whitesalmonbruins.com Open in urlscan Pro
44.235.104.156 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://whitesalmonbruins.com/
Effective URL:
https://whitesalmonbruins.com/
Submission: On August 30 via manual (August 30th 2022, 8:49:56 pm UTC) from US — Scanned from DE

Summary HTTP 348 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 87 IPs in 10 countries across 72 domains to perform 348 HTTP transactions. The main IP is 44.235.104.156, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is whitesalmonbruins.com.
TLS certificate: Issued by R3 on August 23rd 2022. Valid for: 3 months.

This is the only time whitesalmonbruins.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	44.235.104.156 44.235.104.156	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
12	52.92.149.66 52.92.149.66	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::2010	15169 (GOOGLE) (GOOGLE)
24	52.218.252.24 52.218.252.24	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6812:1c5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2606:4700:20:... 2606:4700:20::ac43:4a8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	169.50.137.179 169.50.137.179	36351 (SOFTLAYER) (SOFTLAYER)
4	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
8	13.225.78.107 13.225.78.107	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
4	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
2	151.101.65.194 151.101.65.194	54113 (FASTLY) (FASTLY)
1	23.47.208.212 23.47.208.212	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:3000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:223... 2600:9000:223d:ea00:11:615:7240:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 10	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
5	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
7	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
4	52.57.222.146 52.57.222.146	16509 (AMAZON-02) (AMAZON-02)
5	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
4	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
5	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3031::ac43:a205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18 23	169.50.137.182 169.50.137.182	36351 (SOFTLAYER) (SOFTLAYER)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4232:b349:7e6b:417:1a78	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	52.17.63.11 52.17.63.11	16509 (AMAZON-02) (AMAZON-02)
1 1	18.195.201.66 18.195.201.66	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.39 13.225.78.39	16509 (AMAZON-02) (AMAZON-02)
2 3	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
10 22	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	54.161.113.85 54.161.113.85	14618 (AMAZON-AES) (AMAZON-AES)
1 3	23.7.201.234 23.7.201.234	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	52.214.46.176 52.214.46.176	16509 (AMAZON-02) (AMAZON-02)
1	72.251.249.13 72.251.249.13	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.200.17.135 54.200.17.135	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.225.78.37 13.225.78.37	16509 (AMAZON-02) (AMAZON-02)
1	18.116.102.143 18.116.102.143	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	18.185.20.196 18.185.20.196	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.67 141.95.98.67	16276 (OVH) (OVH)
1 2	34.120.135.53 34.120.135.53	15169 (GOOGLE) (GOOGLE)
4 8	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:810::200a	15169 (GOOGLE) (GOOGLE)
3	13.224.189.123 13.224.189.123	16509 (AMAZON-02) (AMAZON-02)
1 2	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1	151.101.193.91 151.101.193.91	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
5 5	3.67.147.59 3.67.147.59	16509 (AMAZON-02) (AMAZON-02)
1 1	103.229.206.240 103.229.206.240	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	2606:4700:440... 2606:4700:4400::6812:230b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
3 3	3.122.47.104 3.122.47.104	16509 (AMAZON-02) (AMAZON-02)
4 4	3.124.137.184 3.124.137.184	16509 (AMAZON-02) (AMAZON-02)
2	184.51.8.30 184.51.8.30	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.47.212.25 23.47.212.25	16625 (AKAMAI-AS) (AKAMAI-AS)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
348	87

11 44.235.104.156 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-104-156.us-west-2.compute.amazonaws.com

whitesalmonbruins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vnnsportshub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.92.149.66 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com

vnn-sportshub.s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vnn-sportshub3.s3.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 52.218.252.24 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:1c5b (United States)

ASN13335 (CLOUDFLARENET, US)

client.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4a8e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.rapidreplay.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vnn-player.rapidreplay.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.179 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b3.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.225.78.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-107.fra2.r.cloudfront.net

services.brid.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.brid.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.194 (United States)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.47.208.212 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-208-212.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:3000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:ea00:11:615:7240:93a1 (United States)

ASN16509 (AMAZON-02, US)

pxl.qccerttest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

didna-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 37.252.172.249 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.57.222.146 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-222-146.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:a205 (United States)

ASN13335 (CLOUDFLARENET, US)

feed.videos-rapidreplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 169.50.137.182 (United States) 18 redirects

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:b349:7e6b:417:1a78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.63.11 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-63-11.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.201.66 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-201-66.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-39.fra2.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbid.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.186.162 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.161.113.85 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-113-85.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.7.201.234 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-7-201-234.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.214.46.176 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-46-176.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.13 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.200.17.135 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-17-135.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-37.fra2.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.116.102.143 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-116-102-143.us-east-2.compute.amazonaws.com

prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.20.196 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-20-196.eu-central-1.compute.amazonaws.com

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.67 (France)

ASN16276 (OVH, FR)
PTR: ns3216533.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.19.126 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:810::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.189.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-123.fra2.r.cloudfront.net

stats-dev.brid.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.6 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.91 (United States)

ASN54113 (FASTLY, US)

edge.fast-rapidreplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.67.147.59 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-147-59.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.206.240 (Singapore) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:230b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.246 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.122.47.104 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-47-104.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.124.137.184 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-137-184.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.51.8.30 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-8-30.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.47.212.25 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-212-25.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 159	365 KB
44	doubleclick.net 12 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 cm.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 303 ad.doubleclick.net — Cisco Umbrella Rank: 206 stats.g.doubleclick.net — Cisco Umbrella Rank: 108	305 KB
36	amazonaws.com vnn-sportshub.s3-us-west-2.amazonaws.com — Cisco Umbrella Rank: 111131 vnn-sportshub3.s3.us-west-2.amazonaws.com — Cisco Umbrella Rank: 111132 s3-us-west-2.amazonaws.com	3 MB
31	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 280	688 KB
25	simpli.fi 18 redirects tag.simpli.fi — Cisco Umbrella Rank: 4108 i.simpli.fi — Cisco Umbrella Rank: 3209 um.simpli.fi — Cisco Umbrella Rank: 851	14 KB
14	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45 region1.google-analytics.com — Cisco Umbrella Rank: 3094	40 KB
11	brid.tv services.brid.tv — Cisco Umbrella Rank: 15862 p.brid.tv — Cisco Umbrella Rank: 25109 stats-dev.brid.tv — Cisco Umbrella Rank: 19126	168 KB
10	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 230	11 KB
10	openx.net 1 redirects didna-d.openx.net — Cisco Umbrella Rank: 37417 us-u.openx.net — Cisco Umbrella Rank: 399 oajs.openx.net — Cisco Umbrella Rank: 3064 google-bidout-d.openx.net — Cisco Umbrella Rank: 2947 u.openx.net — Cisco Umbrella Rank: 705	2 KB
9	rubiconproject.com 1 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 519 pixel.rubiconproject.com — Cisco Umbrella Rank: 327	7 KB
9	media.net prebid.media.net — Cisco Umbrella Rank: 1269 contextual.media.net — Cisco Umbrella Rank: 537 cs.media.net — Cisco Umbrella Rank: 1357	5 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525	7 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54 storage.googleapis.com — Cisco Umbrella Rank: 466 imasdk.googleapis.com — Cisco Umbrella Rank: 440 ajax.googleapis.com — Cisco Umbrella Rank: 286	298 KB
8	whitesalmonbruins.com 1 redirects whitesalmonbruins.com	75 KB
7	crisp.chat client.crisp.chat — Cisco Umbrella Rank: 20712 image.crisp.chat — Cisco Umbrella Rank: 60709	152 KB
6	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 361	126 KB
6	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 9 adservice.google.com — Cisco Umbrella Rank: 88	2 KB
5	w55c.net 5 redirects pm.w55c.net — Cisco Umbrella Rank: 783	4 KB
5	33across.com ssc.33across.com — Cisco Umbrella Rank: 1788	1 KB
5	lijit.com ap.lijit.com — Cisco Umbrella Rank: 654 ce.lijit.com — Cisco Umbrella Rank: 936	3 KB
5	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1232	271 B
4	mfadsrvr.com 4 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 958	3 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 407 mug.criteo.com — Cisco Umbrella Rank: 2790 dis.criteo.com — Cisco Umbrella Rank: 712	8 KB
4	crwdcntrl.net 1 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 820 tags.crwdcntrl.net — Cisco Umbrella Rank: 1220	10 KB
4	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1244	645 B
4	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 976 pixel.quantserve.com — Cisco Umbrella Rank: 458 cms.quantserve.com — Cisco Umbrella Rank: 1072	11 KB
4	gstatic.com fonts.gstatic.com	175 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	199 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 292	2 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6076 adservice.google.de — Cisco Umbrella Rank: 8811	1 KB
3	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 509 tags.bluekai.com — Cisco Umbrella Rank: 486	2 KB
3	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2505 pbid.pro-market.net — Cisco Umbrella Rank: 6269	1 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 701 syndication.twitter.com — Cisco Umbrella Rank: 956	133 KB
3	rapidreplay.co 1 redirects www.rapidreplay.co — Cisco Umbrella Rank: 146383 vnn-player.rapidreplay.co — Cisco Umbrella Rank: 152594	8 KB
3	vnnsportshub.net vnnsportshub.net — Cisco Umbrella Rank: 109538	3 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 113	54 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 278	795 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 612	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 816 s.tribalfusion.com — Cisco Umbrella Rank: 2148	1 KB
2	clarium.io protected-by.clarium.io — Cisco Umbrella Rank: 1847	690 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	88 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1301 id5-sync.com — Cisco Umbrella Rank: 508	14 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 521	1 KB
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 1363	2 KB
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 461 d.agkn.com — Cisco Umbrella Rank: 588	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 464	607 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2218	24 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 111	388 B
2	fastly.net confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1393	87 KB
1	travelaudience.com ads.travelaudience.com — Cisco Umbrella Rank: 13782	490 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1030	172 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2742	174 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 43272	611 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 371	265 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 590	535 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 476	860 B
1	fast-rapidreplay.com edge.fast-rapidreplay.com — Cisco Umbrella Rank: 495673	3 MB
1	uidapi.com prod.uidapi.com — Cisco Umbrella Rank: 3344	5 KB
1	sharedid.org id.sharedid.org — Cisco Umbrella Rank: 3504	904 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 655	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 3290	8 KB
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 130	636 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 310	98 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1540	421 B
1	intentiq.com sync.intentiq.com — Cisco Umbrella Rank: 1326
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 5885	183 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 418	140 B
1	videos-rapidreplay.com feed.videos-rapidreplay.com — Cisco Umbrella Rank: 157767	962 B
1	qccerttest.com pxl.qccerttest.com — Cisco Umbrella Rank: 277114	548 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 933	691 B
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 492	65 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	73 KB
348	72

