length: 26
X-Accel-Expires: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 314ms
239ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: futbol-cdn.relevant-digital.com
URL: https://futbol-cdn.relevant-digital.com/static/tags/621396644217042a46458eae.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 538569cbf738595584cd9b14a0dd8a208a132672743ee6feb8ac65234f484949

Request headers

Referer: https://bluejaysnation.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 26 Aug 2022 12:11:08 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://bluejaysnation.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
299 B 210ms
136ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: futbol-cdn.relevant-digital.com
URL: https://futbol-cdn.relevant-digital.com/static/tags/621396644217042a46458eae.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 793bc5ce906d400bc90c6e37f1fe41adce150759488543f0d000885e9d143f94

Request headers

Referer: https://bluejaysnation.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 26 Aug 2022 12:11:08 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://bluejaysnation.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
365 B 108ms
27ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: futbol-cdn.relevant-digital.com
URL: https://futbol-cdn.relevant-digital.com/static/tags/621396644217042a46458eae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://bluejaysnation.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 auction Show response
tlx.3lift.com/header/ 5 KB
3 KB 184ms
107ms XHR
application/json 3.65.74.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.16.0&referrer=https%3A%2F%2Fbluejaysnation.com%2F&tmax=1000

Requested by

Host: futbol-cdn.relevant-digital.com
URL: https://futbol-cdn.relevant-digital.com/static/tags/621396644217042a46458eae.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.65.74.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-65-74-222.eu-central-1.compute.amazonaws.com

Software

Resource Hash

d8f68a9595b5f305436c4e8cf191e02b993eb86490465e70a1ea6b1426aa62da

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:08 GMT
content-encoding: gzip
accept-ch: sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bluejaysnation.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2768
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 250 B
946 B 116ms
28ms XHR
application/json 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: futbol-cdn.relevant-digital.com
URL: https://futbol-cdn.relevant-digital.com/static/tags/621396644217042a46458eae.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

be2e2fb2aa361bfabfbc2e0b78a1baa37fb5a50760b1f02f6e71bc99c01f5d34

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 26 Aug 2022 12:11:08 GMT
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 16b2e094-1aba-4d61-ac23-3f1b39c54c1a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://bluejaysnation.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 250
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
650 B 167ms
48ms XHR
application/json 72.251.249.9
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.16.0
Requested by: Host: futbol-cdn.relevant-digital.com
URL: https://futbol-cdn.relevant-digital.com/static/tags/621396644217042a46458eae.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: ef20b73237d9304b7c95f25a2e8f94d9dde107a0eaabd8b8a68255090e61737d

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 26 Aug 2022 12:11:08 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://bluejaysnation.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 262 B
1 KB 268ms
196ms XHR
application/json 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: futbol-cdn.relevant-digital.com
URL: https://futbol-cdn.relevant-digital.com/static/tags/621396644217042a46458eae.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d4e2285e81ff874d2ac06ba3bb6f45b0f34967ad5d8c40a6892aac1d087397d5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 26 Aug 2022 12:11:08 GMT
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 09fb7ff1-a6b4-490f-ad12-0ccd860f6435
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://bluejaysnation.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 262
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
560 B 498ms
151ms XHR
application/json 89.149.192.65
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: futbol-cdn.relevant-digital.com
URL: https://futbol-cdn.relevant-digital.com/static/tags/621396644217042a46458eae.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:08 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://bluejaysnation.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
560 B 493ms
147ms XHR
application/json 89.149.192.65
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: futbol-cdn.relevant-digital.com
URL: https://futbol-cdn.relevant-digital.com/static/tags/621396644217042a46458eae.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:08 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://bluejaysnation.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
141 B 427ms
229ms XHR
text/plain 13.36.17.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: futbol-cdn.relevant-digital.com
URL: https://futbol-cdn.relevant-digital.com/static/tags/621396644217042a46458eae.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.36.17.92 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-17-92.eu-west-3.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bluejaysnation.com
date: Fri, 26 Aug 2022 12:11:08 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 arj Show response
futbolsites-d.openx.net/w/1.0/ 73 B
380 B 146ms
40ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://futbolsites-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fbluejaysnation.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d5b89fa5-c0f2-4577-9a28-2f465bfbc7bb%2Cc63ab794-0c0c-4971-bc5a-4926d41693e0&nocache=1661515868250&aus=728x90%7C300x250&divids=%252F63317524%252Fbluejaysnation%252Fhome%252Fbluejaysnation_home_leaderboard%2C%252F63317524%252Fbluejaysnation%252Fhome%252Fbluejaysnation_home_box_1&aucs=%2C&auid=556668811%2C556668764
Requested by: Host: futbol-cdn.relevant-digital.com
URL: https://futbol-cdn.relevant-digital.com/static/tags/621396644217042a46458eae.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: faa2747e25388fae1a46fa4eb094150bc58b926f2fd646a980da0384c0272c25

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:08 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://bluejaysnation.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 embedcode.php Show response
embed.sendtonews.com/player2/ 7 KB
3 KB 473ms
136ms Script
application/javascript 34.199.89.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/player2/embedcode.php?fk=bWgHsfoB&cid=8802&floatwidth=400
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.89.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-89-150.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 01abfc57d26e9b4ace7a8e49f02215b048dc29da12e80b4e9573c948d380bbb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:08 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
content-length: 3079
expires: Fri, 26 Aug 2022 13:11:08 GMT

GET
H2 200 embedcode.php Show response
d3e9zy76sv7y5r.cloudfront.net/player2/ 7 KB
4 KB 217ms
179ms Script
application/javascript 2600:9000:201f:2e00:c:4d8d:ebc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e9zy76sv7y5r.cloudfront.net/player2/embedcode.php?fk=bWgHsfoB&cid=8802&floatwidth=400
Requested by: Host: d3e9zy76sv7y5r.cloudfront.net
URL: https://d3e9zy76sv7y5r.cloudfront.net/shim/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201f:2e00:c:4d8d:ebc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 024eac16ada47e0be11a3ea46ca48861d2c57798230697eb378e930ee10a5472

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:08 GMT
content-encoding: gzip
server: Apache
x-amz-cf-pop: LAX50-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 c591b9d4784301b692cc1051c256991a.cloudfront.net (CloudFront)
cache-control: max-age=3600
content-length: 3099
x-amz-cf-id: KLENo1Bv8zy08abJUitrRg1FmDABHDZUdmivBI8soTh8Kwgg2BvChw==
expires: Fri, 26 Aug 2022 13:11:08 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 74ms
27ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A7.8&blog=122047553&post=32766&tz=-4&srv=bluejaysnation.com&host=bluejaysnation.com&ref=&fcp=1273&rand=0.25461922843375584
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 26 Aug 2022 12:11:08 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H3 200 AGSKWxUAmu3c-MaM9ZcNcMqx__Wiqp5adGICtJWwyXj5z2xp8y_EoNNdvpNgkv_ObGSzVax-lGc1KN3uI2V3Lajb_tggyoqdprkpyZ0ebg2tUeJiGBQ5BITI3i9PzttunndPW7j_8CHGjA== Show response
fundingchoicesmessages.google.com/f/ 17 KB
7 KB 100ms
87ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUAmu3c-MaM9ZcNcMqx__Wiqp5adGICtJWwyXj5z2xp8y_EoNNdvpNgkv_ObGSzVax-lGc1KN3uI2V3Lajb_tggyoqdprkpyZ0ebg2tUeJiGBQ5BITI3i9PzttunndPW7j_8CHGjA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYxNTE1ODY4LDM0MTAwMDAwMF0sIkQzNTQ4MkNCLTQ1Q0ItNEZFMC1BMTM0LUJBRkFEMkIzOEY4OSIsbnVsbCxudWxsLFtudWxsLFs3LDEwXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMSwxXSwiaHR0cHM6Ly9ibHVlamF5c25hdGlvbi5jb20vIixudWxsLFtdXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

61e092629ada0999e2d454d6904ff1f3a4cbfaacef2149452816185472f3d490

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-fhEFfn4J2rnYW5wPYKH51w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-fhEFfn4J2rnYW5wPYKH51w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 248 B
599 B 467ms
397ms XHR
application/json 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fbluejaysnation.com&pubid=48ce1010-d9fb-4e4a-9180-d1a0eb720b79
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:08 GMT
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://bluejaysnation.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 248
x-amz-cf-id: SwbyjeCo6rvpzxuV6z2U6dEYEkaDV2VL962P7S82P0B2unLfFe534Q==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
495 B 120ms
65ms XHR
text/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fbluejaysnation.com%2F&pid=U6NsbuYFerVPe&cb=0&ws=1600x1200&v=22.8.221912&t=1000&slots=%5B%7B%22sd%22%3A%22ad-id-%2F63317524%2Fbluejaysnation%2Fhome%2Fbluejaysnation_home_leaderboard-6573354772785045%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F63317524%2Fbluejaysnation%2Fhome%2Fbluejaysnation_home_leaderboard%22%2C%22kv%22%3A%7B%7D%7D%2C%7B%22sd%22%3A%22ad-id-%2F63317524%2Fbluejaysnation%2Fhome%2Fbluejaysnation_home_box_1-19544502655866358%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F63317524%2Fbluejaysnation%2Fhome%2Fbluejaysnation_home_box_1%22%2C%22kv%22%3A%7B%7D%7D%5D&pubid=48ce1010-d9fb-4e4a-9180-d1a0eb720b79&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-71-118.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:08 GMT
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: NDK7D82H6PJHG9EWX51D
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://bluejaysnation.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: TvXtwiaYGvvjXYNzR5yvh5TA3jIKdQVIoEo2yScDiYVHYsjPsKhJng==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 161ms
43ms XHR
application/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 59735
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 24 Aug 2022 19:06:24 GMT
server: AmazonS3
date: Thu, 25 Aug 2022 19:35:34 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: bjw36Weiy9RMf7iqPjMUFPxBghtHeDbTVSvBMzxWdrzVY2EJWNTqaQ==

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 155ms
42ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 105105
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txef1d0078be8d4454bd221-0062a770fa
x-amz-id-2: txef1d0078be8d4454bd221-0062a770fa
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6wyQjKZ1ELnrTDkdn2E401jcItw1n2%2FRCeyAkcJf1snaVyyVElNyZ%2FaaVBqExlVXwOzPi1lCvUh2lSKHVnlLSdD%2BcGHWKkgXGJ4DZqHGx17XpxmsPSx604%2FW%2F6tcTSyO2RwIPSG2poSRgTC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1652176651393042
cf-ray: 740c77e249069290-FRA
access-control-allow-headers: Authorization

GET
H2 200 getGeo Show response
vuukle.com/ 90 B
405 B 175ms
71ms XHR
application/json 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vuukle.com/getGeo
Requested by: Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53f98bb0b288d162a288ce2caf8406c00c1fd474f0c73a58b5893098271621a9

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 26 Aug 2022 12:11:08 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 86400
cf-ray: 740c77e27bc2993f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 prebid3.js Show response
cdn.vuukle.com/static/ 447 KB
135 KB 247ms
182ms Script
application/javascript 2606:4700:10::6816:3ca8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vuukle.com/static/prebid3.js
Requested by: Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7aa4db76842daa1949532ee588f488c5375bbe34cc4dc998a830ca5ba256cd93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 93021
cf-polished: origSize=511696
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 25 Aug 2022 10:20:22 GMT
server: cloudflare
etag: W/"63074ce6-7ced0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=3600
cf-ray: 740c77e238829177-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-bgj: minify

GET
H3 200 bluejaysnation.com.json Show response
cdn.vuukle.com/ads/ 5 KB
1 KB 267ms
201ms XHR
application/json 2606:4700:10::6816:3ca8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vuukle.com/ads/bluejaysnation.com.json
Requested by: Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bda8550bdadfaed6e34c51374a896de8ede5ebf6c5d7501336fdebbc8a29b41f

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 26 Aug 2022 12:11:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 26 Aug 2022 11:47:44 GMT
server: cloudflare
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
etag: W/"6308b2e0-1492"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cf-ray: 740c77e239cc9b46-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 gpt.js
securepubads.g.doubleclick.net/tag/js/ 0
28 KB 61ms
51ms Other
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28534
x-xss-protection: 0
server: sffe
etag: "1314 / 876 of 1000 / last-modified: 1661512137"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 26 Aug 2022 12:11:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
25ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNF38RQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3911
date: Fri, 26 Aug 2022 11:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 26 Aug 2022 13:05:57 GMT

GET
H2 200 v2dxm7Y4TkHQ69Pkc84DmYuyRZVL2aT-y6DsFcesn4OeT9DUzuLHkstMJ Show response
superficialspring.com/ 92 KB
28 KB 299ms
141ms Script
text/javascript 2600:1901:0:e567::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://superficialspring.com/v2dxm7Y4TkHQ69Pkc84DmYuyRZVL2aT-y6DsFcesn4OeT9DUzuLHkstMJ

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:e567::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

1c88f563717fadaaa313315cf56abe1195af0aa1a764a2892527b3547a7ab495

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "82e26cef9f0cc15b02ba68a4abcc6645ab125ab77500728aa072dc621659e23d"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-c63t
content-type: text/javascript; charset=utf-8
via: 1.1 google
cache-control: private, must-revalidate, max-age=21600
date: Fri, 26 Aug 2022 12:11:08 GMT
x-buildnumber: 609294353
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 script.js Show response
powerad.ai/20439339365500/ 199 KB
44 KB 403ms
115ms Script
application/javascript 52.4.246.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/20439339365500/script.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNF38RQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.246.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-246-121.compute-1.amazonaws.com
Software: / Express
Resource Hash: 80c11184f232948bf9022c445e643526ddb6024a2267e270c3bdf01a600b31fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:08 GMT
content-encoding: gzip
last-modified: Wed, 24 Aug 2022 12:16:17 GMT
x-powered-by: Express
etag: W/"31aaa-182cfc828f8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=172800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 188ms
31ms Image
text/plain 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=11441895&ns__t=1661515868598&ns_c=UTF-8&c8=Toronto%20Blue%20Jays%20News%2C%20Roster%2C%20Scores%2C%20Schedule&c7=https%3A%2F%2Fbluejaysnation.com%2F&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:08 GMT
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: JkLOMDtDyB8XIA6dSZEfZo-BCdy2k9ApdVqqW_z0xeXV9oFLgMS-rw==
x-cache: Miss from cloudfront

GET
H3 200 cnsnt.platform.js Show response
cdn.vuukle.com/ 4 KB
2 KB 443ms
407ms Script
application/javascript 2606:4700:10::6816:3ca8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vuukle.com/cnsnt.platform.js
Requested by: Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f52c264c7b3a64465a3dfb61ef1a1581027f5509af7c0439f8f4d44a36f8606

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 1029
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 26 Aug 2022 11:52:55 GMT
server: cloudflare
etag: W/"6308b417-ede"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=7200
cf-ray: 740c77e34a8b9177-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-bgj: minify

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/11441895/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
368 B

97ms
18ms

Script
application/javascript

13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:03:03 GMT
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 486
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: k06TjzD5lBQN041OfJ5nGjwWLNWxd4YyMjrI8MqdMiE9QJZgXOFbWA==

Redirect headers

location: /internal-c2/default/cs.js
date: Fri, 26 Aug 2022 12:11:08 GMT
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 0
x-amz-cf-id: sErAQ0n7tDJ9PF0etCc7Fh-2UgazwAet05gMoo3MHb5Lqk34xDPheg==
x-cache: Miss from cloudfront

GET
H2 200 easy-stn-player.js Show response
d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/ 633 KB
187 KB 1254ms
216ms Script
application/javascript 2600:9000:201f:2e00:c:4d8d:ebc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/easy-stn-player.js
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201f:2e00:c:4d8d:ebc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 29c920e045a46e48ce942f36cb3cfda3a6778c6b2293fb1bfdae04aa3161d0f3

Request headers

Referer: https://bluejaysnation.com/
Origin: https://bluejaysnation.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:09 GMT
content-encoding: gzip
x-amz-cf-pop: LAX50-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
last-modified: Wed, 24 Aug 2022 17:30:51 GMT
server: Apache
etag: "9e561-5e7000ad068c0-gzip"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 42b10ce0efa243af420d08c395787242.cloudfront.net (CloudFront)
cache-control: max-age=3600
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-amz-cf-id: Hkx6CC3_feow4OCnkAORKT3azVvJYkVRhR3wkOtZiNx4lfDYHYdbIw==
expires: Fri, 26 Aug 2022 13:11:09 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 100ms
30ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3104421-12&cid=823979536.1661515869&jid=2041610014&gjid=1305126181&_gid=1343482033.1661515869&_u=YGBAgAABAAAAAE~&z=884282369

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 26 Aug 2022 12:11:08 GMT
content-type: text/plain
access-control-allow-origin: https://bluejaysnation.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 47ms
45ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=647109519&t=pageview&_s=1&dl=https%3A%2F%2Fbluejaysnation.com%2F&ul=en-us&de=UTF-8&dt=Toronto%20Blue%20Jays%20News%2C%20Roster%2C%20Scores%2C%20Schedule&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=2041610014&gjid=1305126181&cid=823979536.1661515869&tid=UA-3104421-12&_gid=1343482033.1661515869&gtm=2wg8o0KNF38RQ&z=1003096427

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 16:42:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70126
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bq-publish Show response
publish.vuukle.com/ 33 B
333 B 262ms
236ms XHR
text/plain 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publish.vuukle.com/bq-publish?callback=&{%22action%22:%22view_page%22,%22hashed_email%22:%22$607b9c-b7d0-410b-9e9f-323e46710b68%22,%22hostname%22:%22b1aaa3ee-e3e9-444c-b043-ad06699c7e2a%22,%22pubdomain%22:%22bluejaysnation.com%22,%22refDomain%22:%22%22,%22sessionId%22:%22dc91faa1-838c-4315-b314-7e19782402ca%22,%22version%22:%224.20%22,%22articleImg%22:%22%22,%22articleTitle%22:%22BlueJaysNation%22,%22article_id%22:%22nn-8-32766%22,%22hashed_article_url%22:%22bluejaysnation.com%2F%22,%22referrer%22:%22%22,%22tags%22:%22%22,%22browser%22:%22Chrome%22,%22device%22:%22Desktop%22,%22os%22:%22Windows%22}&_=1489139930741

Requested by

Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2afad7474ea67753b029d4cd1821cd4bbf42188d8230317de530919e1758e0fe

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://bluejaysnation.com
access-control-allow-credentials: true
cf-ray: 740c77e3dda5993f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 191ms
74ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3104421-12&cid=823979536.1661515869&jid=2041610014&_u=YGBAgAABAAAAAE~&z=829730960

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 193ms
76ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3104421-12&cid=823979536.1661515869&jid=2041610014&_u=YGBAgAABAAAAAE~&z=829730960

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 53 KB
17 KB 224ms
35ms Script
application/javascript 92.123.21.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.21.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-21-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:09 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Fri, 26 Aug 2022 12:26:09 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 459ms
39ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bluejaysnation.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Aug 2022 12:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 462ms
35ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bluejaysnation.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Aug 2022 12:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 639ms
597ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4415499664251130&correlator=3526412675715105&eid=31068501%2C31068928%2C31069202%2C44761477%2C31068828%2C31064019&output=ldjh&gdfp_req=1&vrg=2022082202&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63317524%2Cbluejaysnation%2Chome%2Cbluejaysnation_home_leaderboard%2Cbluejaysnation_home_box_1&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4&prev_iu_szs=320x50%7C728x90%2C320x50%7C300x250&fluid=height%2Cheight&ifi=1&adks=2892113932%2C1289571661&sfv=1-0-38&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%26hb_format_triplelift%3Dbanner%26hb_size_triplelift%3D300x250%26hb_pb_triplelift%3D0.04%26hb_adid_triplelift%3D390d84552f3e5dd%26hb_bidder_triplelift%3Dtriplelift%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.04%26hb_adid%3D390d84552f3e5dd%26hb_bidder%3Dtriplelift&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1661515868971&lmt=1661515868&dlt=1661515867252&idt=536&adxs=436%2C1168&adys=164%2C310&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbluejaysnation.com%2F&frm=20&vis=1&psz=1424x0%7C332x-1&msz=1424x0%7C332x-1&fws=0%2C0&ohw=0%2C0&ga_vid=823979536.1661515869&ga_sid=1661515869&ga_hid=647109519&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

9740af5990b818e38177712f813e0b9d2dedc445dff793f38a5e8e88a32da1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13174
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bluejaysnation.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 485ms
68ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082202&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d512186a29f46e0ceea4d50662f6e4c045f78fa01e4cd23503332f3826a40845

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Aug 2022 12:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11093
x-xss-protection: 0

GET
H2 200 container.html Show response
878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CCC8 6 KB
4 KB 168ms
30ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluejaysnation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 Aug 2022 12:11:09 GMT
expires: Sat, 26 Aug 2023 12:11:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 204
No Content analytics Show response
worker40-api.relevant-digital.com/ 0
46 B 307ms
74ms Script
text/plain 135.181.181.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://worker40-api.relevant-digital.com/analytics?param={%22cmd%22:%22main%22,%22systemId%22:25,%22siteId%22:%22621396644217042a46458eae%22,%22publisherId%22:%2262139645421c772166458ead%22,%22timestamp%22:1661515868162,%22siteLocalId%22:%220x0%22,%22id%22:%22da1028061f196011%22,%22bids%22:[{%22bidIdx%22:0,%22code%22:%22621396644217042a46458eae-/63317524/bluejaysnation/home/bluejaysnation_home_box_1%22,%22bidder%22:%22rubicon%22,%22sspId%22:%2262149ee751586c58bdd07519%22,%22flags%22:2,%22responseMs%22:715},{%22bidIdx%22:1,%22code%22:%22621396644217042a46458eae-/63317524/bluejaysnation/home/bluejaysnation_home_box_1%22,%22bidder%22:%22richaudience%22,%22sspId%22:%2262149eeca6252554f1d0751b%22,%22flags%22:2,%22responseMs%22:371},{%22bidIdx%22:2,%22code%22:%22621396644217042a46458eae-/63317524/bluejaysnation/home/bluejaysnation_home_box_1%22,%22bidder%22:%22kargo%22,%22sspId%22:%22628fbdc62d94b69ecd9f5996%22,%22flags%22:2,%22responseMs%22:196},{%22bidIdx%22:3,%22code%22:%22621396644217042a46458eae-/63317524/bluejaysnation/home/bluejaysnation_home_box_1%22,%22bidder%22:%22yahoossp%22,%22sspId%22:%2262149ee91ec1c49ad9d0751a%22,%22flags%22:2,%22responseMs%22:602},{%22bidIdx%22:4,%22code%22:%22621396644217042a46458eae-/63317524/bluejaysnation/home/bluejaysnation_home_box_1%22,%22bidder%22:%22onetag%22,%22sspId%22:%2262149eef26243af0abd0751c%22,%22flags%22:2,%22responseMs%22:183},{%22bidIdx%22:5,%22code%22:%22621396644217042a46458eae-/63317524/bluejaysnation/home/bluejaysnation_home_box_1%22,%22bidder%22:%22triplelift%22,%22sspId%22:%2262149efae0f660e0f3d07521%22,%22flags%22:8,%22responseMs%22:362,%22width%22:300,%22height%22:250,%22cpm%22:0.043},{%22bidIdx%22:6,%22code%22:%22621396644217042a46458eae-/63317524/bluejaysnation/home/bluejaysnation_home_box_1%22,%22bidder%22:%22mediafuse%22,%22sspId%22:%2262c49e0df6c872cefec852db%22,%22flags%22:2,%22responseMs%22:195},{%22bidIdx%22:7,%22code%22:%22621396644217042a46458eae-/63317524/bluejaysnation/home/bluejaysnation_home_box_1%22,%22bidder%22:%22sovrn%22,%22sspId%22:%2262149ef6ccf0706904d0751f%22,%22flags%22:2,%22responseMs%22:372},{%22bidIdx%22:8,%22code%22:%22621396644217042a46458eae-/63317524/bluejaysnation/home/bluejaysnation_home_box_1%22,%22bidder%22:%22appnexus%22,%22sspId%22:%2262149ee0714b0ab2d0d07516%22,%22flags%22:2,%22responseMs%22:390},{%22bidIdx%22:9,%22code%22:%22621396644217042a46458eae-/63317524/bluejaysnation/home/bluejaysnation_home_box_1%22,%22bidder%22:%22smartadserver%22,%22sspId%22:%2262ce007c25e1ed6c6a70d020%22,%22flags%22:2,%22responseMs%22:603},{%22bidIdx%22:10,%22code%22:%22621396644217042a46458eae-/63317524/bluejaysnation/home/bluejaysnation_home_box_1%22,%22bidder%22:%22pubmatic%22,%22sspId%22:%2262149ef1590bfcf46bd0751d%22,%22flags%22:2,%22responseMs%22:562},{%22bidIdx%22:11,%22code%22:%22621396644217042a46458eae-/63317524/bluejaysnation/home/bluejaysnation_home_box_1%22,%22bidder%22:%22openx%22,%22sspId%22:%2262149ef30c06d11334d0751e%22,%22flags%22:2,%22responseMs%22:370},{%22bidIdx%22:12,%22code%22:%22621396644217042a46458eae-/63317524/bluejaysnation/home/bluejaysnation_home_box_1%22,%22bidder%22:%22amazonDummyBidder%22,%22sspId%22:%2262149ef8f2195f1a1fd07520%22,%22flags%22:2,%22responseMs%22:449},{%22bidIdx%22:13,%22code%22:%22621396644217042a46458eae-/63317524/bluejaysnation/home/bluejaysnation_home_leaderboard%22,%22bidder%22:%22rubicon%22,%22sspId%22:%226213984d908394c914458eb4%22,%22flags%22:2,%22responseMs%22:715},{%22bidIdx%22:14,%22code%22:%22621396644217042a46458eae-/63317524/bluejaysnation/home/bluejaysnation_home_leaderboard%22,%22bidder%22:%22richaudience%22,%22sspId%22:%2262139854f265cd7995458eb6%22,%22flags%22:2,%22responseMs%22:371},{%22bidIdx%22:15,%22code%22:%22621396644217042a46458eae-/63317524/bluejaysnation/home/bluejaysnation_home_leaderboard%22,%22bidder%22:%22kargo%22,%22sspId%22:%22628fbd6ddb7fe2f7409f5990%22,%22flags%22:2,%22responseMs%22:196},{%22bidIdx%22:16,%22code%22:%22621396644217042a46458eae-/63317524/bluejaysnation/home/bluejaysnation_home_leaderboard%22,%22bidder%22:%22yahoossp%22,%22sspId%22:%22621398514cde6576c8458eb5%22,%22flags%22:2,%22responseMs%22:601},{%22bidIdx%22:17,%22code%22:%22621396644217042a46458eae-/63317524/bluejaysnation/home/bluejaysnation_home_leaderboard%22,%22bidder%22:%22onetag%22,%22sspId%22:%2262139857d56f4a3a83458eb7%22,%22flags%22:2,%22responseMs%22:183},{%22bidIdx%22:18,%22code%22:%22621396644217042a46458eae-/63317524/bluejaysnation/home/bluejaysnation_home_leaderboard%22,%22bidder%22:%22triplelift%22,%22sspId%22:%22621398666a08f0507a458ebc%22,%22flags%22:2,%22responseMs%22:365},{%22bidIdx%22:19,%22code%22:%22621396644217042a46458eae-/63317524/bluejaysnation/home/bluejaysnation_home_leaderboard%22,%22bidder%22:%22mediafuse%22,%22sspId%22:%2262c49dc76910a10afec852d5%22,%22flags%22:2,%22responseMs%22:195},{%22bidIdx%22:20,%22code%22:%22621396644217042a46458eae-/63317524/bluejaysnation/home/bluejaysnation_home_leaderboard%22,%22bidder%22:%22sovrn%22,%22sspId%22:%2262139861342c65b75d458eba%22,%22flags%22:2,%22responseMs%22:372},{%22bidIdx%22:21,%22code%22:%22621396644217042a46458eae-/63317524/bluejaysnation/home/bluejaysnation_home_leaderboard%22,%22bidder%22:%22appnexus%22,%22sspId%22:%2262139844e784931d51458eb1%22,%22flags%22:2,%22responseMs%22:390},{%22bidIdx%22:22,%22code%22:%22621396644217042a46458eae-/63317524/bluejaysnation/home/bluejaysnation_home_leaderboard%22,%22bidder%22:%22smartadserver%22,%22sspId%22:%2262ce00200fc4d4615e70d01a%22,%22flags%22:2,%22responseMs%22:603},{%22bidIdx%22:23,%22code%22:%22621396644217042a46458eae-/63317524/bluejaysnation/home/bluejaysnation_home_leaderboard%22,%22bidder%22:%22pubmatic%22,%22sspId%22:%226213985cf342a6c08f458eb8%22,%22flags%22:2,%22responseMs%22:562},{%22bidIdx%22:24,%22code%22:%22621396644217042a46458eae-/63317524/bluejaysnation/home/bluejaysnation_home_leaderboard%22,%22bidder%22:%22openx%22,%22sspId%22:%226213985e7ff46b2879458eb9%22,%22flags%22:2,%22responseMs%22:370},{%22bidIdx%22:25,%22code%22:%22621396644217042a46458eae-/63317524/bluejaysnation/home/bluejaysnation_home_leaderboard%22,%22bidder%22:%22amazonDummyBidder%22,%22sspId%22:%2262139863441ebc392f458ebb%22,%22flags%22:2,%22responseMs%22:449}],%22customParams%22:{%22_sys_Hostname%22:%22bluejaysnation.com%22,%22_sys_URL%22:%22https://bluejaysnation.com/%22,%22_sys_Screen%20width%22:1600,%22_sys_Screen%20height%22:1200,%22_sys_Browser%20name%22:%22Chrome%22,%22_sys_Browser%20version%22:%22Chrome%20104%22,%22_sys_Operating%20system%22:%22Windows%22,%22_sys_Platform%22:%22Desktop%22}}
Requested by: Host: futbol-cdn.relevant-digital.com
URL: https://futbol-cdn.relevant-digital.com/static/tags/621396644217042a46458eae.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 135.181.181.105 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.181.181.135.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 0

GET
H2 200 skeleton.js Show response
static.adsafeprotected.com/ 17 B
464 B 109ms
25ms Script
application/javascript 2600:9000:214f:9400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: superficialspring.com
URL: https://superficialspring.com/v2dxm7Y4TkHQ69Pkc84DmYuyRZVL2aT-y6DsFcesn4OeT9DUzuLHkstMJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:9400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 02:01:00 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
age: 4875010
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 5IZ5nVwVD7ACWnV3GeRKkwSI5uyJo2zHHW5c6Drd995g6PI6uvmAnA==

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/RNw7xiqRu-6_97G1pl1Hr7_2fbE/gpt_and_prebid/ 46 KB
12 KB 149ms
35ms Script
text/javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/RNw7xiqRu-6_97G1pl1Hr7_2fbE/gpt_and_prebid/config.js
Requested by: Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29d4dc0360f6582c365dc236fe920da0b83a41f0b5f1d68a3a50a71e41a54a1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 12:11:09 GMT
Content-Encoding: gzip
Age: 820
X-Cache: HIT
Connection: keep-alive
Content-Length: 11683
x-amz-id-2: z3UBznJ58E4Qe5yMlIKm33S7NGKbjbdnsxnoCbCVeq+DdF7gyCsQkdlyqdwcuPIOVRkjIox4dswBcqIaVr90ww==
X-Served-By: cache-hhn4076-HHN
Last-Modified: Fri, 26 Aug 2022 11:35:57 GMT
Server: AmazonS3
X-Timer: S1661515869.294830,VS0,VE1
ETag: "d2a5c9c01c836b1c0eb540ae46deadb3"
x-amz-request-id: 34PYYXBFVQ4V9Q0R
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 1

POST
H2 200 /
reporting.powerad.ai/ 2 B
272 B 456ms
99ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/20439339365500/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 26 Aug 2022 12:11:09 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

GET
H2 200 detect-aau Show response
powerad.ai/ 2 B
223 B 416ms
86ms Fetch
text/plain 52.4.246.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/detect-aau?ch=2
Requested by: Host: powerad.ai
URL: https://powerad.ai/20439339365500/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.246.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-246-121.compute-1.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:09 GMT
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

