urlscan.io logo urlscan.io
SecurityTrails logo

manunitedrd.com Open in urlscan Pro
45.87.81.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://manunitedrd.com/
Effective URL: https://manunitedrd.com/
Submission: On October 10 via manual from AU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 41 IPs in 8 countries across 34 domains to perform 116 HTTP transactions. The main IP is 45.87.81.42, located in Cyprus and belongs to AS-HOSTINGER, CY. The main domain is manunitedrd.com.
TLS certificate: Issued by R3 on September 23rd 2021. Valid for: 3 months.
This is the only time manunitedrd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 24 45.87.81.42 47583 (AS-HOSTINGER)
9 142.250.181.226 15169 (GOOGLE)
1 104.26.7.142 13335 (CLOUDFLAR...)
1 205.185.216.42 20446 (HIGHWINDS3)
2 142.250.74.200 15169 (GOOGLE)
2 172.67.198.123 13335 (CLOUDFLAR...)
1 192.0.73.2 2635 (AUTOMATTIC)
3 142.250.185.206 15169 (GOOGLE)
4 185.239.173.210 55081 (24SHELLS)
3 142.250.185.194 15169 (GOOGLE)
2 142.250.185.193 15169 (GOOGLE)
4 178.250.0.157 44788 (ASN-CRITE...)
1 213.174.135.2 39572 (ADVANCEDH...)
2 216.52.2.19 30282 (AS-INAPCD...)
2 185.184.8.65 204995 (RTB-HOUSE...)
2 147.75.38.124 54825 (PACKET)
4 37.252.173.22 29990 (ASN-APPNEX)
4 51.89.9.251 16276 (OVH)
1 3 5.178.65.246 50673 (SERVERIUS-AS)
3 178.250.2.131 44788 (ASN-CRITE...)
2 34.149.20.76 15169 (GOOGLE)
3 142.250.186.66 15169 (GOOGLE)
1 172.67.129.191 13335 (CLOUDFLAR...)
4 142.250.186.162 15169 (GOOGLE)
2 142.250.184.202 15169 (GOOGLE)
7 172.217.16.129 15169 (GOOGLE)
1 3 142.250.185.132 15169 (GOOGLE)
3 142.250.185.195 15169 (GOOGLE)
2 142.250.185.130 15169 (GOOGLE)
1 195.138.255.8 201011 (NETZBETRI...)
2 172.67.144.40 13335 (CLOUDFLAR...)
2 172.67.75.241 13335 (CLOUDFLAR...)
1 185.86.138.16 201081 (SMARTADSE...)
1 213.19.162.31 26667 (RUBICONPR...)
1 37.157.4.39 198622 (ADFORM)
1 3 34.98.64.218 15169 (GOOGLE)
1 52.18.128.217 16509 (AMAZON-02)
2 178.250.2.130 44788 (ASN-CRITE...)
1 92.122.26.214 16625 (AKAMAI-AS)
1 51.89.42.86 16276 (OVH)
1 1 142.250.184.226 15169 (GOOGLE)
116 41
24    45.87.81.42 (Cyprus)

ASN47583 (AS-HOSTINGER, CY)
manunitedrd.com
9    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
1    104.26.7.142 (United States)

ASN13335 (CLOUDFLARENET, US)
protagcdn.com
1    205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
jscdn.greeter.me
2    142.250.74.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f8.1e100.net
www.googletagmanager.com
2    172.67.198.123 (United States)

ASN13335 (CLOUDFLARENET, US)
player.adtcdn.com
1    192.0.73.2 (United States)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
3    142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net
www.google-analytics.com
4    185.239.173.210 (United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
3    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
adservice.google.com
2    142.250.185.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f1.1e100.net
efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com
4    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    213.174.135.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
2    216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
2    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
3    5.178.65.246 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
3    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
2    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
3    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
www.googletagservices.com
1    172.67.129.191 (United States)

ASN13335 (CLOUDFLARENET, US)
adipolo.com
4    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
pagead2.googlesyndication.com
2    142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net
fonts.googleapis.com
7    172.217.16.129 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f129.1e100.net
tpc.googlesyndication.com
3    142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net
www.google.com
3    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
www.gstatic.com
2    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
googleads.g.doubleclick.net
1    195.138.255.8 (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)
ads.projectagoraservices.com
2    172.67.144.40 (United States)

ASN13335 (CLOUDFLARENET, US)
projectagora.net
2    172.67.75.241 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    213.19.162.31 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    37.157.4.39 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
3    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
projectagora-d.openx.net
eu-u.openx.net
us-u.openx.net
1    52.18.128.217 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-128-217.eu-west-1.compute.amazonaws.com
projectagora-483829-hdb.adomik.com
2    178.250.2.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    92.122.26.214 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-26-214.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    51.89.42.86 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p26.id5-sync.com
id5-sync.com
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
24 manunitedrd.com
manunitedrd.com
334 KB
13 googlesyndication.com
efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
64 KB
12 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
205 KB
7 criteo.com
gum.criteo.com
bidder.criteo.com
7 KB
6 google.com
adservice.google.com
www.google.com
1 KB
5 adtelligent.com
ghb.adtelligent.com
player.adtelligent.com
5 KB
4 onetag-sys.com
onetag-sys.com
1 KB
4 adnxs.com
ib.adnxs.com
4 KB
3 openx.net
projectagora-d.openx.net
eu-u.openx.net
us-u.openx.net
1015 B
3 gstatic.com
www.gstatic.com
13 KB
3 googletagservices.com
www.googletagservices.com
101 KB
3 e-planning.net
ads.us.e-planning.net
1 KB
3 google-analytics.com
www.google-analytics.com
20 KB
2 criteo.net
static.criteo.net
55 KB
2 4dex.io
script.4dex.io
24 KB
2 projectagora.net
projectagora.net
111 KB
2 googleapis.com
fonts.googleapis.com
2 KB
2 33across.com
ssc.33across.com
456 B
2 a-mo.net
prebid.a-mo.net
211 B
2 creativecdn.com
prebid-eu.creativecdn.com
354 B
2 lijit.com
ap.lijit.com
1 KB
2 adtcdn.com
player.adtcdn.com
113 KB
2 googletagmanager.com
www.googletagmanager.com
88 KB
1 id5-sync.com
id5-sync.com
533 B
1 casalemedia.com
htlb.casalemedia.com
374 B
1 adomik.com
projectagora-483829-hdb.adomik.com
103 B
1 adform.net
adx.adform.net
449 B
1 rubiconproject.com
fastlane.rubiconproject.com
1 KB
1 smartadserver.com
prg.smartadserver.com
565 B
1 projectagoraservices.com
ads.projectagoraservices.com
880 B
1 adipolo.com
adipolo.com
7 KB
1 gravatar.com
secure.gravatar.com
2 KB
1 greeter.me
jscdn.greeter.me
8 KB
1 protagcdn.com
protagcdn.com
90 KB
116 34
Domain Requested by
24 manunitedrd.com 1 redirects manunitedrd.com
9 securepubads.g.doubleclick.net manunitedrd.com
securepubads.g.doubleclick.net
www.googletagservices.com
7 tpc.googlesyndication.com efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 onetag-sys.com player.adtcdn.com
4 ib.adnxs.com player.adtcdn.com
4 gum.criteo.com player.adtcdn.com
static.criteo.net
gum.criteo.com
4 ghb.adtelligent.com player.adtcdn.com
3 www.gstatic.com efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com
3 www.google.com 1 redirects efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com
tpc.googlesyndication.com
3 www.googletagservices.com jscdn.greeter.me
efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
3 bidder.criteo.com player.adtcdn.com
static.criteo.net
3 ads.us.e-planning.net 1 redirects manunitedrd.com
player.adtcdn.com
3 adservice.google.com securepubads.g.doubleclick.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 static.criteo.net player.adtcdn.com
static.criteo.net
2 script.4dex.io projectagora.net
script.4dex.io
2 projectagora.net ads.projectagoraservices.com
projectagora.net
2 googleads.g.doubleclick.net efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com
2 fonts.googleapis.com efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com
2 ssc.33across.com player.adtcdn.com
2 prebid.a-mo.net player.adtcdn.com
2 prebid-eu.creativecdn.com player.adtcdn.com
2 ap.lijit.com player.adtcdn.com
2 efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 player.adtcdn.com manunitedrd.com
2 www.googletagmanager.com manunitedrd.com
www.googletagmanager.com
1 us-u.openx.net
1 cm.g.doubleclick.net 1 redirects
1 eu-u.openx.net 1 redirects
1 id5-sync.com player.adtcdn.com
1 htlb.casalemedia.com player.adtcdn.com
1 projectagora-483829-hdb.adomik.com
1 projectagora-d.openx.net projectagora.net
1 adx.adform.net projectagora.net
1 fastlane.rubiconproject.com projectagora.net
1 prg.smartadserver.com projectagora.net
1 ads.projectagoraservices.com securepubads.g.doubleclick.net
1 adipolo.com manunitedrd.com
1 player.adtelligent.com player.adtcdn.com
1 secure.gravatar.com manunitedrd.com
1 jscdn.greeter.me manunitedrd.com
1 protagcdn.com manunitedrd.com
116 43

This site contains no links.