	Domain	Requested by
31	s0.2mdn.net	whitesalmonbruins.com s0.2mdn.net
28	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com whitesalmonbruins.com 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com cdn.ampproject.org s0.2mdn.net
24	s3-us-west-2.amazonaws.com	whitesalmonbruins.com
23	um.simpli.fi	18 redirects
22	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com whitesalmonbruins.com s0.2mdn.net www.googletagservices.com
22	cm.g.doubleclick.net	10 redirects googleads.g.doubleclick.net 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
10	ib.adnxs.com	2 redirects whitesalmonbruins.com googleads.g.doubleclick.net
10	www.google-analytics.com	whitesalmonbruins.com www.google-analytics.com p.brid.tv
10	securepubads.g.doubleclick.net	storage.googleapis.com securepubads.g.doubleclick.net vnn-sportshub.s3-us-west-2.amazonaws.com whitesalmonbruins.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	vnn-sportshub3.s3.us-west-2.amazonaws.com	whitesalmonbruins.com
8	whitesalmonbruins.com	1 redirects whitesalmonbruins.com
7	fastlane.rubiconproject.com	whitesalmonbruins.com
6	cdn.ampproject.org	confiant-integrations.global.ssl.fastly.net
6	client.crisp.chat	whitesalmonbruins.com client.crisp.chat
5	pm.w55c.net	5 redirects
5	p.brid.tv	services.brid.tv
5	googleads.g.doubleclick.net	1 redirects 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com whitesalmonbruins.com
5	ssc.33across.com	whitesalmonbruins.com
5	prebid.a-mo.net	whitesalmonbruins.com
5	prebid.media.net	whitesalmonbruins.com
5	didna-d.openx.net	whitesalmonbruins.com
4	rtb.mfadsrvr.com	4 redirects
4	googleads4.g.doubleclick.net	whitesalmonbruins.com
4	www.google.com	1 redirects tpc.googlesyndication.com whitesalmonbruins.com
4	ap.lijit.com	whitesalmonbruins.com
4	btlr.sharethrough.com	whitesalmonbruins.com
4	region1.google-analytics.com	www.googletagmanager.com
4	fonts.gstatic.com	fonts.googleapis.com
4	connect.facebook.net	vnnsportshub.net whitesalmonbruins.com connect.facebook.net
4	vnn-sportshub.s3-us-west-2.amazonaws.com	whitesalmonbruins.com
3	x.bidswitch.net	3 redirects
3	stats-dev.brid.tv
3	30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com	securepubads.g.doubleclick.net confiant-integrations.global.ssl.fastly.net
3	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net
3	services.brid.tv	www.rapidreplay.co services.brid.tv
3	fonts.googleapis.com	whitesalmonbruins.com
3	vnnsportshub.net	whitesalmonbruins.com
2	cs.media.net
2	contextual.media.net
2	www.youtube.com	s0.2mdn.net www.youtube.com
2	ups.analytics.yahoo.com	2 redirects
2	c1.adform.net	2 redirects
2	cms.quantserve.com	30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
2	ajax.googleapis.com	s0.2mdn.net
2	ad.doubleclick.net	1 redirects 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects
2	protected-by.clarium.io	30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
2	www.googletagservices.com	30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com whitesalmonbruins.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	pixel.rubiconproject.com	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	stags.bluekai.com	30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
2	loadm.exelator.com	1 redirects
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects
2	script.4dex.io	whitesalmonbruins.com script.4dex.io
2	www.facebook.com	whitesalmonbruins.com
2	confiant-integrations.global.ssl.fastly.net	storage.googleapis.com confiant-integrations.global.ssl.fastly.net
2	platform.twitter.com	whitesalmonbruins.com platform.twitter.com
2	vnn-player.rapidreplay.co	whitesalmonbruins.com www.rapidreplay.co
2	storage.googleapis.com	whitesalmonbruins.com storage.googleapis.com
1	ads.travelaudience.com
1	tags.bluekai.com	1 redirects
1	dis.criteo.com
1	u.openx.net
1	sync.teads.tv	30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
1	tr.blismedia.com	30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
1	gcm.ctnsnet.com	1 redirects
1	match.adsrvr.org	30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com	30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	sync.mathtag.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com
1	edge.fast-rapidreplay.com
1	imasdk.googleapis.com	services.brid.tv
1	id5-sync.com	cdn.id5-sync.com
1	prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	id.sharedid.org	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	us-u.openx.net
1	www.google.de
1	www.googleadservices.com	1 redirects
1	idsync.rlcdn.com
1	ce.lijit.com
1	sync.bfmio.com
1	pbid.pro-market.net
1	sync.intentiq.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	eb2.3lift.com
1	i.simpli.fi	tag.simpli.fi
1	feed.videos-rapidreplay.com	whitesalmonbruins.com
1	image.crisp.chat	whitesalmonbruins.com
1	syndication.twitter.com	platform.twitter.com
1	pixel.quantserve.com	whitesalmonbruins.com
1	pxl.qccerttest.com	whitesalmonbruins.com
1	rules.quantcount.com	secure.quantserve.com
1	ads.pubmatic.com	storage.googleapis.com
1	secure.quantserve.com	whitesalmonbruins.com
1	www.googletagmanager.com	www.rapidreplay.co
1	tag.simpli.fi	whitesalmonbruins.com
1	www.rapidreplay.co	1 redirects
348	112

This site contains links to these domains. Also see Links.

Domain
www.tricoathletics.com
crrockets.org
kwknights.com
lacenterathletics.com
setoncougars.com
stevensonbulldogssports.com
alerts.getvnn.com
connect.vnnsports.net
translate.google.com
sideline.bsnsports.com
columbia.wsvsd.org
web3.ncaa.org
www.ncaa.org
whitesalmon-wa.finalforms.com
www.wiaa.com
northshore-medical.com
www.nfhs.com
maps.google.com
vnnsports.net
vnnsupport.com
varsitynewsnetwork.zendesk.com

Subject Issuer	Validity	Valid
whitesalmonbruins.com R3	`2022-08-23` - `2022-11-21`	3 months	crt.sh
vnnsportshub.net R3	`2022-08-21` - `2022-11-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2021-12-17` - `2022-11-29`	a year	crt.sh
storage.googleapis.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
crisp.chat Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-09` - `2022-09-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-11` - `2023-06-11`	a year	crt.sh
brid.tv Amazon	`2022-01-19` - `2023-02-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-05-04` - `2023-06-05`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
qccerttest.com Amazon	`2022-04-04` - `2023-05-03`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.a-mo.net R3	`2022-07-04` - `2022-10-02`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
ssc.33across.com GTS CA 1D4	`2022-07-17` - `2022-10-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2022-08-09` - `2022-11-07`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
id.sharedid.org Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.uidapi.com Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
protected-by.clarium.io Gandi Standard SSL CA 2	`2022-04-10` - `2023-04-26`	a year	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.fast-rapidreplay.com R3	`2022-07-11` - `2022-10-09`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-08-18` - `2022-11-16`	3 months	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://whitesalmonbruins.com/
Frame ID: 7DD316C55E7D75C54E9DFB0F10088F88
Requests: 210 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.9d00f3a022654eb8edfbc3190e981f9d.html?origin=https%3A%2F%2Fwhitesalmonbruins.com
Frame ID: 5295442931FC78D50ED304F1940FA928
Requests: 2 HTTP requests in this frame

Frame: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A04EDFB770A139E5FD9704E48B0CA421
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 96661445F6C1C3048F3188F9E1941A58
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4F5A22FE2543A6458A0F0CE40CC63208
Requests: 2 HTTP requests in this frame

Frame: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3BE24E1FA3E969239229BCD5F4111D7A
Requests: 2 HTTP requests in this frame

Frame: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C9C1CEB6B3233874D3EFF99303DC1118
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs
Frame ID: 1ADE17B53466828C166966610D0F3F0A
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCD4EIYr7uLCzAB&v=APEucNXW7FogoiY1oDbZYWfrPA5DiwlXUTP2R8De5moJnYHIkLVFWOT3_lfXxjoCy5EVIXo3lfqnOki0UOFnR1pnsAEGTk3tbdf8Qa92H1yzAcE2z0hJrrpsrBROvh0cWPia2sbqH5nqHScE_4_1wQnllM65OzOLBwk3l12kujginlRGbcvjfR8
Frame ID: 22243CD9337B6BA2B28726965A0A0010
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSAfhC3w8UCGP2-7McBMAE&v=APEucNUjjpXjvJ8X-CKEo7nbAM-XwJAOldCN8o-sbMzth4snzA_9gT96jQaHAL7vp2BUnd_tN8WOJ9dB-J_p1mIEPjlMtXnGb9AoHMZgyyDaw9YuKnDzCnivGF0c0gAFyyhKDReEy1iE3P2fIOqD1WFdJG8CDYYACcPkWfbMGeFoclDgeCWwUpc
Frame ID: E9CCE56C046F492104967A7CBC9FC535
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cl_O-l5QskcaQ3smWI2HQRfEdiU4_MkkInv1FHaY1Ip8TRD77ynQgox-exAiifH0AoD7VHFm0PL-WJ6GLOujSP8ALhyu8uiBGxpS-l1zgGVw82sSmXXxQOAc3Ew5BYWzrJ_xf4d8kviJdCauNj2iJmjyCndg&dbm_d=AKAmf-A4tnldWNyS5y4OOMVRtboAuZ0x8RNLpQlCT1OsDAErhQ_UWDC5nM59h9zbgR0qe7Y_VSeiKOSAz1i12oPLINAU6wQ2lbYlDRk4ghKqd54mAPJecPAbPsxD7X-FRwevUMLLTFaQmlHD_O_w0ZOFOU5PqI1Q4hjIMTcl_meqWO9jDfdqijff4VVZRkE5DyESZsq87oI6ex45e5dKEcakPxzn0lSXh0RxI6Uqr562iW6cKg44j5qposERyxPVgIeC2XsWWqapBRnATDmENqtm7Jp9qJrvCIdYCgrnB6W69JxMhxpnIwfOIy2E5f4-VKu5zXRCIy4V-OxQdb3X4jHWDYpCFVsj10R9xJJK90_Zu5020zJcTXYE0clQp1GxQMhntwuyUWFsEmQQLXgQJfyBdx23a-PPJSwqxzB9PmxTF9Yojz-beruefVxxD1Iw85PwKqGmfX1JdgWBKmnEvnZYiaUI3iDJ7kmz30dLrElqNKiLSCUFalUbH_wMpr0w4BxbMsJDI6oIGRm8kC0lGq65Bewxmwr6pw3HL9PvpItVvhFue7ezHs73LQgCLtVdB9oheiErPKVCr5mV9PT6EDHSinStysQDQqfYF6h9uGeMy8dQJNhOBLStlzWy62cB1guLpvTvNP__2DItyBhrVUz0M14JPonwuxedkSG9p2GF35eAffLm9ain3J62ZkyYTX6wHCIBPrBwnDWre9gHoELRUqf6H8erBjrDhfSX4bFDpF5sDDiTicYaCg0V917AIfp1SlrIGlFskFz-zDkZfUjGJrwpRjOee59XO6mgu63McA_6uGQLX4tpm0oQZCRCFqr00TVBD9gLkwa4F-Z76KQkc9bMxdCRcC4A6YFpKG2py2T16iKfhg2TzPJAhvxEnJI9fdlw4-ZYqCfWUOrPt67vzU5HHIeAbUFbBjN3Wl-QpEQNX_lXUz1VPLDIkw-PvPRWa1ErgwQt9D4QNve9u4eYwMCCoyd-I0U_B2-Hh7afb4HYhq5ZteICkKfio2BdRBYG8j5gxs8l6K8Rm8sIcQVWFO8uJbrBzsbC7n309pKqLJwfIyw03Nv4iPMnCGZjVtyhzOKOfr6bLZQ-dK4hXKwb8A_gE3RvNgynp1YBsgMuFiBE-7-I3dE19cjp3IO3NWgibTFBTbiOfRY3jRt7PszAotR97zh2CgjU_mxkb8s7uTTe6aCKERul82sRt9aH6bYSgkipcIXiHAFTBnXZfAt7Y5KAj2m5Fon8PLV6oJUznnAfd7xfnr1nJrTbnsBW9EtkaoFN1Il6vQZHtYsfc4uSon6rf9FnvOUrmbwZ8T63loAZJQ4CumXaHTrQvzD2CsP53-b4HdPCuPKHKWBfvDdAVa6n1A2_DAgaZMwsRbrgcEDX7qyQo8KcgfmYn4U-5ZyQD9G0-fMnfrzwMZ9Uo9Sx2oPYKDfxujyV-XsvUDDX0kcy5GFFH5UVJtxKIDqfo8lbZyMQ2lBqZBO9KzeRZvxoV0-Ml3KZwyBw-9Tcc3sNl_wZKQKMGhk2X9fOHteC4jiLn_Awq4so6GKIg-acth5Zdd13N7YZQKFJqn6BfVwuzofAJ4EeG2-_obE3RMIsBL-h6ywboY2IJuhWr3X8oTZuItSO7dqihF1u3d2v64SjY3KrVXxz2YbddJHoxDjbGvcCzVu621O3cPb44EnR5AF_IrDlTohXWOhCHz-p5tKtd1KHPmfruY6Ra-koQ7KIZ50vPRr6Kiwf7FK-H8rDrYxXsp-wgDy6kc63TdIMsuG9jfqYXdhcucQTAiLrCEloAtyuVDF3k1H47QoN6PhzjPUFKbQVUjVUoQDpjV5O3s54QOwQW4bYUEos3s0YYsLkBkdsVGkp_ZdAbP9ANQqr-x8ZmgmVqaVMiF_kIKer3P-7kcF1wFuFkxQWf5h9WhzY8VyCgnN9XsK2BohLDeqnKMiwqvmeQlvlK3NJJFhKDtEeYv35zUHHWVj6QRS6QKZsZ4YbnjD3tIJ7Yt2KOvmi4hC1jO2B5N2ef9IbzJe06lUxPB3UuI6p7Mpgu3YvgdkOBmpXrrTFKZ-RYWS4Qe0YRFie_6JtfnWZOt-tG_vBnOATYnNEsxH8NW7MQkaUrDSxzHAEoecR9yzaAp857kxHbUOpqOCjE1fcl5dSYOgIMdcUlsex6zNTkhxTARdRC_ts2S6ynCLkbD7vn9BbuaBRvyxE486YMdUnyFeptW-M6cgRSy2zQnm7Zxsxb8yzDJY15-mJaAHQo6-PwUBk6Wv3RBiJ23i4IfClDxFXbe3xAa7J7yfXdQ1tA6h9X2oXVAG47jYq2jvLTs8PGYM5euH6NvyHM4dsSdMv8_TQ0WRgcMjiIVzScDOzHD8OlZAnc5UOx0pKEmoGSmTbXMfKu0T6y5eCPaOkqFfs_XG9q7Oxz-Tlji-gfb6H0NzdxDpwvRUF64aWJPALujnY6uIVKKZANCGdq2u4O-0Sz3OhTP5k2tkXNFsWkq_KzQOqtl5qCrfxSHzbl0FkiK27XxEB2hE-c-Mjaua3wf9L1-0t4zkdiBBz0zGKUzZkPBVWU0HNST4Dxa_IH8pbw10gPA8QHyLEuNCA3HE5h8n2y2IkZhhO09Q3hJBCfmVDCaamaomj4liKIEPptwhaYfi-97ojSize7V9l-3Lv1fkGtu4XbD9HMtLF7KjFdHbQQWCxmpF7rlLyQ6eLQCl5x24sHxIGg4WPgLE8NQLIGV3hI1iu_de-dxzHig2pXq_VOII8gawGBDtp7TtZfs4LPTQxJCNspw1ZF8lTUUlm5DHbVJX3iP7iv3tl613OEDUrV5hqDcKTh9m_f4R0VKfWnvpsYY0DtQIN4ZaZdxC7UqFXs-vv7-c3FmJa-JSA8RJM7e1A5MVplEOrVAZ4qWdiHv8m-ODCc55VyZ3DQJPo59J4AxZQK6qlD0-OrQ1FLeryMlUbR85pwu7lDl9GasWfklXSYXSNZ-GNvZXA-FpbXiEnOdXuR-1dvQxOakQ8aOLAgK1AAHQk62RBNHZbWtQnoWKsE4MzqNCdK7TFCzPlV8OtI6bO8PcnZrXxko6guumSNlJm-eyOwGQsfXZB0uA--ERUB5iE-9C06MWbNy2-kg0j9hgUC0-UzRpIRX8MYPV8cJoS9-lJDRc7DK1A2ir9l6ahpe6nDgYojAsy1vxLlp21RArVesDrVYOjjjqbyy0SLdM&cid=CAASJeRoTajFK0AXyYyDBiO1jSgIBPvGLpJbOMIzqg4x9bqCApm1-3w&rfl=2%2Chttps%253A%252F%252Fwhitesalmonbruins.com%252F%240
Frame ID: 97B5846BFB84315659D9CD6D3930256D
Requests: 16 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=whitesalmonbruins.com
Frame ID: F6FAB72A9E7D4355981AA4412E33BB71
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17152291192751259648/creative.html?e=69&leftOffset=0&topOffset=0&c=E8Hmb4GesY&t=1&renderingType=2&ev=01_247
Frame ID: 0DD925A4FD848E6D72CC1D4C68008FE9
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8E3E03EF87D4407C415FA4258459D4FF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1A6E1270224263339DE79B42364F5FCC
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/index.html?e=69&leftOffset=0&topOffset=0&c=KomSFqTT1J&t=1&renderingType=2&ev=01_247
Frame ID: B2F519404A65EEA772B0D8B66FE47ABE
Requests: 17 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 96EE8FA84B997BC47E5685D6AA1C23F5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3632E61B9BD2317D3EBEC1F71195996E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 72DFE27664D6511F7D3340B0D6119B83
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/woHX-vsUocJZKT3Xlr8m3oSeq6S0iuLiA_v8-B2MNhs.js
Frame ID: F3A737D6DAC27B58C86C95D49CE84B7C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/woHX-vsUocJZKT3Xlr8m3oSeq6S0iuLiA_v8-B2MNhs.js
Frame ID: 41E672CCC4A482BDB2A0D761DEDA263E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Columbia High School (White Salmon) - Team Home Columbia High School (White Salmon) Bruins SportsTranslateVNN