GET
H2 200 detect-aau Show response
powerad.ai/ 2 B
222 B 417ms
87ms Fetch
text/plain 52.4.246.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/detect-aau?ch=1
Requested by: Host: powerad.ai
URL: https://powerad.ai/20439339365500/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.246.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-246-121.compute-1.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:09 GMT
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

GET
H2 200 prebid.js Show response
hb.brainlyads.com/ Frame FFBE 574 KB
171 KB 545ms
206ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/prebid.js

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

edb50fe914a87cb3b398dbac39b83d81de7d4adbebebdf666ffc1f9997ef554e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:09 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 15:07:30 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"62e2a632-8f793"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Fri, 02 Sep 2022 12:11:09 GMT

GET
H2 200 pbjs_wrapper.v2.0.js Show response
hb.brainlyads.com/ Frame A077 45 KB
13 KB 435ms
103ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/pbjs_wrapper.v2.0.js

Requested by

Host: powerad.ai
URL: https://powerad.ai/20439339365500/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

f99a895dd2c4b1fe06695730aa5973f4f410f9512db50ea44d261cdde4c733f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:09 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 04:03:37 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63045199-b548"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Fri, 02 Sep 2022 12:11:09 GMT

GET
H2 200 / Show response
powerad.ai/pubPls/ 22 KB
4 KB 128ms
122ms XHR
text/html 52.4.246.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Fbluejaysnation.com%2F
Requested by: Host: powerad.ai
URL: https://powerad.ai/20439339365500/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.246.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-246-121.compute-1.amazonaws.com
Software: / Express
Resource Hash: 2b75f0201f5529abe482af6c173593e70cc6f8edb168d4ae50a27c24fc27a50f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:09 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"5885-xF7DAd4GXan5ZbTCNFi/HRcUC+I"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bluejaysnation.com
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202208101343/ 203 KB
65 KB 35ms
34ms Script
application/javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202208101343/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/RNw7xiqRu-6_97G1pl1Hr7_2fbE/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f83dccda0f23005e073046554fcb6f70e6cc5c6d5a31482d8cbf00c3cae72a69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 12:11:09 GMT
Content-Encoding: gzip
Age: 42391
X-Cache: HIT
Connection: keep-alive
Content-Length: 66315
x-amz-id-2: tn9m/RJ+1Nqpr3MtD2Y1tL/tOZmzJYxGk6sdCOaSEQX8FdjVodEnZg+U+fqqgJTyKkRkriyrqrA=
X-Served-By: cache-hhn4076-HHN
Last-Modified: Thu, 11 Aug 2022 23:13:41 GMT
Server: AmazonS3
X-Timer: S1661515869.363379,VS0,VE0
ETag: "6dc02234ec68d77d35e4d6a9fe8b646f"
x-amz-request-id: VQD62AH5JPVQA99D
Via: 1.1 varnish
Cache-Control: public, max-age=864000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 163922

POST
H3 200 v2edhFq5ojOF0H3-ZLmHBTdPM2YsW0D_IZ0F3WmCQ_jDxgXRI7jF__9j-Lw9WbKao8a0ZTSK8JQ Show response
superficialspring.com/ 209 B
236 B 137ms
84ms Fetch
application/json 2600:1901:0:e567::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://superficialspring.com/v2edhFq5ojOF0H3-ZLmHBTdPM2YsW0D_IZ0F3WmCQ_jDxgXRI7jF__9j-Lw9WbKao8a0ZTSK8JQ

Requested by

Host: superficialspring.com
URL: https://superficialspring.com/v2dxm7Y4TkHQ69Pkc84DmYuyRZVL2aT-y6DsFcesn4OeT9DUzuLHkstMJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:e567::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

47266be84ba899f994470ece302b0344d8d657f8b0333da29e7e77aee5dc19d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
via: 1.1 google
x-buildnumber: 609294353
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 209
x-datacenter: gce-europe-west1
date: Fri, 26 Aug 2022 12:11:09 GMT
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bluejaysnation.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: fen-hoothoot-europe-west1-c63t
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Fri, 26 Aug 2022 12:11:08 GMT

GET
H2 200 Hc6PdfQeAi.js Show response
pixel.zprk.io/v5/pixeljs/ 3 KB
3 KB 915ms
259ms Script
text/plain 18.136.115.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.zprk.io/v5/pixeljs/Hc6PdfQeAi.js?dne=1
Requested by: Host: powerad.ai
URL: https://powerad.ai/20439339365500/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.136.115.17 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-136-115-17.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:10 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 2753
access-control-max-age: 3600
access-control-allow-methods: POST, GET, DELETE, PUT
content-type: text/plain;charset=UTF-8

GET
H2 200 251 Show response
a.ad.gt/api/v1/u/matches/ 10 KB
4 KB 879ms
200ms Script
application/javascript 35.86.50.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fbluejaysnation.com%2F&ref=
Requested by: Host: powerad.ai
URL: https://powerad.ai/20439339365500/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.86.50.147 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-86-50-147.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 6d12b7c4dd16922a5927be35ffb65d87fdabd15c2f1e4b50ee87be6130f8a102

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 26 Aug 2022 12:11:10 GMT
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: nginx/1.20.0
content-type: application/javascript

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12967/ 2 KB
2 KB 577ms
52ms Script
application/javascript 54.73.196.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12967/px.js
Requested by: Host: powerad.ai
URL: https://powerad.ai/20439339365500/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.196.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-196-234.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f266acb707c5b2704c3b6e18e0888d7995bad0ba0ffec4a125146f7e3d058583

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 12:11:09 GMT
Cache-Control: max-age=2419200, public
Connection: keep-alive
Content-Length: 1990
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 214ms
43ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 Aug 2022 12:11:09 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
69 B 70ms
42ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=1.1712267277103592

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-1tTdzJelo8c_5fU8Gl1okA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-1tTdzJelo8c_5fU8Gl1okA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorServingDetectionHttp"
x-frame-options: SAMEORIGIN
date: Fri, 26 Aug 2022 12:11:09 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type: image/gif
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 129ms
100ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=8.526161573390795

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rpoQzcQ4CzaDDaDMEewhfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-rpoQzcQ4CzaDDaDMEewhfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Fri, 26 Aug 2022 12:11:09 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: image/gif
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 92D6 6 KB
3 KB 145ms
33ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluejaysnation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 Aug 2022 12:11:09 GMT
expires: Sat, 26 Aug 2023 12:11:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2D20 6 KB
3 KB 146ms
39ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluejaysnation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 Aug 2022 12:11:09 GMT
expires: Sat, 26 Aug 2023 12:11:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3CF6 13 KB
5 KB 153ms
48ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluejaysnation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 130
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 Aug 2022 12:08:59 GMT
expires: Sat, 26 Aug 2023 12:08:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FD3C 783 B
534 B 147ms
53ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

832b350a1b1876c2bef1e544de1807eb4fe9ddfd6c7c3f18a630f327b620c563

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f3ysETGoU2E_d-gjq6gYbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluejaysnation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-f3ysETGoU2E_d-gjq6gYbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 26 Aug 2022 12:11:09 GMT
expires: Fri, 26 Aug 2022 12:11:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 AGSKWxUwT1t6AjOpPOCdkq7DT7G_WEbpvD0IwzRvYhnruUVsPdcz75Fk05TTTYvYz4AwKiRKUXADCVYWtS31tObSyTYZc7wMRHXTwrqo-xf0cuo6kGddTCmCWegOFgSWq9mqLNTpcmnovw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 144ms
50ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUwT1t6AjOpPOCdkq7DT7G_WEbpvD0IwzRvYhnruUVsPdcz75Fk05TTTYvYz4AwKiRKUXADCVYWtS31tObSyTYZc7wMRHXTwrqo-xf0cuo6kGddTCmCWegOFgSWq9mqLNTpcmnovw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--9pD00UML2q9ntYgUtFBdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 26 Aug 2022 12:11:09 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://bluejaysnation.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce--9pD00UML2q9ntYgUtFBdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CAD9 624 B
975 B 213ms
53ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiVs_fOATAB&v=APEucNUNsdhEi57s8CzgjVncAsKWtutanWBESMFu7svEhR0JHl8JQBsEFau26wPZZlm5O3svIrgO19NPcFqEnkkC_G2XJoFh9iCRy1-0OoEAf7TZx12hjlGxg0FXUlQfsLOeaCR-57pDaSSnX_bgcFcZDdC4uDKGUw

Requested by

Host: 878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com
URL: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Aug 2022 12:11:10 GMT
expires: Fri, 26 Aug 2022 12:11:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 92D6 83 KB
34 KB 227ms
67ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-9HlrgaetO22W4UsCLO5946-5fZxGmun561yyEhXutW7e-MgQtlhWHSFkyE-3FJ6PHfok6Ti1lPHqwDeSNxo4ZGk_n_PwFsSBfq31QaZ4qls-S9lFayi5vlb1i9MxJc8lqlmiyGEstxfqS6edcDoLUwuT5A&dbm_d=AKAmf-BDJSe59olaJUnGhGXc9PlI05GKUzG9DmcIa2XMDF4NBG8E3-P5QqJF1YJur06Ltz51DIwcvF7kbLTj_amviRTPp9eDUNGF1UJPunkr5N6WaDsCxPBkzXDY7MU-jBpurulQrb6jFYM6diZxNkTQDrovmTzYDJk4vFv8GCI5Kp1MDZ8qM3zslGWn51c6HtDrmxCbLOSVysL6YdXfVpnZ6K0ctUeILA8ef8793SuZKtIL_wODuNxQe92LBH7k0cCtbU45iSFA8VlyaTZVCJ5io1oKjChYhhxBpzLMcTr_-yYu6atR0M-sx1tTyguNKDzu2X_ykC5AS-6qQIG_917W-YizosvNQdEV0lUPRhNBS7biWsPyhmfFQUdfebHXoPFcgCU9S4QRZ5N07zs1756S9ZiF0xbRBP4M5arIxk8Psya02pL8gAU-IxV9VU0vLUHbl8aqVAIGHClyr-zy5kJWTK28reVWxO0RAX2iF-lm3xZSx5xb2VqtqSdtOwCSZOKwuRvCNJbXkkjRqNYNL9_QQYsbOM9I6kFGwwUPfwC7Lqzi8sl65o2XFtr5hbZkNHv6K1CTXHTYs2mJwuJwlWHxOKzpUEMq9LzrMGaS4Oj1vP5OmmUrOn5qcao31-A8LxpoUsipNrEciRif_AKtatCyHx3yBylZFR9kVzVKcrYirO7wTccGs5Aq3M0yJi7NKht4M9UwRt5O5mIwDn6LgKeYSYhcZY7sG4dUKphkuKOH0zR1jaksdEmun-bFyY0pRsWNjsp5b8hwYaB5G_qssBigfjCWcKF8N667me35FhMKNMBsH13oDAwdvbGUTvwbvlkzQ3isEBm4G8zoi1HPsWW8PiJnoM03pNcuXywBGQR-lusy05-PiW0O_0G1pi-pjdFwqPDVoAqrI6B3ludHgRGeW6wn6KtUwumscA89ooQWY17KHAaAXgf4Mk2DpU0saK_i2jBZvfuMH7qd3Lbzk0rD6kZDYE8pztBHQpM7wBa-dLCyZST-xMUFdpq-I4FaDzxCoNFYrK60HqXWsWbEphQcMx5XKgqGA3XQbkGbN5I3L73vDu3JigqJ6hBoVH4PjbZSWoa58LQOJbj6-EVLDSzGc5K8Jrp4lusFps8ayZeWWW9E_Uno19eVarCEhWfmg7w_0TYaWHLMgRVdwytoeTcUDwK-bdWmV5YrGosRXTWTATMHzbcckKBTJgpsYWgi-VEXh-hrSIQqsfU5f1Gnk0jZ2mP5RwbrOkOXen3eemIQR6CnkSEDkfVLwL-cIm0jBZhit85KtXrmSve0QWNZVMmUM08vWyNsXR9FOdybNx__VPwrNLOduRf3V3-hGcnCCi-RmWgZvIJpDoOuUyXx_Upgs_PSX7DwvQgaURdWlemk37vH3e-nO4QwzyHy1tUZteq-Z-IEExERr1vx_h4AecUYhB_Qb4S8BvKZBNzYwWXXdqNgxwsaWnejZSz6FCiCYBOl-37lgBe9WptADsqFcHftZy9EvRNebg2927HoPNRM5bd9l8xM2PR3DgBB-dBh9pyTwenAUWqFVqT5ox5vbhRKsFQQcU0cK8lbopXkibiQnZEa_-Qh2re8zBzuLnjaS0yfQp6u3pIeqKSnZC_F_RNh8wJ0Ax511OUA2jryY03KK8duJcTeDrjOLNrPR5oVam0z1TcXbFly8RyOXI7saHEyNTM83qDuo8qd7b3FK_X9YGFYhifKP0nqNmfIoVg8GZEVHlRsZfXrCp7OvMKVxP-K4rhCsKep2wQQgbwszBZd87-cjYDkoK7CJrLksAx-iJso_nEGJ-NQUa77aRCFEwrF73DMVIK1wGYRUeT7rRxO-QnD4i2TD8_EABFYL1q_Z5716O92d_mfsS9FVrMq_jlDj-HO_HseqsAx_bL8cwREzdP0-7i7reYkG3n5XdmfOP4LEqgCWg6q1eldxcejJ6TP9rXDjA1gLMyyl4JlE7xa7ttlqaTU1jcDSee5H9OmVxOEiOqXW939nwJR0N7RnL8S50E1zipUTZcFsyCu2JtZLHxr_cVEbjRQ5cz6tBSGUD9P0Y4nLTYkrv5-sD18oJL4Vn-54aIpyp4Cd78-jx2u9YGiRTAs0-QCqLBChhWqcUBnXZSw8AIQ9YwYvkZAuw2BeeP_0ccvYI1p7XjKSC-8DIp4EfRvzV75i_dxZuF0XRmQTqzbGIdWZNWUtZOcV6EprHM8stjvUWt3gdf-PDBvIV_qPoMsm5_GIA4aIoyIR8eVCw4O8vIfs-J5vSYOPrvI_7IubnmpMFVzjTUCamnqtTzMPbwuqBTN5NDleTeC6F9h9P3SqoBU955Jclmele9fSMGgHnKrbcOYx_atOVzRrdIBpovgumjwfP8uWDsV9SLsou57L3o7m1qd7-9w0BAwozgv2OBOu2REeq21j9bRObxdEU2fwsOtqWvUIlVdXoV_nphwlz0SS3MoAaSJVrR1gNZ1gk6eA-ErgLc6ioQy2dYOMWc9pw81PhqZtrNTnuRctutUwpuYKeoVFdGZ9MKE1jK7eWNAEETmnspWUHXxsGFfxy8pJ_j3ilpYXXEGduQ8n1U39-dlo21zJJZvLQxu5AZ1v46kUEui1Mq7l0lTkiju9-OLrSjl7tKIvU70zr0rFxHkUDFBPnFeY43XNEPU_jNfRB1HFkW3teOoNS63BcSoa4oMiiE3iUE5br_B2VJZOT410uy8q-67V8NrEyDb90CVOT9Bylo_eKHo-lQh999ykj4lqEjeIHhdZc_WobgBR29r_dWyFcoVZdze-uXxoc_oa5vs4GZ3i6anbZYwb3y-ATHAOY8EY20rJeJulQUZgI6lvRcu9x7JbsNrrEJNYNGeYJdxIyqSpdFg0CeFY_VtVKhpjkYZiSgpZAo_9m27DgbLPLRP7fd52E_-Qfpa6DlS3aWElBnd661LilJnthW7Wmq0N3tga1rVtikqAJPGAmp8ou8Ai8BKJKQWT4mTgEZ_HU5gQILYZ902rIz45R-cHXtmeSPNJjBXRCneSs78O3U-lJ0qHPA4PKrgpmkDfITMMy4cSx9AKFphQKb4jVo9cKqmdjYJ6x6pMBt2UwzWzTDeEc55BaW1IpI4ZV0AiAh1u2ZGogi9NHLZF83bd1EjKVWAdn-_iyjamQhXd2S1Jy1x3PNwZOhEPHxJEpt6pdJKVTVsjAr78DChMQFLg8Gi_TGRAveGzNUALa_Xx7RMQr5R5FUt9NdqWyl0m2Ip-DcyRTkSIKXgXBwapeZHNw7Ne9PvmiyP_4Rk0ST7q2Ylf8CeOGoyp_RsLWlxGfYZq7pdRpPEqDO1qZdMleu7qwVZEMIac0M9obWn9oTsv_K527Cm-VOMlP1ao84WWloKdq3pLJ02emBVP7He9YwazQ7m2oZRKtRKkcdmY-gTyZPYUztRGNHK75MLiZqXS4DbtXUCoA8Sde615eviPDE1Xj7PZIwrqyVDtwptju8YJdMOY2AeaHgBQ3rOkyN5iQ1-Ly4tYVPbGyWRP73aeGDODJ3dZGRsnvY&cid=CAASKORoHJlr8VucOE1spm2Ox6NJ54UC61tuprSwVuIa9_3aqwwB9Z8t5BE&rfl=1%2Chttps%253A%252F%252Fbluejaysnation.com%252F%240

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2aef83705dd9246c877ff5df4e69f614da161bdbc7ca2f5bbeed5fdf96b8579b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34435
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 92D6 42 B
63 B 160ms
61ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BcGi2yJOT6HpM0hFupdvHYXN4EBAR2_8hj-bU48U-HLncMA8rtiG63yI9rAKTGdZGL9Sl3Q7K_Sl0c0NeZ8VCux4tCbvwdroEv9mAE5BERm2R9jys

Requested by

Host: 878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com
URL: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 92D6 3 KB
1 KB 85ms
34ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: 878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com
URL: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:09:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Sep 2022 12:09:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 92D6 17 KB
7 KB 86ms
35ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com
URL: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Sep 2022 12:09:51 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 92D6 0
0 88ms
41ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRfo0yofa7z92ODy9BuVIk4kGH7enbiyTTlg3h3Hf1gdb1iA4MoNjo9e2h_AO4h2TitoAlu0KGfeArr0IRYVipcT4V8NQ
Requested by: Host: 878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com
URL: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 92D6 140 KB
44 KB 201ms
38ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com
URL: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 Aug 2022 12:11:10 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 056A 624 B
559 B 209ms
54ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKSDwQEQ27vuARjbwv_EATAB&v=APEucNXu5ekiJvElbRljf8qZI5ZOTfmgdWbBq6ymEwyMh5iaWIp0f_aAy3y75l_5NQs-AXgt9wkysga2jJc9wkh5YlMw8mG5G5_4T7GKKe4d5BEtNy-aXPMPG8UhO3bpaqZwLNoVsYxs7BbSqHQNTFPDsGJQuA-D0g

Requested by

Host: 878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com
URL: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Aug 2022 12:11:10 GMT
expires: Fri, 26 Aug 2022 12:11:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2D20 91 KB
36 KB 242ms
90ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8BjlI4VfZ7L2t0pTdaWe5lGsgc9uo82akf-XBdQZENXySGyrAlY251xCu1vjT8VB6yPGlnEtRk5tLokymuvwxQYulafVlp73FQnjXF7UYJOon0Z8Xy34thUQ0jtRh21WJ359M6OiA3MQFAf4sqCW3SbaY-Q&dbm_d=AKAmf-C0n3pZS6lbyjCNrwYGWMbIl8Shgw2lfNr4s8ZHUL8MoeHCKl_IqUlGOirnUPZ45p7z4IQOGJcHkx8Y54gLuKPRerhDiS1Va-pzw4FVdN-HMQVOC3QHGmhE1vlx2IAk2k31KoHGI4lVevIGj6aC_R3r9cGUls3Zn87jXkVSCiEaWb3D1r_5Ser64LhdmGIA5T-XDFQIDmcH6TpjN3mm4ZNJ8nIw0fh-iTZOIywL3QQ5jqltuRa_3z3Ax24BwoCrZYgkmMXOtkc7eCY3R5qFGooAQEZNo7_czSneNd2eG3jIY6NM4veXskqj_ZQyiyPhioQYlSy6-zm1ssIDNvjpLNKG7KtF8Ty8Ynan3-mtYwV2yrOEVA93lJL2ScK4fDmLDK1hfylMDdcBv9_OeAMmogBeVnYEjMG1vlXJkykkVobgXBt1XH31S215MvqAZD3V4jm0bGWUh8mELMRuBvNUBydnsmaHwTtv3kwjUhMquYDHTPXVyLEvEMZaGde1iW_iITB4yOmJ0q5S3yIltlSbmTFE6w00hQEiAmeXSy165xR8b4yvAK9UmVd52rgG2SeiFuGo9qisXz4sDtpOZhfsBV_xW-ebdKITU_3EiEti_OhW34wC7fQuz3n527RT8DO-Uryk0pdlrsK55A7W21O_5wHqFU4nSBivG9VZ64GeSoXcQjIZ2JqZE-I6WWUt0SQANYpc6LRDjtfeNcOkPhCkJ6NkgtwK6ou90ZXhjejXpPstzuB4L8C62XMELbWdhgedsVerl3poN2aCGFthUc8t5p_TGG5H4DrAnh55G6xyoMRgP-5go_XvWumr7g7PVAn3SeSMo912tliHjzKWxu_gvWd_Jezgcx4KJqXAeI7YWfaTg_PCsDeBrSX-d_wdOSrM4G828L23qjC1JMotT4ckf4duEpKEFIVJZYCx6iJ-iJc9-gPvEK3okf0Ae8AnYZcHItm85kcQ-xTX5LgduLISA6eUBzVbtns9lIgFzFrKk6cYtWMX_13Aa02B1OiUJHTdWFMcAhMTUs9mxpALRu7oRrjrxTQyvbeG8v7cbUFyijepF1JV636spqGczytIZxBU7DeA7YTgc81elGTJMbXf1ZlDfWfi5T62XI0CpuOueemXjnpWJKXphjg6DglCNhmvcumsZzZF4lmKzQ48A7AAb3oywTirK7gYjTb51xF2b9BOelpKoM4b05JnBmFVRzRNN9m9ULDI_Z4ObQxwHBixLu7iDf8fPu95o-SJPb4I2PyGv8ABRX4ZVAwGjGmQihO1to-W5GSDcvAH5t3ziPn2QRDkgDFGoaVME_rtVZLRSDsmeNPTonhsPYyU84s9oGgeyqED4wS4rwswxxy7IqUyVbZRqBxsmGZmC9qszVGW1Ctf-DIfo8OcxDyad9ILYbiV4uYV-QttumskED5-hCiqbuNkzEc_VOEmShXwOavnKcORon38_Dis2qT8hni0L1lJ8pztujRlNJH-bQpUNdaHO0YS2KvyHn-Sx5oA6OE_GiyjvPrFsMLwqdKZKliYMBtBBk4cbLHh-hu2W_NW5qnkOSIPb-uReoG6GNbrPBjVy7PVqecRFbkCcwa0EtgkrkK8i7-39RcBxqYyOB8dfe_jX-abZYfaXZvhl8zNxuly9TbSt7q46hrVqefXDjuAsuYPfm81WP_1zexJ47djbMKbn-KEurJbN_CDwiEb-gLfJS42qmI3I2KIaFTvJknvuqs3kCmiptQq81lTrGojO8PUR3YgGubeTvMOT5jBsiihnLnWh77VxF5n02m9powKwtfxv_Q0fDZbJHsnoRXLQ3REX-1wqS3E8h6x2GxZHv1XCio-ALxvbVbIUv1k1rJMKUNz8seoMedFyaL9k9FFbfOYNdIQuFEUw1yjFQAX20AVWsdTzAK0ET_E1fiaIQoeZS08hjJwF26CtMQa-pucv1M-h2c1Bviyo93rjpLckFVlGd3cNWFOoUW1TIhfDpwlMn3_VJYpxF9E95q4MVPZ8tx5yE-MMpjhChap5D9p2Rt8tWUvBqf5G2uFJM_iHQFU_ETH7-BccdFV3_g-mJhw19IYHBI-dh1xS2a2V-LdcSGu7wECheJWMze0a9QJovSCmh8m_460wntB15wtX_Wb_rDplVUy1gWEmMRcmH4gtQIyPUvwBplyna3zo40JuEvx6HZVFcYO1rzPr3AskbVKSKalbgBRDsMlrOYchW3oh1Q917HjFRXR8llKJyfEp29eIXUyPN-PMho-VzEvoHoMCVpH-vgLrQzFc1QJbrZGgpHwNEKzSeSt2Mi7gaZKNykSno79TF01lQ5maQ0O_PR0bs0rmqp0qH_iIgtuYevMqIu4SR9XhfRtiPgOH_xiBiGejmWeR9AuJ54sZVRxOnHvj30Og-2G2Z17RlyJ7yp1f36o3wCQ0PyFLcySXysfjxctuANFVFMCQviGAnzs035cdV9KT07D0Ky4-JCCkDXhfMOx8sCNEqVI9uuSiOZqkp3ajtfQHvPfoOSqUqocGJ08kBXQ0dxXe2s-awi2ybp4TEBqpcltaTYX-ut0UxSJunkPNMoT9CmMa14z9ejDoEqteRL3046XSbrT1KUN7Th19ZbGTaAmop6WP0ERqgad_vVIZ3rnExzoGus3JpRZoepwCsmz-1D_NYiZasNTnbUMoKFUhfJRLbshCF1qB4TrlvQ3GiWwwtEWRcqEnxfR0wbzz7zHGnBnm0os0rEWJV83z5L7wW1LpO3bfmRCh_2rqZKK33NjGjr2GHSdiCkBzrr_Ig-bP3WtP-Idf1nmPX64Vgq7aUO73tvgSxXn0_ujxzacgm6M1R6BCkSFF-hM8woB6PDSZS1KROgU10zxLZuViHJV72e65ACwSC3LPxElaQbO5LSYU5jTaM0voloH9YO4yv2H267YzPEwduASAr-SkvlKKMTBkzCA1KQJqFXmUCPbVbmqfcLnaqt5WQ5iZdrRtNGY4FhFG_pkpqOKUujMD_bP189Wze61fWmzNPPqHeYeKXE2MY8KEHihPtH2HczBb8Ci4L1dV8A74KvzaMhr1_dKueuTV1YymmU9TDWREDrPoGJ8eMPYqcyIlBQS0sdXoItAe-XTACzJfWKzLsOS2wiqDDTJ5hxv3KHkozKKrNx_g6r02BZNBy2_LpfWFm8WIeLrHjoXd-jzIClP6KfLNNDqO0kAdooLfzEQ_aArWtrt0AgFjJV6maEweBSpNRXM-Zg0q5zN-zG7qK8e7pFKcunEBWdJFAw1De1w_8kHnc7ovvV14KVT45d0Gii2zlxr4d_iV3tGU0nkBJJvUUGGW7T5DwcZEXKmSf6WoHUmymHDjb5Pnmxnt_08qFd2UUEjrWaCHYC8pEmYxw&cid=CAASKORomx0QsIdgbn2FHIEAMK3bJgmREaDT7r_3FUx3Z9GHnZxFoYn9PPA&rfl=1%2Chttps%253A%252F%252Fbluejaysnation.com%252F%240

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

658dd57029ab983a0e49fc425c7a78c6ad8fb5805d3d1b6ced44904c6dd11067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36256
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D20 42 B
63 B 151ms
60ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AOHvkhSu9puiqSj1BXF-4I2q7ObXmlO6dNTvVpoCISLoXvdOukb0dQm4n_w3G1aQYlK9DcelvMJu0-Q87EJsZD0Tetx2eaKtwYAPt_oz742Ck4l18

Requested by

Host: 878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com
URL: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 2D20 3 KB
1 KB 80ms
35ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: 878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com
URL: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:09:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Sep 2022 12:09:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 2D20 17 KB
7 KB 80ms
35ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com
URL: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Sep 2022 12:09:51 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2D20 0
0 81ms
36ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSgbvWiunEnPy1076yOvb6I_YnYZX1JkTfRYaaYLOBJwoTKjrBYFSjpTBmwvC3ckQmTztj3nkjUUF7YdpHolLAS3hiOKw
Requested by: Host: 878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com
URL: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2D20 140 KB
43 KB 230ms
71ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com
URL: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 Aug 2022 12:11:10 GMT

GET
H2 204 /
onetag-sys.com/usync/ 0
38 B 52ms
17ms Image
text/plain 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-store

GET
H2 200 sync
eb2.3lift.com/ 37 B
140 B 146ms
13ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sync?px=1&src=prebid&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 /
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ 95 B
223 B 201ms
33ms Image
image/png 162.55.236.225
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fbluejaysnation.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.225.236.55.162.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:10 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ 0
42 B 264ms
24ms Image
text/plain 198.47.127.18
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159835
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:10 GMT
content-length: 0

GET
H2 200 pd
u.openx.net/w/1.0/ 43 B
131 B 80ms
41ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:09 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FD3C 0
0 87ms
59ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082202&jk=4415499664251130&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js Show response
pagead2.googlesyndication.com/bg/ Frame 3CF6 36 KB
14 KB 60ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 16:56:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69305
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14092
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 16:56:05 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame CAD9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7HRtSCa2gmxgV7KomRay0&google_cver=1

43 B
915 B

122ms
54ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7HRtSCa2gmxgV7KomRay0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiVs_fOATAB&v=APEucNUNsdhEi57s8CzgjVncAsKWtutanWBESMFu7svEhR0JHl8JQBsEFau26wPZZlm5O3svIrgO19NPcFqEnkkC_G2XJoFh9iCRy1-0OoEAf7TZx12hjlGxg0FXUlQfsLOeaCR-57pDaSSnX_bgcFcZDdC4uDKGUw
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 740c77edefeb9a3c-FRA
pragma: no-cache
date: Fri, 26 Aug 2022 12:11:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yR2ybdKiQ8Dapdg46i%2BxFezoTjeBSoNp%2BjPO%2BF7uot3SktmCAl84MldAZwniAbEg6YAK8LpRU2Aa5Y%2BDjJ6ixLm2%2B%2FblO3DYqrgBWwiJUKOd1%2FOC0u45JdPZc%2F%2FXG5jkBaYA1sBpd9UKBg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7HRtSCa2gmxgV7KomRay0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame CAD9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ywi4XkI.lI1SAzGv9eN8fwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7HRtSCa2gmxgV7KomRay0&google_cver=1&google_hm=2

43 B
907 B

219ms
176ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7HRtSCa2gmxgV7KomRay0&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiVs_fOATAB&v=APEucNUNsdhEi57s8CzgjVncAsKWtutanWBESMFu7svEhR0JHl8JQBsEFau26wPZZlm5O3svIrgO19NPcFqEnkkC_G2XJoFh9iCRy1-0OoEAf7TZx12hjlGxg0FXUlQfsLOeaCR-57pDaSSnX_bgcFcZDdC4uDKGUw
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 740c77efaadc9a3c-FRA
pragma: no-cache
date: Fri, 26 Aug 2022 12:11:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxxhxZmuxPwhCsUcM3LirHs67tbt7IFUQn1lJnJMlCp51%2BAgFvZJ1lSAN1VRGGsynay2107Rbvjd1IGxA7lKl5hjet%2BWfsvg6x1KDMiFVUwuBIF3NCHzGJqqYESYuW%2B6ANcnvNdg7nOmSA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7HRtSCa2gmxgV7KomRay0&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame CAD9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL8EqGag-FrTaSeDXwSEF9I&google_cver=1

43 B
1018 B

49ms
49ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEL8EqGag-FrTaSeDXwSEF9I&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiVs_fOATAB&v=APEucNUNsdhEi57s8CzgjVncAsKWtutanWBESMFu7svEhR0JHl8JQBsEFau26wPZZlm5O3svIrgO19NPcFqEnkkC_G2XJoFh9iCRy1-0OoEAf7TZx12hjlGxg0FXUlQfsLOeaCR-57pDaSSnX_bgcFcZDdC4uDKGUw

Protocol

HTTP/1.1

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Aug 2022 12:11:10 GMT
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 85b788df-82b5-457e-8cf1-ac2f2659ff83
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEL8EqGag-FrTaSeDXwSEF9I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CAD9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI2OTM3MDYwNzc3NjMzMjIxMA%3D%3D