Subject Issuer Validity Valid
manunitedrd.com
R3		 2021-09-23 -
2021-12-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.protagcdn.com
R3		 2021-09-19 -
2021-12-18		 3 months crt.sh
greeter.me
R3		 2021-09-23 -
2021-12-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-17 -
2022-07-16		 a year crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-10-09 -
2022-01-07		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.adtelligent.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-28 -
2021-11-27		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.a-mo.net
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
onetag-sys.com
R3		 2021-07-26 -
2021-10-24		 3 months crt.sh
ads.us.e-planning.net
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
ssc.33across.com
GTS CA 1D4		 2021-09-28 -
2021-12-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
paadserver.projectagora.info
R3		 2021-09-23 -
2021-12-22		 3 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.adomik.com
Amazon		 2021-03-03 -
2022-04-01		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.id5-sync.com
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://manunitedrd.com/
Frame ID: 4B0EF81ADB84ADD8CF4AA209FD4D6BC3
Requests: 94 HTTP requests in this frame

Frame: https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2BFF671EDC81E9A4B0672E99A314FA22
Requests: 1 HTTP requests in this frame

Frame: https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CAE150FD3506488E3B00AD478D2D3CCF
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato%3A400
Frame ID: 74ACFE714A115A34239E86BF1EBF514D
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 232B19A76FE5E5706CC6852E3CE587EF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: B390E1F1B2DB5AF1B6BD01B9FEB6E0C6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BA71580FBB012E4CEE61F3C621937293
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=manunitedrd.com
Frame ID: 4F171309D6A64FE8ADA1704BDA7DA433
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://manunitedrd.com/ HTTP 301
    https://manunitedrd.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

116
Requests

100 %
HTTPS

0 %
IPv6

34
Domains

43
Subdomains

41
IPs

8
Countries

1261 kB
Transfer

3375 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://manunitedrd.com/ HTTP 301
    https://manunitedrd.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50
  • https://ads.us.e-planning.net/pbjs/1/2e43c/1/manunitedrd.com/ROS?rnd=0.7673964480395519&e=728x90_0%3A728x90%2C970x90%2C320x50%2C320x100&ur=https%3A%2F%2Fmanunitedrd.com%2F&pbv=4.41.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fmanunitedrd.com%2F&e_pubcid=9a456710-0fb3-4b22-8bdf-963427553b04 HTTP 302
  • https://ads.us.e-planning.net/hb/1/2e43c/1/manunitedrd.com/ROS?ct=1&r=pbjs&rnd=0.7673964480395519&e=728x90_0%3A728x90%2C970x90%2C320x50%2C320x100&ur=https%3A%2F%2Fmanunitedrd.com%2F&pbv=4.41.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fmanunitedrd.com%2F&e_pubcid=9a456710-0fb3-4b22-8bdf-963427553b04
Request Chain 76
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 115
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDX3Q9groMNHGtdBQVpUAwM&google_cver=1

116 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
manunitedrd.com/
Redirect Chain
  • http://manunitedrd.com/
  • https://manunitedrd.com/
51 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://manunitedrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.87.81.42 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.2.34
Resource Hash
61ed9e16195f4040be76495178845cf2ff45a87d7fab5761f2a4428006e9f042

Request headers

:method
GET
:authority
manunitedrd.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-powered-by
PHP/7.2.34
content-type
text/html; charset=UTF-8
link
<https://manunitedrd.com/index.php/wp-json/>; rel="https://api.w.org/" <https://manunitedrd.com/index.php/wp-json/wp/v2/pages/46>; rel="alternate"; type="application/json" <https://manunitedrd.com/>; rel=shortlink
etag
"61977-1633844627;br"
x-litespeed-cache
hit
content-encoding
br
vary
Accept-Encoding
content-length
13214
date
Sun, 10 Oct 2021 23:23:25 GMT
server
LiteSpeed
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

Redirect headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
x-powered-by
PHP/7.2.34
content-type
text/html; charset=UTF-8
x-redirect-by
WordPress
location
https://manunitedrd.com/
x-litespeed-cache
hit
content-length
0
date
Sun, 10 Oct 2021 23:23:25 GMT
server
LiteSpeed
style.min.css
manunitedrd.com/wp-includes/css/dist/block-library/ 		79 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://manunitedrd.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.87.81.42 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
manunitedrd.com
referer
https://manunitedrd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:25 GMT
content-encoding
br
last-modified
Sat, 07 Aug 2021 15:37:51 GMT
server
LiteSpeed
etag
"13abe-610ea8cf-2a5c40a982b60eb;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
9960
expires
Sun, 17 Oct 2021 23:23:25 GMT
blocks.style.build.css
manunitedrd.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/ 		184 B
266 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://manunitedrd.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/blocks.style.build.css?ver=2.0.30
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.87.81.42 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
36ed85dd058e4c2843e06146946e0ff1f9ace65760c22af5eb4f1b22319dddb5

Request headers

:path
/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/blocks.style.build.css?ver=2.0.30
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
manunitedrd.com
referer
https://manunitedrd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:25 GMT
last-modified
Wed, 25 Aug 2021 03:06:06 GMT
server
LiteSpeed
etag
"b8-6125b39e-343d2b2d124280c2;;;"
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
184
expires
Sun, 17 Oct 2021 23:23:25 GMT
style.css
manunitedrd.com/wp-content/plugins/td-composer/mobile/ 		108 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://manunitedrd.com/wp-content/plugins/td-composer/mobile/style.css?ver=5.1
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.87.81.42 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
11167be157f137ccb18307815ddae1750b4b87a20df20235c558368340c6db79

Request headers

:path
/wp-content/plugins/td-composer/mobile/style.css?ver=5.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
manunitedrd.com
referer
https://manunitedrd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:25 GMT
content-encoding
br
last-modified
Tue, 24 Aug 2021 13:27:44 GMT
server
LiteSpeed
etag
"1ae48-6124f3d0-693c99c001182f1;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
19212
expires
Sun, 17 Oct 2021 23:23:25 GMT
jquery.min.js
manunitedrd.com/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://manunitedrd.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.87.81.42 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
manunitedrd.com
referer
https://manunitedrd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:25 GMT
content-encoding
br
last-modified
Sat, 07 Aug 2021 15:38:09 GMT
server
LiteSpeed
etag
"15db1-610ea8e1-713947b33b02bb36;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
30273
expires
Sun, 17 Oct 2021 23:23:25 GMT
jquery-migrate.min.js
manunitedrd.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://manunitedrd.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.87.81.42 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
manunitedrd.com
referer
https://manunitedrd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:25 GMT
content-encoding
br
last-modified
Fri, 18 Dec 2020 14:59:01 GMT
server
LiteSpeed
etag
"2bd8-5fdcc3b5-dabdbe658ed4c9e9;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3995
expires
Sun, 17 Oct 2021 23:23:25 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
2f77a375405269c0f7f3071e4a0e9a838d7eade97e1b5465528f2fb9447345bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1012 / 305 of 1000 / last-modified: 1633731165"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25889
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 10 Oct 2021 23:23:25 GMT
site.js
protagcdn.com/s/manunitedrd.com/ 		306 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://protagcdn.com/s/manunitedrd.com/site.js
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dff088f3a5668a6004615e4336f9ccbd3df7b19b1b2883c22951c625a2aff223

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:25 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=314161
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 20 Jul 2021 09:10:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvCgEgG2B6hzjlWF9nyFlvkvVZRk51qmQvMks%2BzVMWaulWPbwP71ZOziyj31VkukHcetu28AhzK9mWi0drPqZTTvftnS%2FAKh%2BmBcjqNj5PMG8cojqV8akTVw3toE0HA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
69c398aeb90727a0-PRG
expires
Sun, 10 Oct 2021 23:53:25 GMT
footballwebbcomdynamic.js
jscdn.greeter.me/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jscdn.greeter.me/footballwebbcomdynamic.js
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
6cf8439499425cf2c38bd17e4f6b44a3461e3ca24f7f36111ef36f510316b49b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 23:23:26 GMT
Connection
Keep-Alive
Last-Modified
Tue, 10 Aug 2021 08:06:00 GMT
x-amz-request-id
tx000000000000070e0ede2-0061637386-1e291984-fra1b
etag
"6393929a3734d0d25402ec00e20a44c2"
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1633908205.dop209.fr8.t,1633908206.cds161.fr8.shn,1633908206.dop209.fr8.t,1633908206.cds208.fr8.c
Content-Type
text/javascript
Cache-Control
max-age=2984
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
7958
js
www.googletagmanager.com/gtag/ 		128 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CJ6ZMM4TTB
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7964e148f6ec043679f62e2f64e09ea588ae3097bb128f6446652d8bc75f95bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:25 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50905
x-xss-protection
0
expires
Sun, 10 Oct 2021 23:23:25 GMT
man-utd-red-devils-logo.png
manunitedrd.com/wp-content/uploads/2020/11/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://manunitedrd.com/wp-content/uploads/2020/11/man-utd-red-devils-logo.png
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.87.81.42 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
99bbd6afb7d4457922d17fafbf86b3af544f45ce002f3898eff29e4e7a431293

Request headers

:path
/wp-content/uploads/2020/11/man-utd-red-devils-logo.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
manunitedrd.com
referer
https://manunitedrd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:25 GMT
last-modified
Fri, 27 Nov 2020 16:07:58 GMT
server
LiteSpeed
etag
"25a0-5fc1245e-65a67a0d182005c0;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
9632
expires
Sun, 17 Oct 2021 23:23:25 GMT
4528512C-0CD3-4C97-922D-0A5D9F369387-265x198.jpeg
manunitedrd.com/wp-content/uploads/2021/10/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://manunitedrd.com/wp-content/uploads/2021/10/4528512C-0CD3-4C97-922D-0A5D9F369387-265x198.jpeg
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.87.81.42 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6f291fb041523b50adea4cbaad6ba64d71f16596d90468de7ad9039247b58268

Request headers

:path
/wp-content/uploads/2021/10/4528512C-0CD3-4C97-922D-0A5D9F369387-265x198.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
manunitedrd.com
referer
https://manunitedrd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:25 GMT
last-modified
Sun, 10 Oct 2021 05:43:23 GMT
server
LiteSpeed
etag
"4883-61627d7b-e684c6b23c8d5ad5;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
18563
expires
Sun, 17 Oct 2021 23:23:25 GMT
C8A81C4E-91AA-47AF-AFBE-3D1E07B7E5F9-265x198.jpeg
manunitedrd.com/wp-content/uploads/2021/10/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://manunitedrd.com/wp-content/uploads/2021/10/C8A81C4E-91AA-47AF-AFBE-3D1E07B7E5F9-265x198.jpeg
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.87.81.42 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
93b75f432a94c0787a1237f2f03846b767994873798fd06ad249674f5c3c1540

Request headers

:path
/wp-content/uploads/2021/10/C8A81C4E-91AA-47AF-AFBE-3D1E07B7E5F9-265x198.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
manunitedrd.com
referer
https://manunitedrd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:25 GMT
last-modified
Sun, 10 Oct 2021 05:36:41 GMT
server
LiteSpeed
etag
"5013-61627be9-c829dbfe889fbd33;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
20499
expires
Sun, 17 Oct 2021 23:23:25 GMT
8EA214BC-7729-48EF-BFF5-10AEBBB05CF2-265x198.jpeg
manunitedrd.com/wp-content/uploads/2021/10/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://manunitedrd.com/wp-content/uploads/2021/10/8EA214BC-7729-48EF-BFF5-10AEBBB05CF2-265x198.jpeg
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.87.81.42 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0cfbc86cc6e0b748729ea91c1d4d30e7debf596078e5e6201876334b7c3db320