Page URL History Show full URLs

http://whitesalmonbruins.com/ HTTP 301
https://whitesalmonbruins.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

348
Requests

86 %
HTTPS

39 %
IPv6

72
Domains

112
Subdomains

87
IPs

10
Countries

9342 kB
Transfer

15233 kB
Size

72
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: http://www.tricoathletics.com/
Title: Trico 1A League

Search URL Search Domain Scan URL

URL: https://crrockets.org/
Title: Castle Rock High School

Search URL Search Domain Scan URL

URL: https://kwknights.com/
Title: King's Way Christian High School

Search URL Search Domain Scan URL

URL: https://lacenterathletics.com/
Title: La Center High School

Search URL Search Domain Scan URL

URL: https://setoncougars.com/
Title: Seton Catholic College Preparatory High School

Search URL Search Domain Scan URL

URL: https://stevensonbulldogssports.com/
Title: Stevenson High School

Search URL Search Domain Scan URL

URL: https://alerts.getvnn.com/
Title: Sign up for Alerts

Search URL Search Domain Scan URL

URL: https://connect.vnnsports.net/authorize?client_id=SportsHub&response_type=code&redirect_uri=https%3A%2F%2Fwhitesalmonbruins.com%2Fwp-admin%2F
Title: Admin

Search URL Search Domain Scan URL

URL: https://translate.google.com/translate?sl=en&tl=es&u=https%3A%2F%2Fwhitesalmonbruins.com%2F
Title: Translate

Search URL Search Domain Scan URL

URL: https://sideline.bsnsports.com/schools/washington/whitesalmon/columbia-high-school
Title: ONLINE COLUMBIA TEAM STORE

Search URL Search Domain Scan URL

URL: https://columbia.wsvsd.org/
Title: SCHOOL WEBSITE

Search URL Search Domain Scan URL

URL: https://web3.ncaa.org/ecwr3/
Title: NCAA ELIGIBILITY CENTER

Search URL Search Domain Scan URL

URL: https://www.ncaa.org/sports/2021/2/8/student-athletes-future.aspx
Title: NCAA CHECKLIST

Search URL Search Domain Scan URL

URL: https://www.ncaa.org/sports/2021/2/10/about-what-we-do-academics.aspx
Title: NCAA ACADEMIC STANDARDS

Search URL Search Domain Scan URL

URL: https://www.ncaa.org/sports/2021/2/10/recruiting-calendars-faq.aspx
Title: NCAA RECRUITING TIPS

Search URL Search Domain Scan URL

URL: https://whitesalmon-wa.finalforms.com/
Title: FINAL FORMS (REGISTER HERE)

Search URL Search Domain Scan URL

URL: https://www.wiaa.com/ConDocs/Con395/PPE%20-%205th%20Ed.pdf
Title: PHYSICAL FORM (ENGLISH)

Search URL Search Domain Scan URL

URL: https://www.wiaa.com/ConDocs/Con395/PPE%205th%20Ed,%20Spanish%20History%20and%20Phsyical%20Form.pdf
Title: PHYSICAL FORM (SPANISH)

Search URL Search Domain Scan URL

URL: https://northshore-medical.com/
Title: NORTHSHORE CLINIC (FREE SPORTS PHYSICALS)

Search URL Search Domain Scan URL

URL: http://www.nfhs.com/c-216-nfhs-handbook.aspx
Title: NFHS HANDBOOK

Search URL Search Domain Scan URL

URL: http://www.nfhs.com/c-232-sportsmanship.aspx
Title: NFHS SPORTSMANSHIP

Search URL Search Domain Scan URL

URL: https://maps.google.com/?q=1455+NW+Bruin+Country+Rd%2C+White+Salmon+WA+98672
Title: 1455 NW Bruin Country Rd White Salmon, WA 98672-1339

Search URL Search Domain Scan URL

URL: http://translate.google.com/translate?hl=en&sl=en&tl=es&u=whitesalmonbruins.com
Title: Translate chevron_right

Search URL Search Domain Scan URL

URL: http://vnnsports.net/about/
Title: About VNN

Search URL Search Domain Scan URL

URL: http://vnnsports.net/advertising/
Title: Advertise with VNN

Search URL Search Domain Scan URL

URL: http://vnnsports.net/schedule-demo/
Title: Schedule a Demo

Search URL Search Domain Scan URL

URL: http://vnnsports.net/vnn-partner-schools/
Title: Partner Schools

Search URL Search Domain Scan URL

URL: http://vnnsupport.com/
Title: Support Center

Search URL Search Domain Scan URL

URL: http://vnnsports.net/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://vnnsports.net/user-agreement/
Title: User Agreement

Search URL Search Domain Scan URL

URL: https://vnnsports.net/content-creators-guide-to-ada-compliance/
Title: ADA Compliance Guide

Search URL Search Domain Scan URL

URL: https://varsitynewsnetwork.zendesk.com/hc/en-us
Title: help_outline Help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://whitesalmonbruins.com/ HTTP 301
https://whitesalmonbruins.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://www.rapidreplay.co/players/vnn/sticky-player.js HTTP 301
https://vnn-player.rapidreplay.co/players/player.min.js

Request Chain 131

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=FC42D56F65624C479C748E817F24F696&dongle=yf3

Request Chain 132

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=FC42D56F65624C479C748E817F24F696

Request Chain 133

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=FC42D56F65624C479C748E817F24F696 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=FC42D56F65624C479C748E817F24F696

Request Chain 134

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=FC42D56F65624C479C748E817F24F696 HTTP 302
https://d.agkn.com/pixel/10751/?che=1661892588497&ip=178.162.209.139&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219483204259004145408 HTTP 302
https://um.simpli.fi/aa_px?sk=219483204259004145408 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 135

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=FC42D56F65624C479C748E817F24F696

Request Chain 138

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=FC42D56F65624C479C748E817F24F696;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=FC42D56F65624C479C748E817F24F696;mimetype=img;sr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTU2NDM1NTI2ODY0MjM0NTU4MTc= HTTP 302
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEKdWsWp7vRCFrSijNTLemuM&google_cver=1

Request Chain 139

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=FC42D56F65624C479C748E817F24F696&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=FC42D56F65624C479C748E817F24F696&j=0&xl8blockcheck=1

Request Chain 141

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=FC42D56F65624C479C748E817F24F696

Request Chain 142

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=FC42D56F65624C479C748E817F24F696

Request Chain 143

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=FC42D56F65624C479C748E817F24F696 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=FC42D56F65624C479C748E817F24F696

Request Chain 144

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=FC42D56F65624C479C748E817F24F696

Request Chain 145

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=FC42D56F65624C479C748E817F24F696

Request Chain 146

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1661892588269&cv=7&fst=1661892588269&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1892035657&cv=7&fst=1661892588269&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=7HcOY8aZFv6G9fgP4v2nuAk&sscte=1&crd=CJqqsQI HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1892035657&cv=7&fst=1661892588269&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=7HcOY8aZFv6G9fgP4v2nuAk&random=3440599245 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1892035657&cv=7&fst=1661892588269&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=7HcOY8aZFv6G9fgP4v2nuAk&random=3440599245&ipr=y&prhg=0

Request Chain 147

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=FC42D56F65624C479C748E817F24F696 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=FC42D56F65624C479C748E817F24F696&__user_check__=1&sync_id=4966cc77-28a5-11ed-970e-1626150c0506

Request Chain 148

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=FC42D56F65624C479C748E817F24F696

Request Chain 149

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=FC42D56F65624C479C748E817F24F696&expires=365

Request Chain 150

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=FC42D56F65624C479C748E817F24F696

Request Chain 151

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEN0swKuO-mKND9kvtcWmTYo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FC42D56F65624C479C748E817F24F696 HTTP 302
https://um.simpli.fi/g_match?id=

Request Chain 226

https://oajs.openx.net/esp?url=https%3A%2F%2Fwhitesalmonbruins.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwhitesalmonbruins.com%2F&rid=esp&cc=1

Request Chain 230

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEWkW2rFH1hctuPxvtrJoj8&google_cver=1

Request Chain 231

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yw537QOSvj5h7NF2vj9DpAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEWkW2rFH1hctuPxvtrJoj8&google_cver=1

Request Chain 232

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOEmeZhVmn2Zk702IUOE6xc&google_cver=1

Request Chain 233

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIxNjM4NTc5ODQ1MzY0NjMyNg%3D%3D

Request Chain 234

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEWkW2rFH1hctuPxvtrJoj8&google_cver=1

Request Chain 235

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yw537QOSvj5h7NF2vj9DpAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEWkW2rFH1hctuPxvtrJoj8&google_cver=1

Request Chain 236

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOEmeZhVmn2Zk702IUOE6xc&google_cver=1

Request Chain 237

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIxNjM4NTc5ODQ1MzY0NjMyNg%3D%3D

Request Chain 263

https://ad.doubleclick.net/ddm/trackimp/N5716.2176937TRAVELAUDIENCE0/B20896411.220210114;dc_trk_aid=418605151;dc_trk_cid=99469240;ord=2873227620;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?%22BORDER=%220%22HEIGHT=%221%22WIDTH=%221%22ALT=%22Advertisement HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N5716.2176937TRAVELAUDIENCE0/B20896411.220210114;dc_pre=CPWw5qu47_kCFVaZdwod2MQIww;dc_trk_aid=418605151;dc_trk_cid=99469240;ord=2873227620;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?%22BORDER=%220%22HEIGHT=%221%22WIDTH=%221%22ALT=%22Advertisement

Request Chain 279

https://gum.criteo.com/sid/json?origin=publishertagids&domain=whitesalmonbruins.com&sn=ChromeSyncframe&so=0&topUrl=whitesalmonbruins.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=DrKfxXx3QU9iUThHRGZFY2JIM1BNRDdXTDIvalNCMFIzRGN3ak1xSHM5bzI2cnFtUktYNUlsTGJZeUI2eVdUN0dHQzBIaXdnbWxBVUxHNGN1cG8vTE56ZmNkR3dXcEpyYnNTTjhmL2ZhbUp2cEhxd0VnaXRzVnBDYS84cDlZVitRRDFhN0RvVUp2WjFZaHhFVzBiclo2UnNucXBodTN5RmlZTlh5eVZva2NQVGJPSzZQeU9jVDhmdnZxTjg1a3lML3BjNDRadVlMc3hUcVpQMnRVb2JWbnh5Z2RnSEgxeFlybnh3MkFzZHN4Qi9vVlE5UXBCN1V2MEV1eXNOWlE2SUt2K3FnL0Qrcjc3YkxFNTlnb0VDWlpOZGlSbWo0bS9zOWdIYlp4SVZLUFFvQVVsOD18&cppv=2