170 B
232 B

36ms
36ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI2OTM3MDYwNzc3NjMzMjIxMA%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 26 Aug 2022 12:11:10 GMT
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: a0e223e8-65fc-498e-be4b-72dccf5d4464
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI2OTM3MDYwNzc3NjMzMjIxMA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 056A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7HRtSCa2gmxgV7KomRay0&google_cver=1

43 B
945 B

121ms
52ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7HRtSCa2gmxgV7KomRay0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKSDwQEQ27vuARjbwv_EATAB&v=APEucNXu5ekiJvElbRljf8qZI5ZOTfmgdWbBq6ymEwyMh5iaWIp0f_aAy3y75l_5NQs-AXgt9wkysga2jJc9wkh5YlMw8mG5G5_4T7GKKe4d5BEtNy-aXPMPG8UhO3bpaqZwLNoVsYxs7BbSqHQNTFPDsGJQuA-D0g
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 740c77edefe89a3c-FRA
pragma: no-cache
date: Fri, 26 Aug 2022 12:11:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TPQsxmgKlHm%2FhNJpLv2aTrM5EO8iq6rjnP5coq6QuO02CZeK9PikKLx%2FJGNuPvjv9%2BgYmBwCj5G5R2ZfKBtTfSSBtRTiw7Ye8rXA0390BlI7ybHDHMm2cRXv09FU%2F3CNjychj65C0nmD8g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7HRtSCa2gmxgV7KomRay0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 056A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ywi4XkI.lI1SAzGv9eN8fwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7HRtSCa2gmxgV7KomRay0&google_cver=1&google_hm=2

43 B
909 B

116ms
73ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7HRtSCa2gmxgV7KomRay0&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKSDwQEQ27vuARjbwv_EATAB&v=APEucNXu5ekiJvElbRljf8qZI5ZOTfmgdWbBq6ymEwyMh5iaWIp0f_aAy3y75l_5NQs-AXgt9wkysga2jJc9wkh5YlMw8mG5G5_4T7GKKe4d5BEtNy-aXPMPG8UhO3bpaqZwLNoVsYxs7BbSqHQNTFPDsGJQuA-D0g
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 740c77efaadd9a3c-FRA
pragma: no-cache
date: Fri, 26 Aug 2022 12:11:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftm7VKKHTOkEQYbd6dN12ykTrwsG6ISXS5g6ZT602y3375GzZvbk6oPxLsd9BQaL1XCZr8ai1OaYL5JPESOB5ftBfsHMnF6E%2BR%2Fr3ChAb39%2BmptrtOd3YuRe00rjDxrZs6LGXbSHX%2F2gDg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7HRtSCa2gmxgV7KomRay0&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 056A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL8EqGag-FrTaSeDXwSEF9I&google_cver=1

43 B
1018 B

46ms
45ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEL8EqGag-FrTaSeDXwSEF9I&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKSDwQEQ27vuARjbwv_EATAB&v=APEucNXu5ekiJvElbRljf8qZI5ZOTfmgdWbBq6ymEwyMh5iaWIp0f_aAy3y75l_5NQs-AXgt9wkysga2jJc9wkh5YlMw8mG5G5_4T7GKKe4d5BEtNy-aXPMPG8UhO3bpaqZwLNoVsYxs7BbSqHQNTFPDsGJQuA-D0g

Protocol

HTTP/1.1

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Aug 2022 12:11:10 GMT
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4ab98343-884e-4c66-b722-9e589698c662
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEL8EqGag-FrTaSeDXwSEF9I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 056A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI2OTM3MDYwNzc3NjMzMjIxMA%3D%3D

170 B
243 B

35ms
35ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI2OTM3MDYwNzc3NjMzMjIxMA%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 26 Aug 2022 12:11:10 GMT
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 323808eb-fff2-4dab-b33a-621a5218f44b
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI2OTM3MDYwNzc3NjMzMjIxMA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 914 B
2 KB 223ms
61ms Script
application/javascript 34.249.238.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12967&ref=&url=https%3A%2F%2Fbluejaysnation.com%2F&hn_ver=40&fid=dd2c0024-d2c3-44cd-9774-0842f276de2a&dsp=pub_common&dsp_uid=f17b91dc-d0a7-4ee3-b1b3-9e41d8b6826a

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12967/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.249.238.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-238-57.eu-west-1.compute.amazonaws.com

Software

Resource Hash

9d5623b7baa3f0e29fd1bf5b26fa1b291cd75ab73327e4219480e52a3bbab23a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Aug 2022 12:11:10 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 914
Expires: Tue, 23 Aug 2022 15:05:36 UTC

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 92D6 106 KB
38 KB 104ms
24ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
Origin: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 07:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Aug 2022 07:50:56 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame 92D6 8 KB
3 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-9HlrgaetO22W4UsCLO5946-5fZxGmun561yyEhXutW7e-MgQtlhWHSFkyE-3FJ6PHfok6Ti1lPHqwDeSNxo4ZGk_n_PwFsSBfq31QaZ4qls-S9lFayi5vlb1i9MxJc8lqlmiyGEstxfqS6edcDoLUwuT5A&dbm_d=AKAmf-BDJSe59olaJUnGhGXc9PlI05GKUzG9DmcIa2XMDF4NBG8E3-P5QqJF1YJur06Ltz51DIwcvF7kbLTj_amviRTPp9eDUNGF1UJPunkr5N6WaDsCxPBkzXDY7MU-jBpurulQrb6jFYM6diZxNkTQDrovmTzYDJk4vFv8GCI5Kp1MDZ8qM3zslGWn51c6HtDrmxCbLOSVysL6YdXfVpnZ6K0ctUeILA8ef8793SuZKtIL_wODuNxQe92LBH7k0cCtbU45iSFA8VlyaTZVCJ5io1oKjChYhhxBpzLMcTr_-yYu6atR0M-sx1tTyguNKDzu2X_ykC5AS-6qQIG_917W-YizosvNQdEV0lUPRhNBS7biWsPyhmfFQUdfebHXoPFcgCU9S4QRZ5N07zs1756S9ZiF0xbRBP4M5arIxk8Psya02pL8gAU-IxV9VU0vLUHbl8aqVAIGHClyr-zy5kJWTK28reVWxO0RAX2iF-lm3xZSx5xb2VqtqSdtOwCSZOKwuRvCNJbXkkjRqNYNL9_QQYsbOM9I6kFGwwUPfwC7Lqzi8sl65o2XFtr5hbZkNHv6K1CTXHTYs2mJwuJwlWHxOKzpUEMq9LzrMGaS4Oj1vP5OmmUrOn5qcao31-A8LxpoUsipNrEciRif_AKtatCyHx3yBylZFR9kVzVKcrYirO7wTccGs5Aq3M0yJi7NKht4M9UwRt5O5mIwDn6LgKeYSYhcZY7sG4dUKphkuKOH0zR1jaksdEmun-bFyY0pRsWNjsp5b8hwYaB5G_qssBigfjCWcKF8N667me35FhMKNMBsH13oDAwdvbGUTvwbvlkzQ3isEBm4G8zoi1HPsWW8PiJnoM03pNcuXywBGQR-lusy05-PiW0O_0G1pi-pjdFwqPDVoAqrI6B3ludHgRGeW6wn6KtUwumscA89ooQWY17KHAaAXgf4Mk2DpU0saK_i2jBZvfuMH7qd3Lbzk0rD6kZDYE8pztBHQpM7wBa-dLCyZST-xMUFdpq-I4FaDzxCoNFYrK60HqXWsWbEphQcMx5XKgqGA3XQbkGbN5I3L73vDu3JigqJ6hBoVH4PjbZSWoa58LQOJbj6-EVLDSzGc5K8Jrp4lusFps8ayZeWWW9E_Uno19eVarCEhWfmg7w_0TYaWHLMgRVdwytoeTcUDwK-bdWmV5YrGosRXTWTATMHzbcckKBTJgpsYWgi-VEXh-hrSIQqsfU5f1Gnk0jZ2mP5RwbrOkOXen3eemIQR6CnkSEDkfVLwL-cIm0jBZhit85KtXrmSve0QWNZVMmUM08vWyNsXR9FOdybNx__VPwrNLOduRf3V3-hGcnCCi-RmWgZvIJpDoOuUyXx_Upgs_PSX7DwvQgaURdWlemk37vH3e-nO4QwzyHy1tUZteq-Z-IEExERr1vx_h4AecUYhB_Qb4S8BvKZBNzYwWXXdqNgxwsaWnejZSz6FCiCYBOl-37lgBe9WptADsqFcHftZy9EvRNebg2927HoPNRM5bd9l8xM2PR3DgBB-dBh9pyTwenAUWqFVqT5ox5vbhRKsFQQcU0cK8lbopXkibiQnZEa_-Qh2re8zBzuLnjaS0yfQp6u3pIeqKSnZC_F_RNh8wJ0Ax511OUA2jryY03KK8duJcTeDrjOLNrPR5oVam0z1TcXbFly8RyOXI7saHEyNTM83qDuo8qd7b3FK_X9YGFYhifKP0nqNmfIoVg8GZEVHlRsZfXrCp7OvMKVxP-K4rhCsKep2wQQgbwszBZd87-cjYDkoK7CJrLksAx-iJso_nEGJ-NQUa77aRCFEwrF73DMVIK1wGYRUeT7rRxO-QnD4i2TD8_EABFYL1q_Z5716O92d_mfsS9FVrMq_jlDj-HO_HseqsAx_bL8cwREzdP0-7i7reYkG3n5XdmfOP4LEqgCWg6q1eldxcejJ6TP9rXDjA1gLMyyl4JlE7xa7ttlqaTU1jcDSee5H9OmVxOEiOqXW939nwJR0N7RnL8S50E1zipUTZcFsyCu2JtZLHxr_cVEbjRQ5cz6tBSGUD9P0Y4nLTYkrv5-sD18oJL4Vn-54aIpyp4Cd78-jx2u9YGiRTAs0-QCqLBChhWqcUBnXZSw8AIQ9YwYvkZAuw2BeeP_0ccvYI1p7XjKSC-8DIp4EfRvzV75i_dxZuF0XRmQTqzbGIdWZNWUtZOcV6EprHM8stjvUWt3gdf-PDBvIV_qPoMsm5_GIA4aIoyIR8eVCw4O8vIfs-J5vSYOPrvI_7IubnmpMFVzjTUCamnqtTzMPbwuqBTN5NDleTeC6F9h9P3SqoBU955Jclmele9fSMGgHnKrbcOYx_atOVzRrdIBpovgumjwfP8uWDsV9SLsou57L3o7m1qd7-9w0BAwozgv2OBOu2REeq21j9bRObxdEU2fwsOtqWvUIlVdXoV_nphwlz0SS3MoAaSJVrR1gNZ1gk6eA-ErgLc6ioQy2dYOMWc9pw81PhqZtrNTnuRctutUwpuYKeoVFdGZ9MKE1jK7eWNAEETmnspWUHXxsGFfxy8pJ_j3ilpYXXEGduQ8n1U39-dlo21zJJZvLQxu5AZ1v46kUEui1Mq7l0lTkiju9-OLrSjl7tKIvU70zr0rFxHkUDFBPnFeY43XNEPU_jNfRB1HFkW3teOoNS63BcSoa4oMiiE3iUE5br_B2VJZOT410uy8q-67V8NrEyDb90CVOT9Bylo_eKHo-lQh999ykj4lqEjeIHhdZc_WobgBR29r_dWyFcoVZdze-uXxoc_oa5vs4GZ3i6anbZYwb3y-ATHAOY8EY20rJeJulQUZgI6lvRcu9x7JbsNrrEJNYNGeYJdxIyqSpdFg0CeFY_VtVKhpjkYZiSgpZAo_9m27DgbLPLRP7fd52E_-Qfpa6DlS3aWElBnd661LilJnthW7Wmq0N3tga1rVtikqAJPGAmp8ou8Ai8BKJKQWT4mTgEZ_HU5gQILYZ902rIz45R-cHXtmeSPNJjBXRCneSs78O3U-lJ0qHPA4PKrgpmkDfITMMy4cSx9AKFphQKb4jVo9cKqmdjYJ6x6pMBt2UwzWzTDeEc55BaW1IpI4ZV0AiAh1u2ZGogi9NHLZF83bd1EjKVWAdn-_iyjamQhXd2S1Jy1x3PNwZOhEPHxJEpt6pdJKVTVsjAr78DChMQFLg8Gi_TGRAveGzNUALa_Xx7RMQr5R5FUt9NdqWyl0m2Ip-DcyRTkSIKXgXBwapeZHNw7Ne9PvmiyP_4Rk0ST7q2Ylf8CeOGoyp_RsLWlxGfYZq7pdRpPEqDO1qZdMleu7qwVZEMIac0M9obWn9oTsv_K527Cm-VOMlP1ao84WWloKdq3pLJ02emBVP7He9YwazQ7m2oZRKtRKkcdmY-gTyZPYUztRGNHK75MLiZqXS4DbtXUCoA8Sde615eviPDE1Xj7PZIwrqyVDtwptju8YJdMOY2AeaHgBQ3rOkyN5iQ1-Ly4tYVPbGyWRP73aeGDODJ3dZGRsnvY&cid=CAASKORoHJlr8VucOE1spm2Ox6NJ54UC61tuprSwVuIa9_3aqwwB9Z8t5BE&rfl=1%2Chttps%253A%252F%252Fbluejaysnation.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Sep 2022 12:08:08 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 92D6 30 KB
12 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Sep 2022 12:00:43 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 2D20 170 KB
59 KB 118ms
49ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
Origin: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 07:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Aug 2022 07:50:59 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame 2D20 8 KB
3 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8BjlI4VfZ7L2t0pTdaWe5lGsgc9uo82akf-XBdQZENXySGyrAlY251xCu1vjT8VB6yPGlnEtRk5tLokymuvwxQYulafVlp73FQnjXF7UYJOon0Z8Xy34thUQ0jtRh21WJ359M6OiA3MQFAf4sqCW3SbaY-Q&dbm_d=AKAmf-C0n3pZS6lbyjCNrwYGWMbIl8Shgw2lfNr4s8ZHUL8MoeHCKl_IqUlGOirnUPZ45p7z4IQOGJcHkx8Y54gLuKPRerhDiS1Va-pzw4FVdN-HMQVOC3QHGmhE1vlx2IAk2k31KoHGI4lVevIGj6aC_R3r9cGUls3Zn87jXkVSCiEaWb3D1r_5Ser64LhdmGIA5T-XDFQIDmcH6TpjN3mm4ZNJ8nIw0fh-iTZOIywL3QQ5jqltuRa_3z3Ax24BwoCrZYgkmMXOtkc7eCY3R5qFGooAQEZNo7_czSneNd2eG3jIY6NM4veXskqj_ZQyiyPhioQYlSy6-zm1ssIDNvjpLNKG7KtF8Ty8Ynan3-mtYwV2yrOEVA93lJL2ScK4fDmLDK1hfylMDdcBv9_OeAMmogBeVnYEjMG1vlXJkykkVobgXBt1XH31S215MvqAZD3V4jm0bGWUh8mELMRuBvNUBydnsmaHwTtv3kwjUhMquYDHTPXVyLEvEMZaGde1iW_iITB4yOmJ0q5S3yIltlSbmTFE6w00hQEiAmeXSy165xR8b4yvAK9UmVd52rgG2SeiFuGo9qisXz4sDtpOZhfsBV_xW-ebdKITU_3EiEti_OhW34wC7fQuz3n527RT8DO-Uryk0pdlrsK55A7W21O_5wHqFU4nSBivG9VZ64GeSoXcQjIZ2JqZE-I6WWUt0SQANYpc6LRDjtfeNcOkPhCkJ6NkgtwK6ou90ZXhjejXpPstzuB4L8C62XMELbWdhgedsVerl3poN2aCGFthUc8t5p_TGG5H4DrAnh55G6xyoMRgP-5go_XvWumr7g7PVAn3SeSMo912tliHjzKWxu_gvWd_Jezgcx4KJqXAeI7YWfaTg_PCsDeBrSX-d_wdOSrM4G828L23qjC1JMotT4ckf4duEpKEFIVJZYCx6iJ-iJc9-gPvEK3okf0Ae8AnYZcHItm85kcQ-xTX5LgduLISA6eUBzVbtns9lIgFzFrKk6cYtWMX_13Aa02B1OiUJHTdWFMcAhMTUs9mxpALRu7oRrjrxTQyvbeG8v7cbUFyijepF1JV636spqGczytIZxBU7DeA7YTgc81elGTJMbXf1ZlDfWfi5T62XI0CpuOueemXjnpWJKXphjg6DglCNhmvcumsZzZF4lmKzQ48A7AAb3oywTirK7gYjTb51xF2b9BOelpKoM4b05JnBmFVRzRNN9m9ULDI_Z4ObQxwHBixLu7iDf8fPu95o-SJPb4I2PyGv8ABRX4ZVAwGjGmQihO1to-W5GSDcvAH5t3ziPn2QRDkgDFGoaVME_rtVZLRSDsmeNPTonhsPYyU84s9oGgeyqED4wS4rwswxxy7IqUyVbZRqBxsmGZmC9qszVGW1Ctf-DIfo8OcxDyad9ILYbiV4uYV-QttumskED5-hCiqbuNkzEc_VOEmShXwOavnKcORon38_Dis2qT8hni0L1lJ8pztujRlNJH-bQpUNdaHO0YS2KvyHn-Sx5oA6OE_GiyjvPrFsMLwqdKZKliYMBtBBk4cbLHh-hu2W_NW5qnkOSIPb-uReoG6GNbrPBjVy7PVqecRFbkCcwa0EtgkrkK8i7-39RcBxqYyOB8dfe_jX-abZYfaXZvhl8zNxuly9TbSt7q46hrVqefXDjuAsuYPfm81WP_1zexJ47djbMKbn-KEurJbN_CDwiEb-gLfJS42qmI3I2KIaFTvJknvuqs3kCmiptQq81lTrGojO8PUR3YgGubeTvMOT5jBsiihnLnWh77VxF5n02m9powKwtfxv_Q0fDZbJHsnoRXLQ3REX-1wqS3E8h6x2GxZHv1XCio-ALxvbVbIUv1k1rJMKUNz8seoMedFyaL9k9FFbfOYNdIQuFEUw1yjFQAX20AVWsdTzAK0ET_E1fiaIQoeZS08hjJwF26CtMQa-pucv1M-h2c1Bviyo93rjpLckFVlGd3cNWFOoUW1TIhfDpwlMn3_VJYpxF9E95q4MVPZ8tx5yE-MMpjhChap5D9p2Rt8tWUvBqf5G2uFJM_iHQFU_ETH7-BccdFV3_g-mJhw19IYHBI-dh1xS2a2V-LdcSGu7wECheJWMze0a9QJovSCmh8m_460wntB15wtX_Wb_rDplVUy1gWEmMRcmH4gtQIyPUvwBplyna3zo40JuEvx6HZVFcYO1rzPr3AskbVKSKalbgBRDsMlrOYchW3oh1Q917HjFRXR8llKJyfEp29eIXUyPN-PMho-VzEvoHoMCVpH-vgLrQzFc1QJbrZGgpHwNEKzSeSt2Mi7gaZKNykSno79TF01lQ5maQ0O_PR0bs0rmqp0qH_iIgtuYevMqIu4SR9XhfRtiPgOH_xiBiGejmWeR9AuJ54sZVRxOnHvj30Og-2G2Z17RlyJ7yp1f36o3wCQ0PyFLcySXysfjxctuANFVFMCQviGAnzs035cdV9KT07D0Ky4-JCCkDXhfMOx8sCNEqVI9uuSiOZqkp3ajtfQHvPfoOSqUqocGJ08kBXQ0dxXe2s-awi2ybp4TEBqpcltaTYX-ut0UxSJunkPNMoT9CmMa14z9ejDoEqteRL3046XSbrT1KUN7Th19ZbGTaAmop6WP0ERqgad_vVIZ3rnExzoGus3JpRZoepwCsmz-1D_NYiZasNTnbUMoKFUhfJRLbshCF1qB4TrlvQ3GiWwwtEWRcqEnxfR0wbzz7zHGnBnm0os0rEWJV83z5L7wW1LpO3bfmRCh_2rqZKK33NjGjr2GHSdiCkBzrr_Ig-bP3WtP-Idf1nmPX64Vgq7aUO73tvgSxXn0_ujxzacgm6M1R6BCkSFF-hM8woB6PDSZS1KROgU10zxLZuViHJV72e65ACwSC3LPxElaQbO5LSYU5jTaM0voloH9YO4yv2H267YzPEwduASAr-SkvlKKMTBkzCA1KQJqFXmUCPbVbmqfcLnaqt5WQ5iZdrRtNGY4FhFG_pkpqOKUujMD_bP189Wze61fWmzNPPqHeYeKXE2MY8KEHihPtH2HczBb8Ci4L1dV8A74KvzaMhr1_dKueuTV1YymmU9TDWREDrPoGJ8eMPYqcyIlBQS0sdXoItAe-XTACzJfWKzLsOS2wiqDDTJ5hxv3KHkozKKrNx_g6r02BZNBy2_LpfWFm8WIeLrHjoXd-jzIClP6KfLNNDqO0kAdooLfzEQ_aArWtrt0AgFjJV6maEweBSpNRXM-Zg0q5zN-zG7qK8e7pFKcunEBWdJFAw1De1w_8kHnc7ovvV14KVT45d0Gii2zlxr4d_iV3tGU0nkBJJvUUGGW7T5DwcZEXKmSf6WoHUmymHDjb5Pnmxnt_08qFd2UUEjrWaCHYC8pEmYxw&cid=CAASKORomx0QsIdgbn2FHIEAMK3bJgmREaDT7r_3FUx3Z9GHnZxFoYn9PPA&rfl=1%2Chttps%253A%252F%252Fbluejaysnation.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Sep 2022 12:08:08 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 2D20 30 KB
12 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Sep 2022 12:00:43 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 92D6 41 KB
15 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com
URL: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 11:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262073
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 11:23:17 GMT

GET
DATA 200
OK truncated
/ Frame 92D6 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 390b6f4dcb2d9c9ef4baaede449889733386db012e5c02153499d4434e1922f3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2D20 41 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com
URL: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 11:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262073
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 11:23:17 GMT

GET
DATA 200
OK truncated
/ Frame 2D20 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f06d95717c21a301c4ca6673aabfa19d26b005c2786bd32d8383729dc7e0fb05

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DFF9 22 KB
8 KB 44ms
21ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 169375
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 13:08:15 GMT
expires: Thu, 24 Aug 2023 13:08:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/ Frame 9D05 6 KB
2 KB 87ms
25ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69baa42b5243c9fad39140cd27772eb779a829f93bbc325e2e695fd8b74f4371

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 439245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2318
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 10:10:25 GMT
expires: Mon, 21 Aug 2023 10:10:25 GMT
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 92D6 0
622 B 139ms
67ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuiKrPNy8Dr9Mp1irRDSxiDeJydUrbi-wCw0YZjEDTpebKcTNjM7tyLoy2stc7lP3dGZ6FTBPJROyGWnT_9WVQKCG5u-mUYP0O7J1dbaaAaY2DMd6WEedPQyplA-mM4L3yNWJXeTeGJLT1xisEz7RodzNGv3Z96qZKoX3QQUhHdd1LFiq0KY8uctOF_mQWTvcSHUNG_K6Y9c-7wTOJABeqvWmBtNpzFKl0gqZhxXmHb0N_6Cbh2zNnzJmrnkV4kITDF8i8nuQnOhOjNjJIi1tLKY0aHO1G3-0NG8fNqiAStetlcnxzwX6SdNaN7O-_NeO9qatljF80S_0tvXeZf7Vo6_RrSdkIka6WMmlgNRQebQqr8UvdvCMDZ4t7W5Z-qHjm6MgfFuXkYIwnw6VjgpTqtGt5QL8FvhrIS3M0sqnbcWZoEguyV25i7Xyb7qboGOg3D_GvdGldYnJTwaWJKQNozo1J87EO7Z6WPbaVoOlQn0X6sxDMVjhrYy0Hq4oNUjQItgWW_eAJy2wBVfu_1_j9uTndOd4Mr2Chwh6gHTD8odEHqLR-7az4wX7eoB4alnfN14z537xTEZW4CWggNo0bWqufgDP1gCK2yv6sQUJUazPDtTPt-Pm7hQhfXGydSxipwoM7s6bqB9D3trFB7UGNtWoQ5xfIJ2EQaLBDs41DZ6rh58-mTU5SIbPVZmIIsTSd0BDfG5q-GEJtSdGiTNP9yLr3C2VHfhhVjVrOM99wcloD_VY5JtgDODBsCjrNfemu3Zsfk1mb1jWzhz8O6TQHQQxtFp0jjLVOcjQsyKJHkjNkc7rIqfVdr3ftEZ_Lm_pnKjIxfxCKLf2dhQqATBMeuRqcxowxyvuMmqowWMBHA_o63X3ZP6JfYZsP_HCS2WMUDxjmcKEhDPkEXkdLoJyoDiGcUSEGC63YiRcdy_a1Zv-_MiazQcTdqPDW6KBGW1lOHQpTdfjaXq9IuNnAou9PFrbZEp41wr9chrGRdwmPVWTz2sUhxm4UnYcQz5YvG7-qOAw7uvuE5AEr3ZBBxQ-Ixsp8RetVw3sooFkU43P0RM9IjlSqQDiV0U5dfhQLQYQ4B2-ylpocOhjJZcHsuMPdIu-nnT9EjJKU82Kei8qx9ylVwLq2962x5SLQpajoVfwp1f00VT2k7vX3y4WKZd29BswL7IND1CxOVg9TwiuEVwsJIprWhYuT-JMRP3wN8hlNCXxq2kwWMojjg42yikDldFPa3n7v-w6khKRxU9n2Uypsm8RQyShc89QdATMu8Nf-W44EgOp5ZXzSpJe5QxYeutWvpfeJjGT2eHw&sai=AMfl-YQrNGItKXCiJgbXW-GYbbDLUquLQ_ZjZVNq2FV9AKJyhUBIBTvV6IEsiLO9HMwDZe6q3whMTwNrg8kmyZ2wuaC7dtB0fn2CZ5n5NS780YujwNvmHQX3z-MaeOvutfvDEXRUVSTeoz_o7aQJOjg0tyYWVry7euUYv1b0SCi3RX1lBg2klNnWBorwNoPs7FJ2Kjo9tWUIYoFB_7YH7guDHm5pr_Lamm1Wlw&sig=Cg0ArKJSzABq1jz0ALIzEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=215&cbvp=1&cstd=212&cisv=r20220822.57421&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 26 Aug 2022 12:11:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FF12 22 KB
8 KB 22ms
21ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 169375
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 13:08:15 GMT
expires: Thu, 24 Aug 2023 13:08:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13370573997154231401/ Frame 6D29 13 KB
3 KB 46ms
36ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13370573997154231401/index.html?e=69&leftOffset=0&topOffset=0&c=q6De6oUBpt&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e09a6852ef5c0287fed62dc9aa407107122f6809d25284e9447ab088cc4d6d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2639
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 26 Aug 2022 12:11:10 GMT
expires: Sat, 26 Aug 2023 12:11:10 GMT
last-modified: Wed, 05 May 2021 21:21:53 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2D20 0
64 B 86ms
70ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstX3lp5NdGtPnRG4EsCBQNeYQeumtS8uAPOia96gg9W5MljuDngzAhXeUqsqobT6JTul8SSopZybTMQKZb5oUcHa4CZkftPwm-Qfbflr-eKSAHaV8ivDJjU97N-Lz_t-VnkLNJL0RmE9kci-fkF__uh1zNnuZmZaEBSfP2wDxyzwHhPYKPZzfGHFKJkWMHdKExlFSSuktBCcODoRZNP9V5tfLcDmq0wISxtC3nDKcoF9IYvszdeVKpVlWAForZEvVx-7AUqjE1xylaw0TX20KkSeJsxe6oxnEUcjKkRMWxqtKXP5SN4o7MZ0-DA6jNjzob5GSrnK-8QDGAqYpl6NFf38ECbks592iXTK66zs2m9nYdAArrCeiKiU8gdSLajXF4nIWSm_tfuYniZrIxCWCr3i4yEbonsHvi1-ZRXFgmqJE3MzYLjMa_FjMjndaldPI1zRm0x9NEC5UDnlXbJUFM2O9V8T69yg7VByqO-ROrJFn35wK_MOeAG_CvmPvGcpLcCd_6qJAc9BnrCxnkEOGltzlCMDUEyzk9VSyGWi7hUcSbCPTlW6Z8bofBYyQLtZfwv_7vvX2D-J3A3P9OeaQOPNXnuO1dB8yowXt-rGgIIbvAqwzIS_chtljREL6EAkTDbZso2Ta3CEotshhL5o1kdDMenLg7z7QRz23NexI4UP_WecPtbfiLrZVJvBRzF2TK0KcLHd_4FWWBv_aeBpyzqv2D6agiHV85vQdcNuYctNpiA8iqRPWh-tcUexjDcdmc1B7YNYvRK5MmTSX4Sogs2WINsHdUzeialNBZiYWnmM01dNaRVjjy9Tb1Dz-NkaKTiNrzj0FTIq-ln-MQLO-WVlGZlLnsr9ZvaXMwOe-oZPqLmBaZNbuGS-jbka626lS5q9TQKfLQhEKrox6iJRLBRIs12uHfSFDpuR8XS92XLF50Iv-0c5rZNpxI9x2bj0mjmpleeqZOBtz4CQ-2IYCvkM5xa8oU7HtokUz7TtcHMQfIT-ML-5M_GJuhNdRbocZWLwJc8kmkfb9QlgDtHgcU_gWBDecz8ORW3gzhwzFoAwQVFxtl4-p6orgdBYUnqvceG3iCJmT74AysfM1CjWZXOyvwxfmZl5MZHCu5bLPwHMWWxA1r5WcguMBBpZD3xRPZguUJP8S7cvkQVIw2KVf0kFlCA9fc5PqKAwrWoX7R6qsBj603aORt7CrNh3Isyl4-bnKAWPozZ-7l0TVPsEhpawM2EUOjgOcg&sai=AMfl-YSDKcTl1Y2CykBDVAcs5RNUfDwCf-I9EONvh-ZdJAP5n_tFfPy0RuWkLZhPV76yABiVmVJwruczUVBi_hxKDhZ4gItIKi81nDglf_gbXQXFuZZVBvycAZN0oWVSFqCTDqTL-ByKUcsIJMMJluwSO4SwV6yxdWp0bZSAe4zYL5lqtcBlq7OR8pfI0E0fsKdjH21k34JAQQHkTE2Zco2-GF5r6KxfJuN86Q&sig=Cg0ArKJSzO0k4HwR9twJEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=259&cbvp=1&cstd=250&cisv=r20220822.88962&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 26 Aug 2022 12:11:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 adblock Show response
fundingchoicesmessages.google.com/f/AGSKWxXzQPshwUScxeSoLhWh7N42lmluY-lagCv0-pOPJAsOqiKU72h-jIs8YTuJD1MGw0ZYGl6RN_ikoQXY4id0Jf50zqf3T8FNFVoVnqo3Tiwvr1rCdKAOcRpewZ8ywGVJGmLXuucIaOJ14UgNSLuUNmd-s5w6w... 54 B
109 B 41ms
40ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXzQPshwUScxeSoLhWh7N42lmluY-lagCv0-pOPJAsOqiKU72h-jIs8YTuJD1MGw0ZYGl6RN_ikoQXY4id0Jf50zqf3T8FNFVoVnqo3Tiwvr1rCdKAOcRpewZ8ywGVJGmLXuucIaOJ14UgNSLuUNmd-s5w6wnz3Wv7sOukPEnCirKxYIUjYh_lFcfzN/_-mid-ad./adblock?id=_ad_count./adframe728a./related-ads.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YM-KW1lR2ug.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMwYo7CwqTYfHPlnZy9CqTKjW0Fcig/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a78641ed558e1f06c6391aaf395b852e63cf62e973e547a7e9729e91cfa4c8ee

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pqS3BJClGtKrNnn2BUyBXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pqS3BJClGtKrNnn2BUyBXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 81 KB
30 KB 25ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39bbb4c8067940a88bc6209dc23088e77b6da8711c6d34e5f8391fcd3a06dcfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 11:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 887
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30256
x-xss-protection: 0
server: cafe
etag: 511464540914103601
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 12:56:23 GMT

POST
H3 204 AGSKWxUwT1t6AjOpPOCdkq7DT7G_WEbpvD0IwzRvYhnruUVsPdcz75Fk05TTTYvYz4AwKiRKUXADCVYWtS31tObSyTYZc7wMRHXTwrqo-xf0cuo6kGddTCmCWegOFgSWq9mqLNTpcmnovw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 39ms
38ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUwT1t6AjOpPOCdkq7DT7G_WEbpvD0IwzRvYhnruUVsPdcz75Fk05TTTYvYz4AwKiRKUXADCVYWtS31tObSyTYZc7wMRHXTwrqo-xf0cuo6kGddTCmCWegOFgSWq9mqLNTpcmnovw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-a51TWY3RL1gEursDxJbV6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 26 Aug 2022 12:11:10 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://bluejaysnation.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-a51TWY3RL1gEursDxJbV6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=dd2c0024-d2c3-44cd-9774-0842f276de2a
https://s.cpx.to/ca.png?dsp=dbm&fid=dd2c0024-d2c3-44cd-9774-0842f276de2a&google_gid=CAESEKj6fx8SMY3O8JUsnSPVkdw&google_cver=1

95 B
804 B

111ms
67ms

Image
image/png

34.249.238.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=dd2c0024-d2c3-44cd-9774-0842f276de2a&google_gid=CAESEKj6fx8SMY3O8JUsnSPVkdw&google_cver=1

Protocol

HTTP/1.1

Server

34.249.238.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-238-57.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Aug 2022 12:11:10 GMT
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.cpx.to/ca.png?dsp=dbm&fid=dd2c0024-d2c3-44cd-9774-0842f276de2a&google_gid=CAESEKj6fx8SMY3O8JUsnSPVkdw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12967%26ref%3D%26url%3Dhttps%253A%252F%252Fbluejaysnation.com%252F%26hn_ver%3D40%26fid%3Ddd2c0024-d...
https://s.cpx.to/an_fire?app_nexus_uid=6269370607776332210&pid=12967&ref=&url=https%3A%2F%2Fbluejaysnation.com%2F&hn_ver=40&fid=dd2c0024-d2c3-44cd-9774-0842f276de2a&dsp=pub_common&dsp_uid=f17b91dc-...