Request headers

:path
/wp-content/uploads/2021/10/8EA214BC-7729-48EF-BFF5-10AEBBB05CF2-265x198.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
manunitedrd.com
referer
https://manunitedrd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:25 GMT
last-modified
Sun, 10 Oct 2021 05:33:14 GMT
server
LiteSpeed
etag
"4c82-61627b1a-422a0ff9c92daf17;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
19586
expires
Sun, 17 Oct 2021 23:23:25 GMT
D4186939-AFB1-41C2-B71E-3CAC437DC5C4-265x198.jpeg
manunitedrd.com/wp-content/uploads/2021/10/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://manunitedrd.com/wp-content/uploads/2021/10/D4186939-AFB1-41C2-B71E-3CAC437DC5C4-265x198.jpeg
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.87.81.42 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
651bf104a99bcaec57eb8dfe622a5c2b8d7c5525bdea91e9e9fc53db5771bb36

Request headers

:path
/wp-content/uploads/2021/10/D4186939-AFB1-41C2-B71E-3CAC437DC5C4-265x198.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
manunitedrd.com
referer
https://manunitedrd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:25 GMT
last-modified
Sun, 10 Oct 2021 05:27:06 GMT
server
LiteSpeed
etag
"4ba4-616279aa-a82867f28a9d9597;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
19364
expires
Sun, 17 Oct 2021 23:23:25 GMT
3A753E17-CC2B-4FEE-822A-CD61D21A92A7-265x198.jpeg
manunitedrd.com/wp-content/uploads/2021/10/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://manunitedrd.com/wp-content/uploads/2021/10/3A753E17-CC2B-4FEE-822A-CD61D21A92A7-265x198.jpeg
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.87.81.42 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2be8f25e477e86047ded8c3effad1ea233ba7fbb33060f748786f2c7b091a90a

Request headers

:path
/wp-content/uploads/2021/10/3A753E17-CC2B-4FEE-822A-CD61D21A92A7-265x198.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
manunitedrd.com
referer
https://manunitedrd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:25 GMT
last-modified
Sat, 09 Oct 2021 05:59:07 GMT
server
LiteSpeed
etag
"5766-61612fab-2fcdd05ddd7f2d02;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
22374
expires
Sun, 17 Oct 2021 23:23:25 GMT
E1B54C52-1EE3-42E0-8FE8-851414AECA64-265x198.jpeg
manunitedrd.com/wp-content/uploads/2021/10/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://manunitedrd.com/wp-content/uploads/2021/10/E1B54C52-1EE3-42E0-8FE8-851414AECA64-265x198.jpeg
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.87.81.42 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
db730d8fbff7e14ee2436f7beecee2f82e7153b466dbd178dbbe7d0e79c6949d

Request headers

:path
/wp-content/uploads/2021/10/E1B54C52-1EE3-42E0-8FE8-851414AECA64-265x198.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
manunitedrd.com
referer
https://manunitedrd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:25 GMT
last-modified
Sat, 09 Oct 2021 05:56:18 GMT
server
LiteSpeed
etag
"5a5b-61612f02-6f1f8c229383af1e;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
23131
expires
Sun, 17 Oct 2021 23:23:25 GMT
D639C1F2-0976-4061-86D9-0F31C56AA7F7-265x198.jpeg
manunitedrd.com/wp-content/uploads/2021/10/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://manunitedrd.com/wp-content/uploads/2021/10/D639C1F2-0976-4061-86D9-0F31C56AA7F7-265x198.jpeg
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.87.81.42 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
deeb7d5a9c2c9508464fc2b2e1ad67fab1d2777b413241e927e8ad445dd4dea8

Request headers

:path
/wp-content/uploads/2021/10/D639C1F2-0976-4061-86D9-0F31C56AA7F7-265x198.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
manunitedrd.com
referer
https://manunitedrd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:25 GMT
last-modified
Sat, 09 Oct 2021 05:51:36 GMT
server
LiteSpeed
etag
"50d1-61612de8-a5131441e4f35d4b;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
20689
expires
Sun, 17 Oct 2021 23:23:25 GMT
DDCC524D-F6BC-4631-98E2-0A27F254BDC2-265x198.jpeg
manunitedrd.com/wp-content/uploads/2021/10/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://manunitedrd.com/wp-content/uploads/2021/10/DDCC524D-F6BC-4631-98E2-0A27F254BDC2-265x198.jpeg
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.87.81.42 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
88076c5d649ed2de4d67884436f12945d63adece3b1cd6d41b209e843fc33890

Request headers

:path
/wp-content/uploads/2021/10/DDCC524D-F6BC-4631-98E2-0A27F254BDC2-265x198.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
manunitedrd.com
referer
https://manunitedrd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:25 GMT
last-modified
Sat, 09 Oct 2021 05:48:02 GMT
server
LiteSpeed
etag
"46c1-61612d12-b1690c3bc751b721;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
18113
expires
Sun, 17 Oct 2021 23:23:25 GMT
09BCD71F-3D16-402D-BC27-F631B0EE2825-265x198.jpeg
manunitedrd.com/wp-content/uploads/2021/10/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://manunitedrd.com/wp-content/uploads/2021/10/09BCD71F-3D16-402D-BC27-F631B0EE2825-265x198.jpeg
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.87.81.42 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3b0d743cd299745fbfc51f6a0f52680aec8d5ea991fe6191ce5d602685181bf7

Request headers

:path
/wp-content/uploads/2021/10/09BCD71F-3D16-402D-BC27-F631B0EE2825-265x198.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
manunitedrd.com
referer
https://manunitedrd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:25 GMT
last-modified
Fri, 08 Oct 2021 05:17:49 GMT
server
LiteSpeed
etag
"4a23-615fd47d-1c4c845586831911;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
18979
expires
Sun, 17 Oct 2021 23:23:25 GMT
A1859279-CF1C-4BF7-924D-01D261F046E3-265x198.jpeg
manunitedrd.com/wp-content/uploads/2021/10/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://manunitedrd.com/wp-content/uploads/2021/10/A1859279-CF1C-4BF7-924D-01D261F046E3-265x198.jpeg
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.87.81.42 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f3c7e8b4a254c8994cd189bfc366e57a4ad65fc2357cbc05ba505ba5bb2739ab

Request headers

:path
/wp-content/uploads/2021/10/A1859279-CF1C-4BF7-924D-01D261F046E3-265x198.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
manunitedrd.com
referer
https://manunitedrd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:25 GMT
last-modified
Fri, 08 Oct 2021 05:13:09 GMT
server
LiteSpeed
etag
"56e9-615fd365-71013a322b1d6144;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
22249
expires
Sun, 17 Oct 2021 23:23:25 GMT
tagdiv_theme.min.js
manunitedrd.com/wp-content/plugins/td-composer/mobile/js/ 		92 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://manunitedrd.com/wp-content/plugins/td-composer/mobile/js/tagdiv_theme.min.js?ver=5.1
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.87.81.42 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
eedda46fa16e5cc5b32e6c42f0d68ffba1a8c5c571503be9490e0207a0ccba1c

Request headers

:path
/wp-content/plugins/td-composer/mobile/js/tagdiv_theme.min.js?ver=5.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
manunitedrd.com
referer
https://manunitedrd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:25 GMT
content-encoding
br
last-modified
Tue, 24 Aug 2021 13:27:44 GMT
server
LiteSpeed
etag
"16e0f-6124f3d0-f115e8756a064409;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
21945
expires
Sun, 17 Oct 2021 23:23:25 GMT
comment-reply.min.js
manunitedrd.com/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://manunitedrd.com/wp-includes/js/comment-reply.min.js?ver=5.8.1
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.87.81.42 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

:path
/wp-includes/js/comment-reply.min.js?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
manunitedrd.com
referer
https://manunitedrd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:25 GMT
content-encoding
br
last-modified
Thu, 15 Apr 2021 03:06:52 GMT
server
LiteSpeed
etag
"ba8-6077adcc-c343e3b4e49ce36e;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1228
expires
Sun, 17 Oct 2021 23:23:25 GMT
wp-embed.min.js
manunitedrd.com/wp-includes/js/ 		1 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://manunitedrd.com/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.87.81.42 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
manunitedrd.com
referer
https://manunitedrd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:25 GMT
content-encoding
br
last-modified
Thu, 04 Feb 2021 03:07:35 GMT
server
LiteSpeed
etag
"592-601b64f7-7c8518e703152b16;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
663
expires
Sun, 17 Oct 2021 23:23:25 GMT
ads.js
manunitedrd.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ 		78 B
149 B 		Script
General
Check archive.org
Download Go to
Full URL
https://manunitedrd.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.30
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.87.81.42 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b

Request headers

:path
/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.30
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
manunitedrd.com
referer
https://manunitedrd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:25 GMT
last-modified
Wed, 25 Aug 2021 03:06:04 GMT
server
LiteSpeed
etag
"4e-6125b39c-edfca17d39230f43;;;"
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
78
expires
Sun, 17 Oct 2021 23:23:25 GMT
wp-emoji-release.min.js
manunitedrd.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://manunitedrd.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.87.81.42 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
manunitedrd.com
referer
https://manunitedrd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:25 GMT
content-encoding
br
last-modified
Sat, 07 Aug 2021 15:38:09 GMT
server
LiteSpeed
etag
"4705-610ea8e1-2524520afd9f6486;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4539
expires
Sun, 17 Oct 2021 23:23:25 GMT
hb_323303_12508.js
player.adtcdn.com/prebidlink/453863/ 		294 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/453863/hb_323303_12508.js
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.198.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2244204576c0bb0b414797190f4880fbfcab8cb2b9e32a931fb0cec07a502acc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 17 Sep 2021 13:18:40 GMT
server
cloudflare
etag
W/"614495b0-49828"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=arKyiw3mnsVXoPWb%2BWhFrZialTFVJkZiRbw3HsKQteNbYHa9G1%2FWP62CJo7DOEWYT4vr4X4xiIpMtjX5Fis00Q1Puq5ChJWzz9VdA3bfMkZBJq7zdmStdls1rtLerHBFaNRjiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69c398aebfbe2784-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 10 Oct 2021 23:38:26 GMT
wrapper_hb_323303_12508.js
player.adtcdn.com/prebidlink/453863/ 		68 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/453863/wrapper_hb_323303_12508.js
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.198.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdcd626e84fb99e156b6e0708d67260ff6f61810b77dd476af9a7195c2095872