Request Chain 295

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI9WQ7u25CrdcAbeLWwNuZQ&google_cver=1&google_push=AehlK4C-iKoqRsf2xOdlQJUc1NQl-HXxxQRNlzzI8CT3qsqALc1GwDsA2jS_HZV0lynjUlELtZ36MiEQovPpFTffHGU60d8dERQ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI9WQ7u25CrdcAbeLWwNuZQ&google_cver=1&google_push=AehlK4C-iKoqRsf2xOdlQJUc1NQl-HXxxQRNlzzI8CT3qsqALc1GwDsA2jS_HZV0lynjUlELtZ36MiEQovPpFTffHGU60d8dERQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TVZxN3ptblkxT3Q4YmI1&google_gid=CAESEI9WQ7u25CrdcAbeLWwNuZQ&google_cver=1&google_push=AehlK4C-iKoqRsf2xOdlQJUc1NQl-HXxxQRNlzzI8CT3qsqALc1GwDsA2jS_HZV0lynjUlELtZ36MiEQovPpFTffHGU60d8dERQ

Request Chain 296

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHnJix-a0XZlNMQQPL0qx9A&google_cver=1&google_push=AehlK4D6f6As0Qe1zZCXu7Tw57Fz6mdd6hS-O4a5eHqbhywl7yiK8zWyNDGZ3TCTJw3url6ykhZsFYWg-ETss82pJ9nf_bk7n5M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4D6f6As0Qe1zZCXu7Tw57Fz6mdd6hS-O4a5eHqbhywl7yiK8zWyNDGZ3TCTJw3url6ykhZsFYWg-ETss82pJ9nf_bk7n5M

Request Chain 297

https://a.tribalfusion.com/i.match?p=b6&u=CAESELxvq62hABIkIGzkeJcDwW4&google_cver=1&google_push=AehlK4AdkyKpQCbDjEaxOrqRb1GjEp7QzU7JEBsTSdJ1a7qNuIE5KZrJpEdGBaGaCYAPskPzKgesz-D1jA7qoUYfYC8KOcG2guYj&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4AdkyKpQCbDjEaxOrqRb1GjEp7QzU7JEBsTSdJ1a7qNuIE5KZrJpEdGBaGaCYAPskPzKgesz-D1jA7qoUYfYC8KOcG2guYj%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELxvq62hABIkIGzkeJcDwW4&google_cver=1&google_push=AehlK4AdkyKpQCbDjEaxOrqRb1GjEp7QzU7JEBsTSdJ1a7qNuIE5KZrJpEdGBaGaCYAPskPzKgesz-D1jA7qoUYfYC8KOcG2guYj&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4AdkyKpQCbDjEaxOrqRb1GjEp7QzU7JEBsTSdJ1a7qNuIE5KZrJpEdGBaGaCYAPskPzKgesz-D1jA7qoUYfYC8KOcG2guYj%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 298

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJHwAytDGc511seCKrJJNpE&google_cver=1&google_push=AehlK4AYPYEmVoLUd49q1CcTNCYnC18Y1ffIjQSAR6cYJcVh2WNgiBHOmSPaAnK920cN98WvqsLGvJ0Bdcl0gjckPEVl2Tm7kF1F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJHwAytDGc511seCKrJJNpE&google_push=AehlK4AYPYEmVoLUd49q1CcTNCYnC18Y1ffIjQSAR6cYJcVh2WNgiBHOmSPaAnK920cN98WvqsLGvJ0Bdcl0gjckPEVl2Tm7kF1F

Request Chain 300

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELowucEZ1hy-WNVlpnmt6Ek&google_cver=1&google_push=AehlK4CbPSlXeULZM2Y7jSyRs3s3g50aS1MLMkYvdCEoo6Oo2vxuywzp9Qu82lYz2_2148xnUHyNis9GUCssQyM_W0LzYS2KD9mp HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELowucEZ1hy-WNVlpnmt6Ek&google_cver=1&google_push=AehlK4CbPSlXeULZM2Y7jSyRs3s3g50aS1MLMkYvdCEoo6Oo2vxuywzp9Qu82lYz2_2148xnUHyNis9GUCssQyM_W0LzYS2KD9mp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUxMDUwOTQzMTM5NzkzOTYwOQ&google_push=AehlK4CbPSlXeULZM2Y7jSyRs3s3g50aS1MLMkYvdCEoo6Oo2vxuywzp9Qu82lYz2_2148xnUHyNis9GUCssQyM_W0LzYS2KD9mp

Request Chain 303

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI9WQ7u25CrdcAbeLWwNuZQ&google_cver=1&google_push=AehlK4CcLPDZjYWkt100-u-LCuQkPIblgDMllIpKYYmdo48h-8ODJrizJ5MncTwUdHNmqEkrgB6wYjwu28a6lgV17Al1MEZc40RaQg HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI9WQ7u25CrdcAbeLWwNuZQ&google_cver=1&google_push=AehlK4CcLPDZjYWkt100-u-LCuQkPIblgDMllIpKYYmdo48h-8ODJrizJ5MncTwUdHNmqEkrgB6wYjwu28a6lgV17Al1MEZc40RaQg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TVZxN3ptblkxT3Q4YmI1&google_gid=CAESEI9WQ7u25CrdcAbeLWwNuZQ&google_cver=1&google_push=AehlK4CcLPDZjYWkt100-u-LCuQkPIblgDMllIpKYYmdo48h-8ODJrizJ5MncTwUdHNmqEkrgB6wYjwu28a6lgV17Al1MEZc40RaQg

Request Chain 304

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPVhdyZcsMSycAlwBXj55TA&google_cver=1&google_push=AehlK4AWUmUmffmCMFY9VXYre5IYh5OHjoOw0MCUv0KXWbkBhmFa2vG3vFug5KEkv2ksGV1g2kYG56C12OnEqKpd2kNYgdes9lV-lg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4AWUmUmffmCMFY9VXYre5IYh5OHjoOw0MCUv0KXWbkBhmFa2vG3vFug5KEkv2ksGV1g2kYG56C12OnEqKpd2kNYgdes9lV-lg&google_hm=Zsy7j5-KRMCE3uO0YaPBm4s

Request Chain 306

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPsfJ1DmVGyYZLCaXVMMJBM&google_cver=1&google_push=AehlK4DjNAJ8VUXzjj_y0ZRDeqPghMzo1QjotpUeT-itIa5p2EwhE46VYlQ9vG4-con2NRRThmbUpxs55Pzft6w1Aa7P9Mkp9EZ- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdHTlhSVUUtVC00RFI4&google_push=AehlK4DjNAJ8VUXzjj_y0ZRDeqPghMzo1QjotpUeT-itIa5p2EwhE46VYlQ9vG4-con2NRRThmbUpxs55Pzft6w1Aa7P9Mkp9EZ-

Request Chain 307

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJgGA7NnHigXtjEML60lyhk&google_cver=1&google_push=AehlK4AHRzBg7Pn6nTHaVsRvKCekF04ue-lYoLHgSPo3UNZCwZc98VoenIzA3QecxcFeT-6wHEaacB6qKjSZTsgPYXoC27zBhLNuVQ HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJgGA7NnHigXtjEML60lyhk&google_cver=1&google_push=AehlK4AHRzBg7Pn6nTHaVsRvKCekF04ue-lYoLHgSPo3UNZCwZc98VoenIzA3QecxcFeT-6wHEaacB6qKjSZTsgPYXoC27zBhLNuVQ&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KN1IzRm5SRTJ1SElRSnJqV2pscjdreVhCV0Q5dmJ5Nn5B&google_push=AehlK4AHRzBg7Pn6nTHaVsRvKCekF04ue-lYoLHgSPo3UNZCwZc98VoenIzA3QecxcFeT-6wHEaacB6qKjSZTsgPYXoC27zBhLNuVQ

Request Chain 340

https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1 HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=medianet&bsw_user_id=5677a99c-e0fd-41f6-bbd2-bd7f2829783a HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=medianet&bsw_user_id=5677a99c-e0fd-41f6-bbd2-bd7f2829783a HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=a21fa785-01f1-449a-b4d4-aeb0ecb2a1eb&ssp=medianet HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5677a99c-e0fd-41f6-bbd2-bd7f2829783a&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 344

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=%3Cvsid%3E HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=%3Cvsid%3E HTTP 302
https://contextual.media.net/cksync.php?type=mf&ovsid=e2ace278-ede5-47f0-b2bd-6da9543d2afc&cs=1

Request Chain 345

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=MVq7zmnY1Ot8bb5

Request Chain 346

https://tags.bluekai.com/site/82519?limit=0&phint=event%3Dimp&phint=aid%3D5481501&phint=cid%3D27602381&phint=crid%3D169406718&phint=pid%3D333790633&phint=segment%3DCUSTOM-AFF-NONDXB-DCO&redir=https%3A%2F%2Fads.travelaudience.com%2Ftrg.gif%3Fds%3Ddp%26acc%3DSC%26lvl%3D1%26pl%3Ddubai%26pt%3D16%26rcm%3D493%26pix%3D0%26exid%3D$_BK_UUID%26dp%3Devent_type%3Aimpression HTTP 302
https://ads.travelaudience.com/trg.gif?ds=dp&acc=SC&lvl=1&pl=dubai&pt=16&rcm=493&pix=0&exid=$_BK_UUID&dp=event_type:impression

348 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
whitesalmonbruins.com/
Redirect Chain

http://whitesalmonbruins.com/
https://whitesalmonbruins.com/

197 KB
28 KB

3554ms
3024ms

Document
text/html

44.235.104.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.235.104.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-104-156.us-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.21
Resource Hash: 699efe9d2f2519e17decd95224b30c662c11906deb21502194e93c25fa7ce87a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 30 Aug 2022 20:49:44 GMT
link: <https://whitesalmonbruins.com/wp-json/>; rel="https://api.w.org/"
server: nginx
transfer-encoding: chunked
vary: Accept-Encoding
via: 1.1 varnish-v4
x-backend-host: whitesalmonbruins.com
x-backend-server: ip-172-31-9-181.us-west-2.compute.internal
x-cache: MISS
x-cache-age-extended: 0 minutes
x-cache-datetime: Tue, 30 Aug 2022 20:49:44 GMT
x-cache-server: ip-172-31-61-132.us-west-2.compute.internal
x-cacheable: YES
x-now-datetime: Tue, 30 Aug 2022 20:49:44 GMT
x-powered-by: PHP/7.4.21
x-response-host: whitesalmonbruins.com
x-response-path: /
x-ua-compatible: IE=edge,chrome=1
x-uncacheable: false
x-unsetcookies: TRUE
x-varnish: 160043160

Redirect headers

content-length: 0
location: https://whitesalmonbruins.com/

GET
H/1.1 200
OK style.css
vnnsportshub.net/app/mu-plugins/wp-vnn-unsupported-browser-banner/src/css/ 309 B
997 B 1118ms
562ms Stylesheet
text/css 44.235.104.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vnnsportshub.net/app/mu-plugins/wp-vnn-unsupported-browser-banner/src/css/style.css?ver=4.9.20
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.235.104.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-104-156.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 7c3f9b8368dd8a54223f502176013b37c5ef33a262fea9229a1c600f75f76c6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:45 GMT
content-encoding: gzip
x-backend-host: vnnsportshub.net
x-now-datetime: Tue, 30 Aug 2022 20:49:45 GMT
age: 20
x-response-host: vnnsportshub.net
x-cache: HIT
x-unsetcookies: TRUE
x-backend-server: ip-172-31-21-84.us-west-2.compute.internal
content-length: 210
via: 1.1 varnish-v4
last-modified: Tue, 16 Aug 2022 21:26:41 GMT
server: nginx
x-cache-server: ip-172-31-61-132.us-west-2.compute.internal
x-cacheable: YES
etag: "62fc0b91-135"
vary: Accept-Encoding
x-varnish: 161450293 157883878
x-cache-datetime: Tue, 30 Aug 2022 20:49:25 GMT
x-response-path: /app/mu-plugins/wp-vnn-unsupported-browser-banner/src/css/style.css?ver=4.9.20
x-cache-age-extended: 0 minutes
accept-ranges: bytes
content-type: text/css