95 B
865 B

162ms
43ms

Image
image/png

34.249.238.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=6269370607776332210&pid=12967&ref=&url=https%3A%2F%2Fbluejaysnation.com%2F&hn_ver=40&fid=dd2c0024-d2c3-44cd-9774-0842f276de2a&dsp=pub_common&dsp_uid=f17b91dc-d0a7-4ee3-b1b3-9e41d8b6826a

Protocol

HTTP/1.1

Server

34.249.238.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-238-57.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Aug 2022 12:11:10 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Fri, 26 Aug 2022 12:11:10 UTC

Redirect headers

Pragma: no-cache
Date: Fri, 26 Aug 2022 12:11:10 GMT
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: ae028f00-673b-479b-9c82-f59699aa41e7
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/an_fire?app_nexus_uid=6269370607776332210&pid=12967&ref=&url=https%3A%2F%2Fbluejaysnation.com%2F&hn_ver=40&fid=dd2c0024-d2c3-44cd-9774-0842f276de2a&dsp=pub_common&dsp_uid=f17b91dc-d0a7-4ee3-b1b3-9e41d8b6826a
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 UCookieSetPug
image2.pubmatic.com/AdServer/ 0
225 B 112ms
33ms Image
text/html 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Ddd2c0024-d2c3-44cd-9774-0842f276de2a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:10 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Ddd2c0024-d2c3-44cd-9774-0842f276de2a&gdpr=0
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=dd2c0024-d2c3-44cd-9774-0842f276de2a&gdpr=0&cklb=1

0
315 B

51ms
40ms

Image
text/plain

185.86.139.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=dd2c0024-d2c3-44cd-9774-0842f276de2a&gdpr=0&cklb=1
Protocol: HTTP/1.1
Server: 185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:10 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=dd2c0024-d2c3-44cd-9774-0842f276de2a&gdpr=0&cklb=1
pragma: no-cache
date: Fri, 26 Aug 2022 12:11:10 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
265 B 163ms
46ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:10 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK 187621-164323601241456.js Show response
js-sec.indexww.com/ht/p/ 39 KB
13 KB 178ms
22ms Script
text/javascript 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by: Host: d3e9zy76sv7y5r.cloudfront.net
URL: https://d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/easy-stn-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 12:11:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Aug 2022 11:21:14 GMT
Server: Apache
ETag: "762630-9a4f-5e7231cb333ca"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=756
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 13270
Expires: Fri, 26 Aug 2022 12:23:46 GMT

GET
H3 200 css
fonts.googleapis.com/ 3 KB
631 B 248ms
205ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:600

Requested by

Host: d3e9zy76sv7y5r.cloudfront.net
URL: https://d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/easy-stn-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 12:10:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 26 Aug 2022 12:11:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Aug 2022 12:11:10 GMT

GET
H3 200 icon
fonts.googleapis.com/ 569 B
367 B 116ms
73ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: d3e9zy76sv7y5r.cloudfront.net
URL: https://d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/easy-stn-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13b6581e5665a9e516751b0326354eaeb7853be7cbe4153adc6cad59b683e889

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 12:11:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 26 Aug 2022 12:11:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Aug 2022 12:11:10 GMT

GET
H2 200 OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/ 20 KB
4 KB 298ms
187ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css

Requested by

Host: d3e9zy76sv7y5r.cloudfront.net
URL: https://d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 151069
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4023
timing-allow-origin: *
last-modified: Wed, 16 Dec 2020 13:04:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fda05e7-4e34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7%2B6XJ%2FXtkL8dcdL9iDOrxl%2BTRMeDFvdBcNEKZfaB2CC6oMYkj2HofAahqpj3%2FtErM0sDiuBDHp%2BY2vl5KZQuvUvyjcGsD6fH3cgJIx%2FPG7NK01jkKC1ALvST9tuKy%2FMvl7RI7M%2Fo65VkKb6cj1LPq6r"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 740c77efbe6d6963-FRA
expires: Wed, 16 Aug 2023 12:11:10 GMT

GET
H2 200 OverlayScrollbars.min.js Show response
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame 43F6 53 KB
21 KB 154ms
52ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js

Requested by

Host: d3e9zy76sv7y5r.cloudfront.net
URL: https://d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 152631
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20502
timing-allow-origin: *
last-modified: Wed, 16 Dec 2020 13:04:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fda05e7-d208"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NdN%2FphpYKzdvAIqL6MZS5GgZvA8s6A2GaLkQqS4EIhkWfCAoYTA1Bh9HiOS%2B5iW5Yc%2F97njPXfjvATCDqgE8lovGnfoldYw5inHVTxPEgD%2FIGPjGM8arU50x97cK1lecad9ObnNzo6EXsr65d7IB6E42"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 740c77efbe6e6963-FRA
expires: Wed, 16 Aug 2023 12:11:10 GMT

GET
H2 200 prebid.js Show response
d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/ Frame 43F6 334 KB
101 KB 516ms
413ms Script
application/javascript 65.9.66.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Requested by: Host: d3e9zy76sv7y5r.cloudfront.net
URL: https://d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-129.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c9fcabd6766d79a49d07a82461fed0b6e2a9bde6bd066d5107c4aabc9a7cbf36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:12 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 23:36:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: W/"1c7777ec3f15f66750ea282b9545a85d"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
cache-control: no-cache
x-amz-cf-id: XFUetzIaWt4nQ_cSlfYNiJl4FkfgBKD7QchZOFXdvjRY6eYDQFeIww==

GET
H2 200 comScore.gt.min.js Show response
d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/ Frame 43F6 335 KB
335 KB 122ms
19ms Script
application/javascript 65.9.66.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by: Host: d3e9zy76sv7y5r.cloudfront.net
URL: https://d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-129.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 21:49:06 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Thu, 16 Jan 2020 23:25:25 GMT
server: AmazonS3
age: 85633
etag: W/"4a51b8991a6b67323936c2eb62e3518e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 342796
x-amz-cf-id: EW67qhP-t-Rhq4mNCcWrtPpf4p07kbNCVg3or4uBdkRTljf33fPYpg==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 376 KB
126 KB 157ms
55ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: d3e9zy76sv7y5r.cloudfront.net
URL: https://d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0234c86de864df424f931fb1ebc399acacbc06030394787e51c2f324aba9f7a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128178
x-xss-protection: 0
expires: Fri, 26 Aug 2022 12:11:10 GMT

GET
H2 200 reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 1 KB
1 KB 122ms
21ms Image
image/png 65.9.66.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-129.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:25:10 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
age: 74761
etag: "cb93bb50e5d021cc38de445a672c18a2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 1094
x-amz-cf-id: 7hfJT6V1pKCTdOzOXNHeFi1ZWuD99ea4wzNo-AMUOQwat4UmZPvaRA==

GET
H2 200 facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 322 B
656 B 121ms
20ms Image
image/png 65.9.66.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-129.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 23:16:43 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
age: 46468
etag: "311cf2edc46e82f2a6911332b7db54e1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 322
x-amz-cf-id: C2PXTAiCdWrlGNoayvzEbtDF3ihLhc_JCmhGzkRh4xWCAXH-KKl2CQ==

GET
H2 200 twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 832 B
1 KB 68ms
20ms Image
image/png 65.9.66.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-129.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 23:17:38 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
age: 46468
etag: "8be584e844dabfe22970a0cb943c047e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 832
x-amz-cf-id: KftHtJo2VdXCz2ZbnPzlceAUtLM9TLcej2fBl7-fkFdanvwi-FD__g==

GET
H2 200 email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 773 B
1 KB 25ms
21ms Image
image/png 65.9.66.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-129.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 00:19:25 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
age: 42775
etag: "4bd445ddc3f9d6101690e15cfc1a04f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 773
x-amz-cf-id: Y28pGKtH4u75VLHS3_1tXBoh9oQKcjn7Zw3Yd4dZwqBCmGa_vJpIAw==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
187 B 379ms
110ms Ping
image/gif 54.152.91.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=zt0ltFVJFtsBUlxc&instance=882982&version=7.7.2&age=220826&cmd=PRE_INIT&key=bWgHsfoB&seq=1&order=1&absoluteTime=4448&relativeTime=0.2&canonical=https://bluejaysnation.com/&EXTREF=https://bluejaysnation.com/&REF=https://bluejaysnation.com/&serverHost=https://d3e9zy76sv7y5r.cloudfront.net/player2/embedcode.php?fk=bWgHsfoB%26cid=8802%26floatwidth=400
Requested by: Host: d3e9zy76sv7y5r.cloudfront.net
URL: https://d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.91.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-91-168.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:11 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 data_read.php Show response
d3e9zy76sv7y5r.cloudfront.net/player4/ 36 KB
7 KB 382ms
380ms Fetch
text/html 2600:9000:201f:2e00:c:4d8d:ebc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e9zy76sv7y5r.cloudfront.net/player4/data_read.php?cmd=loadInitial&session=zt0ltFVJFtsBUlxc&instance=882982&version=7.7.2&age=220826&ESG_key=bWgHsfoB&type=FULL&EXTREF=https://bluejaysnation.com/&REF=https://bluejaysnation.com/&ogSet=1
Requested by: Host: d3e9zy76sv7y5r.cloudfront.net
URL: https://d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201f:2e00:c:4d8d:ebc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: f4277fea2620863e40bf7d30edda8429e08cbf437d522b33b09544af3e53280b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:10 GMT
content-encoding: gzip
server: Apache
x-amz-cf-pop: LAX50-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1
content-length: 6468
via: 1.1 42b10ce0efa243af420d08c395787242.cloudfront.net (CloudFront)
x-amz-cf-id: 5x7eFulLzWcrsuMUSBWhc8vAWK9V_c7JO95kuLJb1HIRxjPM2GuLHw==
expires: Fri, 26 Aug 2022 12:11:11 GMT

GET
H2 204 analytics.min.js Show response
cdn.resonate.com/analytics.js/v1/200302733/ Frame 43F6 0
169 B 130ms
28ms Script
text/plain 104.18.13.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js

Requested by

Host: d3e9zy76sv7y5r.cloudfront.net
URL: https://d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.242 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 740c77f078965b44-FRA
date: Fri, 26 Aug 2022 12:11:10 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 43F6 161 KB
41 KB 33ms
32ms Script
application/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: d3e9zy76sv7y5r.cloudfront.net
URL: https://d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a17bf5a5e1a1e1c69faa10ec7a45118181b51ca287bb2374c32798eff7edbb09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 26 Aug 2022 11:50:08 GMT
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront), 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 16:04:10 GMT
server: AmazonS3
age: 1263
etag: W/"a702d6a9b82e18143638cd1f28cbb7a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA56-C1
content-encoding: gzip
x-amz-cf-id: lmD_3j59-f9hOJBUFUWaPWUSTKBAKcGqq0vW5CfmtUAIRlwHVtPaPg==

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3CF6 0
10 B 32ms
31ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?XLCiAA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 9D05 236 KB
63 KB 122ms
87ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Aug 2022 12:11:10 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/ Frame 9D05 23 KB
4 KB 55ms
21ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6e080e881e29a77d25b2707d3d130d52bf039080f439ffe7618ed9ebe5c0d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 22:02:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137297
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4226
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Aug 2023 22:02:53 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/13370573997154231401/ Frame 6D29 892 B
421 B 37ms
27ms Stylesheet
text/css 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13370573997154231401/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13370573997154231401/index.html?e=69&leftOffset=0&topOffset=0&c=q6De6oUBpt&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a49567116523727d77f930498c3bc9a1a580b7eb9429399592e03fb52813625a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13370573997154231401/index.html?e=69&leftOffset=0&topOffset=0&c=q6De6oUBpt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 08:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 531323
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 392
x-xss-protection: 0
last-modified: Wed, 05 May 2021 21:21:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 08:35:47 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6D29 57 KB
23 KB 102ms
93ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13370573997154231401/index.html?e=69&leftOffset=0&topOffset=0&c=q6De6oUBpt&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13370573997154231401/index.html?e=69&leftOffset=0&topOffset=0&c=q6De6oUBpt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Aug 2022 12:11:10 GMT

GET
H3 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 6D29 110 KB
38 KB 67ms
58ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13370573997154231401/index.html?e=69&leftOffset=0&topOffset=0&c=q6De6oUBpt&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13370573997154231401/index.html?e=69&leftOffset=0&topOffset=0&c=q6De6oUBpt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 16:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72396
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Aug 2022 16:04:34 GMT

GET
H3 200 webfont.min.js Show response
s0.2mdn.net/sadbundle/13370573997154231401/ Frame 6D29 12 KB
5 KB 91ms
82ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13370573997154231401/webfont.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13370573997154231401/index.html?e=69&leftOffset=0&topOffset=0&c=q6De6oUBpt&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

291f3994773299e55d68a325cba52cabf111a4ea9563fc844ec3679635d9ff5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13370573997154231401/index.html?e=69&leftOffset=0&topOffset=0&c=q6De6oUBpt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 08:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 531323
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4962
x-xss-protection: 0
last-modified: Wed, 05 May 2021 21:21:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 08:35:47 GMT

GET
H3 200 300x250.js Show response
s0.2mdn.net/sadbundle/13370573997154231401/ Frame 6D29 153 KB
31 KB 66ms
57ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13370573997154231401/300x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13370573997154231401/index.html?e=69&leftOffset=0&topOffset=0&c=q6De6oUBpt&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10b9f18e890bc5aab07ad6391840a92cbec9a6b1919c20631a9f6a619140ea30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13370573997154231401/index.html?e=69&leftOffset=0&topOffset=0&c=q6De6oUBpt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 08:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 531323
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32049
x-xss-protection: 0
last-modified: Wed, 05 May 2021 21:21:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 08:35:47 GMT

GET
H3 200 8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js Show response
pagead2.googlesyndication.com/bg/ Frame DFF9 36 KB
14 KB 32ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 16:56:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69305
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14092
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 16:56:05 GMT

GET
H3 200 8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js Show response
pagead2.googlesyndication.com/bg/ Frame FF12 36 KB
14 KB 31ms
26ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 16:56:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69305
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14092
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 16:56:05 GMT

POST
H3 204 AGSKWxUwT1t6AjOpPOCdkq7DT7G_WEbpvD0IwzRvYhnruUVsPdcz75Fk05TTTYvYz4AwKiRKUXADCVYWtS31tObSyTYZc7wMRHXTwrqo-xf0cuo6kGddTCmCWegOFgSWq9mqLNTpcmnovw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 113ms
111ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUwT1t6AjOpPOCdkq7DT7G_WEbpvD0IwzRvYhnruUVsPdcz75Fk05TTTYvYz4AwKiRKUXADCVYWtS31tObSyTYZc7wMRHXTwrqo-xf0cuo6kGddTCmCWegOFgSWq9mqLNTpcmnovw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-B-kjzLQmVr8dT6iFubc5aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 26 Aug 2022 12:11:10 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://bluejaysnation.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-B-kjzLQmVr8dT6iFubc5aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 43F6 6 KB
3 KB 38ms
38ms XHR
application/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 59737
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 24 Aug 2022 19:06:24 GMT
server: AmazonS3
date: Thu, 25 Aug 2022 19:35:34 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: SFJFnAaNHi83p4yC894a4SgEbMchVnLop2dxv5EHE-TLvJGzFN0X-g==

POST
H3 204 AGSKWxUwT1t6AjOpPOCdkq7DT7G_WEbpvD0IwzRvYhnruUVsPdcz75Fk05TTTYvYz4AwKiRKUXADCVYWtS31tObSyTYZc7wMRHXTwrqo-xf0cuo6kGddTCmCWegOFgSWq9mqLNTpcmnovw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 58ms
57ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUwT1t6AjOpPOCdkq7DT7G_WEbpvD0IwzRvYhnruUVsPdcz75Fk05TTTYvYz4AwKiRKUXADCVYWtS31tObSyTYZc7wMRHXTwrqo-xf0cuo6kGddTCmCWegOFgSWq9mqLNTpcmnovw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XZAlzg_Tyr7d1YrRoE72sg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 26 Aug 2022 12:11:10 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://bluejaysnation.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XZAlzg_Tyr7d1YrRoE72sg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUwT1t6AjOpPOCdkq7DT7G_WEbpvD0IwzRvYhnruUVsPdcz75Fk05TTTYvYz4AwKiRKUXADCVYWtS31tObSyTYZc7wMRHXTwrqo-xf0cuo6kGddTCmCWegOFgSWq9mqLNTpcmnovw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 78ms
78ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUwT1t6AjOpPOCdkq7DT7G_WEbpvD0IwzRvYhnruUVsPdcz75Fk05TTTYvYz4AwKiRKUXADCVYWtS31tObSyTYZc7wMRHXTwrqo-xf0cuo6kGddTCmCWegOFgSWq9mqLNTpcmnovw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HPHJARt_qLBprM02O7iziA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 26 Aug 2022 12:11:10 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://bluejaysnation.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HPHJARt_qLBprM02O7iziA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWkV6JBhSoZ2K8LVyBLIHmeUPYmX4VHDH-IJfcHCyArnDZ_1oX2DhlmEm9PRBWJO8A5ToOtA_zmo_n8hkt4M2nysEiG_qZG3KL6ua4_WNg9Qkj9LJ4RehBs1mZPKp9WcVjo2qPFyA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 67ms
66ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWkV6JBhSoZ2K8LVyBLIHmeUPYmX4VHDH-IJfcHCyArnDZ_1oX2DhlmEm9PRBWJO8A5ToOtA_zmo_n8hkt4M2nysEiG_qZG3KL6ua4_WNg9Qkj9LJ4RehBs1mZPKp9WcVjo2qPFyA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYxNTE1ODcwLDcxNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vYmx1ZWpheXNuYXRpb24uY29tLyIsbnVsbCxbXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b707d6ca047c81b8a95c4b80eef559a39302cf6ddb1e53318249a2dac6e24f58

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iKbUbNGWl8Nkwnv98YM0Eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-iKbUbNGWl8Nkwnv98YM0Eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
391 B 53ms
46ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: fd4b227667648610841acf6df93f952c86fd35fd24cd670f5052153e98e98ce0

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 26 Aug 2022 12:11:10 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bluejaysnation.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 25 Sep 2022 12:11:11 GMT

GET
H2 200 / Show response
id.sv.rkdms.com/identity/ 2 B
169 B 386ms
134ms XHR
application/json 34.234.134.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=bluejaysnation.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.134.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-134-156.compute-1.amazonaws.com
Software: nginx/1.20.2 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://bluejaysnation.com
date: Fri, 26 Aug 2022 12:11:11 GMT
access-control-allow-credentials: true
server: nginx/1.20.2
content-length: 2
vary: Origin
content-type: application/json

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
362 B 103ms
30ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 26 Aug 2022 12:11:10 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://bluejaysnation.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44

POST
H3 204 AGSKWxX21-vkSrxqSe-OwTssW8JAUmYqCN6CBFof0-tQ1HcXGsw115JvYZ0d_jtyoks2vPwh_8pGra-YHFUCRMwUunq1Uzqhe88jeaFcN_MnjPei9KoQ6yrn9FYNwizSIr5fAFrL_8DE5w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 37ms
37ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX21-vkSrxqSe-OwTssW8JAUmYqCN6CBFof0-tQ1HcXGsw115JvYZ0d_jtyoks2vPwh_8pGra-YHFUCRMwUunq1Uzqhe88jeaFcN_MnjPei9KoQ6yrn9FYNwizSIr5fAFrL_8DE5w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8AyYxccn_qT3HpyvYYSRsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 26 Aug 2022 12:11:10 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://bluejaysnation.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8AyYxccn_qT3HpyvYYSRsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bridge3.527.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 4B91 636 KB
206 KB 94ms
28ms Document
text/html 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.527.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

148022fcf56320601c688ec8f63c2c2edf5479551f6ff2a917caed119acaba0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluejaysnation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 127627
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210466
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 00:44:04 GMT
expires: Fri, 25 Aug 2023 00:44:04 GMT
last-modified: Tue, 23 Aug 2022 20:33:46 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
16 KB 35ms
30ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Aug 2022 12:11:11 GMT

GET
H3 200 sleeve.png
s0.2mdn.net/sadbundle/13370573997154231401/ Frame 6D29 4 KB
4 KB 22ms
20ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13370573997154231401/sleeve.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13370573997154231401/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f5459fca4297baae2a97971163782e6b258ea0d5e608e42fdd497c79d7ad178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13370573997154231401/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 08:34:45 GMT
x-content-type-options: nosniff
age: 531386
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3627
x-xss-protection: 0
last-modified: Wed, 05 May 2021 21:21:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 08:34:45 GMT

GET
H3 200 bgrd.jpg
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame 9D05 9 KB
9 KB 31ms
31ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/bgrd.jpg

Requested by

Host: 878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com
URL: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7310148aef9b5a6415c86ad58145e45ca053cb4dd04ee071a3840355f955966b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 12:08:04 GMT
x-content-type-options: nosniff
age: 432187
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8938
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 21 Aug 2023 12:08:04 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 92D6 0
26 B 136ms
83ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuiKrPNy8Dr9Mp1irRDSxiDeJydUrbi-wCw0YZjEDTpebKcTNjM7tyLoy2stc7lP3dGZ6FTBPJROyGWnT_9WVQKCG5u-mUYP0O7J1dbaaAaY2DMd6WEedPQyplA-mM4L3yNWJXeTeGJLT1xisEz7RodzNGv3Z96qZKoX3QQUhHdd1LFiq0KY8uctOF_mQWTvcSHUNG_K6Y9c-7wTOJABeqvWmBtNpzFKl0gqZhxXmHb0N_6Cbh2zNnzJmrnkV4kITDF8i8nuQnOhOjNjJIi1tLKY0aHO1G3-0NG8fNqiAStetlcnxzwX6SdNaN7O-_NeO9qatljF80S_0tvXeZf7Vo6_RrSdkIka6WMmlgNRQebQqr8UvdvCMDZ4t7W5Z-qHjm6MgfFuXkYIwnw6VjgpTqtGt5QL8FvhrIS3M0sqnbcWZoEguyV25i7Xyb7qboGOg3D_GvdGldYnJTwaWJKQNozo1J87EO7Z6WPbaVoOlQn0X6sxDMVjhrYy0Hq4oNUjQItgWW_eAJy2wBVfu_1_j9uTndOd4Mr2Chwh6gHTD8odEHqLR-7az4wX7eoB4alnfN14z537xTEZW4CWggNo0bWqufgDP1gCK2yv6sQUJUazPDtTPt-Pm7hQhfXGydSxipwoM7s6bqB9D3trFB7UGNtWoQ5xfIJ2EQaLBDs41DZ6rh58-mTU5SIbPVZmIIsTSd0BDfG5q-GEJtSdGiTNP9yLr3C2VHfhhVjVrOM99wcloD_VY5JtgDODBsCjrNfemu3Zsfk1mb1jWzhz8O6TQHQQxtFp0jjLVOcjQsyKJHkjNkc7rIqfVdr3ftEZ_Lm_pnKjIxfxCKLf2dhQqATBMeuRqcxowxyvuMmqowWMBHA_o63X3ZP6JfYZsP_HCS2WMUDxjmcKEhDPkEXkdLoJyoDiGcUSEGC63YiRcdy_a1Zv-_MiazQcTdqPDW6KBGW1lOHQpTdfjaXq9IuNnAou9PFrbZEp41wr9chrGRdwmPVWTz2sUhxm4UnYcQz5YvG7-qOAw7uvuE5AEr3ZBBxQ-Ixsp8RetVw3sooFkU43P0RM9IjlSqQDiV0U5dfhQLQYQ4B2-ylpocOhjJZcHsuMPdIu-nnT9EjJKU82Kei8qx9ylVwLq2962x5SLQpajoVfwp1f00VT2k7vX3y4WKZd29BswL7IND1CxOVg9TwiuEVwsJIprWhYuT-JMRP3wN8hlNCXxq2kwWMojjg42yikDldFPa3n7v-w6khKRxU9n2Uypsm8RQyShc89QdATMu8Nf-W44EgOp5ZXzSpJe5QxYeutWvpfeJjGT2eHw&sai=AMfl-YQrNGItKXCiJgbXW-GYbbDLUquLQ_ZjZVNq2FV9AKJyhUBIBTvV6IEsiLO9HMwDZe6q3whMTwNrg8kmyZ2wuaC7dtB0fn2CZ5n5NS780YujwNvmHQX3z-MaeOvutfvDEXRUVSTeoz_o7aQJOjg0tyYWVry7euUYv1b0SCi3RX1lBg2klNnWBorwNoPs7FJ2Kjo9tWUIYoFB_7YH7guDHm5pr_Lamm1Wlw&sig=Cg0ArKJSzABq1jz0ALIzEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=891&vt=11&dtpt=676&dett=3&cstd=212&cisv=r20220822.57421&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Aug 2022 12:11:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2D20 0
26 B 110ms
78ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstX3lp5NdGtPnRG4EsCBQNeYQeumtS8uAPOia96gg9W5MljuDngzAhXeUqsqobT6JTul8SSopZybTMQKZb5oUcHa4CZkftPwm-Qfbflr-eKSAHaV8ivDJjU97N-Lz_t-VnkLNJL0RmE9kci-fkF__uh1zNnuZmZaEBSfP2wDxyzwHhPYKPZzfGHFKJkWMHdKExlFSSuktBCcODoRZNP9V5tfLcDmq0wISxtC3nDKcoF9IYvszdeVKpVlWAForZEvVx-7AUqjE1xylaw0TX20KkSeJsxe6oxnEUcjKkRMWxqtKXP5SN4o7MZ0-DA6jNjzob5GSrnK-8QDGAqYpl6NFf38ECbks592iXTK66zs2m9nYdAArrCeiKiU8gdSLajXF4nIWSm_tfuYniZrIxCWCr3i4yEbonsHvi1-ZRXFgmqJE3MzYLjMa_FjMjndaldPI1zRm0x9NEC5UDnlXbJUFM2O9V8T69yg7VByqO-ROrJFn35wK_MOeAG_CvmPvGcpLcCd_6qJAc9BnrCxnkEOGltzlCMDUEyzk9VSyGWi7hUcSbCPTlW6Z8bofBYyQLtZfwv_7vvX2D-J3A3P9OeaQOPNXnuO1dB8yowXt-rGgIIbvAqwzIS_chtljREL6EAkTDbZso2Ta3CEotshhL5o1kdDMenLg7z7QRz23NexI4UP_WecPtbfiLrZVJvBRzF2TK0KcLHd_4FWWBv_aeBpyzqv2D6agiHV85vQdcNuYctNpiA8iqRPWh-tcUexjDcdmc1B7YNYvRK5MmTSX4Sogs2WINsHdUzeialNBZiYWnmM01dNaRVjjy9Tb1Dz-NkaKTiNrzj0FTIq-ln-MQLO-WVlGZlLnsr9ZvaXMwOe-oZPqLmBaZNbuGS-jbka626lS5q9TQKfLQhEKrox6iJRLBRIs12uHfSFDpuR8XS92XLF50Iv-0c5rZNpxI9x2bj0mjmpleeqZOBtz4CQ-2IYCvkM5xa8oU7HtokUz7TtcHMQfIT-ML-5M_GJuhNdRbocZWLwJc8kmkfb9QlgDtHgcU_gWBDecz8ORW3gzhwzFoAwQVFxtl4-p6orgdBYUnqvceG3iCJmT74AysfM1CjWZXOyvwxfmZl5MZHCu5bLPwHMWWxA1r5WcguMBBpZD3xRPZguUJP8S7cvkQVIw2KVf0kFlCA9fc5PqKAwrWoX7R6qsBj603aORt7CrNh3Isyl4-bnKAWPozZ-7l0TVPsEhpawM2EUOjgOcg&sai=AMfl-YSDKcTl1Y2CykBDVAcs5RNUfDwCf-I9EONvh-ZdJAP5n_tFfPy0RuWkLZhPV76yABiVmVJwruczUVBi_hxKDhZ4gItIKi81nDglf_gbXQXFuZZVBvycAZN0oWVSFqCTDqTL-ByKUcsIJMMJluwSO4SwV6yxdWp0bZSAe4zYL5lqtcBlq7OR8pfI0E0fsKdjH21k34JAQQHkTE2Zco2-GF5r6KxfJuN86Q&sig=Cg0ArKJSzO0k4HwR9twJEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=900&vt=11&dtpt=641&dett=3&cstd=250&cisv=r20220822.88962&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Aug 2022 12:11:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 43F6 248 B
600 B 120ms
120ms XHR
application/json 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fbluejaysnation.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:10 GMT
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://bluejaysnation.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 248
x-amz-cf-id: XccFfA4vL8J5i6xHLCQ2ZWF0EzB5kifixsK17kjxq4A3HxgILSazKA==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 119ms
107ms Ping
image/gif 54.152.91.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=zt0ltFVJFtsBUlxc&instance=114882982&version=7.7.2&age=220826&cmd=GET&key=bWgHsfoB&c_id=8802&seq=1&order=2&absoluteTime=5034.8&relativeTime=587&canonical=https://bluejaysnation.com/&EXTREF=https://bluejaysnation.com/&REF=https://bluejaysnation.com/&playerCfg=BR
Requested by: Host: d3e9zy76sv7y5r.cloudfront.net
URL: https://d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.91.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-91-168.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:11 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