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 08 Oct 2021 13:42:56 GMT
server
cloudflare
etag
W/"61604ae0-110e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tbr4%2BheyB17KaIcUhlNrDIsrleLoTiS6UhxO9ZucraNUs4abZN8LehQSxlrOghB68nAw9M9BEBFVreMMjnC9wrLkNUVHt2gdtHb5KCuIo9orhSmE2ZoTYlsSBzHtqan5oaXv6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69c398aebfbf2784-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 10 Oct 2021 23:38:26 GMT
mobile-theme.woff
manunitedrd.com/wp-content/plugins/td-composer/mobile/images/icons/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://manunitedrd.com/wp-content/plugins/td-composer/mobile/images/icons/mobile-theme.woff?10
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/wp-content/plugins/td-composer/mobile/style.css?ver=5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.87.81.42 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
cd964a78e666af8c37db4fd759e9c735d91f8494b9aa0b7837769a508564ee37

Request headers

sec-fetch-mode
cors
origin
https://manunitedrd.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
quads_browser_width=1600
:path
/wp-content/plugins/td-composer/mobile/images/icons/mobile-theme.woff?10
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
manunitedrd.com
referer
https://manunitedrd.com/wp-content/plugins/td-composer/mobile/style.css?ver=5.1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://manunitedrd.com/wp-content/plugins/td-composer/mobile/style.css?ver=5.1
Origin
https://manunitedrd.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:25 GMT
last-modified
Tue, 24 Aug 2021 13:27:44 GMT
server
LiteSpeed
accept-ranges
bytes
etag
"50c4-6124f3d0-3c3c4d50116f8a68;;;"
content-length
20676
content-type
application/font-woff
/
secure.gravatar.com/avatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/?s=80&d=mm&r=g
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.73.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2cdc7482af3176d3c41e97a312dcf7e679a5b3b49b32c5ad4642c5b30e1b6017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 10 Oct 2021 23:23:25 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="none.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/?s=80&d=mm&r=g>; rel="canonical"
content-length
1323
expires
Sun, 10 Oct 2021 23:28:25 GMT
pubads_impl_2021100502.js
securepubads.g.doubleclick.net/gpt/ 		358 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100502.js?31063056
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
186eff04a22ac81157dc3283c95424151aec5cb3e5904d0c5d83512b0d17e4dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124246
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 14:32:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 10 Oct 2021 23:23:25 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		120 B
123 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=manunitedrd.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
b66029b0f25feedc827fee062f81250e83ef2bcb346c21d057f8657700316f26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 10 Oct 2021 23:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98
x-xss-protection
0
expires
Sun, 10 Oct 2021 23:23:25 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-160183304-3&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CJ6ZMM4TTB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
9ab933088e19959415149ce93b144a12be924f38792bc14e84075a18cdd240b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39159
x-xss-protection
0
last-modified
Sun, 10 Oct 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 10 Oct 2021 23:23:25 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-160183304-3&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
2189
date
Sun, 10 Oct 2021 22:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Mon, 11 Oct 2021 00:46:57 GMT
collect
www.google-analytics.com/g/ 		0
171 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-CJ6ZMM4TTB&gtm=2oea60&_p=1496320583&sr=1600x1200&ul=en-us&cid=1365307489.1633908206&_s=1&dl=https%3A%2F%2Fmanunitedrd.com%2F&dt=Manchester%20United%20Transfer%20News%20-%20Manchester%20United%20Red%20Devils&sid=1633908205&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CJ6ZMM4TTB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 23:23:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://manunitedrd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1496320583&t=pageview&_s=1&dl=https%3A%2F%2Fmanunitedrd.com%2F&ul=en-us&de=UTF-8&dt=Manchester%20United%20Transfer%20News%20-%20Manchester%20United%20Red%20Devils&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1794551072&gjid=684275925&cid=1365307489.1633908206&tid=UA-160183304-3&_gid=573291798.1633908206&_r=1&gtm=2oua60&z=421548181
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 23:23:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://manunitedrd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ghb.adtelligent.com/geo/ 		135 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/wrapper_hb_323303_12508.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.210 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
9feb10430a254515222c339487d9c005199d622502f698714ed4528007a90aae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://manunitedrd.com
Date
Sun, 10 Oct 2021 23:23:25 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
135
Content-Type
application/json
tracking
ghb.adtelligent.com/adunit/ 		43 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=323303&site_id=12508&full_page_url=https%3A%2F%2Fmanunitedrd.com%2F&adid=lurcke.86&vpbv=0846&lifecycle_tte=537
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/wrapper_hb_323303_12508.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.210 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://manunitedrd.com
Date
Sun, 10 Oct 2021 23:23:25 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=manunitedrd.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100502.js?31063056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 10 Oct 2021 23:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		113 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1428557183913644&correlator=1745979700107014&output=ldjh&impl=fifs&eid=31063056%2C31062662%2C44748553&vrg=2021100502&ptt=17&sc=1&sfv=1-0-38&ecs=20211010&iu_parts=21939239661%3A22405246745%2Capl%2Cinter&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&fas=8&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1633908206&dt=1633908206208&dlt=1633908205759&idt=262&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=4290626634&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmanunitedrd.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1365307489.1633908206&ga_sid=1633908206&ga_hid=1496320583&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100502.js?31063056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
0929c16ba74c576c8fadacaa4bafd11c97dbdb165c3713deacd5c25209abec77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28600
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://manunitedrd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2BFF 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100502.js?31063056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://manunitedrd.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 10 Oct 2021 23:23:26 GMT
expires
Mon, 10 Oct 2022 23:23:26 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_page_level_ads_2021100502.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021100502.js?cb=31063056
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100502.js?31063056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
3a572a593e601b4177b011c0db021512efbf7873f7161e7be6a0bf0a04b90ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13589
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 14:32:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 10 Oct 2021 23:23:26 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmanunitedrd.com%2F&domain=manunitedrd.com&cw=1&lsw=1
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://manunitedrd.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://manunitedrd.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1376
date
Sun, 10 Oct 2021 23:23:26 GMT
content-encoding
gzip
vary
Accept-Encoding
config.json
player.adtelligent.com/exchange_rates/313490/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fmanunitedrd.com%2F
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/hb_323303_12508.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d8ca588e64d93852c0b1b0e050f61db91b1b1b67574fbd6d041d6fad7596a232

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 10 Oct 2021 23:23:26 GMT
content-encoding
gzip
last-modified
Sun, 10 Oct 2021 12:01:08 GMT
server
nginx/1.18.0
etag
W/"6162d604-2272"
content-type
application/json
access-control-allow-origin
https://manunitedrd.com
expires
Mon, 11 Oct 2021 00:23:26 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
json
gum.criteo.com/sid/ 		345 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmanunitedrd.com%2F&domain=manunitedrd.com&cw=1&lsw=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/hb_323303_12508.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
23c00686dcafdd4164949e9dc72aeb84ab38467b233eac6182f79536bbebe2d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 10 Oct 2021 23:23:25 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://manunitedrd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2691
expires
0
bid
ap.lijit.com/rtb/ 		24 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.41.0-pre
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/hb_323303_12508.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
de5f9bbfa0afac2aa1b8ba5a54df0ddb6562fc38f551a3e097babd371f2c9d70

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 10 Oct 2021 23:23:26 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://manunitedrd.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/hb_323303_12508.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://manunitedrd.com
date
Sun, 10 Oct 2021 23:23:26 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
c
prebid.a-mo.net/a/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/hb_323303_12508.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Sun, 10 Oct 2021 23:23:26 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://manunitedrd.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/hb_323303_12508.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
71efc8afcd9f7eb03b6007fbf7e3458e1657f6600f3926721cd8d21f8e59705f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 23:23:26 GMT
X-Proxy-Origin
216.131.114.162; 216.131.114.162; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c8524c72-39f1-43a7-9c65-31cfaf61244d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://manunitedrd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/hb_323303_12508.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://manunitedrd.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/ 		50 B
732 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/hb_323303_12508.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 23:23:26 GMT
X-Proxy-Origin
216.131.114.162; 216.131.114.162; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
2e26e887-3df1-4dc6-92eb-088f92bdac04
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://manunitedrd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ROS
ads.us.e-planning.net/hb/1/2e43c/1/manunitedrd.com/
Redirect Chain
  • https://ads.us.e-planning.net/pbjs/1/2e43c/1/manunitedrd.com/ROS?rnd=0.7673964480395519&e=728x90_0%3A728x90%2C970x90%2C320x50%2C320x100&ur=https%3A%2F%2Fmanunitedrd.com%2F&pbv=4.41.0-pre&ncb=1&vs=F...
  • https://ads.us.e-planning.net/hb/1/2e43c/1/manunitedrd.com/ROS?ct=1&r=pbjs&rnd=0.7673964480395519&e=728x90_0%3A728x90%2C970x90%2C320x50%2C320x100&ur=https%3A%2F%2Fmanunitedrd.com%2F&pbv=4.41.0-pre&...
62 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/2e43c/1/manunitedrd.com/ROS?ct=1&r=pbjs&rnd=0.7673964480395519&e=728x90_0%3A728x90%2C970x90%2C320x50%2C320x100&ur=https%3A%2F%2Fmanunitedrd.com%2F&pbv=4.41.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fmanunitedrd.com%2F&e_pubcid=9a456710-0fb3-4b22-8bdf-963427553b04
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
d52c6fa743560327ccf5953b34d591d3869ab6126d979b0c11802eb5d1f1aad6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:26 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://manunitedrd.com
expires
Sun, 10 Oct 2021 23:23:26 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
62
x-sid
AMS-607

Redirect headers

date
Sun, 10 Oct 2021 23:23:26 GMT
server
openresty
access-control-allow-origin
https://manunitedrd.com
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2e43c/1/manunitedrd.com/ROS?ct=1&r=pbjs&rnd=0.7673964480395519&e=728x90_0%3A728x90%2C970x90%2C320x50%2C320x100&ur=https%3A%2F%2Fmanunitedrd.com%2F&pbv=4.41.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fmanunitedrd.com%2F&e_pubcid=9a456710-0fb3-4b22-8bdf-963427553b04
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-607
cdb
bidder.criteo.com/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.41.0-pre&cb=66209377704
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/hb_323303_12508.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://manunitedrd.com
date
Sun, 10 Oct 2021 23:23:25 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid-request
onetag-sys.com/ 		15 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/hb_323303_12508.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://manunitedrd.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
hb
ssc.33across.com/api/v1/ 		66 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/hb_323303_12508.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
9a40e423b0b3f515ddf80ab53032fb45c119b0e9a54ece55b7e06ecdf55ba112