GET
H/1.1 200
OK app-switcher.css
whitesalmonbruins.com/app/mu-plugins/wp-vnn-sso-plugin/ 461 B
1 KB 1350ms
1193ms Stylesheet
text/css 44.235.104.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whitesalmonbruins.com/app/mu-plugins/wp-vnn-sso-plugin/app-switcher.css?ver=4.9.20
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.235.104.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-104-156.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 9bbe2cd0fdc79b42a037106de4460223adca5ae2ed125103b16dd08e3d0e79ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:45 GMT
content-encoding: gzip
x-cacheable: YES
x-now-datetime: Tue, 30 Aug 2022 20:49:45 GMT
age: 1
x-response-host: whitesalmonbruins.com
x-cache: MISS
x-unsetcookies: TRUE
content-length: 231
x-backend-server: ip-172-31-5-199.us-west-2.compute.internal
x-backend-host: whitesalmonbruins.com
via: 1.1 varnish-v4
last-modified: Tue, 16 Aug 2022 21:26:41 GMT
server: nginx
x-uncacheable: false
etag: W/"62fc0b91-1cd"
vary: Accept-Encoding
x-varnish: 482025222
x-cache-datetime: Tue, 30 Aug 2022 20:49:44 GMT
x-response-path: /app/mu-plugins/wp-vnn-sso-plugin/app-switcher.css?ver=4.9.20
x-cache-server: ip-172-31-34-33.us-west-2.compute.internal
x-cache-age-extended: 0 minutes
accept-ranges: bytes
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 9 KB
889 B 68ms
24ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400i,700|Oswald:300,400

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8595a3c5518e825c2b6afe7ae506e8aa58abe31fa35247925e6ee7b27bd4a26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 20:49:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Aug 2022 20:49:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Aug 2022 20:49:44 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
869 B 66ms
23ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 20:49:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Aug 2022 20:49:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Aug 2022 20:49:44 GMT

GET
H/1.1 200
OK vendor_77735b9.css
vnn-sportshub.s3-us-west-2.amazonaws.com/production/77735b9/styles/ 167 KB
167 KB 722ms
187ms Stylesheet
text/css 52.92.149.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vnn-sportshub.s3-us-west-2.amazonaws.com/production/77735b9/styles/vendor_77735b9.css
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.149.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a33cb72f03bce353499b20acc7f39571e610402f7470d4c2683313cd76b86c8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:45 GMT
Last-Modified: Thu, 18 Aug 2022 00:13:35 GMT
Server: AmazonS3
x-amz-request-id: SF71WP3CSK3YV4FG
ETag: "8c3efab854e73c65f83a1af8b1c3b7aa"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 171127
x-amz-id-2: a0CgS97YY4MAOIkUC/rOhEWquXzwN4Uu1tjkFxfWgFoqbPun8wBNvE3vAoxXykDpKuyC4RTC6Qk=

GET
H/1.1 200
OK main_77735b9.css
vnn-sportshub.s3-us-west-2.amazonaws.com/production/77735b9/styles/ 59 KB
60 KB 749ms
199ms Stylesheet
text/css 52.92.149.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vnn-sportshub.s3-us-west-2.amazonaws.com/production/77735b9/styles/main_77735b9.css
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.149.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: fdc75abfec596987a2afc3cf319be7a665deb7f6323232a3482781369ae2536c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:45 GMT
Last-Modified: Thu, 18 Aug 2022 00:13:35 GMT
Server: AmazonS3
x-amz-request-id: SF7DQ22DXXQWS6HQ
ETag: "e2105acd42c9a7133e839082139b06d5"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 60916
x-amz-id-2: U2vc38oFxOvWa4xCsSTCR+2vstzz2beLlBAOHCFt0EvG60v8JMGPxKaxM2cVaQXueNEEGPXnwjE=

GET
H/1.1 200
OK script.js Show response
vnnsportshub.net/app/mu-plugins/wp-vnn-facebook-pixel/src/js/ 527 B
1 KB 1111ms
545ms Script
application/javascript 44.235.104.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vnnsportshub.net/app/mu-plugins/wp-vnn-facebook-pixel/src/js/script.js?ver=4.9.20
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.235.104.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-104-156.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 0b8c00264b205b205dfe812b1eb0e376e83c3cfd5c0a9f2a08290163ba195e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:45 GMT
content-encoding: gzip
x-backend-host: vnnsportshub.net
x-now-datetime: Tue, 30 Aug 2022 20:49:45 GMT
age: 32
x-response-host: vnnsportshub.net
x-cache: HIT
x-unsetcookies: TRUE
x-backend-server: ip-172-31-18-1.us-west-2.compute.internal
content-length: 360
via: 1.1 varnish-v4
last-modified: Tue, 16 Aug 2022 21:26:41 GMT
server: nginx
x-cache-server: ip-172-31-61-132.us-west-2.compute.internal
x-cacheable: YES
etag: "62fc0b91-20f"
vary: Accept-Encoding
x-varnish: 158899938 160929771
x-cache-datetime: Tue, 30 Aug 2022 20:49:13 GMT
x-response-path: /app/mu-plugins/wp-vnn-facebook-pixel/src/js/script.js?ver=4.9.20
x-cache-age-extended: 0 minutes
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK jquery.js Show response
whitesalmonbruins.com/wp-includes/js/jquery/ 95 KB
34 KB 1666ms
1319ms Script
application/javascript 44.235.104.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whitesalmonbruins.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.235.104.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-104-156.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:45 GMT
content-encoding: gzip
x-cacheable: YES
x-now-datetime: Tue, 30 Aug 2022 20:49:45 GMT
age: 1
x-response-host: whitesalmonbruins.com
x-cache: MISS
x-unsetcookies: TRUE
content-length: 33815
x-backend-server: ip-172-31-16-65.us-west-2.compute.internal
x-backend-host: whitesalmonbruins.com
via: 1.1 varnish-v4
last-modified: Fri, 11 Mar 2022 02:13:34 GMT
server: nginx
x-uncacheable: false
etag: W/"622ab04e-17a6a"
vary: Accept-Encoding
x-varnish: 500172448
x-cache-datetime: Tue, 30 Aug 2022 20:49:44 GMT
x-response-path: /wp-includes/js/jquery/jquery.js?ver=1.12.4
x-cache-server: ip-172-31-34-33.us-west-2.compute.internal
x-cache-age-extended: 0 minutes
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK jquery-migrate.min.js Show response
whitesalmonbruins.com/wp-includes/js/jquery/ 10 KB
5 KB 1490ms
1141ms Script
application/javascript 44.235.104.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whitesalmonbruins.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.235.104.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-104-156.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:45 GMT
content-encoding: gzip
x-cacheable: YES
x-now-datetime: Tue, 30 Aug 2022 20:49:45 GMT
age: 1
x-response-host: whitesalmonbruins.com
x-cache: MISS
x-unsetcookies: TRUE
content-length: 4025
x-backend-server: ip-172-31-44-96.us-west-2.compute.internal
x-backend-host: whitesalmonbruins.com
via: 1.1 varnish-v4
last-modified: Fri, 11 Mar 2022 02:13:34 GMT
server: nginx
x-uncacheable: false
etag: W/"622ab04e-2748"
vary: Accept-Encoding
x-varnish: 502792288
x-cache-datetime: Tue, 30 Aug 2022 20:49:44 GMT
x-response-path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
x-cache-server: ip-172-31-34-33.us-west-2.compute.internal
x-cache-age-extended: 0 minutes
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK script.js Show response
vnnsportshub.net/app/mu-plugins/wp-vnn-unsupported-browser-banner/src/js/ 450 B
1 KB 1110ms
539ms Script
application/javascript 44.235.104.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vnnsportshub.net/app/mu-plugins/wp-vnn-unsupported-browser-banner/src/js/script.js?ver=4.9.20
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.235.104.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-104-156.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: ceddb928d1ffb901318781f7e38ca0d034ddab0cd68736d11b7cdd9a4a7d2e69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:45 GMT
content-encoding: gzip
x-backend-host: vnnsportshub.net
x-now-datetime: Tue, 30 Aug 2022 20:49:45 GMT
age: 35
x-response-host: vnnsportshub.net
x-cache: HIT
x-unsetcookies: TRUE
x-backend-server: ip-172-31-31-117.us-west-2.compute.internal
content-length: 302
via: 1.1 varnish-v4
last-modified: Tue, 16 Aug 2022 21:26:41 GMT
server: nginx
x-cache-server: ip-172-31-61-132.us-west-2.compute.internal
x-cacheable: YES
etag: "62fc0b91-1c2"
vary: Accept-Encoding
x-varnish: 144293408 137741637
x-cache-datetime: Tue, 30 Aug 2022 20:49:10 GMT
x-response-path: /app/mu-plugins/wp-vnn-unsupported-browser-banner/src/js/script.js?ver=4.9.20
x-cache-age-extended: 0 minutes
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 didna_config.js Show response
storage.googleapis.com/didna_hb/vnn/vnnsports/ 20 KB
21 KB 206ms
144ms Script
text/javascript 2a00:1450:4001:80f::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/didna_hb/vnn/vnnsports/didna_config.js
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ec449e3ee89148b586be49494c010cf223a4dc702931f098b25e31d87adafa14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:46 GMT
x-guploader-uploadid: ADPycdvP2EcCa7yvIj_wjs_w1RBJODD3W17RllwAu7gnP9evwh3ybCKn27FFzk6TmVxY4Tcslbo5FQLS1oM-LAfo5LSs-Zik6qjd
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20631
last-modified: Tue, 30 Aug 2022 18:05:46 GMT
server: UploadServer
etag: "c41cf58a012fed6a1db5f3e9da6bc2cf"
x-goog-hash: crc32c=MTJY7g==, md5=xBz1igEv7WodtfPp2mvCzw==
x-goog-generation: 1661882746438866
cache-control: no-store
x-goog-stored-content-length: 20631
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 30 Aug 2023 20:49:46 GMT

GET
H2 200 css2
fonts.googleapis.com/ 391 B
354 B 68ms
30ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Graduate&display=swap

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a6ec2fbc8dc315ff2b987bbbe53ff9bdaad78dc08cc85e80cb1d876ebbfb91e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 20:49:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Aug 2022 20:49:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Aug 2022 20:49:44 GMT

GET
H/1.1 200
OK conference-menu.357d3835.css
vnn-sportshub3.s3.us-west-2.amazonaws.com/prod/ 3 KB
4 KB 738ms
191ms Stylesheet
text/css 52.92.149.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vnn-sportshub3.s3.us-west-2.amazonaws.com/prod/conference-menu.357d3835.css
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.149.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8f4efabe25d05487d3faeaaeaa0dbf0e528760370ccf12b0aa8a300f6845db5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:45 GMT
Last-Modified: Fri, 05 Aug 2022 22:55:54 GMT
Server: AmazonS3
x-amz-request-id: SF74QZDST7KGAGTG
ETag: "0e440f4ce951b4e1dac2a598562272f3"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 3301
x-amz-id-2: 1CqJMLUjz8V4hftn271ToqpVixaGd8owJwBgPPD4A6ar598pVA2ZlL5UdiHt69h5uKHwiaZVPMo=

GET
H/1.1 200
OK Castle-Rock-Logo.png
s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2750/2020/11/04065203/ 40 KB
41 KB 1626ms
193ms Image
image/png 52.218.252.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2750/2020/11/04065203/Castle-Rock-Logo.png
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.252.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: c68c188e4d0a307de705a23afb896869ac0ff6b148e31b6ed744a920fda55469

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:48 GMT
Last-Modified: Wed, 04 Nov 2020 14:52:04 GMT
Server: AmazonS3
x-amz-request-id: V6H4X9W2G72BY0N3
ETag: "867272a9d767bdef14b155c9697c3ae2"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 41322
x-amz-id-2: Z32qwE6OBx3SSuDtOmeKrI5A0O+l5bvIc89MY4NQJm7csgpwT563da5AtrnLb1ucWsPsKzy0xLs=
Expires: Thu, 04 Nov 2021 14:52:03 GMT

GET
H/1.1 200
OK columbia_logo_outline.png
s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2020/10/28202819/ 316 KB
316 KB 1637ms
190ms Image
image/png 52.218.252.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2020/10/28202819/columbia_logo_outline.png
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.252.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1f375ff6aacb00bfea8e07ed3cc5328d30eb9bc172e1a975dda2eabdffafb286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:48 GMT
Last-Modified: Wed, 28 Oct 2020 20:28:20 GMT
Server: AmazonS3
x-amz-request-id: V6HD9QZCZJDZ6CQC
ETag: "db41c45bb566fc863b41a7217b03cbe9"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 323528
x-amz-id-2: lUW+xtJO2EjhqoZju4XHqCi6v5KTLaFJ8ybQBYM6tcvG+VVwLtnw07hbM9Wo6wbu4X0vv9y9vL4=
Expires: Thu, 28 Oct 2021 20:28:19 GMT

GET
H/1.1 200
OK logo.png
s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2/2018/06/12125900/ 137 KB
138 KB 1737ms
185ms Image
image/png 52.218.252.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2/2018/06/12125900/logo.png
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.252.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 79decf850929083220ca9e155f68ce4cafac71fe2edfd7a989ac471567c53a11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:48 GMT
Last-Modified: Tue, 12 Jun 2018 12:59:01 GMT
Server: AmazonS3
x-amz-request-id: V6HAZZKEH1PRV30R
ETag: "cb811e4414fd696fc7a8d069208ada61"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 140761
x-amz-id-2: O8qbNW4RVz0qbFNOIq17ss+9EDAFjHrh8DXJgv7xEGA4RM99sbaDFt/tOf40L6i08gu0clW3CyM=
Expires: Wed, 12 Jun 2019 12:59:00 GMT