POST
H2 200 data_stn_l.php
timber.sendtonews.com/timber/ 0
142 B 389ms
143ms Ping
text/html 35.170.30.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://timber.sendtonews.com/timber/data_stn_l.php?CMD=GET&ESG_key=bWgHsfoB&ES_key=bWgHsfoB&ES_ID=24756&S_RKEY=kfZi5uB5sw&USR_ID=114882982&ST_usrKey=zt0ltFVJFtsBUlxc&SM_ID=2200192&C_ID=8802&C_companyName=TNN%20-%20Blue%20Jays%20Nation&version=70070020&sC_ID=11168&AC_ID=2000&TYPE=BARKER&EXTREF=https://bluejaysnation.com/&REF=https://bluejaysnation.com/&PLAYERCODE=LAFNLN&OGSET=1&REFONLY=0&STRIPQUERY=1&serverHost=https://d3e9zy76sv7y5r.cloudfront.net/player2/embedcode.php?fk=bWgHsfoB%26cid=8802%26floatwidth=400
Requested by: Host: d3e9zy76sv7y5r.cloudfront.net
URL: https://d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.30.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-30-54.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 26 Aug 2022 12:11:11 GMT
cache-control: max-age=1
server: Apache
content-type: text/html; charset=UTF-8
content-length: 0
expires: Fri, 26 Aug 2022 12:11:12 GMT

GET
H2 200 0.js Show response
player.sendtonews.com/bidderFiles/ 4 KB
2 KB 138ms
21ms Script
application/javascript 18.66.139.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.sendtonews.com/bidderFiles/0.js
Requested by: Host: d3e9zy76sv7y5r.cloudfront.net
URL: https://d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-38.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: 7f1d279703b902aee3682bf47afc04d7d9a4417e08a137638cd8dcce1141c450

Request headers

Referer: https://bluejaysnation.com/
Origin: https://bluejaysnation.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 11:26:38 GMT
content-encoding: gzip
age: 2674
x-cache: Hit from cloudfront
content-length: 1394
access-control-allow-origin: *
last-modified: Thu, 03 Mar 2022 21:08:40 GMT
server: Apache
etag: "e75-5d956cd664600-gzip"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-amz-cf-id: eOSulqIfGZF-_V3C2yuDpTIYSRjYvcLxs6DZVbyEflyWcoWL1wkP-A==
expires: Fri, 26 Aug 2022 12:26:37 GMT

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 16 KB
16 KB 73ms
26ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bluejaysnation.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 19:00:05 GMT
x-content-type-options: nosniff
age: 321066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16756
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:16:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 19:00:05 GMT

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v138/ 126 KB
126 KB 70ms
24ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v138/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273f4bca58132eb580c0e132ca8f44093978a2a98eae6affe5df61c345fa3b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bluejaysnation.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:10:41 GMT
x-content-type-options: nosniff
age: 115230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128552
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 01:42:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2023 04:10:41 GMT

GET
H2 200 ealewhtquxh73fmbqqqqbstahhc0lpcp.png
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 361 KB
362 KB 552ms
505ms Image
image/png 65.9.66.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ealewhtquxh73fmbqqqqbstahhc0lpcp.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-129.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 513294fe86b8577e5ae12214c44751d3020f9ace8f160295ecd336bc56b6eee2

Request headers

Referer: https://bluejaysnation.com/
Origin: https://bluejaysnation.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:12 GMT
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 369238
last-modified: Fri, 26 Aug 2022 11:53:24 GMT
server: AmazonS3
etag: "92346c0be6207bf1400197601906fc64"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges: bytes
x-amz-cf-id: l6ozfX5JF792Ov9svaCUQzrKWJkX6SaP8iAx5VWid6nPHB1FkXXJLw==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 110ms
108ms Ping
image/gif 54.152.91.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=zt0ltFVJFtsBUlxc&instance=114882982&version=7.7.2&age=220826&cmd=RTP&key=bWgHsfoB&c_id=8802&seq=1&order=3&absoluteTime=5077.1&relativeTime=629.3&sC_ID=11168&sm_id=2200192&load=1&status=LAFNLNIY&ac_id=2000&EXTREF=https://bluejaysnation.com/&REF=https://bluejaysnation.com/&playerCfg=BR
Requested by: Host: d3e9zy76sv7y5r.cloudfront.net
URL: https://d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.91.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-91-168.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:11 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

POST
H2 200 data_stn_l.php
timber.sendtonews.com/timber/ 0
143 B 345ms
136ms Ping
text/html 35.170.30.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://timber.sendtonews.com/timber/data_stn_l.php?CMD=RTP&ESG_key=bWgHsfoB&ES_key=bWgHsfoB&ES_ID=24756&S_RKEY=kfZi5uB5sw&USR_ID=114882982&ST_usrKey=zt0ltFVJFtsBUlxc&SM_ID=2200192&C_ID=8802&C_companyName=TNN%20-%20Blue%20Jays%20Nation&version=70070020&sC_ID=11168&AC_ID=2000&TYPE=BARKER&EXTREF=https://bluejaysnation.com/&REF=https://bluejaysnation.com/&PLAYERCODE=LAFNLN&OGSET=1&REFONLY=0&STRIPQUERY=1
Requested by: Host: d3e9zy76sv7y5r.cloudfront.net
URL: https://d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.30.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-30-54.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 26 Aug 2022 12:11:11 GMT
cache-control: max-age=1
server: Apache
content-type: text/html; charset=UTF-8
content-length: 0
expires: Fri, 26 Aug 2022 12:11:12 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame 43F6 23 B
494 B 57ms
57ms XHR
text/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fbluejaysnation.com%2F&pid=8KbQjAlE5XCY9&cb=0&ws=300x150&v=22.8.221912&t=2000&slots=%5B%7B%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!sendtonews.com%2CCwIcHTFp-QGuxkDkTdV1kA%2C1%2C%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-71-118.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:11 GMT
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: HPYGK2GFFDN6TM938BP5
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://bluejaysnation.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: fAm7n9ub4r2PruQlXBkqsuKa92vH0fp9HnlEz3Hq4FCgNFvvQReLEQ==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6D29 7 KB
6 KB 108ms
64ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdb5a7b074996edb2dd68a5f7d88a24245f686ef57d1bbba216fe37a94426b49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Aug 2022 12:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5750
x-xss-protection: 0

GET
H3 200 intro_text_overlay.png
s0.2mdn.net/sadbundle/13370573997154231401/ Frame 6D29 5 KB
5 KB 23ms
20ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13370573997154231401/intro_text_overlay.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

015eb44e0854bee7759d7e89548e3f29444190019a992bd05649c5be0f067332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13370573997154231401/index.html?e=69&leftOffset=0&topOffset=0&c=q6De6oUBpt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 15:46:50 GMT
x-content-type-options: nosniff
age: 332661
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
last-modified: Wed, 05 May 2021 21:21:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 15:46:50 GMT

GET
H3 200 sprite_336x280_retina.png
s0.2mdn.net/sadbundle/13370573997154231401/ Frame 6D29 9 KB
9 KB 24ms
21ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13370573997154231401/sprite_336x280_retina.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c1f6b0f82f8ebe34e54ff851e8ac394c0fc02a0fa44b4d5dd326c5f27ab6c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13370573997154231401/index.html?e=69&leftOffset=0&topOffset=0&c=q6De6oUBpt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 08:34:49 GMT
x-content-type-options: nosniff
age: 531382
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8957
x-xss-protection: 0
last-modified: Wed, 05 May 2021 21:21:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 08:34:49 GMT

GET
H3 200 Roadlite-1-500x500.png_1657021702194_Roadlite-1-500x500.png
s0.2mdn.net/dynamic/2/10695113/s0.2mdn.net/creatives/assets/4607155/ Frame 6D29 460 KB
461 KB 28ms
23ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10695113/s0.2mdn.net/creatives/assets/4607155/Roadlite-1-500x500.png_1657021702194_Roadlite-1-500x500.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a93ddf127137e90ab86a3e6bdbda621be0bb59e88a7e54fde2c56f5c3025556

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13370573997154231401/index.html?e=69&leftOffset=0&topOffset=0&c=q6De6oUBpt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 06:00:15 GMT
x-content-type-options: nosniff
age: 22256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 471480
x-xss-protection: 0
last-modified: Tue, 05 Jul 2022 11:48:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 06:00:15 GMT

GET
H3 200 full_2021_precede-on-8-wmn_2927_gy_P5.png_1626248240347_full_2021_precede-on-8-wmn_2927_gy_P5.png
s0.2mdn.net/dynamic/2/10764430/feeds.dynamicads.studio/canyon/image_v2/default/images/full/full_2021_/2021/ Frame 6D29 87 KB
87 KB 39ms
35ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10764430/feeds.dynamicads.studio/canyon/image_v2/default/images/full/full_2021_/2021/full_2021_precede-on-8-wmn_2927_gy_P5.png_1626248240347_full_2021_precede-on-8-wmn_2927_gy_P5.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d167883d0c870b4c0fa7763ce2df8c0b4d47e097c6bb1524f40c99b8047f9ced

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13370573997154231401/index.html?e=69&leftOffset=0&topOffset=0&c=q6De6oUBpt&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 15:10:06 GMT
x-content-type-options: nosniff
age: 334865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88840
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 07:38:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Aug 2023 15:10:06 GMT

POST
H2 200 /
reporting.powerad.ai/ 2 B
272 B 322ms
106ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/20439339365500/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 26 Aug 2022 12:11:11 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

GET
H3 200 CanyontextTT-Regular.woff
s0.2mdn.net/sadbundle/13370573997154231401/ Frame 6D29 35 KB
35 KB 26ms
24ms Font
application/octet-stream 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13370573997154231401/CanyontextTT-Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13370573997154231401/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2b88da0824766864147b987f06a9f6da25aecd07d610575b9f0e574c2d993c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13370573997154231401/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 08:34:49 GMT
x-content-type-options: nosniff
age: 531382
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36262
x-xss-protection: 0
last-modified: Wed, 05 May 2021 21:21:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 08:34:49 GMT

GET
H3 200 CanyontextTT-Bold.woff
s0.2mdn.net/sadbundle/13370573997154231401/ Frame 6D29 34 KB
34 KB 27ms
25ms Font
application/octet-stream 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13370573997154231401/CanyontextTT-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13370573997154231401/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0c8dc2ad095571f90b801228bee9a0eac3c52093d976e1a72e787c2507a5dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13370573997154231401/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 08:34:49 GMT
x-content-type-options: nosniff
age: 531382
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34424
x-xss-protection: 0
last-modified: Wed, 05 May 2021 21:21:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 08:34:49 GMT

GET
H3 200 btn.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame 9D05 1 KB
1 KB 24ms
24ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/btn.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30f634e5cee1ff5942cb19c0667435e895c64969f3c9dbab99b06b83d218a924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 22:02:53 GMT
x-content-type-options: nosniff
age: 137298
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1420
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Aug 2023 22:02:53 GMT

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 43F6 53 KB
17 KB 33ms
32ms Script
application/javascript 92.123.21.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.21.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-21-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:11 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Fri, 26 Aug 2022 12:26:11 GMT

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
584 B 107ms
38ms XHR
text/plain 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=340102&u=https%3A%2F%2Fbluejaysnation.com%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUjwOB%2BNgfvacNQu2cKruG%2FUWWuo9Uy1t0uzYum%2BvYPxQDZcdJTFMuKC5N4tYuLxX%2Ft%2B03f8CJqbbbL621F%2F%2FcwqMkklotsS5K%2Bd%2FUWqiiKt6g3GS7vZMkZseT9uhvpKg39y2nnWNz4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bluejaysnation.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 740c77f44df29097-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 92D6 42 B
64 B 61ms
60ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstzVmmOZQlEVbSWpwPbOaqG2H9A40Lep9bBtW7fP9GuqyfBtjJgiOT-CkD9APdt36-cgUOtWxRRYHzJeIA_rSOwsF8FfMgeXsrIJWsSm8lLjFTfKHdVKUlhhnu9ASalsV2CiQm56UCC0V-DepRJRJWoAIytyNvfmEdGKDt4VU9G920Ll4ESKqaEDnsEO5CD71CJcq6pYOkZ1NQCu-tmxHnbV0Og998kGn4VJh8qJj7Y4Mu0UOBUXHtLJ24h3XWOhzUmhZvyErQ6aQexSRqqKSOfcrr4VEabKmPsvMOItE40Dc7KpSLznTuB_VS8pAJZXws2gLI3uscNLz6vnhnicesqgLoxCuW9CWXNewHwqip1lOeiHPGYwuejc8q7tjkAGhUJhQVjxVPmDFp_nINvyxRHOAN-otYj-5YCeYcIwiMbR5WltK2teAmNub4zKUPNx9lMWGlQUrNl90Ye3cmHQMPN-Vg_eY22MSDL7ppMHOwQunPAT6bm_uGTS79bht7GFJUK5c4wHBAVCaXtAr79-Q7T6mkigXpt8yl66sOuAr_dTUMwOYEvKmVoTWnNF0-DIQQQ5zlLPNxfrXubX3zUQiokPZXUWXj6ncU7HSROpWtj5dqUpo8FHpQcpuhThcoUmNMKIuLQby4F7dPzCwFJHxwRCMDOTVCxagdv1QI3TIB_7pSN6envH059EFYJDK3gJgCZjE3fdLdfi5HyPgxScN4KfqFe7JSdBmBX_V0qOEP7X4UkvIevhpkAmpDTaQICC2J5Ta1cY5Mo2KsP_sHsdojXmj6zRPX_0NdB-7KEpYlRZDtfxmNm8NtV08ezw_4VPzPxUodhcne6x9uQZ-3wAMvGPMfnNPnhY2ZNqXLTutMR5ruzydW4F_yyDnTKdlfvfL7R1YnzHA8P5e6eZ--Wa7U26nv9B3RhWjEAuGSUD_C5WCVkt1zn8XyH6bHRM9mHHYeLf6Yl21TRDKQmkAFeJ_v7N8TgWEOOrE0jMhnyCijukPfkXLHMYlWdWJLm7lvWuFqraGnHDDyb_c3cThn_ACv9rvAuN3pgbq5n0Zy7PrGBr7RYkO65wg9JBBm36jB6tQFAvmjMQB3K1SDtudn7HGc5T3OU6fKs6LihbgWuuTKPJ2OSXLmXh-atbmf-ZFtit74JAYsJHwmaHwRv4k2ZBds3Hrp-4UxXB42x3LxjGWfUe1sTYCryeW9g1DQ8MCEQ4j_YqLcnFWlLGhKuAZ2BKxQ2B0G9To-lXncH&sai=AMfl-YTMHfxPXddQPyoSkuhmann9mIiVb64excSZA4pUtaHKvECZws-tSegQW-AaXOc4NG42N5QuUmdJcyGHeTzJpiYMjD4OqZUy0phxEGKA0G5ZH-zoW6X7FqR_qzif-kI7mlSLa3AKfMonDxv-YA&sig=Cg0ArKJSzCtIxmLZzeYOEAE&cid=CAASKORoHJlr8VucOE1spm2Ox6NJ54UC61tuprSwVuIa9_3aqwwB9Z8t5BE&id=lidar2&mcvt=1077&p=140,436,230,1164&mtos=1077,1077,1077,1077,1077&tos=1077,0,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2892113932&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661515869661&rpt=602&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2D20 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJjR4oq5DWf7vi4e38xVQfb7k8MviYQfmQjdGD3dW4yMwsms_JH1ZnZNSHNRdAnFxQVW-LhnfctnqF6oknaLNV7EF-L8N9c10xSNOAwg7M6odrOndPD0kGXtQqPYts2i_Y0KOfcag&sai=AMfl-YSQtxWM53kApXWxRURt7ezhUOoLIkDSORMdU-Tgg09h0o2sJU1eGP-Tfnb0YtZ_o8_Aodde3w30FZz1lVcL0novpEntPBpbFMuDUfnFfVSgBYvOCyNJLQFcPYLTDOuM&sig=Cg0ArKJSzBIz64LjyyU7EAE&cid=CAASKORomx0QsIdgbn2FHIEAMK3bJgmREaDT7r_3FUx3Z9GHnZxFoYn9PPA&id=lidar2&mcvt=1080&p=300,1184,550,1484&mtos=1080,1080,1080,1080,1080&tos=1080,0,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1289571661&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661515869668&rpt=625&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6D29 17 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 Aug 2022 12:11:11 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022082202&jk=4415499664251130&bg=!6eql6q7NAAYUOm8VNDo7ACkAdvg8WoBYmRnURPXK10pEmM3gHHjSH9cYWNjJak1749zmuzDhnpO50gIAAAJGUgAAAAJoAQeZAt_adHnwm3CZBuJp40oqG29wPltV5qv5mjYOZPJDmhtoVx4C06B8I_M4CbfHGsE0EuY61r3sfbgBzX_oOTJBTeGBY91_8880NUTeiGi_I1XFMSyZCYV2T8tTrjmwlhdEIouY4lAGGFLfQtqcBvFm8KWNvWu8pLx0and2eJ0ldht0tkHG3R6lx9ijNvIEOhJ5YpwFocPozZS1XpEDzgre9jjD-L0vnYQnNAIKGwD2ayjdLU-CIjHanV9qJLB3FOo-X2b6R6VsxsOnQdJJuu8u_glY07XwhnFlTpCJ2BZHTAV9g-AAwdq5qXEZkmYhUxGg2TxHGjZ22f3Y3Q-pKQqXllPCQG7XMSyCmm3a677Cp9oTvzoB0USRdrZt0Lu1Iglb0LKVAr6wFkFMxvdzMYbHC6TDrLbyV-xCUs08YUtinYi2XZFmqFgZIDvOnSjU8Vy954rw1vkL6xiL02u6WQ3Jcvx3bCk6v-MvKj5I2DDWRYyEc6ceqUt_nmlfBEDWDgSFm9d6_CTom_RQfAej2984qO7jzbUZhvM5KHiwXz9U8On-akYxbkvKyc-85Xi541oW6arEho06QEGiqdWg5Y_d9Hwaqz-9IH36s8Nvv1QxL2eoTRPEMEPOdkTm5ezviGED3Tm0G6y919cEK-BZtOKMg31I-vCbaGR7PFyYCuggh5Pfq3Y_CbE_0htZgB-u5RGg8T4AAlf86bJJKT5x9MMwl-xbga2WRubSrti81Xi1V0t49Xoa3-ahucMdscNnPGrddP5bwaJ61DaH5kIbshSFG05PyNZRsGqSCO-oQU4I-luqMPbIbqxAUTXbMsE0EozGHfZpMag0dmmGpCxkVPnLlKmMURQ6pEHy3hK_iFSP6RQsGddjxOJMSqZu4bvQHdDPw11zBy2QwQIvvIlPFvew4Sd17Ms0WIV6OWBQXHEkE3MxxjIuwwCKLMbq10N8DaGB4onW5TahMy2FT9O7d0rx2So
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 bubble.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame 9D05 11 KB
11 KB 22ms
21ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/bubble.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c409f494ee43633c5e2caaeac201b20d165c0bf295d05133ceaf9ac385cab97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 22:02:53 GMT
x-content-type-options: nosniff
age: 137298
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11555
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Aug 2023 22:02:53 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 43F6 36 B
642 B 162ms
103ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=438214&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22129d5a2b168ba5%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fbluejaysnation.com%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fbluejaysnation.com%2F%22%2C%22domain%22%3A%22bluejaysnation.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22bluejaysnation.com%22%7D%2C%22keywords%22%3A%22TorontoBlueJays%2CJays%2CBlueJays%2CAndrewStoeten%2CDrunkJaysFan%2CMLB%2CToronto%2CJoshDonaldson%2CJoseBautista%2CSkydome%2CRogersCentre%2CBaseball%2C%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222e69f4553419dd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438214%22%7D%2C%22video%22%3A%7B%22context%22%3A%22instream%22%2C%22mimes%22%3A%5B%22video%2Fx-m4v%22%2C%22video%2Fmpeg%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22w%22%3A400%2C%22h%22%3A227%2C%22sizes%22%3A%5B%5B400%2C227%5D%5D%2C%22playerSize%22%3A%5B%5B400%2C227%5D%5D%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22api%22%3A%5B2%5D%2C%22battr%22%3A%5B9%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sendtonews.com%22%2C%22sid%22%3A%22CwIcHTFp-QGuxkDkTdV1kA%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acc90816d5b4d5b2c631737b39f3c492465531d0be437316e2361c0a5a78556f

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 26 Aug 2022 12:11:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Fr%2BWePOT0CLDw0wdfUMeBQOv8CEoHBu5Cr2OXP3Qv38v6CKbpcM7WKxP4nBcdFDV00m9dSsMg5zZcRxcp%2BSv39CUKN6vQVYNfmwA3Vnt%2BhCqB26%2BcE4FAdQ%2FXC3rexpr0jd8IL0"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://bluejaysnation.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 740c77f59c74695d-FRA
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 43F6 173 B
406 B 170ms
29ms XHR
application/json 3.65.41.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.41.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-41-66.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 40f9b57e138345290ca3890d97eb6cd12dcabc65f7c646e16f9108b8cd341dc4

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:11 GMT
content-encoding: gzip
x-prebid: pbs-java/1.96.0
content-type: application/json
access-control-allow-origin: https://bluejaysnation.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 169
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame 43F6 19 B
508 B 74ms
74ms XHR
application/json 3.65.74.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.12.0&referrer=https%3A%2F%2Fbluejaysnation.com%2F&tmax=3000&us_privacy=1---

Requested by

Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.65.74.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-65-74-222.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:11 GMT
accept-ch: sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bluejaysnation.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 43F6 0
140 B 63ms
61ms XHR
text/plain 13.36.17.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.36.17.92 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-17-92.eu-west-3.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bluejaysnation.com
date: Fri, 26 Aug 2022 12:11:11 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 43F6 145 B
1 KB 93ms
93ms XHR
application/json 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

9ec989e46f38d70806d17f4ac737383cb45029575e5f8bbb09f6c73ed8a921cb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 26 Aug 2022 12:11:11 GMT
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: bdf17665-5fad-4da6-bd49-4f91243d9b0a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://bluejaysnation.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content 229991 Show response
search.spotxchange.com/openrtb/2.3/dados/ Frame 43F6 0
1 KB 215ms
52ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/229991?src_sys=prebid
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bluejaysnation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

X-spotx-Exception-RESULT: exception
Date: Fri, 26 Aug 2022 12:11:11 GMT
X-SpotX-Timing-Transform: 0.000311
X-spotx-Exception-Message: SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux: 0.000890
X-spotx-Exception-0-RESULT: failure
X-SpotX-Timing-Page-Require: 0.000428
X-spotx-Exception-0-ID: MARKET_HALTED
Connection: keep-alive
X-spotx-Exception-0-Message: Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.023451
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000563
X-fe: 070
Last-Modified: Fri, 26 Aug 2022 12:11:11 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.019552
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://bluejaysnation.com
X-SpotX-Timing-Page-Misc: 0.001673
X-SpotX-Timing-Page-Exception: 0.000019
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000013
X-spotx-Exception-ID: SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket: 0.019552
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DFF9 0
20 B 62ms
60ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BX0SlXrgIY46IAprAx_AP0bmx8AEAAAAAOAHgBAI&bg=!ubqluv7NAAYUOm8VNDo7ACkAdvg8WoxWn-dJ8PBk8krC1e0nttGGJ6yrGS1vDtr4Rtp1wO53BQcCrgIAAAL5UgAAAAJoAQeZAy-17ch7MEzPDYlnJZ3rADAXSbI7RSAiyeQeVj0H_CvuuIk3g2e5WwJfaP6NrDIP2TP5yxjhk-_UEppGcFMsD8eRY8Gx7EeGK-W6GKqppVSwJXD3GEOgsBNEuEzKET5yK8EYkZgxJi6zpKP3y9pHQrdRkHt8Bq1PjA31vJKgz276qsQNKZWqxTRgfjKnh0v13qBY-K0wdjTN9OAZp4E9gg7w5w35eT022bH5tipWtTbZJ7Sb-LbZp2qFN3aqBv2xJu3sza3PGZTbTxAioi7zouCGdtLkTr6Q5tCxhSSb4jy8pqOzUfeVQ4xCkXbYOL9qijnJ9FI4QD8JtF7awgCJrZW6VNlvzO41elqYu4S2Ov7EU2PP5gwPi8aqf_PiHFxkBEb8VFXE2HRYKVtzT4uF0rbCdM43btgRzJd0LgoT0CryUMMNFrf8YcYyGHrvcJ_GoCj_PVGc9n1tUZjbXDj6eTSH-uSlB2KilXIv5wVE1Q1t5i_mMnNjTsNOchCvbbd6wwNHejhngQkbQ-aegjA6SRKn61JaopmVpR1dBDtqlxteaTc102sEnUHcKYgmh5QcxgNkLDpAXnSlsNZOwk4s2P14_Tfa-xla5UpmkmeWQA3ZwP4ZFlhW9QWMQNtEA3rrAkSZdkwwTf9Ydezll3FESE4JSM3bIK1TC3_esNXUZg6_vb3gfiRozU2KC_ZU9AfV7-7_GebpT0ZJtXpJRksEGc7IvOmUfvEnWbbCfVZ7eVlXNBeM8edbqIr6pioCTLsbbbDrXYb_PG970fw03sais0Xf8i8ZEaDbq4m5Kwvo2fm8RDd8PWOCtqo132JrlxzY2qsZ0O6Gwh2yMo_KbDqEexabJkHwfOwW1Liz0sn0Y_NyqngiXlqtwiFnr9-ku8bxJBifV1tWgk2XWYsXXsqBxUuYMWta8Vw0fm_rIHWqNSBZhwJUyRSDFTrnJeW1Jx8kl7R43nYHXWopfQA70XoRGngegWiwVbLWUMMc4Z7F_KM4OYKj_0NrgVUynMwhOKV1cbMUapsylL0nc5rvflO1ulj3IQP1YRrge7l7hUAJMhkfbqxCBywX_Z6KmFgq1Vdj_Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dieter.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame 9D05 5 KB
5 KB 21ms
20ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/dieter.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7d6728628ef211d3b30f62aae45ab63fd79dc5ab17ad2dcf6f1bbce1268700d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 22:02:53 GMT
x-content-type-options: nosniff
age: 137298
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5444
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Aug 2023 22:02:53 GMT

GET
H3 200 8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E94 36 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 16:56:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14092
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 16:56:05 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FF12 0
20 B 60ms
58ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrhzdXrgIY7n9Afyxx_APxuagyA4AAAAAOAHgBAI&bg=!oaKloubNAAYUOm8VNDo7ACkAdvg8WvrNka8RF-q69Uekgdbf7pdj-nANRs05VWDb0uCMYxNXdiDTxQIAAAMiUgAAAAJoAQcKAA8D_fDm7u6QMVYbfD7mcrGZAyvJQvBRWc6b6lSrdl0ewguWNDQAJsksM_ZTvWnBt0KFFm0yHSv4vqR3YSlio3gYJorp0a-SWY0Nv4zeZAla1TVnTznVFupRt06oHhEgEY4gvTrbEtjxR1nNPCp-lcYUReMAqgWNmKsjySbENfoTBF6X3jcEK2kiIxbt0_L5uMfnVaW5exiNTM9ZKSBNR_hjrcWfqfsJ3kXkCzOnZKfWEM6Pl4b7muEtE_EfnfqdGP171zcirMHS37JSTaE99C20iB_JnhPeGRKkWIgQ832VyxHiFogPuR2zOzU64sytP1OOGxZbkfPJKKzYEv5DGh2zhseaKJlwhuglhLV9Swd3S1Op182ab8bsiFSgZsJc62FWy7IciDVSU8T14fs4ECFWT5n67uja-lijEZHeQ5dfwe0KxjzzZBrgyzD1XjNmSpp39-Y0pL5Oe3bjfUIf5SddNLsIf6uPdo0j_CEnKu_KkTMY90kWrO0-Ce7x2LnYe9RqPXJ0oagwg9LOHrWyAUCZCC2cdd3v7FdET8vBgE_WwAGSHSDKn3mvVdqMSCtZ7oY7vKcWp0PXz6vP0T0YkJIwP1ZNsE4ojg70SrvmtGCMusoipXOGG5jcHIu8Ihljkrwhguv6GmHvNkcIXeTSdd4UpQD4x_rRqm1sTpBuEZE0DsbEYKaX9k6N9N99rYw6WqpncSvpaC13KVEocz9EB3vXbNwyfnpd6rrSzqyeqCcrMI03mpJNQbox_2jiNalU_qRqqltVG75ER_7PNXxJwUHhaMt9P2tAb3Xc6rzpUg1csXXI6w1VAxHdvppUmIiksNyH4rg-5aCzr65TOVHJwbwAlUnl-ul1Qvn2gVA93nT6In-hTJd0P9R7M-216MNSZJtgqz5uNDLtQg9KaRPGISTqA-SJ7282Xgd3sLoHtGCLO7ZXq-RU98Gz3sZkXlrK226gCQqu3-wReqEKDjk1XGxk0Qm6xyfyhqJXu6t8-jRnwDKuhxXoGNJgdVRhRqFnvKjE1lx3cHWjjmKOP2DLUSNu5f0rjiBS8oP1ZoS4120-HcYIS3rOmqwqIIjSULoYtlIwzoBO8Ad0A79NNNEt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 h1.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame 9D05 1 KB
1 KB 22ms
21ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc7154e7e7fdd3d5dbc82764f1a95a5ed863553b8981324adc409172e2e90184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 22:02:53 GMT
x-content-type-options: nosniff
age: 137298
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1167
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Aug 2023 22:02:53 GMT

GET
H3 200 h2.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame 9D05 691 B
728 B 20ms
20ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e6d5cbec4fa0435b5307accc162df34fff6f4eb29050eaf1bc2ce28e2c4cdf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 22:02:53 GMT
x-content-type-options: nosniff
age: 137298
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 691
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Aug 2023 22:02:53 GMT

GET
H3 200 h3.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame 9D05 826 B
863 B 34ms
34ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h3.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1785cd16abf8a5b653b566a70daae72ddda696445bd3b40b810d65137e23985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 22:02:53 GMT
x-content-type-options: nosniff
age: 137298
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 826
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Aug 2023 22:02:53 GMT

GET
H3 200 h4.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame 9D05 967 B
1004 B 28ms
27ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h4.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27f35250bb878747b818e2264255e07ec6d3bb732f367a76769154f072fc4af8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 22:02:53 GMT
x-content-type-options: nosniff
age: 137298
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 967
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Aug 2023 22:02:53 GMT

GET
H3 200 h5.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame 9D05 621 B
658 B 28ms
26ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h5.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1316c59ebb7ebf3879a5d7f1fb1644a34769bcaa22e24ce93d7b2e9c43fa0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 22:02:53 GMT
x-content-type-options: nosniff
age: 137298
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 621
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Aug 2023 22:02:53 GMT