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 10 Oct 2021 23:23:26 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://manunitedrd.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
gpt.js
www.googletagservices.com/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/footballwebbcomdynamic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
34e6e45c3801133870c468a1ec03c2d5ab5c96ee0d13128faeebafc6fca4d65b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1012 / 791 of 1000 / last-modified: 1633731165"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26893
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 10 Oct 2021 23:23:26 GMT
adipolo_logo.png
adipolo.com/wp-content/uploads/2020/06/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.129.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5141
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7068
last-modified
Tue, 02 Jun 2020 09:04:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXPifTgCB5OYfDGV9%2FUkBWJqEbZRb1iUqqEtoLb2Zgn5y2yP0jiE9rGh8nYi2N6RRLLKEar4cZwfxNbEebFbpjyGKQU%2Fo5arRFTWY2s1cj3QBxypbaxxKRXD5DeEAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
69c398b21e1a6907-FRA
container.html
efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CAE1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100502.js?31063056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://manunitedrd.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 10 Oct 2021 23:23:26 GMT
expires
Mon, 10 Oct 2022 23:23:26 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021100502&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100502.js?31063056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
434c3c4688d9f307ed8b1208432d85e49aab72029228e7d8dcce44421302f90c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 10 Oct 2021 23:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8472
x-xss-protection
0
css2
fonts.googleapis.com/ Frame CAE1 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com
URL: https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 10 Oct 2021 22:53:47 GMT
server
ESF
date
Sun, 10 Oct 2021 23:23:26 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Sun, 10 Oct 2021 23:23:26 GMT
css
fonts.googleapis.com/ Frame 74AC 		664 B
429 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A400
Requested by
Host: efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com
URL: https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
f8f5705ee03667d1a28565f6dc84b7748bb9d7c4ded30c270354edd054b86b32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 10 Oct 2021 23:05:21 GMT
server
ESF
date
Sun, 10 Oct 2021 23:23:26 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Sun, 10 Oct 2021 23:23:26 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame 74AC 		1 KB
944 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com
URL: https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
cafe /
Resource Hash
6500bd4cd278cdd0e00b473891ec40860e4dde8e5a7f02ab1d2ad6e30dfb0ce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:16:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
404
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
837
x-xss-protection
0
server
cafe
etag
7640065535275194769
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Oct 2021 23:16:42 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/ Frame 74AC 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/abg_lite_fy2019.js
Requested by
Host: efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com
URL: https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
cafe /
Resource Hash
2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 22:49:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2057
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7605
x-xss-protection
0
server
cafe
etag
4152153861754824712
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Oct 2021 22:49:09 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame 74AC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/window_focus_fy2019.js
Requested by
Host: efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com
URL: https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
cafe /
Resource Hash
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
925
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1344
x-xss-protection
0
server
cafe
etag
10107448882299530629
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Oct 2021 23:08:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 74AC 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com
URL: https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37898
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1633547226118934"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Oct 2021 23:23:26 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame 74AC 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com
URL: https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
cafe /
Resource Hash
51896cb4e932803b983cf59d85b20c705f42a891fa0c9c408e3cb267b5bb949c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:13:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
585
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6219
x-xss-protection
0
server
cafe
etag
4041254270185007295
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Oct 2021 23:13:41 GMT
l
www.google.com/ads/measurement/ Frame 74AC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSDj8QG8lpWCyMW5BaxhuEMbjzkF8XXpGYHWCGLFZ-cqs0C2KL8oYcP9YGfR1fPtJI_X0qkfnWPUMBHEJKpTbzEShMb3A
Requested by
Host: efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com
URL: https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
8400539943eb1c96fa551c508d61e34e.js
www.gstatic.com/mysidia/ Frame 74AC 		26 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8400539943eb1c96fa551c508d61e34e.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com
URL: https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 07:19:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57821
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11136
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 18:12:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Sat, 08 Jan 2022 07:19:45 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/elements/html/ Frame CAE1 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com
URL: https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
cafe /
Resource Hash
9d4b879e7fb9539f59e30a0c8b0fe2fa020c99e58caa9a7e616d459a5e017e03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
887
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7627
x-xss-protection
0
server
cafe
etag
14532344818667626787
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Oct 2021 23:08:39 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CAE1 		205 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com
URL: https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 08:19:39 GMT
x-content-type-options
nosniff
age
399827
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 06 Oct 2022 08:19:39 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CAE1 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com
URL: https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 00:41:57 GMT
x-content-type-options
nosniff
age
81689
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 10 Oct 2022 00:41:57 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100502.js?31063056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sun, 10 Oct 2021 23:23:26 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=manunitedrd.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100502.js?31063056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 10 Oct 2021 23:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1428557183913644&correlator=3107142369922151&output=ldjh&impl=fifs&eid=31063056%2C31062662%2C44748553&vrg=2021100502&ptt=17&sc=1&sfv=1-0-38&ecs=20211010&iu_parts=21939239661%3A22405246745%2Capl%2Caplmcm%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90%7C320x50%7C320x100&prev_scp=test%3Drefresh%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cookie=ID%3Db340f2955486e18b-22d5dc62f1ca008c%3AT%3D1633908206%3AS%3DALNI_MbS0IQgUGlaw-duU9kULRqJKMKh9w&bc=31&abxe=1&lmt=1633908206&dt=1633908206612&dlt=1633908205759&idt=262&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=1150&adks=1637743623&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmanunitedrd.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&ga_vid=1365307489.1633908206&ga_sid=1633908206&ga_hid=1496320583&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100502.js?31063056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
af33bae8fd73d7cfc08dd21c253b5a54ebf59a089c8428cb1ab2f8885b41b8fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7752
x-xss-protection
0
google-lineitem-id
5778121850
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138361598025
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://manunitedrd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 232B 		143 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com
URL: https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 10 Oct 2021 22:35:57 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2849
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame B390 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://manunitedrd.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sun, 10 Oct 2021 21:28:28 GMT
expires
Mon, 10 Oct 2022 21:28:28 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
6898
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame BA71 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
ffe29a7c821fa1e4534a0c3883c3a190ed1ba9a971dfa1eb2fba27f79b3eb01d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VQhAeQeSjhLtCQ/LKDPxiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://manunitedrd.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 10 Oct 2021 23:23:26 GMT
date
Sun, 10 Oct 2021 23:23:26 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-VQhAeQeSjhLtCQ/LKDPxiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 232B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com
URL: https://efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 10 Oct 2021 23:23:26 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Mon, 11-Oct-2021 00:23:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 10 Oct 2021 23:23:26 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 10 Oct 2021 23:23:26 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
pagead2.googlesyndication.com/bg/ Frame B390 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 20:48:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
9276
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13306
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Mon, 10 Oct 2022 20:48:50 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BA71 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021100502&jk=1428557183913644&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021100502&jk=1428557183913644&bg=!BgWlBUHNAAbGFvHlxhY7ACkAdvg8Wo_IqJMMW1JcDf6hfb-kCtAguTQqkB9nCFrI3A6YKhNKo2u77gIAAABbUgAAAAtoAQeZArI061z809L-1h-Pqk2dCP1tQbJUj9pqzo_cIG07HuXFNUdZdSd5PbGApz0iC_2EGYUlQG75CvK6_nx8r69qe8H8BvCzQSWIQIkRWb96n-OYW7vIPXbEGGsrCxskkBRnDkZPDg9jTZhJgSEXVbaIHyG0I86zw0lgAyyUcbpUceM9Z19LFjmOO6XMcvCm-qS-w6gabqyvh0aHQRLJgMKzIftf38vILgm5rpbGIdOwJVh-lUCBEbKhC8ZIEbR9OnXQOiE4DIOTwFflE38UKnax0xrjiR0PN-a2jEBWv4N8sA1xUUtnBbhgzOEntcbeQRJMHqLBewVkI8hKPXX8Bbd-ZkpB4WsaPViD0rqBrXamiC1Ws8vWS_uAtIg1c9gHoWtqVmTPEPBXXh0gVub4HkOXuie25BFWRksoNLpQBRw1hBTq7nEtwAPkYcM1J58RJIt7Jq45m1Qdb17K4gBVTZjY8_s6jZjdHYCU4fg3aGx8QOWK9Rc_9K2tfWZwvdMww9nnp38Nl8vjWh1x9ozJzBkhBfmtMBkbQNlUiMZcP0vnwQUKYncZT1kSHfxF6ajjmAGk1yNuVQqSv1D1w_HcZteLELnXEZPXgjaYCVMdhwQRU9lRsxfZ6MBaQsFFTqxbGs62_8C-qPGSnNi3NI8GnzwWitLKHSgj9SyV3fjgNBv-_VAkYzEbccx8ioSky8PJj2APN1yaKvrqPpOiMT4l-5MHWVBnx54lVS3xSC26lYxqmkkp2ue5wsAKsccDsLllHMqyy1_wTXRFeh5jMrnoyjwg-QoaMCwMyWRjtpe-FtwPLh9DyfxsN5gcs9H5rbWDg2YsE-wfFBL_hWk74wHTFsoGStXnNE18tmCK3AIL6oR0Rkve1DvLAR7_ExQIxWvM_yUZmTceMYx43NgY53pCq61AEQ-eHE4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 23:23:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstaDsqKl1h-6epciGTs7rYzbss74Lf8qWh7E2wZ8hnUo8dYeL-cPDjimhZ5GvpylQJU2UssX9xZl8zGIdyU3Ga5uanpKbEMWNNTa3l6PERVNRyU2Yc4sioXTqzVrpo3Yl6uw3F426okjfnKBBUQrg0SXPyRaKZ6qWOkGin3lxnQPJSigeehenFZx4O_u_pxOEq-DHX6eCiy1OH0vl0qnioZmXZ-L1YxMP0uJ2I3-pt0plhC15O7EOyxYbgSk7PRHl6oWIi3yKkN0G3pm9CWbejN4oQRcs8oWX675czMY6JfzjI0YIDhf9VNHk-E8CK-&sig=Cg0ArKJSzNxG_YIjk_QKEAE&urlfix=1&adurl=
Requested by
Host: manunitedrd.com
URL: https://manunitedrd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 10 Oct 2021 23:23:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
ads.projectagoraservices.com/ 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=16551&schain=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100502.js?31063056
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.138.255.8 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
/
Resource Hash
69fe9c39e954a96431fc179f90a83eff1008bfaa8e42fbea4845fc1efbe0248f