GET
H/1.1 200
OK La-Central.png
s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2620/2020/10/08185600/ 102 KB
103 KB 1781ms
189ms Image
image/png 52.218.252.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2620/2020/10/08185600/La-Central.png
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.252.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8dc87c6c3255df17b7f2ab127a4378dd9238717343616de074558c00aabaeed2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:48 GMT
Last-Modified: Fri, 09 Oct 2020 01:56:01 GMT
Server: AmazonS3
x-amz-request-id: V6HDKGRGPJCNT8QD
ETag: "cdace7e30f3eca864ed690e18a034aa6"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 104593
x-amz-id-2: vVExVKJZdYgLMYG7BAkRIk7qveQfFEwFUg9TdYeNmSaxQiSjIvgBn8j9iUrzVI6OpbNWV8CRbRo=
Expires: Sat, 09 Oct 2021 01:56:00 GMT

GET
H/1.1 200
OK resized-image-Promo.png
s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/390/2022/08/11220824/ 104 KB
105 KB 1810ms
213ms Image
image/png 52.218.252.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/390/2022/08/11220824/resized-image-Promo.png
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.252.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 157fe313a8be5324f88d86efd11d11d1447992f02be3761235839483031e0da1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:48 GMT
Last-Modified: Thu, 11 Aug 2022 22:08:25 GMT
Server: AmazonS3
x-amz-request-id: V6H48ZNEWTJNST2B
ETag: "c4141df0af5919f68b982ae2bba38e1d"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 106707
x-amz-id-2: c/2ZktVXQj6Z8zQjiAmItmCF4MOKi6C6cdsFsWrZXfjNLfH5HyzHNNOQJVA70ipY7FBJf4cMf9M=
Expires: Fri, 11 Aug 2023 22:08:24 GMT

GET
H/1.1 200
OK Stevenson_Logo.png
s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2913/2021/02/16191254/ 105 KB
106 KB 811ms
204ms Image
image/png 52.218.252.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2913/2021/02/16191254/Stevenson_Logo.png
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.252.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3a2039890e62c58c39b56fd3ee5abecc62985bba35551519d40e9fe2fa23ddb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:47 GMT
Last-Modified: Wed, 17 Feb 2021 03:12:55 GMT
Server: AmazonS3
x-amz-request-id: 8F5D9Y7RCZSEJ70G
ETag: "264a8b69346f24c73665b3bf7b739347"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 107827
x-amz-id-2: 7AtRN3EQ5dZVnWg8BCVEgY0CdGYFVbUCjH28iLajoUznO2Ow2PpjeL5upKnbHnSZZQYayYuar68=
Expires: Thu, 17 Feb 2022 03:12:54 GMT

GET
H/1.1 200
OK runtime.ec2b70cf.js Show response
vnn-sportshub3.s3.us-west-2.amazonaws.com/prod/ 1 KB
2 KB 184ms
183ms Script
application/javascript 52.92.149.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vnn-sportshub3.s3.us-west-2.amazonaws.com/prod/runtime.ec2b70cf.js
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.149.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ce7aac645a54f825051287a67f84691ce401d7a14a7f5fb9a6bffd08135a2b77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:47 GMT
Last-Modified: Fri, 05 Aug 2022 22:55:54 GMT
Server: AmazonS3
x-amz-request-id: 8F54RTQPD221T50A
ETag: "580a1e8a9272188cf0ad77a3a7fca59a"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1238
x-amz-id-2: Z5VNUgH0PPlTX1naZVaqZtcw7nuIKqEVTFPmezV3UOS/J34OT5OOcpHlh5AESgBNqj+VWfX0l5o=

GET
H/1.1 200
OK 360.90960ee6.js Show response
vnn-sportshub3.s3.us-west-2.amazonaws.com/prod/ 32 KB
33 KB 375ms
190ms Script
application/javascript 52.92.149.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vnn-sportshub3.s3.us-west-2.amazonaws.com/prod/360.90960ee6.js
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.149.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 22edc41e7baaf0c0b4bbb9e0b190be8af963fd43aba2d4be74a3e2bd84071f05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:47 GMT
Last-Modified: Fri, 05 Aug 2022 22:55:54 GMT
Server: AmazonS3
x-amz-request-id: 8F570QYWVE1ZABAA
ETag: "39c3f9b24c293a0b67edfe49bbfaae39"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 33066
x-amz-id-2: veeSYUusOFEPBwlobm1NiY9t9dBVepncjWLPdii0ZDMAnzrX68IlhR7akELXUg3l6gyK7JaV7KI=

GET
H/1.1 200
OK 146.fbd47fe1.js Show response
vnn-sportshub3.s3.us-west-2.amazonaws.com/prod/ 22 KB
22 KB 703ms
187ms Script
application/javascript 52.92.149.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vnn-sportshub3.s3.us-west-2.amazonaws.com/prod/146.fbd47fe1.js
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.149.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 139a25bfa33ee842127c547a4d3f22aa14f8aeb58dff6fa45ef585b9a831ab1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:47 GMT
Last-Modified: Fri, 05 Aug 2022 22:55:54 GMT
Server: AmazonS3
x-amz-request-id: 8F51WSYJGWBVJ54E
ETag: "d552be4c3d3d5b526e9e9c5b85c1e539"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 22105
x-amz-id-2: VfDpngJh/nq/dmIEP8u0lMGWlkT5LRg56vddyV5LTDSVNrp6FCTBC8wrwAryhITUCN6HYRKDJCA=

GET
H/1.1 200
OK conference-menu.1c32df35.js Show response
vnn-sportshub3.s3.us-west-2.amazonaws.com/prod/ 4 KB
4 KB 706ms
184ms Script
application/javascript 52.92.149.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vnn-sportshub3.s3.us-west-2.amazonaws.com/prod/conference-menu.1c32df35.js
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.149.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8b460c1f4225100114426139412fd569dde8ae5f4d47d43f2a8589ba2fd43b9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:47 GMT
Last-Modified: Fri, 05 Aug 2022 22:55:54 GMT
Server: AmazonS3
x-amz-request-id: 8F52QMARBCZNMPMC
ETag: "55d081be20133e0e26101dd3cc39b7ac"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 3956
x-amz-id-2: O8XhGzPBqGI+oESTPUxbPjKpyxaELR5kVeDSzYlRHwLOXHORBUHLswLH9JL99E5OdpnVkEuh+bo=

GET
H/1.1 200
OK ColumbiaWhiteSalmon_BG_Left.png
s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2020/10/29062319/ 449 KB
450 KB 838ms
234ms Image
image/png 52.218.252.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2020/10/29062319/ColumbiaWhiteSalmon_BG_Left.png
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.252.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 01f23e4c65757159ae344433d205b5cfa95a040c1cd7fab5f148d4675a985feb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:47 GMT
Last-Modified: Thu, 29 Oct 2020 13:23:20 GMT
Server: AmazonS3
x-amz-request-id: 8F5AYM3G7NTJXCXK
ETag: "fd92ae1b0ae5f3b63007ad6fb6cace13"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 460114
x-amz-id-2: C0K8FfeFPxYTm7cJ3UMocJtxHZZEH5xFk9pqmOIaST8jyp2C+RjPl05/kn9ogkkpRwWbp+3d+h8=
Expires: Fri, 29 Oct 2021 13:23:19 GMT

GET
H/1.1 200
OK ColumbiaWhiteSalmon_BG_Right.png
s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2020/10/29062320/ 360 KB
360 KB 817ms
220ms Image
image/png 52.218.252.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2020/10/29062320/ColumbiaWhiteSalmon_BG_Right.png
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.252.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: ae06f6d12ca07e78cbe3a636b1f07053f14d9e54c58486a6e15470747abf0fa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:47 GMT
Last-Modified: Thu, 29 Oct 2020 13:23:21 GMT
Server: AmazonS3
x-amz-request-id: 8F51AAKQ4QE1X9M8
ETag: "0c51bf17fc9a7d5f20aeb7ff2eba89cd"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 368410
x-amz-id-2: zN907q0rIc11ilrOl5bC24zLNA7j7IBAZ1roHoMS7qfmL0BzEaylQWtPkhz9LZqyu5G4VR6BNQ4=
Expires: Fri, 29 Oct 2021 13:23:20 GMT

GET
H2 200 l.js Show response
client.crisp.chat/ 8 KB
3 KB 54ms
24ms Script
application/javascript 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/l.js

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbe3322149369708038a2dec8b5ab605f88f2f9a07291585babc870b3df401da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 49010
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 14 Mar 2022 13:16:27 GMT
server: cloudflare
etag: W/"622f402b-1f64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=86400
access-control-allow-credentials: false
cf-ray: 743065167f8d922b-FRA
access-control-allow-headers: Content-Type, Origin
expires: Wed, 31 Aug 2022 20:49:46 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
whitesalmonbruins.com/wp-includes/js/ 12 KB
5 KB 1225ms
1224ms Script
application/javascript 44.235.104.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whitesalmonbruins.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.20
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.235.104.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-104-156.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:47 GMT
content-encoding: gzip
x-cacheable: YES
x-now-datetime: Tue, 30 Aug 2022 20:49:47 GMT
age: 1
x-response-host: whitesalmonbruins.com
x-cache: MISS
x-unsetcookies: TRUE
content-length: 4358
x-backend-server: ip-172-31-17-20.us-west-2.compute.internal
x-backend-host: whitesalmonbruins.com
via: 1.1 varnish-v4
last-modified: Fri, 11 Mar 2022 02:13:34 GMT
server: nginx
x-uncacheable: false
etag: W/"622ab04e-2ea7"
vary: Accept-Encoding
x-varnish: 500172452
x-cache-datetime: Tue, 30 Aug 2022 20:49:46 GMT
x-response-path: /wp-includes/js/wp-emoji-release.min.js?ver=4.9.20
x-cache-server: ip-172-31-34-33.us-west-2.compute.internal
x-cache-age-extended: 0 minutes
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK school-menu.e07c001a.css
vnn-sportshub3.s3.us-west-2.amazonaws.com/prod/ 8 KB
8 KB 186ms
186ms Stylesheet
text/css 52.92.149.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vnn-sportshub3.s3.us-west-2.amazonaws.com/prod/school-menu.e07c001a.css
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.149.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ac77f56914ee369776d6cffd0f5a732ea96543ed65cfd0f787ce9d246f391334

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:46 GMT
Last-Modified: Fri, 05 Aug 2022 22:55:54 GMT
Server: AmazonS3
x-amz-request-id: XYY4PMDR01JHRT5C
ETag: "7f9a081b1ad916316304b8cb3787e361"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 8296
x-amz-id-2: wNKdi9HxFgsKlcQNPiS0aNGBCAiywn8gUONNwDfiTWdktVixZyoQc+7CWUqWeRwNgWqrHEyDkhY=

GET
H/1.1 200
OK 154.d9371354.js Show response
vnn-sportshub3.s3.us-west-2.amazonaws.com/prod/ 129 KB
130 KB 662ms
190ms Script
application/javascript 52.92.149.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vnn-sportshub3.s3.us-west-2.amazonaws.com/prod/154.d9371354.js
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.149.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2f499eed261fb484fd18265eeecf9f61fa8cd2745dcf998a3ebb51b7c1553616

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:47 GMT
Last-Modified: Fri, 05 Aug 2022 22:55:54 GMT
Server: AmazonS3
x-amz-request-id: 8F5B6RSF435VTZZV
ETag: "1dee8d82e0e8ba902f16917c0a8c8ef3"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 132471
x-amz-id-2: cWq3N3xlR+g34TvldDqWMIdvPro4MJoztkFErZXFAaVsV2y/zPtbrb/klPmLV7YTy2At5Sz104Y=

GET
H/1.1 200
OK school-menu.9c9369bf.js Show response
vnn-sportshub3.s3.us-west-2.amazonaws.com/prod/ 18 KB
19 KB 562ms
183ms Script
application/javascript 52.92.149.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vnn-sportshub3.s3.us-west-2.amazonaws.com/prod/school-menu.9c9369bf.js
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.149.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 44591a2b27d0068a321f413295ab1d6f91cefbdc1bcd0d7be9133fb225f923c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:47 GMT
Last-Modified: Fri, 05 Aug 2022 22:55:54 GMT
Server: AmazonS3
x-amz-request-id: 8F55QKCDM287DG4F
ETag: "6ab56d5bf98ef2ff87c0dbe2efc5475f"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 18837
x-amz-id-2: LmK3J96VVfbd+tzG4uSG4ChnvwjM3zvCwC+fpC0sCQ5vO9Rv426Kji85Gj8R8da1xcUp6RH3sNI=