GET
H2 200 624383544r75890op5p124n88q2r322splaylist.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ 291 B
842 B 437ms
437ms XHR
application/x-mpegurl 65.9.66.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/624383544r75890op5p124n88q2r322splaylist.m3u8
Requested by: Host: d3e9zy76sv7y5r.cloudfront.net
URL: https://d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-129.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 039d93283396447eb6f260ca34beae4aa8034a7d3ab8685286a9a0299ba94861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:13 GMT
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 291
last-modified: Fri, 26 Aug 2022 11:54:41 GMT
server: AmazonS3
etag: "1ed0cae270f4e06dc5f496d04fefbec0"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: j2DsF0jApV6MVah5e776gSB58Vetd_tc6MqQ6tRoxCdZZofOcRn4kw==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 108ms
108ms Ping
image/gif 54.152.91.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=zt0ltFVJFtsBUlxc&instance=114882982&version=7.7.2&age=220826&cmd=IMA&key=bWgHsfoB&c_id=8802&seq=1&order=4&absoluteTime=5656.8&relativeTime=1209&EXTREF=https://bluejaysnation.com/&REF=https://bluejaysnation.com/&playerCfg=BR&recoveryMethod=NONE&imaVersion=3.527.0&blocked=false&recovered=false&hasAdParams=true
Requested by: Host: d3e9zy76sv7y5r.cloudfront.net
URL: https://d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.91.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-91-168.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:11 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 108ms
108ms Ping
image/gif 54.152.91.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=zt0ltFVJFtsBUlxc&instance=114882982&version=7.7.2&age=220826&ldt=BIDS&key=bWgHsfoB&c_id=8802&seq=1&order=5&absoluteTime=5657.4&relativeTime=1209.6&sm_id=2200192&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=11168&load=1&status=LAFNMNIY&ac_id=2000&prebid.cid=0&prebid.bidders.ix.time=175.6&prebid.bidders.rubicon.time=186.3&prebid.bidders.triplelift.time=84&prebid.bidders.pubmatic.time=81.5&prebid.bidders.appnexus.time=97.9&prebid.bidders.spotx.time=217.4&prebid.start=5408.3&prebid.time=232.8&prebid.timeout=3000
Requested by: Host: d3e9zy76sv7y5r.cloudfront.net
URL: https://d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.91.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-91-168.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:11 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 78ms
29ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bluejaysnation.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Aug 2022 12:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 77ms
30ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bluejaysnation.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Aug 2022 12:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 h6.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame 9D05 682 B
717 B 22ms
22ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h6.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a7dfd2734ca75fc47845a64852c3ec5869642c6680a400baf9b2f651144d8f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 22:02:50 GMT
x-content-type-options: nosniff
age: 137301
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 682
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Aug 2023 22:02:50 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4B91 16 KB
2 KB 378ms
80ms XHR
text/xml 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2C22671245338%2Fbluejaysnation-premium&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https%3A%2F%2Fbluejaysnation.com%2F&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2460952&vid=2200192&us_privacy=1---&cust_params=sessionKey%3D114882982-zt0ltFVJFtsBUlxc%26schain%3Dsendtonews.com%2CCwIcHTFp-QGuxkDkTdV1kA%26content%3D11168%26placementType%3DPremium%26embed%3DbWgHsfoB%26domain%3Dbluejaysnation.com%26player_size%3Dlarge%26player_width%3D400%26player_height%3D227%26player_type%3Dbarker%26version%3D7.7.2%26player_status%3DLAFNLNIY%26play_code%3D2000%26view100%3D1%26excl_cat%3Dstl_id00331%26rand%3D7%26us_privacy%3D1---&sdkv=h.3.527.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&sdki=44d&ptt=20&adk=2458199627&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.527.0&sid=0B90C171-F036-4B02-8E8C-BE2A9824B97A&nel=0&eid=44730465%2C44754420%2C44760950%2C44762904%2C44765701&url=https%3A%2F%2Fbluejaysnation.com%2F&dlt=1661515867252&idt=4262&dt=1661515871826&cookie=ID%3Db0b18a68899a0f36-22a6e9c507ce00ab%3AT%3D1661515869%3AS%3DALNI_MbnmSGXp7o5Ni5y37BvtXkCVY_Ubg&correlator=3003784887151043&scor=4055667220301884&ged=ve4_td5_tt1_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.527.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

a6fc92b12d3d3a281ae42606d180c8ce1c96a705063a6f7e07302f61de1215bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 hand.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame 9D05 1 KB
1 KB 21ms
20ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/hand.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fce620efedb3a0ab107c356a4980ebff44cb931313fa31fd201b2e28121cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 22:02:51 GMT
x-content-type-options: nosniff
age: 137300
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1491
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Aug 2023 22:02:51 GMT

GET
H3 200 introlog.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame 9D05 3 KB
3 KB 20ms
20ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/introlog.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb8237504c89676bea6de8c9995746c9b150c0a7ba958372aea28d3874a7358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 22:02:52 GMT
x-content-type-options: nosniff
age: 137299
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3529
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Aug 2023 22:02:52 GMT

GET
H3 200 siegel.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame 9D05 5 KB
5 KB 22ms
22ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/siegel.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2041c7780dcb51eb3a3318ba9ad92f69e5dcf1ee0af75bda2b430353a2133d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 12:08:04 GMT
x-content-type-options: nosniff
age: 432187
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4943
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 21 Aug 2023 12:08:04 GMT

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 109ms
109ms Ping
image/gif 54.152.91.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=zt0ltFVJFtsBUlxc&instance=114882982&version=7.7.2&age=220826&cmd=INV&key=bWgHsfoB&c_id=8802&seq=1&order=6&absoluteTime=6088.7&relativeTime=1640.9&alt=0&sC_ID=11168&sm_id=2200192&load=1&status=LAFNMNIY&ac_id=2000&EXTREF=https://bluejaysnation.com/&REF=https://bluejaysnation.com/&playerCfg=BR
Requested by: Host: d3e9zy76sv7y5r.cloudfront.net
URL: https://d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.91.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-91-168.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:12 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

POST
H2 200 data_stn_l.php
timber.sendtonews.com/timber/ 0
142 B 143ms
143ms Ping
text/html 35.170.30.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://timber.sendtonews.com/timber/data_stn_l.php?CMD=INV&ESG_key=bWgHsfoB&ES_key=bWgHsfoB&ES_ID=24756&S_RKEY=kfZi5uB5sw&USR_ID=114882982&ST_usrKey=zt0ltFVJFtsBUlxc&SM_ID=2200192&C_ID=8802&C_companyName=TNN%20-%20Blue%20Jays%20Nation&version=70070020&sC_ID=11168&AC_ID=2000&TYPE=BARKER&EXTREF=https://bluejaysnation.com/&REF=https://bluejaysnation.com/&PLAYERWIDTH=400&PLAYERCODE=LAFNMN&OGSET=1&REFONLY=0&STRIPQUERY=1
Requested by: Host: d3e9zy76sv7y5r.cloudfront.net
URL: https://d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.30.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-30-54.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 26 Aug 2022 12:11:12 GMT
cache-control: max-age=1
server: Apache
content-type: text/html; charset=UTF-8
content-length: 0
expires: Fri, 26 Aug 2022 12:11:13 GMT

GET
H2 200 624383544r75890op5p124n88q2r322s.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 485 B
1 KB 427ms
427ms XHR
application/x-mpegurl 65.9.66.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/624383544r75890op5p124n88q2r322s.m3u8
Requested by: Host: d3e9zy76sv7y5r.cloudfront.net
URL: https://d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-129.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8f997afbe59a81310f9d000fe2ba71a9a16dc6eea2a3b5fa9ed7ab48bf354347

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:13 GMT
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 485
last-modified: Fri, 26 Aug 2022 11:55:07 GMT
server: AmazonS3
etag: "073798d12fce9321fab5034e48781afd"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: 47PDbzdj97WAgtPkG5F2GPFGUd8y5bKxl1ZUEJVAKRfDMs8egDzqUQ==

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4B91 28 KB
7 KB 528ms
484ms XHR
text/xml 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Fbluejaysnation-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D114882982-zt0ltFVJFtsBUlxc%26schain%3Dsendtonews.com%2CCwIcHTFp-QGuxkDkTdV1kA%26content%3D11168%26placementType%3DPremium%26embed%3DbWgHsfoB%26domain%3Dbluejaysnation.com%26player_size%3Dlarge%26player_width%3D400%26player_height%3D227%26player_type%3Dbarker%26version%3D7.7.2%26player_status%3DLAFNLNIY%26play_code%3D2000%26view100%3D1%26excl_cat%3Dstl_id00331%26rand%3D7%26us_privacy%3D1---&url=https%3A%2F%2Fbluejaysnation.com%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fbluejaysnation.com%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.101%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=30000&vrid=1263268&sid=0B90C171-F036-4B02-8E8C-BE2A9824B97A&adk=2458199627&correlator=3003784887151043&dlt=1661515867252&dt=1661515872246&ged=ve4_td5_tt1_pd5_la5000_er898.105.1053.405_vi0.0.1200.1600_vp100_ts0_eb24171&idt=4262&is_amp=0&omid_p=Google1%2Fh.3.527.0&osd=2&ptt=20&scor=4055667220301884&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&us_privacy=1---&vis=1&u_so=l&eid=44730465%2C44754420%2C44760950%2C44762904%2C44765701&hl=en&frm=0&cmsid=2460952&mpt=stnvideo%2Fplayer&sdki=44d&sdkv=h.3.527.0&sdr=1&vconp=2&video_doc_id=2200192&vpa=auto&vpmute=1&nel=0&cnc=22671245338&kfa=0&tfcd=0&ctv=0&cookie=ID%3Db0b18a68899a0f36-22a6e9c507ce00ab%3AT%3D1661515869%3AS%3DALNI_MbnmSGXp7o5Ni5y37BvtXkCVY_Ubg

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.527.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

1378865389c7f19becb224ec4a8df4e8001ee2c34886d338a1bceec4a293c870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7015
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 624383544r75890op5p124n88q2r322s-00001.ts Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 494 KB
495 KB 502ms
501ms XHR
video/mp2t 65.9.66.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/624383544r75890op5p124n88q2r322s-00001.ts
Requested by: Host: d3e9zy76sv7y5r.cloudfront.net
URL: https://d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-129.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97f819336431bf83553bce57a70c12afc5c528f865bdd8217fec71ecd6955b6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:13 GMT
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 505532
last-modified: Fri, 26 Aug 2022 11:55:06 GMT
server: AmazonS3
etag: "0751288d988fa98e658a4aad35c92f46"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: video/mp2t
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: ZVbn2PT6fuHRq8krjrwqGLGi471XdvrSOVpAJ16tM9vo0t1KTzaWZw==

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 4B91 28 KB
18 KB 140ms
55ms XHR
text/xml 74.125.140.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Bm_b5qQQXApCs0BqGta6u3mCXBGivYOdUZ3Ad9_JyqWgtYdk916aI71jpRPn6A0xsj_irFosxTzW9jqI3Fs5iHQ816TQ&cry=1&dbm_d=AKAmf-B4lNnaZxqtw-nGir7wyv0B7P9iVCBKro5qG3OTMho_ml2us0C-JrisupdFMl3WkHcI1i43Zq-Ud2UpPFF4lxqcPQds8R1CaMSS5Avc4NS-7l8xWaFBYrABkjmMy3_DAlQlvJFjZ_L1-xc0USkFtmV4xAZOJfqdNR1KnkvRm4D3Cur44F_gFJLcpt-1vrwo308RaTN0k1PN53UFx5tS361fTtWN_JNP_FXKlxY_wyNUz6Vhjr3ln-6aD1TLgZ5BU4FzgzIdZ_FACAk1fE9eOuQSPVcbUxb1ELOINFEDb1mpveiDKRgOMm1Efzuhd9l33bnZPrJ1Gi59ywOJ90PTecyZ0TAxQ0cXRp6PHQsVPR4rRMm3Ix2ZVvVY-VMjbSLk4JClSxHjnQSWu17yZOoSrS930x9UiWY5LCzlqlDdYNeNUhbkIurt-tPuaBQcbHh6GridkAufKd2pj6t9F9zeHAb0r-cjpNUtjwPQPtDNCXZQUoIDDXfDYUm7F_VZiTy2CpUMALlLJQA1uwpPQ0szm_eV_ZdXRSdkaAx5srKMMJTcHzXFxnBa1Cg5VB8iNOZPIDuZa-WjPdzzOtswiMLGjUAy8ZMXZC4wUR1KyMUjSYmExDpM_hO-qBImqqfjNHKdLeYNRV4rlLcclNiveFCVyOAH00lze-pVvJMZSWfUAGzUL-gm5skwRoDTl94VeBdQj-_He3Gy7YZvYbSfTSQQKGMQ76VqJCET98EVNaMDFjtxPKfV5rKQ14Lt0GWuDAhU2VQqX8l3LStHPUpjrz_8FoIVOoXdX2FNGkhXrC3tF0bFOPxPKEgFVxCmTlX2F42WEdflQbNa8oTUeveMH7S98LTduREo6ggYQqZzgloz9T9I08btr__lJTWV_iERuJ0sc8xgy6TrDjsei8jpuUzrlm-kTmNTdrzU-hRJCdzMUTERAOyPfIEjY3E8-oT1ZfAfMA4ZiLSWp5dLBXXnuO9qGJNG_mj2GbT2pO2as4M3-cubqVD-SNENNY-IQLWz6Oe_uAQz4rix4lhruCu0QI7DllPTcNLZK3puCF2LV09J9m75Dp8ZMI_FKIIB4ebqTgbY-VdRzTM3BrjSyK_fh2nfls_vWnKoBxpzwlSbGV4dbclBL4dtfc_X7d_8-WVeOqGfnjNEZ11tvNo0QR2uA3VEzoMehx5Cj8IpUx5ZBNKsFyVDqPTDlt71qzkmZj4o4E2xtB8FrVlPGgJVvYJQqDnW5cQ4wYpEhcnwgEo8Xt1Rgy8hosf2yhZhDGC1st3Ky5J0scWnNhWK9FlAmF11VvV14OFgcUq31UoeRrMDraRI0truoEzr9pIczjKbt51ZUVwUA58lAD4vS5VbrpqCclKhbE9qFNy3eGs9vzAA1LSCJTbQOlKw5dDq9tnOxi4dRZskKZiymP4mBk-wDxPhwnCY5m0whvl0WfZ5ghWzW1KqhZXFsmjeh2gsN_mPBqRr94syL1kbCF0NwfCh3ewe-Wa3taXZc6szNw3noAJTREuwcEesQQunt9fkZxwATpVt6edFfv0hwc5QWYQIuWDSuPOMbZgOnzdW3eyFscI12IDVbui76Y04GsLR6xsb8oY3BIFhpHT-HAOLfC68NznrMgtYdZJh0QiDkqklWOuWQOmnmlvj9LADpo_gQ5DnJvgr2fVNI9slCSc3d0Pa3R3SChSpEu3W6nEdbt5VulaARgbZty1JcO4L9hSV4x9pI1_oAPHnVTCjZLYyQ_5hVe70WGS9X_Rr1GCv3tKxOu-AWH0qL23Y5dffr4rvuSa2hfu9dPejob2dlQnlHcx5cSyl1V42k6KvA1GqyxyQBoX-CMjA8hwckNMeaA5ziW6VfMg_PyR-wWejU_1HBYiB1nnNTcM-RWNoftD0_fG1QIrzzUlAt-n2J9uBK_-KryD_yTpUdWKjnS8cE36YiMFFP0DPjiY9jJcgsaeJrYpOY58fvn2g85wj0i2PvUR_di8wrM95AEjM9m8r2TRjeDcIk8ao0-3HO1J7JKO78ad-hhTJ71r5TpsDvXxa77ezYyDIV4ZursvwIG0_7lVTDJK1mt0vRfmVYkSA1NQpOsAXlGmwLmkIpkn0OLmJFDOGTZXGUi62XAgdgXGnv22Y7XqVRkUhvj-zXyq60F02mpi_YWxBvfDblYcbgB-jIAScLIScLsX6AyBXLz2-8bfIjDB0B3GsCjreiwmsvc23sm43NEikUvQlujIEWlv5hSEz_NSEV_Vg9r82i4QdJ8DVipHRws6kasmlVWkNr9KgRtzIlMGgX6qGIY5ASIPYORZQnvP4_eBn_X2l1tlE7qsj72S5V95hoIZq7jx0y_68yKsJ_XJ6PZ74c08WTD3tMwZe6xc_c8aA7OFNwA2zTBU3qrxwarKg6jSUNhrBNggnpbx23sUPssOtPJ1n7e59h8SH_zGlZR_oTxIiWEldGtF_4L4Lo7feHglOENc8gpMMV3VoqtJg1QQWG0eHKJVT069oqU_tEAkFjuCMF2IoxOGWlY-c6rRoYyrN-y8mbqbLxw5NlLepLmDmUjqjUoooFa3Uh6H27t0zF1Ox1-V0wnC2MIgdJo2mTeKxVk2U6jPMPrGN11GiC6g9qGr9DuNzAty0fYaj-ZcK87RejlNA06xTNL2d5bjDr1uUHsEY3P-KeLjTYbept9anJVNDh499s8DEsS_0EG9iyy9tzsmGGRsniI5erx1Lw7CeS43a3XPcIbZNa8_-NPrsqAbv9Rj9RzP5ROVNLhxsX7Wmobdq3NgbEqkqeYWZVqSaPUEMvEyVBrE9xGfQ_lfBsJ-rIAFES41bPfpE6DDS-_nkUYtCJReZywf-dwJ09TCsuG5AzsuAeR9qx16iU6xrJ4oxJ7HjysR0qQ5_APSkOc1WaL8alcgXsWWPZT5YEbR3HGGOot3KSKTJ4vOGVwgMVELPvlbsAerrCXqo4g47Ga-ZF_YZ6M6-7WWE32Up-6ClGVcE-eqHsWY3Dh1loplAuj-NfblxNzY4-t1GOnoeZjMleItsdKPQwt5Qbt4Ps6AyfIg0SuWK8mS4aQUPVRaBpDiKhOqEiOshCEIRfM_R-p9aSxVfRA1s5nPi2WhCfBbX-cejjyL2JsX_FceIxkmmjpfaAjVcf5hFKPQILeRKcDW5tf_4HMHGlfKBZZnsWeVhO5U52r5E5ZpUnhvzPmqUFiIVJOhN5617_2KsMs9B2AxzBiI8o7kRdixAiTf8Qn4PW_xWY2kVhlxJ_r6xyD7pLgAS3dVrUSwEVmIXbIDeEowxkFIGeSr6gnvQ9u_5ZoFsO3CkwICye7Htac456bOhzvxyk-OGcV0&cid=CAASJeRoc6d3lyuH0mEAV_9HWqkXsw72pSMGru1-YaQ5NMNr3hWrW1g&vpa=auto&vpmute=1&vconp=2&sdkv=h.3.527.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&us_privacy=1---&sdki=44d&ptt=20&adk=2458199627&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.527.0&sid=0B90C171-F036-4B02-8E8C-BE2A9824B97A&nel=0&eid=44730465%2C44754420%2C44760950%2C44762904%2C44765701&url=https%3A%2F%2Fbluejaysnation.com%2F&dlt=1661515867252&idt=4262&dt=1661515872786&ged=ve4_td6_tt2_pd6_la6000_er898.105.1123.505_vi0.0.1200.1600_vp100_ts1_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.527.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f156.1e100.net

Software

cafe /

Resource Hash

927bad7c5948cee9f0ecf13cce571642533be55e0b5beddcc42670b71a0e7954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17376
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 64470645 Show response
unified.adsafeprotected.com/v2/1104080/ Frame 4B91 16 KB
4 KB 417ms
74ms XHR
text/xml 52.16.177.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unified.adsafeprotected.com/v2/1104080/64470645?mon=64470646&omidPartner=Google1/h.3.527.0&apiframeworks=2,7,8&bundleId=[BUNDLEID]&ias_xappb=[ctv_appid]&ias_dspId=3&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=v4~~&originalVast=https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Bm_b5qQQXApCs0BqGta6u3mCXBGivYOdUZ3Ad9_JyqWgtYdk916aI71jpRPn6A0xsj_irFosxTzW9jqI3Fs5iHQ816TQ&cry=1&dbm_d=AKAmf-B4lNnaZxqtw-nGir7wyv0B7P9iVCBKro5qG3OTMho_ml2us0C-JrisupdFMl3WkHcI1i43Zq-Ud2UpPFF4lxqcPQds8R1CaMSS5Avc4NS-7l8xWaFBYrABkjmMy3_DAlQlvJFjZ_L1-xc0USkFtmV4xAZOJfqdNR1KnkvRm4D3Cur44F_gFJLcpt-1vrwo308RaTN0k1PN53UFx5tS361fTtWN_JNP_FXKlxY_wyNUz6Vhjr3ln-6aD1TLgZ5BU4FzgzIdZ_FACAk1fE9eOuQSPVcbUxb1ELOINFEDb1mpveiDKRgOMm1Efzuhd9l33bnZPrJ1Gi59ywOJ90PTecyZ0TAxQ0cXRp6PHQsVPR4rRMm3Ix2ZVvVY-VMjbSLk4JClSxHjnQSWu17yZOoSrS930x9UiWY5LCzlqlDdYNeNUhbkIurt-tPuaBQcbHh6GridkAufKd2pj6t9F9zeHAb0r-cjpNUtjwPQPtDNCXZQUoIDDXfDYUm7F_VZiTy2CpUMALlLJQA1uwpPQ0szm_eV_ZdXRSdkaAx5srKMMJTcHzXFxnBa1Cg5VB8iNOZPIDuZa-WjPdzzOtswiMLGjUAy8ZMXZC4wUR1KyMUjSYmExDpM_hO-qBImqqfjNHKdLeYNRV4rlLcclNiveFCVyOAH00lze-pVvJMZSWfUAGzUL-gm5skwRoDTl94VeBdQj-_He3Gy7YZvYbSfTSQQKGMQ76VqJCET98EVNaMDFjtxPKfV5rKQ14Lt0GWuDAhU2VQqX8l3LStHPUpjrz_8FoIVOoXdX2FNGkhXrC3tF0bFOPxPKEgFVxCmTlX2F42WEdflQbNa8oTUeveMH7S98LTduREo6ggYQqZzgloz9T9I08btr__lJTWV_iERuJ0sc8xgy6TrDjsei8jpuUzrlm-kTmNTdrzU-hRJCdzMUTERAOyPfIEjY3E8-oT1ZfAfMA4ZiLSWp5dLBXXnuO9qGJNG_mj2GbT2pO2as4M3-cubqVD-SNENNY-IQLWz6Oe_uAQz4rix4lhruCu0QI7DllPTcNLZK3puCF2LV09J9m75Dp8ZMI_FKIIB4ebqTgbY-VdRzTM3BrjSyK_fh2nfls_vWnKoBxpzwlSbGV4dbclBL4dtfc_X7d_8-WVeOqGfnjNEZ11tvNo0QR2uA3VEzoMehx5Cj8IpUx5ZBNKsFyVDqPTDlt71qzkmZj4o4E2xtB8FrVlPGgJVvYJQqDnW5cQ4wYpEhcnwgEo8Xt1Rgy8hosf2yhZhDGC1st3Ky5J0scWnNhWK9FlAmF11VvV14OFgcUq31UoeRrMDraRI0truoEzr9pIczjKbt51ZUVwUA58lAD4vS5VbrpqCclKhbE9qFNy3eGs9vzAA1LSCJTbQOlKw5dDq9tnOxi4dRZskKZiymP4mBk-wDxPhwnCY5m0whvl0WfZ5ghWzW1KqhZXFsmjeh2gsN_mPBqRr94syL1kbCF0NwfCh3ewe-Wa3taXZc6szNw3noAJTREuwcEesQQunt9fkZxwATpVt6edFfv0hwc5QWYQIuWDSuPOMbZgOnzdW3eyFscI12IDVbui76Y04GsLR6xsb8oY3BIFhpHT-HAOLfC68NznrMgtYdZJh0QiDkqklWOuWQOmnmlvj9LADpo_gQ5DnJvgr2fVNI9slCSc3d0Pa3R3SChSpEu3W6nEdbt5VulaARgbZty1JcO4L9hSV4x9pI1_oAPHnVTCjZLYyQ_5hVe70WGS9X_Rr1GCv3tKxOu-AWH0qL23Y5dffr4rvuSa2hfu9dPejob2dlQnlHcx5cSyl1V42k6KvA1GqyxyQBoX-CMjA8hwckNMeaA5ziW6VfMg_PyR-wWejU_1HBYiB1nnNTcM-RWNoftD0_fG1QIrzzUlAt-n2J9uBK_-KryD_yTpUdWKjnS8cE36YiMFFP0DPjiY9jJcgsaeJrYpOY58fvn2g85wj0i2PvUR_di8wrM95AEjM9m8r2TRjeDcIk8ao0-3HO1J7JKO78ad-hhTJ71r5TpsDvXxa77ezYyDIV4ZursvwIG0_7lVTDJK1mt0vRfmVYkSA1NQpOsAXlGmwLmkIpkn0OLmJFDOGTZXGUi62XAgdgXGnv22Y7XqVRkUhvj-zXyq60F02mpi_YWxBvfDblYcbgB-jIAScLIScLsX6AyBXLz2-8bfIjDB0B3GsCjreiwmsvc23sm43NEikUvQlujIEWlv5hSEz_NSEV_Vg9r82i4QdJ8DVipHRws6kasmlVWkNr9KgRtzIlMGgX6qGIY5ASIPYORZQnvP4_eBn_X2l1tlE7qsj72S5V95hoIZq7jx0y_68yKsJ_XJ6PZ74c08WTD3tMwZe6xc_c8aA7OFNwA2zTBU3qrxwarKg6jSUNhrBNggnpbx23sUPssOtPJ1n7e59h8SH_zGlZR_oTxIiWEldGtF_4L4Lo7feHglOENc8gpMMV3VoqtJg1QQWG0eHKJVT069oqU_tEAkFjuCMF2IoxOGWlY-c6rRoYyrN-y8mbqbLxw5NlLepLmDmUjqjUoooFa3Uh6H27t0zF1Ox1-V0wnC2MIgdJo2mTeKxVk2U6jPMPrGN11GiC6g9qGr9DuNzAty0fYaj-ZcK87RejlNA06xTNL2d5bjDr1uUHsEY3P-KeLjTYbept9anJVNDh499s8DEsS_0EG9iyy9tzsmGGRsniI5erx1Lw7CeS43a3XPcIbZNa8_-NPrsqAbv9Rj9RzP5ROVNLhxsX7Wmobdq3NgbEqkqeYWZVqSaPUEMvEyVBrE9xGfQ_lfBsJ-rIAFES41bPfpE6DDS-_nkUYtCJReZywf-dwJ09TCsuG5AzsuAeR9qx16iU6xrJ4oxJ7HjysR0qQ5_APSkOc1WaL8alcgXsWWPZT5YEbR3HGGOot3KSKTJ4vOGVwgMVELPvlbsAerrCXqo4g47Ga-ZF_YZ6M6-7WWE32Up-6ClGVcE-eqHsWY3Dh1loplAuj-NfblxNzY4-t1GOnoeZjMleItsdKPQwt5Qbt4Ps6AyfIg0SuWK8mS4aQUPVRaBpDiKhOqEiOshCEIRfM_R-p9aSxVfRA1s5nPi2WhCfBbX-cejjyL2JsX_FceIxkmmjpfaAjVcf5hFKPQILeRKcDW5tf_4HMHGlfKBZZnsWeVhO5U52r5E5ZpUnhvzPmqUFiIVJOhN5617_2KsMs9B2AxzBiI8o7kRdixAiTf8Qn4PW_xWY2kVhlxJ_r6xyD7pLgAS3dVrUSwEVmIXbIDeEowxkFIGeSr6gnvQ9u_5ZoFsO3CkwICye7Htac456bOhzvxyk-OGcV0&cid=CAASJeRoc6d3lyuH0mEAV_9HWqkXsw72pSMGru1-YaQ5NMNr3hWrW1g&vpa=auto&vpmute=1&vconp=2&sdkv=h.3.527.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&us_privacy=1---&sdki=44d&ptt=20&adk=2458199627&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.527.0&sid=0B90C171-F036-4B02-8E8C-BE2A9824B97A&nel=0&eid=44730465%2C44754420%2C44760950%2C44762904%2C44765701&url=https%3A%2F%2Fbluejaysnation.com%2F&dlt=1661515867252&idt=4262&dt=1661515872786&ged=ve4_td6_tt2_pd6_la6000_er898.105.1123.505_vi0.0.1200.1600_vp100_ts1_eb24171&ves=dGltZXN0YW1wOiAxNjYxNTE1ODcyOTA1Cg&vpaid=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.527.0_en.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.177.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-177-107.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9e83addd504e71f953c3be9ee154e810a259f4fe83e0c3f536c1bddb48c53753

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 12:11:13 GMT
Content-Encoding: gzip
Vary: Origin
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 4059

POST
H2 204 csi
csi.gstatic.com/ Frame 4B91 0
327 B 107ms
41ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l7afnfey&c=7663611360377&slotId=3831805680188.5&qqid=COu78Pq85PkCFYRQ5QodfToIYw&gqid=YLgIY9b0EtSE9u8Pg6qAqAE&fb=ima_html5-lima&sdkv=h.3.527.0&ppt=stnvideo%2Fplayer&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&wta=1&ghmsh_eids=44730465%2C44754420%2C44760950%2C44762904%2C44765701&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.527.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4B91 42 B
64 B 113ms
61ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4B91 42 B
64 B 113ms
62ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 4B91 0
0 60ms
58ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=C8x1uYLgIY-uLFYShlQf99KCYBryF_JprhpvF4oUQl66bl8cgEAEg8ev7RmCVoqyCtAegAfz_y_ECyAEFqAMBmAQAqgT5AU_QJEbEdzYkISh8F7_-H6RooIm-BkCGMToiKv2FfZ3e69yO-ZrQWPYVSW6cKZjPgwpYm6XdAz2OQAgYztFYha1gtmMsLQyxSvxPS4rXwgCs0gi_QuJyRAw_HtdpniZ_d2XDmsvPf-7aUz5HZN7mM4gNF0WoS9gstLTnME95HdpAqMMwSYGelG94Cxyzmo2qyEtHtvbd3HRHspxOORiBmjaHVmFFeyrYsv3YhxnXslt1l7l45X7JMTAgTC8Ee8j-9VZ9gXb50UMu4eWh5zZ04V0UlkAYIb5lGrUoNmDQhAnbt_0z27EaEVs-rG2PwkkjoxtCflvtoMjhRMAEn7Sv2oIE4AQDiAWW9J6SQpIFDQgiEAIYAUihnsgBUAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB-z_s44BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwsQz968ARi_qpjPAdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0yMzg4MTg5ODQyNjQyNTkxgAoDyAsBsBPg54cQyBP0qvHgA9ATANgTCogUBdgUAdAVAYAXAbIXHgocCAASFHB1Yi05NTA1ODIzNzQzOTc4MzM3GLniKA&sigh=2v79x1lfmng&cmd=Ch1jYS12aWRlby1wdWItOTUwNTgyMzc0Mzk3ODMzNxAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSPACsnQUxNrpIG5sIoqyCJu9MzAWBCFee45HW4oETPPSuDn_QjRQ1ulvVAgY6uOXBOCdpsNlrYIEJKaURXQ&vt=10&sdkv=h.3.527.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2MTAzOTg2NTE3MzNAlAQKOQgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MzMzNDY4MzgyCTE3NDYwNjQxOECYAQpfCAESG3VuaWZpZWQuYWRzYWZlcHJvdGVjdGVkLmNvbRoDREJNIAQqCTUzMzM0NjgzODIJMTc0NjA2NDE4QKUDUh4lAACgQSgBOgsxNzQ2MDY0MTgtMUIER0RDTVAAYAEYAQ..
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 2951 55 KB
19 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f686e0b3be8f064aedbef4c507c15351eeaf2e74761a82d02bbc15da5eb62c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19801
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 20:36:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Fri, 26 Aug 2022 12:17:40 GMT

GET
H2 200 vpaid.2022.04.25-15.52-2acd3d8.js Show response
static.adsafeprotected.com/ias/v1/ Frame 2951 179 KB
43 KB 23ms
23ms Script
application/javascript 2600:9000:214f:9400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/ias/v1/vpaid.2022.04.25-15.52-2acd3d8.js
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:9400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4eb117f5f1fc90466bb7aeb543b00203b3373b23cecd6980b6317dbba275230d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 01:30:36 GMT
content-encoding: gzip
age: 384038
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 03 May 2022 16:46:10 GMT
server: AmazonS3
etag: W/"47ecb75488e5a1efdf427dddd979916d"
vary: Accept-Encoding
x-amz-version-id: 5pHe_uQZnSorIb3h0rU.d92Jgb7kHfOE
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: uXq93MEosj2uZJINDiSre_NJCIY0jjPi-HJsndbXBVqL1cI5lEHznA==

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/db2/video/1104080/64470645/ 40 B
385 B 159ms
52ms XHR
application/javascript 54.194.208.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/db2/video/1104080/64470645/skeleton.js?videoId=8ad17461e0b8f03b29ecbd4cb91d9b4e&adsafe_url=https%3A%2F%2Fbluejaysnation.com%2F&adsafe_type=abdq&adsafe_jsinfo=br:c
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2022.04.25-15.52-2acd3d8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.208.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-208-7.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2d853d5c205e6bc73c9928255af1ea931f948c6f46f607eeef92935f37f72f5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:13 GMT
content-encoding: gzip
x-server-name: app01.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://bluejaysnation.com
access-control-expose-headers: X-Server-Name
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/fwjsvid/st/1104080/64470645/ 234 KB
70 KB 154ms
47ms Script
application/javascript 54.194.208.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/fwjsvid/st/1104080/64470645/skeleton.js?videoId=8ad17461e0b8f03b29ecbd4cb91d9b4e&apiframeworks=2,7,8&bundleId=[BUNDLEID]&ias_dspId=3&ias_impId=v4~~&ias_xappb=[ctv_appid]&mon=64470646&xmapp=0&xmtp=v&xsId=4a3d8f7d-c03c-49b2-897d-7fac65c86cd8&adsafe_par=&logTestResults=false
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2022.04.25-15.52-2acd3d8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.208.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-208-7.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 37fabf11dece40f5a805e9856b78239aa7e7e6a4b541d776a38ecf212b1613c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:13 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET

file.mp4
r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/0ca56a060d27a0b4/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3802237073/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip...
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/0ca56a060d27a0b4/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3802237073/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/0ca56a060d27a0b4/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3802237073/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

GET
BLOB 200
OK bced62dd-6414-49f7-b8ae-ca7c13cf1a0c
https://bluejaysnation.com/ 93 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bluejaysnation.com/bced62dd-6414-49f7-b8ae-ca7c13cf1a0c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9850487a52d056b4cd76c894a5852c37a6c40e604db6af1c7e413848aa1f6774

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 94909
Content-Type: text/javascript

GET
H2 200 624383544r75890op5p124n88q2r322s.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 487 B
1 KB 401ms
401ms XHR
application/x-mpegurl 65.9.66.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/624383544r75890op5p124n88q2r322s.m3u8
Requested by: Host: d3e9zy76sv7y5r.cloudfront.net
URL: https://d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-129.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d90c322e19a66e08000dcc9b9dbb3e44df36b8a847b1d9d4b36f5ec41bbddbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:14 GMT
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 487
last-modified: Fri, 26 Aug 2022 11:55:12 GMT
server: AmazonS3
etag: "c49bc78c269e799e1291b243cc90898c"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: rbiQ-KtyDXJWpd5iwV2AXsqEzx2FWusM6aHUAFKDV7AiiLZxO6aDpQ==

GET
H/1.1

206
Partial Content

https://gcdn.2mdn.net/videoplayback/id/0ca56a060d27a0b4/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3802237073/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/0ca56a060d27a0b4/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3802237073/sparams/acao,ctier,expire,id,ip,ipbits,ita...