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 23:23:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
705
expires
Sun, 10 Oct 2021 23:23:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100502.js?31063056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sun, 10 Oct 2021 23:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37898
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1633547226118934"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Oct 2021 23:23:26 GMT
pav2.min.js
projectagora.net/libs/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=16551&schain=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.144.40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d28bea0d0a80a92869862023cc1ef286d5daebbf15d0ac7d65e2b35f498e2c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
471
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
HZWEFYFZFC29A0AZ
x-amz-id-2
+Wa8cbhd9JFm4yPvKxQoodDlW3isCPITO8ISvZUPkzx8lcSQeRya/L1jcZp3oufkD/MMAAn8IpI=
last-modified
Tue, 21 Sep 2021 09:07:35 GMT
server
cloudflare
etag
W/"dfef5cbf93343e54bdc65258318252cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5N%2BDP8JxENkibWE09FQE065PJJ9Q3VHT2vS5M7ZIL7r7NnbQU99QUO3Gp76qhnaZVvPOtjleuIT%2BbuoYT58EkxxrsOrBLXij5GcZ%2B5lEkWMlIRGV08b4Gj5cka34QerVIja"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
69c398b63c8427bc-PRG
truncated
/ 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35f076312aa1aec3814283d0e8a34cfdde8b1527c9e56584503ef48490b09c77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
prebid.js
projectagora.net/libs/prebidv3/ 		336 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebidv3/prebid.js
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/pav2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.144.40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaf23ce0aa0cb4b4c60214d63daae59bbd72e5d856dfc5df91a0d676938dd628

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3944
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
7ST0MWS3EMV7SHCR
x-amz-id-2
UPEEPUtNZwjLGrW6u6g29rpo+HBAr71e0e8R7YUSTS63i4Dokmizw1/7tgDnjwd8PwA8ZsSQlCA=
last-modified
Wed, 05 May 2021 10:30:11 GMT
server
cloudflare
etag
W/"1766ed9e832250268e13e963571b5fc5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=77Fr71Arr5GF3vC0Ei%2Fuk%2B6HEnggkR%2BtzBJPfI%2Bnf%2F8V%2BwRHsUGQCiHCyxB4yLLSfYYB4pGYjYjagDSqDCf0126tFydfDrWBSl%2FBoZlpRGN%2F%2FuvTPxhDbHz2433T%2BiFxYI70"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
69c398b69adef9da-PRG
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBW8ormu85MNgRH9qtwS-LcpBvuRDSzpwFzEVEOWbXBUkp3HbV5REsedGmOZeVmhbfmq1qpvMK21H0cfU4MwM1ViqlKBk6mzCUbegQWd9LsxuWDdhCQCVmknulRMRdn_cZ4K1vxr7bDiGDnRY1D1yUPqrNIk1CT92AHdeZC8vyqu0smJl3qjjdACICHgnHrkWzyPHmdUQQ_fepEv6aK9S5DKadVdEyRQaUCmvjP5JsgBRz4rSSgCRz9mRAqssAzm9ngdPsxL8HpgQ2f4Ke1srsunBT3yJwSJVrI25EWceE6TinBdUpZIq8NpaT0-7KZ20&sig=Cg0ArKJSzEwd9g-r7t8uEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 10 Oct 2021 23:23:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 10 Oct 2021 23:23:27 GMT
localstore.js
script.4dex.io/ 		483 B
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
830569
x-amz-request-id
tx4156f9f298ad4ef289067-006156c982
x-amz-id-2
tx4156f9f298ad4ef289067-006156c982
last-modified
Fri, 01 Oct 2021 08:34:21 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63hY4RC04Ujk2lE5gWfVZZyain8766FtMfnA0eCn5dCBvn9nm2Kh%2BfxXPHZ0lVKUoOv%2BBQC%2FeVyB8IGSIaI4Kt%2BaqCPAMRTj%2BA3e7azYGu53aNzAW2jusHLWRRkc2z5C"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1633077261838806
cf-ray
69c398b7897e2778-PRG
v1
prg.smartadserver.com/prebid/ 		171 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 23:23:27 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b0%3b97
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://manunitedrd.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
fastlane.json
fastlane.rubiconproject.com/a/api/ 		242 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21034&site_id=300282&zone_id=2149088&size_id=117&rp_schain=1.0,0!projectagora.com,100000,1,,,&rf=https%3A%2F%2Fmanunitedrd.com%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=ed960978-fcf0-4e8c-b53e-05c68da3a126&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.1436841666512032
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
74aa22bcd628d1ff5b9b5cda030e350ddf81ce301b049dbd1682700d37cc3886

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 23:23:27 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://manunitedrd.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
242
Expires
Wed, 17 Sep 1975 21:32:10 GMT
/
adx.adform.net/adx/ 		5 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTExMzY1MjAmdHJhbnNhY3Rpb25JZD1lZDk2MDk3OC1mY2YwLTRlOGMtYjUzZS0wNWM2OGRhM2ExMjY%3D&pt=gross&stid=29b5d7e6-47bf-4d6c-bdc4-8e6ec2073c78&fd=1
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 23:23:27 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://manunitedrd.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
arj
projectagora-d.openx.net/w/1.0/ 		173 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fmanunitedrd.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ed960978-fcf0-4e8c-b53e-05c68da3a126&nocache=1633908207244&schain=1.0%2C0!projectagora.com%2C100000%2C1%2C%2C%2C&aus=320x100&divIds=22354537_hockeyweb.site_ros-adtag_320x100&auid=545671217
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
c74a5457347ee9d3ef26904e9e3b0e3b5268a0511ada15d0a74284fb5c89ba47

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 23:23:27 GMT
content-encoding
gzip
server
OXGW/16.216.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://manunitedrd.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
adagio.js
script.4dex.io/ 		71 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d7ddf617c63da9bd588428601e0f8ad67395a39a44c1f014577ac0f2bbb5f9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
572193
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txa324719e8b52437482cb5-006156cc88
x-amz-id-2
txa324719e8b52437482cb5-006156cc88
last-modified
Fri, 01 Oct 2021 08:34:20 GMT
server
cloudflare
etag
W/"5300a3b1be09eec23740c383b46565be"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sbeo7tkZCxUCzg%2BTbiYJql%2FilGTUyubp8sk3iW2aw2nwzRuuJN%2FbpwP5hpflaqcfdXQoE3WBpBRpgjn7W6v9IVeo3NyS3PRRjVV90dLvcNJArJAtItUzVgylTalzSumO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1633077260231162
cf-ray
69c398b7dae64132-PRG
access-control-allow-headers
Authorization
multitracking
ghb.adtelligent.com/adunit/ 		0
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/wrapper_hb_323303_12508.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.210 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://manunitedrd.com
Date
Sun, 10 Oct 2021 23:23:26 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
/
projectagora-483829-hdb.adomik.com/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiMjliNWQ3ZTYtNDdiZi00ZDZjLWJkYzQtOGU2ZWMyMDczYzc4IiwiaG9zdG5hbWUiOiJtYW51bml0ZWRyZC5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJBREZPUk0ifSx7ImJpZGRlciI6Ik9QRU5YIn1dLCJyZXNwb25zZXMiOltdLCJ3aW5uZXJzIjpbXX19LHsicGxhY2VtZW50Q29kZSI6IjIyMzU0NTM3X2hvY2tleXdlYi5zaXRlX3Jvcy1hZHRhZ18zMjB4MTAwIiwic2l6ZXMiOlt7IndpZHRoIjowLCJoZWlnaHQiOjB9XSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbXSwicmVzcG9uc2VzIjpbeyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIiwicGxhY2VtZW50Q29kZSI6IjIyMzU0NTM3X2hvY2tleXdlYi5zaXRlX3Jvcy1hZHRhZ18zMjB4MTAwIiwiaWQiOiI5NDZlM2YzMDMyODM2ZSIsInN0YXR1cyI6IlZBTElEIiwiY3BtIjowLCJzaXplIjp7IndpZHRoIjowLCJoZWlnaHQiOjB9LCJ0aW1lVG9SZXNwb25kIjoxMTMsImFmdGVyVGltZW91dCI6ZmFsc2V9LHsiYmlkZGVyIjoiU01BUlRBRFNFUlZFUiIsInBsYWNlbWVudENvZGUiOiIyMjM1NDUzN19ob2NrZXl3ZWIuc2l0ZV9yb3MtYWR0YWdfMzIweDEwMCIsImlkIjoiOTQ2ZTNmMzAzMjgzNmUiLCJzdGF0dXMiOiJWQUxJRCIsImNwbSI6MCwic2l6ZSI6eyJ3aWR0aCI6MCwiaGVpZ2h0IjowfSwidGltZVRvUmVzcG9uZCI6MTEzLCJhZnRlclRpbWVvdXQiOmZhbHNlfV0sIndpbm5lcnMiOltdfX1dfQ%3D%3D&id=29b5d7e6-47bf-4d6c-bdc4-8e6ec2073c78&part=0&on=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.128.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-128-217.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 10 Oct 2021 23:23:27 GMT
Server
nginx
publishertag.prebid.js
static.criteo.net/js/ld/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/hb_323303_12508.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2581d556ceadd8cdd3eb15509ff94501871552563a71381393fc7b59611cbc1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:28 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 12:34:24 GMT
server
nginx
etag
W/"615af4d0-1535c"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Oct 2021 23:23:28 GMT
syncframe
gum.criteo.com/ Frame 4F17 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=manunitedrd.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=manunitedrd.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://manunitedrd.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1773
set-cookie
uid=c6035c8f-334c-4a78-9dce-3fd9ac2ed407; expires=Fri, 04 Nov 2022 23:23:27 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Sun, 10 Oct 2021 23:23:27 GMT
content-length
4685
publishertag.prebid.js
static.criteo.net/js/ld/ 		85 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2581d556ceadd8cdd3eb15509ff94501871552563a71381393fc7b59611cbc1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:28 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 12:34:24 GMT
server
nginx
etag
W/"615af4d0-1535c"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Oct 2021 23:23:28 GMT
json
gum.criteo.com/sid/ Frame 4F17 		415 B
516 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=manunitedrd.com&sn=ChromeSyncframe&so=3&topUrl=manunitedrd.com&bundle=9AcN8l9PTGowcFRnU1RFVHd3cHgxSDhvaHB0UDZ4NlYlMkJlTDU0MEppdVIza0h2akdFTDM0VUd6T1JabTFIJTJCeVZFYkpKbHg4VFFGTnBmWW1vUmg0YTFSOGRUVlprT2tUZTBmNlR3SzklMkJENnhEUHEwbE51bVQ5YjFGRXR1TWZjTjhtU3BkQQ&cw=1&lsw=1
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=manunitedrd.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
542bde5babbc2d5f55523647ff42548cf409ffb718f166f8dff34b1133537b1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=manunitedrd.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 10 Oct 2021 23:23:28 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2682
expires
0
prebid
ib.adnxs.com/ut/v3/ 		50 B
887 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/hb_323303_12508.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 23:23:28 GMT
X-Proxy-Origin
216.131.114.162; 216.131.114.162; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
2baaec8d-57a7-467b-ac64-098cd601693b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://manunitedrd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/hb_323303_12508.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4051a3948a3e14c8bab8643b71a3d7af6bb78735274dd7bd3c6a1a89d80d50c6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 23:23:28 GMT
X-Proxy-Origin
216.131.114.162; 216.131.114.162; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
89cc1e14-01cf-48e9-a506-b16592b2e188
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://manunitedrd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		24 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.41.0-pre
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/hb_323303_12508.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e1ab3b385d964d86460e05a8ae8a67ccede1c3d106f665bb46250874c19a6e85