GET
H/1.1 200
OK Bruins-36.jpg
s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2022/08/09145202/ 34 KB
34 KB 815ms
210ms Image
image/jpeg 52.218.252.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2022/08/09145202/Bruins-36.jpg
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.252.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4fb344435206a7fc7a97dc06bacfebbc9c8689fd9b57a82d68dbc756c0fd4926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:47 GMT
Last-Modified: Tue, 09 Aug 2022 21:52:03 GMT
Server: AmazonS3
x-amz-request-id: 8F5DEFHR2SDGVJJ0
ETag: "5d09521e1b48854e506cf859dfb75edc"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 34865
x-amz-id-2: vVhXbco5/txkq6Ax7S8Bo9R9nNsIsLqvikOfJ01f+3yLmXQpND9xaGZTI77ZAVKzWcA6Il5RUR8=
Expires: Wed, 09 Aug 2023 21:52:02 GMT

GET
H/1.1 200
OK columbia.gif
s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2020/10/28133117/ 300 KB
301 KB 855ms
255ms Image
image/gif 52.218.252.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2020/10/28133117/columbia.gif
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.252.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 599f7defaffc9a8c4ea9769a0cd71a73e2f65bfc61d669ff5aee16002d6b7293

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:47 GMT
Last-Modified: Wed, 28 Oct 2020 20:31:18 GMT
Server: AmazonS3
x-amz-request-id: 8F59JEX2K20VHSKF
ETag: "51b95de3e8add2888e4e7928900b8bd2"
Content-Type: image/gif
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 307637
x-amz-id-2: dFxPsw7T0YkHvGPjoCa/AsX849v6TT2Gy+EauNu15NpX5PAZuBKoe2kkcj+nS8gxar1asTNmbm4=
Expires: Thu, 28 Oct 2021 20:31:17 GMT

GET
H2

200

player.min.js Show response
vnn-player.rapidreplay.co/players/
Redirect Chain

https://www.rapidreplay.co/players/vnn/sticky-player.js
https://vnn-player.rapidreplay.co/players/player.min.js

13 KB
4 KB

225ms
213ms

Script
application/javascript

2606:4700:20::ac43:4a8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vnn-player.rapidreplay.co/players/player.min.js

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Server

2606:4700:20::ac43:4a8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

998976feab6111201521d34f61e2fdddfe53312f5dec66d02643fff36ffc7477

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:46 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
content-encoding: br
vary: Accept-Encoding
last-modified: Tue, 30 Aug 2022 04:41:06 GMT
server: cloudflare
etag: W/"3594-182ed0d92d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QfI72l6X%2F%2F2B2wCyP9m7YFH9Jn2O6yakB7OWNA3ie8BwwrTLw%2BUbBweUvZRbchmGe7bi7uPGWtFzcQBHsDYTFVzCa7hPZWScLFH8viP8oqe0tUFrDSX4xHkb5yXhy%2BHT6W0SHnk8xorAP%2BIw%2FYPXkdwTEPU%2Bc84%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2678400
cf-ray: 7430651678a6bbeb-FRA

Redirect headers

date: Tue, 30 Aug 2022 20:49:45 GMT
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tIgMzEiE7DXjpZORrAYGQ8D0LbcVXmtXFpVLSVa%2Fz7%2FOEg3PuWNAV7ebHVWVfvxMvuevnq%2Byowmv46Dc51DgzRnvufo0CJGYpLBYVWgD255kiOaMFOEk3E4fHHdpdAyuUNGPECL6ju81Y5zSMDybcw%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://vnn-player.rapidreplay.co/players/player.min.js
cache-control: max-age=3600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 74306516486cbbeb-FRA
expires: Tue, 30 Aug 2022 21:49:45 GMT

GET
H/1.1 200
OK Bruins-16-150x150.jpg
s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2021/10/05065027/ 6 KB
6 KB 918ms
199ms Image
image/jpeg 52.218.252.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2021/10/05065027/Bruins-16-150x150.jpg
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.252.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2e0885c84608640abfc17d488abacc7769ef20df458fc6b3ee248f2bc92db760

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:48 GMT
Last-Modified: Tue, 05 Oct 2021 13:50:28 GMT
Server: AmazonS3
x-amz-request-id: V6HFTC1WATNA28MP
ETag: "eda429facabcb51f60cb9ececc109783"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 5832
x-amz-id-2: v3A8xtxovDDOOYHQ1ZRm4zAlK4zY5c1BBICGjBBDUioX7xFcNhW2uIpV9TnsnBOGHa2maXX6S4U=
Expires: Wed, 05 Oct 2022 13:50:27 GMT

GET
H/1.1 200
OK 162914672_496766401496337_8590901039148091467_n-150x150.jpg
s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2021/03/24113643/ 9 KB
9 KB 567ms
229ms Image
image/jpeg 52.218.252.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2021/03/24113643/162914672_496766401496337_8590901039148091467_n-150x150.jpg
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.252.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 42b51cb8b1e59f45ab474735a459d8cc196fd853bfed0b99d2ba8f6dafe2d0a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:47 GMT
Last-Modified: Wed, 24 Mar 2021 18:36:44 GMT
Server: AmazonS3
x-amz-request-id: 8F589FD9VSCF007F
ETag: "c571e667f4a446d803162de7f3c06239"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 8980
x-amz-id-2: RLmkkb2lXRBRm8cgCiQYFB7y1EQ34ZQSC2sr32Ymv0OI8g5u5nk3BtzF8JSP/rnGiLxVIhbejDQ=
Expires: Thu, 24 Mar 2022 18:36:43 GMT

GET
H/1.1 200
OK IMG_7195-150x150.jpg
s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2021/03/17104741/ 8 KB
9 KB 786ms
218ms Image
image/jpeg 52.218.252.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2021/03/17104741/IMG_7195-150x150.jpg
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.252.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: dcfa878221722e3086652ae67ab87179785cdf763f1a4ac17dd62b1c88ff0a58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:47 GMT
Last-Modified: Wed, 17 Mar 2021 17:47:42 GMT
Server: AmazonS3
x-amz-request-id: 8F50GNFG4SXKGPDX
ETag: "51e6cd991057f29ab0faea607d95b602"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 8342
x-amz-id-2: 59OGWMiiCtL6w+Z5lw9vCgq0I7ELCIUF/7XTxmBLkzIAmRC7Ci3Y0xgsVfm0ugtf7hQAL2lbmG8=
Expires: Thu, 17 Mar 2022 17:47:41 GMT

GET
H/1.1 200
OK 161329801_2475503652595335_1911023920769851235_n-150x150.jpg
s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2021/03/17104133/ 7 KB
7 KB 994ms
207ms Image
image/jpeg 52.218.252.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2021/03/17104133/161329801_2475503652595335_1911023920769851235_n-150x150.jpg
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.252.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3431b006c9b146d98a4699819a67951e5cd2b212b2f46705257103c590f83e64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:48 GMT
Last-Modified: Wed, 17 Mar 2021 17:41:34 GMT
Server: AmazonS3
x-amz-request-id: V6H336ZV9DEJCNJV
ETag: "89c83b182ef1b85f513a7386b17a84b9"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 6993
x-amz-id-2: NriCd0ZGZD2N7kWSsBcEzb5E50DnaSPUJNnK3Q5T0hnSVtEhF/kQwblGRuSInvkYMzpa4RGqFWY=
Expires: Thu, 17 Mar 2022 17:41:33 GMT

GET
H/1.1 200
OK columbia_logo_outline-150x150.png
s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2022/08/29011110/ 27 KB
28 KB 1034ms
208ms Image
image/png 52.218.252.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2022/08/29011110/columbia_logo_outline-150x150.png
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.252.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8d8777bd45513cd2873992c0bccfe45a5fe267f41ffb4466a0ec809be8adbd0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:48 GMT
Last-Modified: Mon, 29 Aug 2022 08:11:11 GMT
Server: AmazonS3
x-amz-request-id: V6H7HZBFDDNEM69Z
ETag: "a27088325c86e203dfbeadd809a968f3"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 28129
x-amz-id-2: osaJGznjpEDX+mWJ+7doq6Ks7bsZPemD5D7moRIHyAsdoWMsjZMQV/voYZMRe3JM2aCUoJt6hQg=
Expires: Tue, 29 Aug 2023 08:11:10 GMT

GET
H/1.1 200
OK columbia_logo_outline-150x150.png
s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2022/08/22011023/ 27 KB
28 KB 1101ms
199ms Image
image/png 52.218.252.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2022/08/22011023/columbia_logo_outline-150x150.png
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.252.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8d8777bd45513cd2873992c0bccfe45a5fe267f41ffb4466a0ec809be8adbd0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:48 GMT
Last-Modified: Mon, 22 Aug 2022 08:10:24 GMT
Server: AmazonS3
x-amz-request-id: V6H04D48YC30EZQZ
ETag: "a27088325c86e203dfbeadd809a968f3"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 28129
x-amz-id-2: huDKqGa6r7a+Gmrt/RPKtUUNpN3LKHFIEcwTYap8I+tbTCVTCGw39fdQTrbG03IjmLSKqomOWAU=
Expires: Tue, 22 Aug 2023 08:10:23 GMT

GET
H/1.1 200
OK columbia_logo_outline-150x150.png
s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2022/08/15011019/ 27 KB
28 KB 1019ms
216ms Image
image/png 52.218.252.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2022/08/15011019/columbia_logo_outline-150x150.png
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.252.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8d8777bd45513cd2873992c0bccfe45a5fe267f41ffb4466a0ec809be8adbd0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:48 GMT
Last-Modified: Mon, 15 Aug 2022 08:10:21 GMT
Server: AmazonS3
x-amz-request-id: V6H7H6MF216P1NR3
ETag: "a27088325c86e203dfbeadd809a968f3"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 28129
x-amz-id-2: QcZyctscaVEilK+kpKaoqxTr32z85S86EOnADMUkp7l54Np6sAQQ0mEi8niNLWuJStP85a02caI=
Expires: Tue, 15 Aug 2023 08:10:19 GMT

GET
H/1.1 200
OK columbia_logo_outline-150x150.png
s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2022/08/08010959/ 27 KB
28 KB 208ms
208ms Image
image/png 52.218.252.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2022/08/08010959/columbia_logo_outline-150x150.png
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.252.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8d8777bd45513cd2873992c0bccfe45a5fe267f41ffb4466a0ec809be8adbd0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:48 GMT
Last-Modified: Mon, 08 Aug 2022 08:10:00 GMT
Server: AmazonS3
x-amz-request-id: V6H0H8K841GN0VPF
ETag: "a27088325c86e203dfbeadd809a968f3"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 28129
x-amz-id-2: kCQxIdXj+TG2Ib5WOQDWZSV/WJfEmBfUjhWnNmdB/UTKwLVaRQQ7fUNJYqCpRMOVEg/YVHVt1HY=
Expires: Tue, 08 Aug 2023 08:09:59 GMT

GET
H/1.1 200
OK Bruins-36-150x150.jpg
s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2022/08/09145202/ 9 KB
10 KB 205ms
205ms Image
image/jpeg 52.218.252.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2022/08/09145202/Bruins-36-150x150.jpg
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.252.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2ada70afa274836a30c3053c3164001ac078a0be1eea8cd7b45abe22e726cf13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:48 GMT
Last-Modified: Tue, 09 Aug 2022 21:52:03 GMT
Server: AmazonS3
x-amz-request-id: V6H7T5HJ8WG5EWPM
ETag: "e6b319ba0e88e9abb45ce2a1baa6bd82"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 9318
x-amz-id-2: 4b7200Lrgo2Mn5+KVj0bBY53xZJlInF3ZlF3M+k+Ewru7XmWJ0mZZtLC1MHrGoc0/bFviBxeJKM=
Expires: Wed, 09 Aug 2023 21:52:02 GMT

GET
H/1.1 200
OK columbia_logo_outline-150x150.png
s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2022/08/01010953/ 27 KB
28 KB 192ms
191ms Image
image/png 52.218.252.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2022/08/01010953/columbia_logo_outline-150x150.png
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.252.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8d8777bd45513cd2873992c0bccfe45a5fe267f41ffb4466a0ec809be8adbd0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:48 GMT
Last-Modified: Mon, 01 Aug 2022 08:09:55 GMT
Server: AmazonS3
x-amz-request-id: V6H4BMA9RDPHEMSK
ETag: "a27088325c86e203dfbeadd809a968f3"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 28129
x-amz-id-2: g7Hx1HW+9go4L5uLlZZgpxrCzTBWXhcuYgLNQbWfVR5pOeXlC4/BTKHr2DQz24Grxtpf5I0TdyE=
Expires: Tue, 01 Aug 2023 08:09:53 GMT

GET
H/1.1 200
OK columbia_logo_outline-150x150.png
s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2022/07/25010956/ 27 KB
28 KB 217ms
217ms Image
image/png 52.218.252.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2022/07/25010956/columbia_logo_outline-150x150.png
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.252.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8d8777bd45513cd2873992c0bccfe45a5fe267f41ffb4466a0ec809be8adbd0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:48 GMT
Last-Modified: Mon, 25 Jul 2022 08:09:57 GMT
Server: AmazonS3
x-amz-request-id: V6H38YQGDZDCWC0Y
ETag: "a27088325c86e203dfbeadd809a968f3"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 28129
x-amz-id-2: lwkgfziQkwK+/Uy0LNWaR1TSZrvXBrr54JdF5cgt7nQA9/vdSoU+v8BjDejCtBS8C7ypqnutFXI=
Expires: Tue, 25 Jul 2023 08:09:56 GMT