1 MB
1 MB

80ms
22ms

Media
video/mp4

2a00:1450:4001:11::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/0ca56a060d27a0b4/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3802237073/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2E4958E3EC6125AE03CE9052F83262125C58A2D3.59B425D94350B0ABE2C4B14BAD3D0D17B42973D7/key/cms1/cms_redirect/yes/mh/zn/mip/2001:1b60:2:240:3247::12/mm/42/mn/sn-4g5lznez/ms/onc/mt/1661515564/mv/u/mvi/1/pl/29/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:11::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e55d75867a8c369e90d191c32c05a2048091b4494434de52d41312a4ad98c204

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 12:11:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 14 Jul 2022 08:55:23 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1482769/1482770
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1482770
Expires: Fri, 26 Aug 2022 12:11:13 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:13 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/0ca56a060d27a0b4/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3802237073/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2E4958E3EC6125AE03CE9052F83262125C58A2D3.59B425D94350B0ABE2C4B14BAD3D0D17B42973D7/key/cms1/cms_redirect/yes/mh/zn/mip/2001:1b60:2:240:3247::12/mm/42/mn/sn-4g5lznez/ms/onc/mt/1661515564/mv/u/mvi/1/pl/29/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 654
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 4B91 41 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.527.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 08:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184374
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 08:58:19 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4B91 42 B
64 B 78ms
77ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Czrl3YLgIY-uLFYShlQf99KCYBryF_JprhpvF4oUQl66bl8cgEAEg8ev7RmCVoqyCtAegAfz_y_ECyAEFqAMByAMTmAQAqgT8AU_QJEbEdzYkISh8F7_-H6RooIm-BkCGMToiKv2FfZ3e69yO-ZrQWPYVSW6cKZjPgwpYm6XdAz2OQAgYztFYha1gtmMsLQyxSvxPS4rXwgCs0gi_QuJyRAw_HtdpniZ_d2XDmsvPf-7aUz5HZN7mM4gNF0WoS9gstLTnME95HdpAqMMwSYGelG94Cxyzmo2qyEtHtvbd3HRHspxOORiBmjaHVmFFeyrYsv3YhxnXslt1l7l45X7JMTAgTC8Ee8j-rVffnX7DR3C8OksOhLjb-4-T9J-fbyzAeyel0lX4jSDDO3OOuiOd_EwQtM1LXSv8BtlVUkM0On-CypY3jMAEn7Sv2oIE4AQDkAYBoAZOgAfs_7OOAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tMjM4ODE4OTg0MjY0MjU5MYAKA5gLAcgLAYAMAbAT4OeHEMgT9Krx4APQEwDYEwqIFAXYFAHQFQH4FgGAFwE&sigh=CvBpAV5jHuo&label=vast_creativeview&ad_mt=0&acvw=sv%3D933%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D898,105,1123,505%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D-1%26vmtime%3D-1%26is%3D0%26cs%3D0%26c%3D0%26mc%3D-1%26nc%3D-1%26mv%3D-1%26nv%3D-1%26lte%3D-2%26ces%26femt%3D1964%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D771991522%26psm%3D0%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D2677%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1661515873396&sdkv=h.3.527.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2MTAzOTg2NTE3MzNAlAQKOQgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MzMzNDY4MzgyCTE3NDYwNjQxOECYAQpkCAESG3VuaWZpZWQuYWRzYWZlcHJvdGVjdGVkLmNvbRoDREJNIAQqCTUzMzM0NjgzODIJMTc0NjA2NDE4QKUDUiMQBCUAAKBBKAE6CzE3NDYwNjQxOC0xQgRHRENNSJ4CUABgARgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame F87B 23 KB
9 KB 20ms
20ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 152492
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 17:49:41 GMT
expires: Thu, 24 Aug 2023 17:49:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Show response
pagead2.googlesyndication.com/bg/ Frame F87B 36 KB
14 KB 25ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 22:57:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 393194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 22:57:59 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/db2/video/1104080/64470645/ 91 B
315 B 55ms
55ms Script
application/javascript 54.194.208.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/db2/video/1104080/64470645/skeleton.js?ias_callback=__IntegralAS_2c26d8106c0d5d63384959a1c350b28f_803&videoId=8ad17461e0b8f03b29ecbd4cb91d9b4e&apiframeworks=2,7,8&bundleId=[BUNDLEID]&ias_dspId=3&ias_impId=v4~~&ias_xappb=[ctv_appid]&mon=64470646&xmapp=0&xmtp=v&xsId=4a3d8f7d-c03c-49b2-897d-7fac65c86cd8&adsafe_par=&logTestResults=false&adsafe_url=https%3A%2F%2Fbluejaysnation.com%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:2c26d810-6c0d-5d63-3849-59a1c350b28f,c:moKEFf,sl:na,em:false,fr:true,thd:1,mn:jsserver-primary-679d8dc74f-ktdbn,rg:ie,pt:2-5-15,mu:10000,br:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tfCnhr2+1*.1104080-64470645%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1b31%7C1c%7C1d,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:env,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:fwjsvid,et:22,oid:2dddcbbc-2538-11ed-90a2-d654c37989bb,v:19.8.345,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/fwjsvid/st/1104080/64470645/skeleton.js?videoId=8ad17461e0b8f03b29ecbd4cb91d9b4e&apiframeworks=2,7,8&bundleId=[BUNDLEID]&ias_dspId=3&ias_impId=v4~~&ias_xappb=[ctv_appid]&mon=64470646&xmapp=0&xmtp=v&xsId=4a3d8f7d-c03c-49b2-897d-7fac65c86cd8&adsafe_par=&logTestResults=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.208.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-208-7.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3aabebbdef162174a047613dff6a5a4ef8b20cc6fcff818270c7fa975e5acc0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:13 GMT
content-encoding: gzip
x-server-name: app07.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: application/javascript;charset=utf-8
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 1F03 80 KB
21 KB 22ms
22ms Script
application/javascript 2600:9000:214f:9400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:9400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 11:54:48 GMT
content-encoding: gzip
age: 1469786
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: 6yuBIeRmMxZPSAzW_v2HHOlV59gHmDM_16sNr0K4agaIVCb6w6zuWA==

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 347ms
106ms Image
image/gif 2600:1f18:1aca:4281:8c65:2d:98c7:6d3f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1104080&asId=2c26d810-6c0d-5d63-3849-59a1c350b28f&tv=%7Bc:moKEFY,pingTime:-2,time:66,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:7622,beZ:7624,mfA:7626,cmA:7628,inA:7628,inZ:7634,prA:7634,prZ:7641,si:7645,poA:7646,poZ:7670,cmZ:7670,mfZ:7670,loA:7674,loZ:7676,ltA:7688,ltZ:7688%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:v,w:0,h:0,t:21%7D%5D,vv:-1,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:66,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:21,wc:0.0.1600.1200,reas:v,bkn:%7Bpiv:%5B59~1%5D,as:%5B59~na.na%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:u,tt:fwjsvid,dtt:0,fm:tfCnhr2+1*.1104080-64470645%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1b31%7C1c%7C1d,idMap:1*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:env,slid:%5B%5D,sinceFw:41,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:8c65:2d:98c7:6d3f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:14 GMT
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F87B 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.527.0&bgai=BB5FhYLgIY8jVNqPHxgLw1puIBQAAAAA4AeAEAg&bg=!8fKl8rbNAAYUOm8VNDo7ACkAdvg8WmqfN_cVH7si05nVFPnSXW5ckG2_jOIJz3qmyPtlTmOmV88k1QIAAABmUgAAAANoAQcKAE5HELKEw1651XpZaVwNCgqI4EbZkohMX7_WUn4o6nqb99Gtk1V0QUaJCE3589woU_2sbkUMd0I5qUczOuRQFLOSmMk9EKfYjx2swn3hBo-ZAwsnfbjielmaR73duuM0eSiH6YSfyXWxJBBiHwS8Nr9LPWJxFXDB0mCcLYeSocsTtkCaojLQl1Co6WeALyv9OLzAmXxl2MNeeJbJ9XigLFQyS3Ywv-8xzzUcdnr87sf39E1EiN1ZYS8cGVyTeMTc7mXUtcxDRbDodhoidbV6IASiRrAlzLoYfwHDPPj3k0_QnVYE-q7WDnswdm90ub3bJ5kAfYRGaK_k_FVjrYawVIqNabjTOo22mznAKceYxe_WPZvPJCeWqsIQzWb0HH2lI-1_7pbj_6LaAkA717tfFkBMz_v1Ah6ToPedoJZzIDb2AcoEQLAskw5a0csmt1E_fUjze40PpC92AsetvJKkxUj7USRbkcO3EbM4TJ5acqBvXu-qnF8XzKBlTcmf541Lu5yGFK29jG8O2S-OvbhEL7WClnq_yLvUklj2jyAqEWdqDBhRuEvjuvED9BQwrPLy0H8JsmMruptfYCB2UjEBY2pBlwBhDhNqOZyK3wo3FLfvnQrPMiKpFVmj39d6viFKC1tphYXb_TTVyzCBwwyqSc3-Oq5dK3p4g2S70jFEMBUOfnO6eM37Td3khggBj-WrOzMx3f8fGQmilCHtUsOTnk9-P65sKXbL3SPqW-b9-bEqw6MF9Ar5y2GdjXx74si_nuhu5DshcNTWfa0YrqGh17EGtzGRdcjxC_nd1QW76zOX_urWA_dfogIyQBY62G9eg2N0o2UMIKMYy27pb2CRp5OAY-AevQ1UjHw-eI6bWqX-6Fti8c76i6trTaNPBuRTQs8RQZpIBq6Ngd_4KB6_GreUjvKPkjKpzrUt6vXVVlW4hlffOA1jdgVqtDTl28HyA_iC5u5VZ81ROW5QvZDgo0iNRdOuJwkyKXjiyQ9p4c3-X-fm9SxPsTtGCtnUGOcfeTtTGMCj2QPWwA2YOeQJuhneL9DFCQ_RR0xu-c3axWOIsw_x25FZnb-U7sMlqXlkEiXhyYf-r636RLvDVgzm-ObZXEEFhKpixFEXdzyCNPNp6nYApcYk1DpwzVXwog

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 107ms
107ms Image
image/gif 2600:1f18:1aca:4281:8c65:2d:98c7:6d3f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1104080&asId=2c26d810-6c0d-5d63-3849-59a1c350b28f&tv=%7Bc:moKEL5,pingTime:-10,time:383,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNC4wLjUxMTIuMTAxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1661515874134%7C%7Cae6210ff5d5f1f717eaca357b5d595ca%7C%7C5804921a8d3c64b26a083c50aad655e9%7C%7C9b4a7fa5c21a0cdc4a97ff16f83ace1f%7C%7C31576720d148dc3f2304f1e037d8be64%7C%7Cb379c0519c83689d1cb14be0134c8cae%7C%7C055e0e9554830101a326415cf8050ca3%7C%7Cb26c3a918a4375892b4f5c4a01469107%7C%7C1629390669%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:8c65:2d:98c7:6d3f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:14 GMT
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK pixel.png
unified.adsafeprotected.com/ Frame 2951 35 B
174 B 43ms
43ms Image
image/gif 52.16.177.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjozMDMsInNpdGVfdXVpZCI6ImFmZGRlZjVkLWMyMDQtNDBhOS1iNGZiLTk2NWExNDVkMDY5NiIsImJpZF9yZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vYmx1ZWpheXNuYXRpb24uY29tLyJ9fSwiY2IiOjE2NjE1MTU4NzQxNTIsImlhc19zaW5nbGV0YWciOnRydWUsImlhc19zaW5nbGV0YWdfb3V0Y29tZSI6MjMsImhlYWRlcnMiOnsiaGVhZGVyOCI6Imlhc28ifSwiY3VzdG9tIjp7ImN1c3RvbTciOiIxMTA0MDgwIiwiY3VzdG9tOCI6IjY0NDcwNjQ1IiwiY3VzdG9tMTEiOiIyMDIyLjA0LjI1LTE1LjUyLTJhY2QzZDgiLCJ4c2lkIjoiNGEzZDhmN2QtYzAzYy00OWIyLTg5N2QtN2ZhYzY1Yzg2Y2Q4IiwicHBhdGgiOiJodHRwczovL3VuaWZpZWQuYWRzYWZlcHJvdGVjdGVkLmNvbSJ9fQ==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.177.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-177-107.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 12:11:14 GMT
Connection: keep-alive
Content-Length: 35
Vary: Origin
Content-Type: image/gif

GET
H2 200 dc_oe=ChMIyIWS-7zk-QIVo6NRCh1w6wZREAAYACDSkKFTOhoIrYTRjgEQn7Sv2oIEGPSq8eADIIabxeKFEEITCOu78Pq85PkCFYRQ5QodfToIYw;dc_rmcid=CAASJeRoc6d3lyuH0mEAV_9HWqkXsw72pSMGru1-YaQ5NMNr3hWrW1g;eps=CIDhgBAQARgdMgK...
ade.googlesyndication.com/ddm/activity/ Frame 4B91 42 B
494 B 121ms
58ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyIWS-7zk-QIVo6NRCh1w6wZREAAYACDSkKFTOhoIrYTRjgEQn7Sv2oIEGPSq8eADIIabxeKFEEITCOu78Pq85PkCFYRQ5QodfToIYw;dc_rmcid=CAASJeRoc6d3lyuH0mEAV_9HWqkXsw72pSMGru1-YaQ5NMNr3hWrW1g;eps=CIDhgBAQARgdMgKqAjoCgEA;met=1;acvw=sv%3D933%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D898,105,1123,505%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D20032%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1964%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D771991522%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D3168%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1661515873396;dc_rfl=0,https%253A%252F%252Fbluejaysnation.com%252F%240;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4B91 42 B
64 B 60ms
59ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Czrl3YLgIY-uLFYShlQf99KCYBryF_JprhpvF4oUQl66bl8cgEAEg8ev7RmCVoqyCtAegAfz_y_ECyAEFqAMByAMTmAQAqgT8AU_QJEbEdzYkISh8F7_-H6RooIm-BkCGMToiKv2FfZ3e69yO-ZrQWPYVSW6cKZjPgwpYm6XdAz2OQAgYztFYha1gtmMsLQyxSvxPS4rXwgCs0gi_QuJyRAw_HtdpniZ_d2XDmsvPf-7aUz5HZN7mM4gNF0WoS9gstLTnME95HdpAqMMwSYGelG94Cxyzmo2qyEtHtvbd3HRHspxOORiBmjaHVmFFeyrYsv3YhxnXslt1l7l45X7JMTAgTC8Ee8j-rVffnX7DR3C8OksOhLjb-4-T9J-fbyzAeyel0lX4jSDDO3OOuiOd_EwQtM1LXSv8BtlVUkM0On-CypY3jMAEn7Sv2oIE4AQDkAYBoAZOgAfs_7OOAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tMjM4ODE4OTg0MjY0MjU5MYAKA5gLAcgLAYAMAbAT4OeHEMgT9Krx4APQEwDYEwqIFAXYFAHQFQH4FgGAFwE&sigh=CvBpAV5jHuo&label=part2viewed&ad_mt=216&acvw=sv%3D933%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D898,105,1123,505%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D20032%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1964%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D771991522%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D3168%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1661515873396&sdkv=h.3.527.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2MTAzOTg2NTE3MzNAlAQKOQgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MzMzNDY4MzgyCTE3NDYwNjQxOECYAQpkCAESG3VuaWZpZWQuYWRzYWZlcHJvdGVjdGVkLmNvbRoDREJNIAQqCTUzMzM0NjgzODIJMTc0NjA2NDE4QKUDUiMQBCWJQaBBKAE6CzE3NDYwNjQxOC0xQgRHRENNSJ4CUABgARgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B91 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4B91 0
27 B 70ms
67ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst-iehzppY0clGBOMNsJx8W6Gei1FL3_ojBUm9nBSjE1u_mY1_GtgDnknjNoLHDANJNYf4VQ6BIuwoCVMLZ4bdttLlWpSGRwzTMMBnAbQNUfQfkwXkFIMPLF3l1scC44vwYyjFvkc910j-LicMCsRIw-licIAnM4uyXbmHsbkqfnWIHKTd_eq9jio7BAWfxpE9ZIOhAJkuDRjmNTZJwblaLmq4dFrql_WDFMjJalTMl6BnTl_4MQWkY8AffIh5RuXfzA5fDsRah5fXsqmPYj32XJ99ygDuJOzhpXmS3_HVpP36Yi0mGnM4RQtBnJdyQLCHzp2WQqBDWrB0JDSomKt7HacWqSVUlaHYyUsv6cNM5jsYBIuFIqPwa0WYjxQjgr30rJg7NvmkuMBfyknJTw2j2xZT8IfhZ6hoZS9g3u-DQD10UmeYtsEGC7g1N4oGpr9JRPl49ImnbNMCYBPSaOcaxeb-jnyuWBuxw6rmZIcJwcH7pqENGQSxBUBWtWM2P91tv6nY7roUFD1dHjrzRn4kxVFAJ1CrAIRbUaBAv5iQ89A3ASVa67QXJPIhlwEG93nkRNpsobCmtjw3iX0pLDWrVZQC-Wtu-tc0CDij2jjssZD5dkjamXe0NlllSzkIXG9Nx933ejQ5M5dQJf1Ez6Rd5nqY7T0WYilBi3qnNR9zkl8ud_dk9LYMCsfcCEIe0-LMv2sB993YzJiIK_sK77FZwLqyGJFAiYUwxdndgcpPAbdAmolfaRj0T2lAUIieXGpQnGh2B7EQuJa1M_Slay9YDQM8FB6JDPTyK7uy4FhBI9tyl3APU8Ah1Syqomne9Ek6nR1pXySaPwzz9WrJ2B91e_CeqRMmSDqzWpc8O2ebt8Ypw8kIJqTo1Y5eZIZsT77zX-8oIkqndYCdf4ts3xjTv9mRRoVaOCYwGIJqRFceSetdzpnyG70zD_LWo0jry4saIJNB1zAlY9PEhdWnqNOtE6wynEdYR9Jmcnphrzo9o8q9cf_0MrYqODdj4QofntLgMqFHEOFCGVQI9BL6V3twbKQoN_K-Mv9ssVYynlwtBBkTTk_lf2anBlnkqDCFKUzhQ7MkK7-7PVwiO8ndCVyJVPl1Qs9II0zM1uq6U_BKN7Z1lkkUyi0ACykjnnQ44ezbP2MiBGqQ8zwScsdRxqt9QogHN84oexb6c1DGNThqErB_vE9194LqGs81nw0CdB7jysjejdrdPzSjc4O4TMSJe8fV3qZbotSfCtAcmbMwpnkLvNqAQpQ&sai=AMfl-YQM-usCVoZ3vBjRrJigM0bKcB8KXXfBDdU96Hc1ABxiA0jVV1e_pD5yCy9dBDgtfdFYgzy6HSRkQ-P_IiKhVF8XXXwfXdk2t54W0SQSSN8E3i_0odj_1Z-xawN_1S3VZrL4cqNLZ__0-m8ubFU_EjSqF3PAJAY98tj6EOZL3Qzn-kIftDU6Xh8vl-Oqec3YPlNcB-QwKURz368Y7-L6Y_r0&sig=Cg0ArKJSzMDY1nmIXBDJEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.527.0&adurl=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 26 Aug 2022 12:11:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

firstevent
intelcorp.demdex.net/ Frame 4B91
Redirect Chain

https://intelcorp.demdex.net/event?event=imp&d_campaign=28196010&d_site=5134578&d_placement=341348374&d_ad=533346838&d_creative=174606418
https://intelcorp.demdex.net/firstevent?event=imp&d_campaign=28196010&d_site=5134578&d_placement=341348374&d_ad=533346838&d_creative=174606418

42 B
954 B

54ms
53ms

Image
image/gif

54.77.35.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://intelcorp.demdex.net/firstevent?event=imp&d_campaign=28196010&d_site=5134578&d_placement=341348374&d_ad=533346838&d_creative=174606418

Protocol

HTTP/1.1

Server

54.77.35.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-35-16.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v038-0f28ca000.edge-irl1.demdex.com 6 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: cesqNNl7StE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v038-09764aab8.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 0iYFlCElTDU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://intelcorp.demdex.net/firstevent?event=imp&d_campaign=28196010&d_site=5134578&d_placement=341348374&d_ad=533346838&d_creative=174606418
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 4B91 0
0 61ms
59ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIXULRDioeABGL-qmM8BIAEwAQ&v=APEucNUklq3o_iNJkZbspah8XdvHeASZa7fAsiW1Ncqa5UMsq76w7J2GEseEeWBcPLTcfBfs1zQezwEvfw6A7V3mh1tOd7R0eA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 4B91 43 B
73 B 22ms
20ms Image
image/gif 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 16:37:59 GMT
x-content-type-options: nosniff
age: 70395
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Aug 2022 16:37:59 GMT

GET
H/1.1 200
OK pixel.png
unified.adsafeprotected.com/ Frame 4B91 35 B
174 B 76ms
43ms Image
image/gif 52.16.177.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU0VDT05EQVJZX0lNUFJFU1NJT04iLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vaW1hc2RrLmdvb2dsZWFwaXMuY29tLyJ9fSwiY3VzdG9tIjp7ImN1c3RvbTEiOiIiLCJjdXN0b20yIjoiNC4wIiwiY3VzdG9tMyI6IjQuMCIsImN1c3RvbTciOiIxMTA0MDgwIiwiY3VzdG9tOCI6IjY0NDcwNjQ1IiwieHNpZCI6IjRhM2Q4ZjdkLWMwM2MtNDliMi04OTdkLTdmYWM2NWM4NmNkOCJ9LCJoZWFkZXJzIjp7ImhlYWRlcjExIjoiREJNIiwiaGVhZGVyMTIiOiJiaWQuZy5kb3VibGVjbGljay5uZXQiLCJoZWFkZXIzIjoiR29vZ2xlMS9oLjMuNTI3LjAiLCJoZWFkZXI0IjoiMiw3LDgiLCJoZWFkZXI1IjoiW0JVTkRMRUlEXSIsImhlYWRlcjgiOiJpYXNvIiwiaGVhZGVyOSI6IiJ9LCJjYiI6IjE2NjE1MTU4NzMzMzEzNjQ4NTciLCJhZER1cmF0aW9uIjotMSwiaWFzU2luZ2xldGFnIjp0cnVlLCJpYXNTaW5nbGV0YWdPdXRjb21lIjoiT1VUQ09NRV9NX19WUEFJRF9fT01JRF9fV0VCX1BYTCJ9&advEntityId=1104080&pubEntityId=64470645&key1=ROKU_ADS_APP_ID&key2=$APP_STOREURL
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.177.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-177-107.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 12:11:14 GMT
Connection: keep-alive
Content-Length: 35
Vary: Origin
Content-Type: image/gif

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 4B91
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1104080/64470646/skeleton.gif?xmtp=v&xmapp=0&xsId=4a3d8f7d-c03c-49b2-897d-7fac65c86cd8&bidurl=&ias_campId=&ias_pubId=&ias_placementId=&ias_chanId=&ias_dealI...
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=4a3d8f7d-c03c-49b2-897d-7fac65c86cd8

43 B
483 B

22ms
21ms

Image
image/gif

2600:9000:214f:9400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=4a3d8f7d-c03c-49b2-897d-7fac65c86cd8
Protocol: H2
Server: 2600:9000:214f:9400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 14:52:58 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
age: 5347096
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: PpvLjIkNkOtzyDTrBidCipNwTw-mY-9SqxWWiQpEFg2xx8THTxxeWw==

Redirect headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:14 GMT
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=4a3d8f7d-c03c-49b2-897d-7fac65c86cd8
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 dc_oe=ChMIyIWS-7zk-QIVo6NRCh1w6wZREAAYACDSkKFTOhoIrYTRjgEQn7Sv2oIEGPSq8eADIIabxeKFEEITCOu78Pq85PkCFYRQ5QodfToIYw;dc_rmcid=CAASJeRoc6d3lyuH0mEAV_9HWqkXsw72pSMGru1-YaQ5NMNr3hWrW1g;eps=CIDhgBAQARgdMgK...
ade.googlesyndication.com/ddm/activity/ Frame 4B91 42 B
107 B 116ms
59ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyIWS-7zk-QIVo6NRCh1w6wZREAAYACDSkKFTOhoIrYTRjgEQn7Sv2oIEGPSq8eADIIabxeKFEEITCOu78Pq85PkCFYRQ5QodfToIYw;dc_rmcid=CAASJeRoc6d3lyuH0mEAV_9HWqkXsw72pSMGru1-YaQ5NMNr3hWrW1g;eps=CIDhgBAQARgdMgKqAjoCgEA;met=1;acvw=sv%3D933%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D898,105,1123,505%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D20032%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1964%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D771991522%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D3167%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1661515873396;ecn1=1;etm1=0;eid1=200101;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4B91 42 B
64 B 62ms
58ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss11kpnPx_XMyoDa6tXf2iRf5w_dwobxkhoRK6RRfB9sodGfMM36-mc6gCkaQSIcxnuHDeAI9V3VAqfiMMRX-Uxg8NMApryFAdZWLYgoP0oE7XdNH9LcbEZE6vpFOhk1OFPosdX0w&sai=AMfl-YRbU0OCw0LeF-AzW76unkji8_ujVRliMk6zlI0aXNGUZ23Swfwo9dKTufO_2PzgCtTvoBMFnk9_V917dduMzKXm-teuWGH-wdc-RycZbe1m3CQ8g2ljvOSG6kEN&sig=Cg0ArKJSzI3RFUOreWh2EAE&cid=CAASJeRoc6d3lyuH0mEAV_9HWqkXsw72pSMGru1-YaQ5NMNr3hWrW1g&id=lidarv&acvw=sv%3D933%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D898,105,1123,505%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D20032%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1964%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D771991522%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D3167%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1661515873396&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 108ms
108ms Ping
image/gif 54.152.91.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=zt0ltFVJFtsBUlxc&instance=114882982&version=7.7.2&age=220826&ldt=AD_IMP&key=bWgHsfoB&seq=1&order=7&absoluteTime=8037.6&relativeTime=3589.8&sm_id=2200192&visiblestatecd=I&soundcd=OFF&adX=true&lineItem=610398651733&adSystem=AdSense/AdX&firstLineItem=533346838&firstAdSystem=DBM&lineItemsGDFP=&adIndex=0&advertiser=&cid=8802&pposition=home&adServer=gam&iu=/92056281,22671245338/bluejaysnation-premium&logAssertiveYield=false&rand=7&rmt=ns
Requested by: Host: d3e9zy76sv7y5r.cloudfront.net
URL: https://d3e9zy76sv7y5r.cloudfront.net/easy-stn-player/20220824/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.91.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-91-168.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:14 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 p
sb.scorecardresearch.com/ Frame 43F6 43 B
265 B 21ms
20ms Image
image/gif 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1661515871211&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=20032&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ad=mid-roll&ns_st_ci=2200192&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1661515874170&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=2959&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=The%20Nation%20Network%20Recirc&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fbluejaysnation.com%2F&c8=&c9=
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluejaysnation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:14 GMT
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 43
x-amz-cf-id: XLGUrXyljuKyFfWmg4by_fZNmhEaX5JZzHKFLsEwfYtMlFLX0kBufw==
x-cache: Miss from cloudfront
content-type: image/gif

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame E8AC 281 B
573 B 132ms
31ms Document
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://bluejaysnation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 26 Aug 2022 12:11:15 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E8AC 31 KB
10 KB 46ms
35ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 72bbfee7a6b83380fdc2cb0c51f0fa6d9e814b9bf654dd9e01d181efdfd0194e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 12:11:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:18 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=50287
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9377
Expires: Sat, 27 Aug 2022 02:09:22 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E8AC
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdBRk5ENEwtMVItODAyUw==&us_privacy=1---

170 B
188 B

32ms
32ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdBRk5ENEwtMVItODAyUw==&us_privacy=1---

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdBRk5ENEwtMVItODAyUw==&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame E8AC 70 B
264 B 46ms
44ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E8AC
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/Ifqhyjc5qHt9pG4HRUDza8n5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7035370890915302953

0
239 B

24ms
24ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7035370890915302953
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

Redirect headers

date: Fri, 26 Aug 2022 12:11:15 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7035370890915302953
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2 451 709414.gif
id.rlcdn.com/ Frame E8AC 0
98 B 207ms
30ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif?us_privacy=1---
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame E8AC
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7AFND4L-1R-802S&us_privacy=1---

0
703 B

289ms
224ms

Image
text/plain

2620:1ec:22::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7AFND4L-1R-802S&us_privacy=1---
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: H2
Server: 2620:1ec:22::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:15 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: FA01E91930504CBE92E92FA2D348A476 Ref B: VIEEDGE1208 Ref C: 2022-08-26T12:11:15Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXnI8+Ovki9BU0aWoIvlw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7AFND4L-1R-802S&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame E8AC
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=RIwp09wcQbe_c7DbLcDzDA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=RIwp09wcQbe_c7DbLcDzDA

43 B
556 B

117ms
116ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=RIwp09wcQbe_c7DbLcDzDA

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Aug 2022 12:11:15 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 94V0YNRK69ZTYB8261WW
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=RIwp09wcQbe_c7DbLcDzDA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E8AC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELUD3v9gh9mOWxy93gsRDs0&google_cver=1

0
239 B

190ms
24ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELUD3v9gh9mOWxy93gsRDs0&google_cver=1
Requested by: Host: bluejaysnation.com
URL: https://bluejaysnation.com/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELUD3v9gh9mOWxy93gsRDs0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame E8AC
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&us_privacy=1---
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7AFND4L-1R-802S&sigv=1&esig=2~46d7aa936fd2033c9184168508027da1911565fa&us_privacy=1---

0
194 B

462ms
34ms

Image
text/plain

2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7AFND4L-1R-802S&sigv=1&esig=2~46d7aa936fd2033c9184168508027da1911565fa&us_privacy=1---