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 10 Oct 2021 23:23:28 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://manunitedrd.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/hb_323303_12508.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://manunitedrd.com
date
Sun, 10 Oct 2021 23:23:28 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/hb_323303_12508.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
118d985aa9ae89b1c915e90d0542d2e1cd112edb8e10f4720b43d2794b19c398

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 10 Oct 2021 23:23:28 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://manunitedrd.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
c
prebid.a-mo.net/a/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/hb_323303_12508.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Sun, 10 Oct 2021 23:23:27 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://manunitedrd.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
cygnus
htlb.casalemedia.com/ 		25 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=707935&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2254aa5291036e29f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fmanunitedrd.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.41.0-pre%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22553abdd1d7b768a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22707935%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/hb_323303_12508.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.26.214 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-26-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
426f12b857078e90970e990b51d856b7ff36c4978e66748052c6e4b28aa0977c

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 23:23:28 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.162], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://manunitedrd.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Sun, 10 Oct 2021 23:23:28 GMT
ROS
ads.us.e-planning.net/pbjs/1/2e43c/1/manunitedrd.com/ 		63 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/pbjs/1/2e43c/1/manunitedrd.com/ROS?rnd=0.7673964480395519&e=300x600_0%3A300x600&ur=https%3A%2F%2Fmanunitedrd.com%2F&pbv=4.41.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fmanunitedrd.com%2F&e_pubcid=9a456710-0fb3-4b22-8bdf-963427553b04
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/hb_323303_12508.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
abee43d4081e6aacfbe97f8550510da86bcbf401c160169561d05e0acb3c310a

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 10 Oct 2021 23:23:28 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://manunitedrd.com
expires
Sun, 10 Oct 2021 23:23:28 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
63
x-sid
AMS-607
cdb
bidder.criteo.com/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=114&profileId=185&av=33&wv=4.41.0-pre&bundle=9AcN8l9PTGowcFRnU1RFVHd3cHgxSDhvaHB0UDZ4NlYlMkJlTDU0MEppdVIza0h2akdFTDM0VUd6T1JabTFIJTJCeVZFYkpKbHg4VFFGTnBmWW1vUmg0YTFSOGRUVlprT2tUZTBmNlR3SzklMkJENnhEUHEwbE51bVQ5YjFGRXR1TWZjTjhtU3BkQQ&cb=68923084856
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/hb_323303_12508.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://manunitedrd.com
date
Sun, 10 Oct 2021 23:23:27 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid-request
onetag-sys.com/ 		15 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/hb_323303_12508.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://manunitedrd.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid-request
onetag-sys.com/ 		15 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/hb_323303_12508.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://manunitedrd.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
events
bidder.criteo.com/csm/ 		0
188 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://manunitedrd.com
date
Sun, 10 Oct 2021 23:23:27 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=manunitedrd.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100502.js?31063056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 10 Oct 2021 23:23:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1428557183913644&correlator=2979442952480786&output=ldjh&impl=fifs&eid=31063056%2C31062662%2C44748553&vrg=2021100502&ptt=17&sc=1&sfv=1-0-38&ecs=20211010&iu_parts=21939239661%3A22405246745%2Capl%2Caplmcm%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cookie=ID%3Db340f2955486e18b%3AT%3D1633908206%3AS%3DALNI_MYIipP4k1TskNqICVAc2qt9ss_s6g&bc=31&abxe=1&lmt=1633908208&dt=1633908208568&dlt=1633908205759&idt=262&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=2147876402&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmanunitedrd.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&psts=AGkb-H9RbDqL8N3EOe4PdBsFSiXsGDb8NKYqa-xwCPSqsHSV4QWWbVavBeczXVa-TWddPZ_ZH2Uu3-U8lBT9GQy0JIsxLGc-RV6C&ga_vid=1365307489.1633908206&ga_sid=1633908206&ga_hid=1496320583&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&a3p=EhYKBmNyaXRlbxIAGMzmkuTGL0UAAAAA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100502.js?31063056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
bc701b0cd819879a12bd885c94eaec7536cd21f8961f8c605c0c3a092e553ea6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 23:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7655
x-xss-protection
0
google-lineitem-id
5778121850
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138361911421
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://manunitedrd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
multitracking
ghb.adtelligent.com/adunit/ 		0
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/wrapper_hb_323303_12508.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.210 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://manunitedrd.com
Date
Sun, 10 Oct 2021 23:23:28 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
692.json
id5-sync.com/g/v2/ 		213 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453863/hb_323303_12508.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.42.86 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p26.id5-sync.com
Software
/
Resource Hash
014175494adbe56ecc8babb5aba85c586f750d4e56ad0c36374f5ff536f4961e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://manunitedrd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://manunitedrd.com
Date
Sun, 10 Oct 2021 23:23:25 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDX3Q9groMNHGtdBQVpUAwM&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDX3Q9groMNHGtdBQVpUAwM&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manunitedrd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 23:23:30 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Oct 2021 23:23:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDX3Q9groMNHGtdBQVpUAwM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| _wpemojiSettings undefined| $ function| jQuery object| googletag object| protag object| vmpbjs object| vpb object| gptAdSlots function| removeCustomBanner undefined| customBannerCountdownInterval object| interstitialSlot undefined| staticSlot undefined| anchorSlot object| tdwGlobal object| tdLocalCache string| td_ajax_url string| tdThemeName string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_login_mobile function| gtag object| dataLayer object| tdDetect object| tdUtil object| tdSite boolean| tdScrollToTopIsVisible undefined| tdResizeVideoTimer object| tdAjaxSearch function| Froogaloop object| tdYoutubePlayers object| tdVimeoPlayers object| tdEvents object| tdAjaxCount object| tdCustomEvents object| tdAffix object| tdLogin object| tdViewport object| tdPullDown object| tdSocialSharing object| tdShowVideo function| $f function| onYouTubeIframeAPIReady object| addComment object| wp boolean| wpquads_adblocker_check boolean| wpquads_adblocker_check_2 object| twemoji object| ggeac object| google_js_reporting_queue object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| gaplugins object| gaData object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| vmpbjsChunk object| _pbjsGlobals object| Criteo object| adipolo object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests boolean| inDapIF boolean| inGptIF object| dicnf number| google_srt object| viewReq function| vu number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ function| PAv2 function| projectAgoraPbjsChunk object| projectAgoraPbjs function| JSEncrypt object| ADAGIO object| sas object| apntag object| _ADAGIO object| criteo_pubtag object| criteo_pubtag_prebid_114 object| Criteo_prebid_114

24 Cookies

Domain/Path Name / Value
manunitedrd.com/ Name: quads_browser_width
Value: 1600
.manunitedrd.com/ Name: _ga_CJ6ZMM4TTB
Value: GS1.1.1633908205.1.0.1633908205.0
.manunitedrd.com/ Name: _ga
Value: GA1.2.1365307489.1633908206
.manunitedrd.com/ Name: _gid
Value: GA1.2.573291798.1633908206
.manunitedrd.com/ Name: _gat_gtag_UA_160183304_3
Value: 1
.adtelligent.com/ Name: vmuid
Value: a4d2a42d01f29b27
manunitedrd.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.manunitedrd.com/ Name: _pubcid
Value: 9a456710-0fb3-4b22-8bdf-963427553b04
.adnxs.com/ Name: uuid2
Value: 3476181298889584135
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
ads.us.e-planning.net/ Name: CT
Value: 1
manunitedrd.com/ Name: cto_bidid
Value: H19tPV9aNlRIR2F6UEhGYWFRYnN5TmowZ3pCN250JTJCd1lyVERQRFlFRUZNejNFWUF3a2htS1Zvb2tCRlhWSUVFeDdjS1VEN3Z5SmJ5UVclMkJ6WTd3WTlNME9sOUElM0QlM0Q
manunitedrd.com/ Name: cto_bundle
Value: 9AcN8l9PTGowcFRnU1RFVHd3cHgxSDhvaHB0UDZ4NlYlMkJlTDU0MEppdVIza0h2akdFTDM0VUd6T1JabTFIJTJCeVZFYkpKbHg4VFFGTnBmWW1vUmg0YTFSOGRUVlprT2tUZTBmNlR3SzklMkJENnhEUHEwbE51bVQ5YjFGRXR1TWZjTjhtU3BkQQ
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUnYaTafecNIbyClG4wH0NkZstSux4qwLz7T88UfOsxv_661tQUMbJu7UrhDDoI
.manunitedrd.com/ Name: __gads
Value: ID=b340f2955486e18b:T=1633908206:S=ALNI_MYIipP4k1TskNqICVAc2qt9ss_s6g
.openx.net/ Name: i
Value: 5653ffba-7c6b-0b58-035b-a9c0025eb20f|1633908207
.rubiconproject.com/ Name: khaos
Value: KULURDG9-1V-4OCP
.rubiconproject.com/ Name: rsid
Value: 1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVUw1wYaQOmrhQqqfZr+M5+TPRh6t2jLGFGeoFyjBXEn+RTT+pWw62G0J5h4qb83eS0hKpmK2B6gxNbX/Q8/cWQrERdSf+hE=
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqxSMGBqAbWL+Z/QOri+XbpzNXfbQC2YLbn9IvJV412kdFPCuA6ApPSwFCfoC+4IsX0FXJviq9WAQIs4X5J+Y5r
.criteo.com/ Name: uid
Value: c6035c8f-334c-4a78-9dce-3fd9ac2ed407
.manunitedrd.com/ Name: cto_bundle
Value: VeFrUl9PTGowcFRnU1RFVHd3cHgxSDhvaHB0MFA0QnNuQTFuOWZ2NHRyT2tHTVNWWUlzcm1aeng4eVgwZktKdWRjSUlXdnhsd0NhRnVwSzJkUVNqWklMeUdWeFBFRzJiZGkwMkd6JTJCY2tIeHlXT3JrWWJkNnBDa3RlMFZSUVlCYVF0ZmQxRDNWQkZ3dXZVajZQUTZjS2ZoTjdQZyUzRCUzRA
.adnxs.com/ Name: icu
Value: ChgInKN6EAoYAiACKAIw8OuNiwY4AkACSAIQ8OuNiwYYAQ..
.openx.net/ Name: pd
Value: v2|1633908210|gu