Requested by

Host: bluejaysnation.com
URL: https://bluejaysnation.com/

Protocol

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:11:15 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7AFND4L-1R-802S&sigv=1&esig=2~46d7aa936fd2033c9184168508027da1911565fa&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 dc_oe=ChMIyIWS-7zk-QIVo6NRCh1w6wZREAAYACDSkKFTOhoIrYTRjgEQn7Sv2oIEGPSq8eADIIabxeKFEEITCOu78Pq85PkCFYRQ5QodfToIYw;dc_rmcid=CAASJeRoc6d3lyuH0mEAV_9HWqkXsw72pSMGru1-YaQ5NMNr3hWrW1g;eps=CIDhgBAQARgdMgK...
ade.googlesyndication.com/ddm/activity/ Frame 4B91 42 B
63 B 106ms
60ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyIWS-7zk-QIVo6NRCh1w6wZREAAYACDSkKFTOhoIrYTRjgEQn7Sv2oIEGPSq8eADIIabxeKFEEITCOu78Pq85PkCFYRQ5QodfToIYw;dc_rmcid=CAASJeRoc6d3lyuH0mEAV_9HWqkXsw72pSMGru1-YaQ5NMNr3hWrW1g;eps=CIDhgBAQARgdMgKqAjoCgEA;met=1;acvw=sv%3D933%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D898,105,1123,505%26tos%3D2015,0,0,0,0%26mtos%3D2015,2015,2015,2015,2015%26amtos%3D0,0,0,0,0%26mcvt%3D2015%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2015%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1614%26pst%3D202%26vpaid%26dur%3D20032%26vmtime%3D1471%26dtos%3D2015%26dtoss%3D1%26dvs%3D2015%26dfvs%3D2015%26dvpt%3D2015%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1964%26femvt%3D0%26emc%3D15%26emuc%3D0%26emb%3D14,0,0,0,0%26avms%3Dexc%26qi%3D771991522%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D5182%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2015;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1661515873396;ecn1=1;etm1=0;eid1=200000;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4B91 42 B
64 B 66ms
65ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss11kpnPx_XMyoDa6tXf2iRf5w_dwobxkhoRK6RRfB9sodGfMM36-mc6gCkaQSIcxnuHDeAI9V3VAqfiMMRX-Uxg8NMApryFAdZWLYgoP0oE7XdNH9LcbEZE6vpFOhk1OFPosdX0w&sai=AMfl-YRbU0OCw0LeF-AzW76unkji8_ujVRliMk6zlI0aXNGUZ23Swfwo9dKTufO_2PzgCtTvoBMFnk9_V917dduMzKXm-teuWGH-wdc-RycZbe1m3CQ8g2ljvOSG6kEN&sig=Cg0ArKJSzI3RFUOreWh2EAE&cid=CAASJeRoc6d3lyuH0mEAV_9HWqkXsw72pSMGru1-YaQ5NMNr3hWrW1g&id=lidarv&acvw=sv%3D933%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D898,105,1123,505%26tos%3D2015,0,0,0,0%26mtos%3D2015,2015,2015,2015,2015%26amtos%3D0,0,0,0,0%26mcvt%3D2015%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2015%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1614%26pst%3D202%26vpaid%26dur%3D20032%26vmtime%3D1471%26dtos%3D2015%26dtoss%3D1%26dvs%3D2015%26dfvs%3D2015%26dvpt%3D2015%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1964%26femvt%3D0%26emc%3D15%26emuc%3D0%26emb%3D14,0,0,0,0%26avms%3Dexc%26qi%3D771991522%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D5182%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2015&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1661515873396

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 12:11:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: r1---sn-4g5lznez.c.2mdn.net
URL: https://r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/0ca56a060d27a0b4/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3802237073/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/59E08C0ECA308082F39FC13F32B78FCF1C783E10.5E7E99D7895CF0B6FBF802B2D4404D05FDA654F1/key/cms1/cms_redirect/yes/mh/zn/mip/2001:1b60:2:240:3247::12/mm/42/mn/sn-4g5lznez/ms/onc/mt/1661515564/mv/u/mvi/1/pl/29/file/file.mp4

Verdicts & Comments Add Verdict or Comment

171 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kargo.com/	1970-01-20 14:17:31	Name: ktcid Value: a603c81f-322a-0046-12c1-33c0c9fdc2ae
bluejaysnation.com/	1970-01-20 06:15:07	Name: _pbjs_userid_consent_data Value: 3524755945110770
.adnxs.com/	1970-01-20 07:41:31	Name: uuid2 Value: 6269370607776332210
d3e9zy76sv7y5r.cloudfront.net/	1970-01-20 05:42:00	Name: AWSALBCORS Value: /I5fOHjYh2LOMac41GVjfyLSJI5wybj3m5oBDcdZpz4SMPsf9pXQXHoMBJ7hthP+WStDRj/0Ji49YR1XTK+K0hC/2NJaL+xNrh5euDuOFpj3O064NNVqwiDwgKAd
.bluejaysnation.com/	1970-01-20 09:51:07	Name: _pubcid Value: f17b91dc-d0a7-4ee3-b1b3-9e41d8b6826a
.bluejaysnation.com/	1970-01-20 15:07:55	Name: _ga Value: GA1.2.823979536.1661515869
.bluejaysnation.com/	1970-01-20 05:33:22	Name: _gid Value: GA1.2.1343482033.1661515869
.bluejaysnation.com/	1970-01-20 05:31:55	Name: _dc_gtm_UA-3104421-12 Value: 1
embed.sendtonews.com/	1970-01-20 05:42:00	Name: AWSALBCORS Value: Yzpya+H9grDaWWZTi0jIrHtmvABhfpJlTWNXY0k73fUw04k2jmfOWABKJ08lWj8vuwzs7MdxwD5/OBwWmpfhJNY1U4BmXYyj+mu9B70nLU003m4IIwzflLgYBeNG
.rubiconproject.com/	1970-01-20 14:17:31	Name: khaos Value: L7AFND4L-1R-802S
.rubiconproject.com/	1970-01-20 14:17:31	Name: audit Value: 1\|naVuGyos1qq9G7tnGT5jI7U1ZxogGjlwOA+xFj1I9sd0zdRXVxf6zAr5dDmx36Ott+NVqjibpWuzbwBDE+13AWjYHTlS9mMvdr2oMUG2cvCyqVI1k5poNA==
powerad.ai/	1969-12-31 23:59:59	Name: 12331dcr-g Value: 1
powerad.ai/	1969-12-31 23:59:59	Name: 12593dcr-g Value: 1
powerad.ai/	1969-12-31 23:59:59	Name: 12594dcr-g Value: 1
powerad.ai/	1969-12-31 23:59:59	Name: 12595dcr-g Value: 1
powerad.ai/	1969-12-31 23:59:59	Name: 12940dcr-g Value: 1
powerad.ai/	1969-12-31 23:59:59	Name: 13127dcr-g Value: 1
.bluejaysnation.com/	1970-01-20 15:07:55	Name: _awl Value: 2.1661515869.0.5-72c266f395411c78248248d1cfdf6985-6763652d6575726f70652d7765737431-0
.doubleclick.net/	1970-01-20 14:53:31	Name: IDE Value: AHWqTUmptCYmx2RnO6hBhfS09j1w0VEZmUEV3NPc4BOMPRjrrp4iTfGkgXUpb3rLRRo
.casalemedia.com/	1970-01-20 14:17:31	Name: CMID Value: Ywi4XkI.lI1SAzGv9eN8fwAA
.casalemedia.com/	1970-01-20 07:41:31	Name: CMPS Value: 1143
.casalemedia.com/	1970-01-20 07:41:31	Name: CMPRO Value: 1143
.adnxs.com/	1970-01-20 07:41:31	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVNnV(+x!]tbPl1M>e)ZlrFUfJ+tGXxp$OprF2Dd2cL?.T2<[d8f-^hJ:nZskyZQj=4g3If)y3KL9D3I?+IDQ[(K
.ad.gt/	1970-01-20 05:33:22	Name: au_idmatch Value: eyJhcG4iOiAxNjYxNTE1ODcwMjQ4LCAidHRkIjogMTY2MTUxNTg3MDI0OCwgInB1YiI6IDE2NjE1MTU4NzAyNDgsICJhZHgiOiAxNjYxNTE1ODcwMjQ4LCAiZ29vIjogMTY2MTUxNTg3MDI0OCwgInRhYm9vbGEiOiAxNjYxNTE1ODcwMjQ4LCAicHBudCI6IDE2NjE1MTU4NzAyNDgsICJvcGVueCI6IDE2NjE1MTU4NzAyNDgsICJzb24iOiAxNjYxNTE1ODcwMjQ4LCAiYWRvIjogMTY2MTUxNTg3MDI0OCwgImJlZXMiOiAxNjYxNTE1ODcwMjQ4LCAiaXAiOiAxNjYxNTE1ODcwMjQ4LCAidW5ydWx5IjogMTY2MTUxNTg3MDI0OCwgInNtYXJ0IjogMTY2MTUxNTg3MDI0OCwgImltcHIiOiAxNjYxNTE1ODcwMjQ4LCAicnViIjogMTY2MTUxNTg3MDI0OCwgIm1lZGlhbWF0aCI6IDE2NjE1MTU4NzAyNDh9
.cpx.to/	1970-01-20 14:17:31	Name: cpSess Value: 52214396503efb6e
.cpx.to/	1970-01-20 14:17:31	Name: dsp_dbm Value: CAESEKj6fx8SMY3O8JUsnSPVkdw#1661515870678
.cpx.to/	1970-01-20 14:17:31	Name: dsp_app_nexus Value: 6269370607776332210#1661515870753
.smartadserver.com/	1970-01-20 14:17:31	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 14:17:31	Name: pbw Value: %24b%3d16100%3b%24o%3d11100
.casalemedia.com/	1970-01-20 07:41:31	Name: CMTS Value: 1120
.smartadserver.com/	1970-01-20 14:17:31	Name: pid Value: 114127645167836006
.bluejaysnation.com/	1970-01-20 14:17:31	Name: FCNEC Value: [["AKsRol-Xm19evtfC42t2ZLs0D5wCSa1A994MX-EVPiQ0evQJBmgqaExfoPkQvkYftoHKjrpPrZMdAF80PHXPWsqSjv955W6czlvSfkFe4FbaN7RrQIEcvasJYZUyrrzftkSf6lMslU7hOtxA1boEl0YS-XGKyEf2rA=="],null,[]]
.adnxs.com/	1970-01-20 07:41:31	Name: icu Value: ChgIovI8EAoYASABKAEw3PCimAY4AUABSAEKGAj30UAQChgBIAEoATDf8KKYBjgBQAFIARDf8KKYBhgB
.bluejaysnation.com/	1970-01-20 14:53:31	Name: __gads Value: ID=b0b18a68899a0f36:T=1661515869:S=ALNI_MZej451G20O-FOw0IfFHrWtl7uI2Q
.demdex.net/	1970-01-20 09:51:07	Name: demdex Value: 42900723526221349441286254788648772611
.intelcorp.demdex.net/	1970-01-20 09:51:07	Name: intelcorp Value: 42900723526221349441286254788648772611
.yahoo.com/	1970-01-20 14:17:53	Name: A3 Value: d=AQABBGO4CGMCEOxR6aV_93eOXt3IMz1ElBcFEgEBAQEJCmMSYwAAAAAA_eMAAA&S=AQAAApCXLMilfN3WbZrpy5WZX2A
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:17:31	Name: bcookie Value: "v=2&ba2f0e2a-3479-4b5b-855a-1c3bcd76877e"
.linkedin.com/	1970-01-20 09:51:07	Name: li_gc Value: MTswOzE2NjE1MTU4NzU7MjswMjHgeFiaiMP8S0HmlUVsqQ5oNM3ilH6LrEB68zbWgV6QtA==
.linkedin.com/	1970-01-20 05:33:22	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2700:u=1:x=1:i=1661515875:t=1661602275:v=2:sig=AQGYkEQ_TA62L0m31xOVSxZyClonwHQE"
.amazon-adsystem.com/	1970-01-20 10:45:51	Name: ad-id Value: A66w16Zx30dvkuVdS6Pbqp4
.amazon-adsystem.com/	1970-01-20 15:07:55	Name: ad-privacy Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.rlcdn.com/709414.gif?us_privacy=1--- Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

878253eea3c3b36222f6439f36161b4c.safeframe.googlesyndication.com
a.ad.gt
ade.googlesyndication.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.rlcdn.com
as-sec.casalemedia.com
bid.g.doubleclick.net
bluejaysnation.com
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
cdn.resonate.com
cdn.vuukle.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
csi.gstatic.com
d29xw9s9x32j3w.cloudfront.net
d3e9zy76sv7y5r.cloudfront.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
embed.sendtonews.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
futbol-cdn.relevant-digital.com
futbolsites-d.openx.net
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hb.brainlyads.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
id.rlcdn.com
id.sv.rkdms.com
image2.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
intelcorp.demdex.net
js-sec.indexww.com
krk.kargo.com
match.adsrvr.org
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.wp.com
pixel.zprk.io
player.sendtonews.com
powerad.ai
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prg.smartadserver.com
pubads.g.doubleclick.net
publish.vuukle.com
px.ads.linkedin.com
r1---sn-4g5lznez.c.2mdn.net
reporting.powerad.ai
s.amazon-adsystem.com
s.cpx.to
s0.2mdn.net
s0.wp.com
s2l.sendtonews.com
sb.scorecardresearch.com
script.4dex.io
search.spotxchange.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
shb.richaudience.com
static.adsafeprotected.com
stats.g.doubleclick.net
stats.wp.com
superficialspring.com
sync.richaudience.com
sync.smartadserver.com
timber.sendtonews.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
unified.adsafeprotected.com
vuukle.com
worker40-api.relevant-digital.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
r1---sn-4g5lznez.c.2mdn.net
104.18.13.242
104.18.18.126
104.18.19.126
104.96.145.246
13.32.121.21
13.36.17.92
135.181.181.105
142.250.184.194
142.250.184.226
142.250.185.130
142.250.185.162
15.197.193.217
151.101.65.194
157.90.0.13
162.55.236.225
172.217.18.2
18.136.115.17
18.66.139.38
185.64.190.80
185.86.139.113
185.89.210.153
185.89.210.180
185.94.180.124
192.0.76.3
192.0.77.2
192.0.77.32
198.47.127.18
2001:4860:4802:32::3
23.20.158.212
23.35.236.201
23.35.236.247
2600:1901:0:e567::1
2600:1f18:1aca:4281:8c65:2d:98c7:6d3f
2600:9000:201f:2e00:c:4d8d:ebc0:21
2600:9000:214f:9400:8:48e:53c0:93a1
2602:803:c003:200::41
2606:4700:10::6816:3ca8
2606:4700:10::6816:3da8
2606:4700:20::ac43:4bf1
2606:4700:3034::6815:56ca
2606:4700::6811:190e
2620:1ec:22::14
2a00:1288:80:807::2
2a00:1450:4001:11::6
2a00:1450:4001:802::2002
2a00:1450:4001:803::2003
2a00:1450:4001:806::2001
2a00:1450:4001:806::2003
2a00:1450:4001:809::200a
2a00:1450:4001:810::2004
2a00:1450:4001:811::2006
2a00:1450:4001:811::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::2008
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9b
2a02:6ea0:cb00::2
2a05:d018:d29:3605:358d:1e8a:10d4:e287
3.65.41.66
3.65.74.222
34.120.133.55
34.199.89.150
34.234.134.156
34.249.238.57
34.98.64.218
35.159.6.175
35.170.30.54
35.244.174.68
35.86.50.147
51.38.120.206
52.16.177.107
52.28.203.152
52.4.246.121
52.46.155.104
54.152.91.168
54.194.208.7
54.234.151.247
54.73.196.234
54.77.35.16
65.9.66.129
65.9.71.118
69.173.144.139
72.251.249.9
74.125.140.156
76.223.111.18
89.149.192.65
92.123.21.200
015eb44e0854bee7759d7e89548e3f29444190019a992bd05649c5be0f067332
01abfc57d26e9b4ace7a8e49f02215b048dc29da12e80b4e9573c948d380bbb3
0234c86de864df424f931fb1ebc399acacbc06030394787e51c2f324aba9f7a3
024eac16ada47e0be11a3ea46ca48861d2c57798230697eb378e930ee10a5472
039d93283396447eb6f260ca34beae4aa8034a7d3ab8685286a9a0299ba94861
04b9259d35e7b12826b38db61a542f3a4f4ff7cba5a41662683f0a0c5ddbb81d
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07572f31a00b1843fc6d9a1eb3155eaf2a46089213d6740f302cf34f83738040
086098dee9a23cd90a82448fdb6f4d764ff0981b960efdd503ed09d4d8db8a77
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f66c7a2d008bfef17fc94f03e1317b1a2d446ee7e311e09f4550dd49e3e0464
109ac3ce29b16192885b8de76dc804fccb992bbdc76790170e4cfa892c42d9ac
10b9f18e890bc5aab07ad6391840a92cbec9a6b1919c20631a9f6a619140ea30
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1378865389c7f19becb224ec4a8df4e8001ee2c34886d338a1bceec4a293c870
13b6581e5665a9e516751b0326354eaeb7853be7cbe4153adc6cad59b683e889
148022fcf56320601c688ec8f63c2c2edf5479551f6ff2a917caed119acaba0e
15cbf86728c66fe5afc8e2ae6b00a7a420ce20530409fe9bc2468739283ce929
1a3fcf5424cc26980738b78d74814a7b5b75bb44823beb0ef8cf57582b7dd1f5
1c88f563717fadaaa313315cf56abe1195af0aa1a764a2892527b3547a7ab495
1cf6e15695778191934df68e96d1e314251036cb8de4649f3c68d3ddfaadaaa6
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
236718ff322405b7f59076ce5ec724769e272eb63b3c3d0764efacf501d0d454
248f486825ebe8a89d233c887e012d5e5576715ed0398fe7d5aa2038a540fd0c
273f4bca58132eb580c0e132ca8f44093978a2a98eae6affe5df61c345fa3b19
27f35250bb878747b818e2264255e07ec6d3bb732f367a76769154f072fc4af8
28b618a599c7a5fcc078bc01081f71288dde3e1ae4035aa17475289e6976d0da
291f3994773299e55d68a325cba52cabf111a4ea9563fc844ec3679635d9ff5d
29c920e045a46e48ce942f36cb3cfda3a6778c6b2293fb1bfdae04aa3161d0f3
29d4dc0360f6582c365dc236fe920da0b83a41f0b5f1d68a3a50a71e41a54a1c
2aef83705dd9246c877ff5df4e69f614da161bdbc7ca2f5bbeed5fdf96b8579b
2afad7474ea67753b029d4cd1821cd4bbf42188d8230317de530919e1758e0fe
2b75f0201f5529abe482af6c173593e70cc6f8edb168d4ae50a27c24fc27a50f
2ce8c4cf9176eb7527b257009540a70b9d5e9a2f0727d2503babf0fd7e980908
2d853d5c205e6bc73c9928255af1ea931f948c6f46f607eeef92935f37f72f5a
2d90c322e19a66e08000dcc9b9dbb3e44df36b8a847b1d9d4b36f5ec41bbddbf
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e09a6852ef5c0287fed62dc9aa407107122f6809d25284e9447ab088cc4d6d4
2f5459fca4297baae2a97971163782e6b258ea0d5e608e42fdd497c79d7ad178
30f634e5cee1ff5942cb19c0667435e895c64969f3c9dbab99b06b83d218a924
3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94
368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
37fabf11dece40f5a805e9856b78239aa7e7e6a4b541d776a38ecf212b1613c1
3817329b2b0306df1b2adbc5b0def56d41ca48ee151a09fc0fa6a919ff42035b
38f6bd5c4d72b87f811178633afc64659a36d24c0f7a256e641b7bb6f1d2e6d9
390b6f4dcb2d9c9ef4baaede449889733386db012e5c02153499d4434e1922f3
39bbb4c8067940a88bc6209dc23088e77b6da8711c6d34e5f8391fcd3a06dcfe
3aabebbdef162174a047613dff6a5a4ef8b20cc6fcff818270c7fa975e5acc0e
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f4d23ddc36e482a8e3b19b27b91e2eb575c8a145a46972f76a8f88f32b0d3df
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
40f9b57e138345290ca3890d97eb6cd12dcabc65f7c646e16f9108b8cd341dc4
41ded8dcae370dbe5efdc102fc361a818f068cf0690f6926294198a65dbdbca4
42a236dffd27d9ec34ae91045cf5b5df6c94098ce961a92c55c5235ed70e2abf
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
47266be84ba899f994470ece302b0344d8d657f8b0333da29e7e77aee5dc19d8
493458d05ce9d305d49c515a00dde2a1158be66a81949dddf859b44cd66d7947
4b16f328161f671c5374c717a038def5bba21a4f37cdfb3509cda60ec262cf5f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cc37234ea8f27fd1586cfb8b043c75d234b7a686f450e73438769eb62245cc5
4cfe8abfa12ba29fa9864b013e094f02fdf03ce4436fbcd5bdaa1b199a3d35fa
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6d5cbec4fa0435b5307accc162df34fff6f4eb29050eaf1bc2ce28e2c4cdf3
4eb117f5f1fc90466bb7aeb543b00203b3373b23cecd6980b6317dbba275230d
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
513294fe86b8577e5ae12214c44751d3020f9ace8f160295ecd336bc56b6eee2
538569cbf738595584cd9b14a0dd8a208a132672743ee6feb8ac65234f484949
53f98bb0b288d162a288ce2caf8406c00c1fd474f0c73a58b5893098271621a9
54f9d8d99eed3799cb578a2ab132647133ab2c01d9007a809c4b6e5adb50cdf2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
57f79a53b4ba83604b0fde1338ebe31f07ea1623917064f470f5b0e9f735a78a
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
5a4665abadf62adb2e9a96bdffd104e811a58b190cd27a71a891eaf1d21e0e26
5a93ddf127137e90ab86a3e6bdbda621be0bb59e88a7e54fde2c56f5c3025556
5f4e9fc24d74fe067aa7e55cf3c94afbe7ca045385fb2edd13a7567e610d21f2
616cf2de396555da32c229fa4e4a1c2a5410aeb2d3ff30cbcb31d05234dced01
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e092629ada0999e2d454d6904ff1f3a4cbfaacef2149452816185472f3d490
658dd57029ab983a0e49fc425c7a78c6ad8fb5805d3d1b6ced44904c6dd11067
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66d4ee74e69c1be42332e9a92cf5c388c17e4db38049b120233943584ca5d02d
69baa42b5243c9fad39140cd27772eb779a829f93bbc325e2e695fd8b74f4371
6d12b7c4dd16922a5927be35ffb65d87fdabd15c2f1e4b50ee87be6130f8a102
72bbfee7a6b83380fdc2cb0c51f0fa6d9e814b9bf654dd9e01d181efdfd0194e
7310148aef9b5a6415c86ad58145e45ca053cb4dd04ee071a3840355f955966b
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
78ec8ad90369228947b7db31a5c32c3fb8446b4de033ec1052a802b6ac420e5f
793bc5ce906d400bc90c6e37f1fe41adce150759488543f0d000885e9d143f94
79a23ebd8fde3aa61913b3da60d827796cc1fac65a6078129fbc834cb02f942d
7a7dfd2734ca75fc47845a64852c3ec5869642c6680a400baf9b2f651144d8f9
7aa4db76842daa1949532ee588f488c5375bbe34cc4dc998a830ca5ba256cd93
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7c409f494ee43633c5e2caaeac201b20d165c0bf295d05133ceaf9ac385cab97
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7f1d279703b902aee3682bf47afc04d7d9a4417e08a137638cd8dcce1141c450
80c11184f232948bf9022c445e643526ddb6024a2267e270c3bdf01a600b31fa
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
832b350a1b1876c2bef1e544de1807eb4fe9ddfd6c7c3f18a630f327b620c563
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
869ccd765422a97474224bf9538ee0572cb79c91ecb9bbf34f67dd20c4ff0f24
86feaeb453ee90f3dd2ec6bfe49dbd0934910aef2ed9605254babc67b3b6011a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea
8f52c264c7b3a64465a3dfb61ef1a1581027f5509af7c0439f8f4d44a36f8606
8f686e0b3be8f064aedbef4c507c15351eeaf2e74761a82d02bbc15da5eb62c0
8f997afbe59a81310f9d000fe2ba71a9a16dc6eea2a3b5fa9ed7ab48bf354347
927bad7c5948cee9f0ecf13cce571642533be55e0b5beddcc42670b71a0e7954
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
95dff8d2986aa7f92ac2638b7062bae10d9bb6dc6d3db4f5afaf78b737711a43
96642c2ca6d1f203995efba74efbeae2602693b731b061571827f755211a75ea
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9740af5990b818e38177712f813e0b9d2dedc445dff793f38a5e8e88a32da1de
97f819336431bf83553bce57a70c12afc5c528f865bdd8217fec71ecd6955b6f
9850487a52d056b4cd76c894a5852c37a6c40e604db6af1c7e413848aa1f6774
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
99fce66b22a67b737491bd0d07c35cabcb3ad72c5e1d6eab416f4db00c913b73
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d
9c1f6b0f82f8ebe34e54ff851e8ac394c0fc02a0fa44b4d5dd326c5f27ab6c24
9cb4520913d2b9762e31cfec35700c329337d58c704a5f79ae011c69eacc1922
9d5623b7baa3f0e29fd1bf5b26fa1b291cd75ab73327e4219480e52a3bbab23a
9e83addd504e71f953c3be9ee154e810a259f4fe83e0c3f536c1bddb48c53753
9ec989e46f38d70806d17f4ac737383cb45029575e5f8bbb09f6c73ed8a921cb
9fce620efedb3a0ab107c356a4980ebff44cb931313fa31fd201b2e28121cfae
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
a17bf5a5e1a1e1c69faa10ec7a45118181b51ca287bb2374c32798eff7edbb09
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2041c7780dcb51eb3a3318ba9ad92f69e5dcf1ee0af75bda2b430353a2133d1
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a49567116523727d77f930498c3bc9a1a580b7eb9429399592e03fb52813625a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4eaf01abcf82d7099d04002025abaacc7fb0fd225c7c9b8e0bb24397d81c825
a6fc92b12d3d3a281ae42606d180c8ce1c96a705063a6f7e07302f61de1215bc
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a78641ed558e1f06c6391aaf395b852e63cf62e973e547a7e9729e91cfa4c8ee
acc90816d5b4d5b2c631737b39f3c492465531d0be437316e2361c0a5a78556f
ad106d0c62cfc71d1eb4bd2fc221fbffa3f8938f72142e75f56934b4ba749499
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b88da0824766864147b987f06a9f6da25aecd07d610575b9f0e574c2d993c2
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b6fa45f13cc3cc39c011dd5cf550113393a4ec16494529be43847971ef43270e
b707d6ca047c81b8a95c4b80eef559a39302cf6ddb1e53318249a2dac6e24f58
b7d6728628ef211d3b30f62aae45ab63fd79dc5ab17ad2dcf6f1bbce1268700d
b920139948cc93221f42af688cca580d555f788d2b937b86aa5896894b740291
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bda8550bdadfaed6e34c51374a896de8ede5ebf6c5d7501336fdebbc8a29b41f
bdc4a642a2bfd6e80aece20f0933798daa9c9cb90dca5141c2b2b553bfd33ba8
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be2e2fb2aa361bfabfbc2e0b78a1baa37fb5a50760b1f02f6e71bc99c01f5d34
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c1316c59ebb7ebf3879a5d7f1fb1644a34769bcaa22e24ce93d7b2e9c43fa0db
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c51a44aeee8e4633d6c0d5d1a0513772acfcdb08914f9104228494a6802295ee
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
c9fcabd6766d79a49d07a82461fed0b6e2a9bde6bd066d5107c4aabc9a7cbf36
ca165020626459914d0e98b3cfab78e373036b7b56ec4c450ed071f51aa50b46
cc7154e7e7fdd3d5dbc82764f1a95a5ed863553b8981324adc409172e2e90184
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0c8dc2ad095571f90b801228bee9a0eac3c52093d976e1a72e787c2507a5dac
d167883d0c870b4c0fa7763ce2df8c0b4d47e097c6bb1524f40c99b8047f9ced
d4932b9abaeb96c84b4b29335d18379afe0c3b5caf288734c558a380d5abd435
d4e2285e81ff874d2ac06ba3bb6f45b0f34967ad5d8c40a6892aac1d087397d5
d512186a29f46e0ceea4d50662f6e4c045f78fa01e4cd23503332f3826a40845
d64d79602d6c58f00202b1011e75320e556b560a692d25b1edd8741cad8ad10e
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808
d8f68a9595b5f305436c4e8cf191e02b993eb86490465e70a1ea6b1426aa62da
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db22b37c49a446a4aa73ef0938ef6bbff3f77224aa8412606eebd73f78816547
deb8237504c89676bea6de8c9995746c9b150c0a7ba958372aea28d3874a7358
e172b046e9a0570e3d3cbeca815fb6baed275d184a90682bbbf64b5fec2e73aa
e1785cd16abf8a5b653b566a70daae72ddda696445bd3b40b810d65137e23985
e22fdd35ef8fc1a8ce87251400d1c4399a0adaeeb4154dc4b92fd87e2b462157
e2c1d443ee2efc897495af17b8dcabd8a50cbbb7d9db1fd9e174f3882b824b50
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4d15af9bd67fe77ac0050ac96a9cc9e173c23fbe76a8a144e29566e57fdbb41
e55d75867a8c369e90d191c32c05a2048091b4494434de52d41312a4ad98c204
e6e080e881e29a77d25b2707d3d130d52bf039080f439ffe7618ed9ebe5c0d8e
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e87849f221bbdc16a325dca3a1474301c20b365d2a27dce81ffe6ef2beb7eb44
e88470732ece3e06c73e9e91b7b58f9b699aa913a0fdd35bc2aca2abd7fa9068
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
edb50fe914a87cb3b398dbac39b83d81de7d4adbebebdf666ffc1f9997ef554e
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef20b73237d9304b7c95f25a2e8f94d9dde107a0eaabd8b8a68255090e61737d
efbcbc42617c3c384b24f25a42e3166d8607750b5e62dd9e7357b86681c552b9
f047fae854bed2c04e4427119f09e7a3e93a6b9f752041cebbaaaef59800457b
f06d95717c21a301c4ca6673aabfa19d26b005c2786bd32d8383729dc7e0fb05
f0d218f5345371109ecf41126d4e2988a4b10333f13124b2b790769f1a6d845b
f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172
f266acb707c5b2704c3b6e18e0888d7995bad0ba0ffec4a125146f7e3d058583
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4277fea2620863e40bf7d30edda8429e08cbf437d522b33b09544af3e53280b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64
f83dccda0f23005e073046554fcb6f70e6cc5c6d5a31482d8cbf00c3cae72a69
f94d6f24f9163bc5ee8977eea28a1d2650e4588129187eb2068f13a770e09d09
f99a895dd2c4b1fe06695730aa5973f4f410f9512db50ea44d261cdde4c733f2
faa2747e25388fae1a46fa4eb094150bc58b926f2fd646a980da0384c0272c25
fd4b227667648610841acf6df93f952c86fd35fd24cd670f5052153e98e98ce0
fdb5a7b074996edb2dd68a5f7d88a24245f686ef57d1bbba216fe37a94426b49
ff914e0b84f99bbc8d913b50c9b3e7acf656aace84e7c67a3fd5b75d284c815a

bluejaysnation.com Open in urlscan Pro 2606:4700:3034::6815:56ca Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

333 Requests

93 %HTTPS

35 %IPv6

49 Domains

100 Subdomains

89 IPs

11 Countries

7668 kBTransfer

14260 kBSize

43 Cookies

24 Outgoing links

Redirected requests

333 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bluejaysnation.com Open in urlscan Pro
2606:4700:3034::6815:56ca Public Scan

Screenshot
Live screenshot

Full Image

333
Requests

93 %
HTTPS

35 %
IPv6

49
Domains

100
Subdomains

89
IPs

11
Countries

7668 kB
Transfer

14260 kB
Size

43
Cookies

333 HTTP transactions
2 data transactions