8 Console Messages

Source Level URL
Text
security warning URL: https://manunitedrd.com/(Line 3)
Message:
Mixed Content: The page at 'https://manunitedrd.com/' was loaded over HTTPS, but requested an insecure element 'http://manunitedrd.com/wp-content/uploads/2020/11/man-utd-red-devils-logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://manunitedrd.com/(Line 3)
Message:
Mixed Content: The page at 'https://manunitedrd.com/' was loaded over HTTPS, but requested an insecure element 'http://manunitedrd.com/wp-content/uploads/2020/11/man-utd-red-devils-logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://manunitedrd.com/
Message:
Mixed Content: The page at 'https://manunitedrd.com/' was loaded over HTTPS, but requested an insecure element 'http://manunitedrd.com/wp-content/uploads/2020/11/man-utd-red-devils-logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://manunitedrd.com/(Line 538)
Message:
Mixed Content: The page at 'https://manunitedrd.com/' was loaded over HTTPS, but requested an insecure element 'http://manunitedrd.com/wp-content/uploads/2020/11/man-utd-red-devils-logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100502.js?31063056(Line 10)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.projectagoraservices.com/?id=16551&schain=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100502.js?31063056(Line 10)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100502.js?31063056(Line 10)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.projectagoraservices.com/?id=16551&schain=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100502.js?31063056(Line 10)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adipolo.com
ads.projectagoraservices.com
ads.us.e-planning.net
adservice.google.com
adx.adform.net
ap.lijit.com
bidder.criteo.com
cm.g.doubleclick.net
efb259e9ff4b636c289fd9b849cb4537.safeframe.googlesyndication.com
eu-u.openx.net
fastlane.rubiconproject.com
fonts.googleapis.com
ghb.adtelligent.com
googleads.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
jscdn.greeter.me
manunitedrd.com
onetag-sys.com
pagead2.googlesyndication.com
player.adtcdn.com
player.adtelligent.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prg.smartadserver.com
projectagora-483829-hdb.adomik.com
projectagora-d.openx.net
projectagora.net
protagcdn.com
script.4dex.io
secure.gravatar.com
securepubads.g.doubleclick.net
ssc.33across.com
static.criteo.net
tpc.googlesyndication.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.26.7.142
142.250.181.226
142.250.184.202
142.250.184.226
142.250.185.130
142.250.185.132
142.250.185.193
142.250.185.194
142.250.185.195
142.250.185.206
142.250.186.162
142.250.186.66
142.250.74.200
147.75.38.124
172.217.16.129
172.67.129.191
172.67.144.40
172.67.198.123
172.67.75.241
178.250.0.157
178.250.2.130
178.250.2.131
185.184.8.65
185.239.173.210
185.86.138.16
192.0.73.2
195.138.255.8
205.185.216.42
213.174.135.2
213.19.162.31
216.52.2.19
34.149.20.76
34.98.64.218
37.157.4.39
37.252.173.22
45.87.81.42
5.178.65.246
51.89.42.86
51.89.9.251
52.18.128.217
92.122.26.214
014175494adbe56ecc8babb5aba85c586f750d4e56ad0c36374f5ff536f4961e
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0929c16ba74c576c8fadacaa4bafd11c97dbdb165c3713deacd5c25209abec77
0cfbc86cc6e0b748729ea91c1d4d30e7debf596078e5e6201876334b7c3db320
11167be157f137ccb18307815ddae1750b4b87a20df20235c558368340c6db79
118d985aa9ae89b1c915e90d0542d2e1cd112edb8e10f4720b43d2794b19c398
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
186eff04a22ac81157dc3283c95424151aec5cb3e5904d0c5d83512b0d17e4dc
2244204576c0bb0b414797190f4880fbfcab8cb2b9e32a931fb0cec07a502acc
23c00686dcafdd4164949e9dc72aeb84ab38467b233eac6182f79536bbebe2d3
2581d556ceadd8cdd3eb15509ff94501871552563a71381393fc7b59611cbc1e
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c
2be8f25e477e86047ded8c3effad1ea233ba7fbb33060f748786f2c7b091a90a
2cdc7482af3176d3c41e97a312dcf7e679a5b3b49b32c5ad4642c5b30e1b6017
2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b
2f77a375405269c0f7f3071e4a0e9a838d7eade97e1b5465528f2fb9447345bc
34e6e45c3801133870c468a1ec03c2d5ab5c96ee0d13128faeebafc6fca4d65b
35f076312aa1aec3814283d0e8a34cfdde8b1527c9e56584503ef48490b09c77
36ed85dd058e4c2843e06146946e0ff1f9ace65760c22af5eb4f1b22319dddb5
3a572a593e601b4177b011c0db021512efbf7873f7161e7be6a0bf0a04b90ee5
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
3b0d743cd299745fbfc51f6a0f52680aec8d5ea991fe6191ce5d602685181bf7
4051a3948a3e14c8bab8643b71a3d7af6bb78735274dd7bd3c6a1a89d80d50c6
426f12b857078e90970e990b51d856b7ff36c4978e66748052c6e4b28aa0977c
434c3c4688d9f307ed8b1208432d85e49aab72029228e7d8dcce44421302f90c
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
51896cb4e932803b983cf59d85b20c705f42a891fa0c9c408e3cb267b5bb949c
542bde5babbc2d5f55523647ff42548cf409ffb718f166f8dff34b1133537b1a
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61ed9e16195f4040be76495178845cf2ff45a87d7fab5761f2a4428006e9f042
6500bd4cd278cdd0e00b473891ec40860e4dde8e5a7f02ab1d2ad6e30dfb0ce4
651bf104a99bcaec57eb8dfe622a5c2b8d7c5525bdea91e9e9fc53db5771bb36
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
69fe9c39e954a96431fc179f90a83eff1008bfaa8e42fbea4845fc1efbe0248f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cf8439499425cf2c38bd17e4f6b44a3461e3ca24f7f36111ef36f510316b49b
6f291fb041523b50adea4cbaad6ba64d71f16596d90468de7ad9039247b58268
71efc8afcd9f7eb03b6007fbf7e3458e1657f6600f3926721cd8d21f8e59705f
74aa22bcd628d1ff5b9b5cda030e350ddf81ce301b049dbd1682700d37cc3886
7964e148f6ec043679f62e2f64e09ea588ae3097bb128f6446652d8bc75f95bd
7d7ddf617c63da9bd588428601e0f8ad67395a39a44c1f014577ac0f2bbb5f9c
88076c5d649ed2de4d67884436f12945d63adece3b1cd6d41b209e843fc33890
8d28bea0d0a80a92869862023cc1ef286d5daebbf15d0ac7d65e2b35f498e2c2
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
93b75f432a94c0787a1237f2f03846b767994873798fd06ad249674f5c3c1540
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
99bbd6afb7d4457922d17fafbf86b3af544f45ce002f3898eff29e4e7a431293
9a40e423b0b3f515ddf80ab53032fb45c119b0e9a54ece55b7e06ecdf55ba112
9ab933088e19959415149ce93b144a12be924f38792bc14e84075a18cdd240b6
9d4b879e7fb9539f59e30a0c8b0fe2fa020c99e58caa9a7e616d459a5e017e03
9feb10430a254515222c339487d9c005199d622502f698714ed4528007a90aae
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aaf23ce0aa0cb4b4c60214d63daae59bbd72e5d856dfc5df91a0d676938dd628
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
abee43d4081e6aacfbe97f8550510da86bcbf401c160169561d05e0acb3c310a
af33bae8fd73d7cfc08dd21c253b5a54ebf59a089c8428cb1ab2f8885b41b8fe
b66029b0f25feedc827fee062f81250e83ef2bcb346c21d057f8657700316f26
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bc701b0cd819879a12bd885c94eaec7536cd21f8961f8c605c0c3a092e553ea6
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdcd626e84fb99e156b6e0708d67260ff6f61810b77dd476af9a7195c2095872
c74a5457347ee9d3ef26904e9e3b0e3b5268a0511ada15d0a74284fb5c89ba47
cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2
cd964a78e666af8c37db4fd759e9c735d91f8494b9aa0b7837769a508564ee37
d52c6fa743560327ccf5953b34d591d3869ab6126d979b0c11802eb5d1f1aad6
d8ca588e64d93852c0b1b0e050f61db91b1b1b67574fbd6d041d6fad7596a232
db730d8fbff7e14ee2436f7beecee2f82e7153b466dbd178dbbe7d0e79c6949d
de5f9bbfa0afac2aa1b8ba5a54df0ddb6562fc38f551a3e097babd371f2c9d70
deeb7d5a9c2c9508464fc2b2e1ad67fab1d2777b413241e927e8ad445dd4dea8
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
dff088f3a5668a6004615e4336f9ccbd3df7b19b1b2883c22951c625a2aff223
e1ab3b385d964d86460e05a8ae8a67ccede1c3d106f665bb46250874c19a6e85
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47
eedda46fa16e5cc5b32e6c42f0d68ffba1a8c5c571503be9490e0207a0ccba1c
f3c7e8b4a254c8994cd189bfc366e57a4ad65fc2357cbc05ba505ba5bb2739ab
f8f5705ee03667d1a28565f6dc84b7748bb9d7c4ded30c270354edd054b86b32
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ffe29a7c821fa1e4534a0c3883c3a190ed1ba9a971dfa1eb2fba27f79b3eb01d