GET
H/1.1 200
OK columbia_logo_outline-150x150.png
s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2022/07/18010901/ 27 KB
28 KB 207ms
206ms Image
image/png 52.218.252.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2022/07/18010901/columbia_logo_outline-150x150.png
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.252.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8d8777bd45513cd2873992c0bccfe45a5fe267f41ffb4466a0ec809be8adbd0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:48 GMT
Last-Modified: Mon, 18 Jul 2022 08:09:02 GMT
Server: AmazonS3
x-amz-request-id: V6H9BF3HM1PK6FN3
ETag: "a27088325c86e203dfbeadd809a968f3"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 28129
x-amz-id-2: xLQEmEKFa3g4UmUmbKHUyReIjhVcooAhcnkapPB0e6cpQznAOz3nqLzwhJlh/wBsOrpI76LZftE=
Expires: Tue, 18 Jul 2023 08:09:01 GMT

GET
H/1.1 200
OK columbia_logo_outline-150x150.png
s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2022/07/11010930/ 27 KB
28 KB 229ms
229ms Image
image/png 52.218.252.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2022/07/11010930/columbia_logo_outline-150x150.png
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.252.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8d8777bd45513cd2873992c0bccfe45a5fe267f41ffb4466a0ec809be8adbd0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:48 GMT
Last-Modified: Mon, 11 Jul 2022 08:09:31 GMT
Server: AmazonS3
x-amz-request-id: V6HAHDQM99CEG1JW
ETag: "a27088325c86e203dfbeadd809a968f3"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 28129
x-amz-id-2: ffquQRF96F1z0ZyxbY7LXnqmoz020dXvAv4IfNDUf/fZ3YyMx24W1VKBTnP1IF3tF2T0b/L140M=
Expires: Tue, 11 Jul 2023 08:09:30 GMT

GET
H/1.1 200
OK columbia_logo_outline-150x150.png
s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2022/07/04010925/ 27 KB
28 KB 243ms
243ms Image
image/png 52.218.252.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/sportshub2-uploads-prod/files/sites/2708/2022/07/04010925/columbia_logo_outline-150x150.png
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.252.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8d8777bd45513cd2873992c0bccfe45a5fe267f41ffb4466a0ec809be8adbd0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:48 GMT
Last-Modified: Mon, 04 Jul 2022 08:09:26 GMT
Server: AmazonS3
x-amz-request-id: V6H1R1CXV1NZ8KGZ
ETag: "a27088325c86e203dfbeadd809a968f3"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 28129
x-amz-id-2: nmNAAdgGue7cPLxiT/LKY0vxrC1oLiLdgP6AdxgUr3dmP6Z6EHc9X4ZwWaPbdy3Jb9bCvTLVZIo=
Expires: Tue, 04 Jul 2023 08:09:25 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 94ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: 33558069624c6849e3bedf4ef9ead7bf4cef2afdd7ecb64758a660fa4ae5ed8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:46 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 1090
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 29278
x-tw-cdn: VZ
Last-Modified: Mon, 15 Aug 2022 23:23:32 GMT
Server: ECS (frb/6711)
Etag: "080f1472776d4d1a972a14cea4433aeb+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 3cbe8910-f76e-0137-efd4-06a9ed4ca31b Show response
tag.simpli.fi/sifitag/ 3 KB
4 KB 172ms
15ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/3cbe8910-f76e-0137-efd4-06a9ed4ca31b

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

6d16522a5edaff3d0e4f3c1ab73f5a1ede3c6e83aa4ac1354072f15f7422bd93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Tue, 30 Aug 2022 20:49:46 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3100
x-request-id: FxA6gJLwPWebMrBKNgsD
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK vendor_77735b9.js Show response
vnn-sportshub.s3-us-west-2.amazonaws.com/production/77735b9/scripts/ 457 KB
457 KB 180ms
179ms Script
application/javascript 52.92.149.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vnn-sportshub.s3-us-west-2.amazonaws.com/production/77735b9/scripts/vendor_77735b9.js
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.149.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e4d64b6f861441f9cf263699ba265c040bf7d58c7fd01bc7b7e83ec064b43047

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:46 GMT
Last-Modified: Thu, 18 Aug 2022 00:13:35 GMT
Server: AmazonS3
x-amz-request-id: 8F5397D5090BR90S
ETag: "efc619e8f4adfe3f6b59a4fc89393733"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 467844
x-amz-id-2: vEM31w0EV+gN5ZwMbx1x7houvCRP7Y+E0ioJxUCHC/Q6ZSWopXD2AkOi5lZm9EsyPQ7Iaqlcdpk=

GET
H/1.1 200
OK main_77735b9.js Show response
vnn-sportshub.s3-us-west-2.amazonaws.com/production/77735b9/scripts/ 266 KB
266 KB 190ms
183ms Script
application/javascript 52.92.149.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vnn-sportshub.s3-us-west-2.amazonaws.com/production/77735b9/scripts/main_77735b9.js
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.149.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 53a2fba13befd56afc9d4fd1414ae0ba3f537a98451df3d110b0caabe57cb020

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:47 GMT
Last-Modified: Thu, 18 Aug 2022 00:13:35 GMT
Server: AmazonS3
x-amz-request-id: 8F59A147WP3MFQFE
ETag: "f6a18c49c8aed921e623b0a03ec73689"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 272294
x-amz-id-2: 6g8yJjX5Fp4WgPH8ZfCZ3nyevoNS7EIgFL0UFPlLFLVn/1GYw1n33fbFYOKFsxfKORBeSZFwwOQ=

GET
H/1.1 200
OK wp-embed.min.js Show response
whitesalmonbruins.com/wp-includes/js/ 1 KB
2 KB 1862ms
1855ms Script
application/javascript 44.235.104.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whitesalmonbruins.com/wp-includes/js/wp-embed.min.js?ver=4.9.20
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.235.104.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-104-156.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:47 GMT
content-encoding: gzip
x-cacheable: YES
x-now-datetime: Tue, 30 Aug 2022 20:49:47 GMT
age: 2
x-response-host: whitesalmonbruins.com
x-cache: MISS
x-unsetcookies: TRUE
content-length: 750
x-backend-server: ip-172-31-7-247.us-west-2.compute.internal
x-backend-host: whitesalmonbruins.com
via: 1.1 varnish-v4
last-modified: Fri, 11 Mar 2022 02:13:34 GMT
server: nginx
x-uncacheable: false
etag: W/"622ab04e-56f"
vary: Accept-Encoding
x-varnish: 493622219
x-cache-datetime: Tue, 30 Aug 2022 20:49:45 GMT
x-response-path: /wp-includes/js/wp-embed.min.js?ver=4.9.20
x-cache-server: ip-172-31-34-33.us-west-2.compute.internal
x-cache-age-extended: 0 minutes
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 166ms
18ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: vnnsportshub.net
URL: https://vnnsportshub.net/app/mu-plugins/wp-vnn-facebook-pixel/src/js/script.js?ver=4.9.20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f62054be93b9f30643e209e390ae4299eb0501d1d89d9c8a3c6ee496ea9bd99c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26683
x-xss-protection: 0
pragma: public
x-fb-debug: zO2AxZDaib3cRT9ugiCeeeNuf8tXzH84KnLkD9tnl4X12wLnUx5+5s69I3LxS5dyoTrDFT5u3G7YvjnMqvsrUw==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 30 Aug 2022 20:49:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2
fonts.gstatic.com/s/oswald/v49/ 18 KB
18 KB 64ms
28ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700|Oswald:300,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24559cb630d9fc7ad4c9c2ceb19663a2dacdc44af12c572d7f08a28e1e74218a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://whitesalmonbruins.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 22:04:01 GMT
x-content-type-options: nosniff
age: 81944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17928
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 22:04:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 29ms
14ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700|Oswald:300,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://whitesalmonbruins.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 228004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 05:29:41 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 31ms
18ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700|Oswald:300,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://whitesalmonbruins.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 478074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2023 08:01:51 GMT

GET
H2 200 client.js Show response
client.crisp.chat/static/javascripts/ 379 KB
95 KB 26ms
24ms Script
application/javascript 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/client.js?b2be41e

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22ba33a81c7991dc6f5cf53028a16627e04dfb39f079c06f75e8366a5da29659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 49010
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 13 Jun 2022 13:12:02 GMT
server: cloudflare
etag: W/"62a737a2-5ec11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=315360000
access-control-allow-credentials: false
cf-ray: 74306516afb8922b-FRA
access-control-allow-headers: Content-Type, Origin
expires: Fri, 27 Aug 2032 20:49:46 GMT

GET
H2 200 client_default.css
client.crisp.chat/static/stylesheets/ 327 KB
40 KB 21ms
20ms Stylesheet
text/css 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/stylesheets/client_default.css?b2be41e

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd538094f00a8f620f7f12c0a7ac0fcca74ee7b4388955470cd7f14c4fb602a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 49010
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 24 Aug 2022 07:11:53 GMT
server: cloudflare
etag: W/"6305cf39-51a36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=315360000
access-control-allow-credentials: false
cf-ray: 74306516afb9922b-FRA
access-control-allow-headers: Content-Type, Origin
expires: Fri, 27 Aug 2032 20:49:46 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 68ms
25ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/vnn/vnnsports/didna_config.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

205ff168565f22720b5f153e9e932c9c1b2632afde30f4648eebd4b8dab68626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28582
x-xss-protection: 0
server: sffe
etag: "1319 / 104 of 1000 / last-modified: 1661878170"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 30 Aug 2022 20:49:46 GMT

GET
BLOB 200
OK 004de6e2-e68b-4056-9fdb-ee81314f0a29
https://whitesalmonbruins.com/ 564 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://whitesalmonbruins.com/004de6e2-e68b-4056-9fdb-ee81314f0a29
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 815ee379589e2686af0a423df3987810358aaa03ea11a46250de270ad307a383

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 564
Content-Type: text/javascript

GET
H2 200 player.config.js Show response
vnn-player.rapidreplay.co/players/ 10 KB
3 KB 203ms
202ms Script
application/javascript 2606:4700:20::ac43:4a8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vnn-player.rapidreplay.co/players/player.config.js

Requested by

Host: www.rapidreplay.co
URL: https://www.rapidreplay.co/players/vnn/sticky-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

78d846776f79e717b18e180f50c99bc5be503eeb2738ac34838bd1a5e8d9bf7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:46 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
content-encoding: br
vary: Accept-Encoding
last-modified: Tue, 30 Aug 2022 04:41:06 GMT
server: cloudflare
etag: W/"2884-182ed0d92d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8EgVJcHiZrUapuY0M8JDGfTrKD%2B%2BiUQbVsvKWH3uHXiHUbsVDJUiKUmUxqomLKM4tMSX%2BFLu7kEKTEWDAOgtlT8v1qAV6SJsDgPCq33iBUGOIcEd0wVmKSuTaKGZaiMqGdpZTqDIZIKt0%2FcHux7OmGpSPBh1VQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
cf-ray: 743065190d42bbeb-FRA

GET
H2 200 brid.min.js Show response
services.brid.tv/player/build/ 313 KB
79 KB 40ms
9ms Script
application/javascript 13.225.78.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.brid.tv/player/build/brid.min.js
Requested by: Host: www.rapidreplay.co
URL: https://www.rapidreplay.co/players/vnn/sticky-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-107.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbb83acce0eb40784b78a49b626b1016c9dc304ce34f3f295e8121f6afc319a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:35:24 GMT
content-encoding: br
last-modified: Wed, 24 Aug 2022 08:02:19 GMT
server: AmazonS3
age: 863
etag: W/"5a77f00972f443348a6bd159cebe8160"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
cache-control: max-age=1200, public
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: CXz_5R92NmRUJLMZDI508fmmgwXeM-e9xCvGckOXoM_muUAyi445tg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 204 KB
73 KB 72ms
26ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H5WYGT4MKE

Requested by

Host: www.rapidreplay.co
URL: https://www.rapidreplay.co/players/vnn/sticky-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b5999ee79684f84842959744c998747859fa7a5a4965b882f18abe92e64922b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74025
x-xss-protection: 0
expires: Tue, 30 Aug 2022 20:49:46 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 18ms
17ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

34ac8f8591b2aa6be116d30208a7fa2f4a1796b970e6ba7d41d372350a98095d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 5VDfxJ+eRorN1Dh5QU+2TA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: 5rakzQpaQl6ChFKmVY0wnx3VgUdQgN9BWpvd+71ze3ey/4ckA2eFUgqhJfYkpskLrZaOngE51jjnXNgxu0He4Q==
x-fb-content-md5: ddc3717606400af5bea4c3d95d9720d7
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 30 Aug 2022 20:49:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "3bb5a450c59ae9afbd096898f1cbef5a"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 30 Aug 2022 20:59:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 544ms
22ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6466
date: Tue, 30 Aug 2022 19:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 30 Aug 2022 21:02:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 26 KB
10 KB 512ms
8ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8bac9c023fad9d6721b69f7fe5cfbd0da812fd66ec2c428ae4a141cc44f2e4e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:46 GMT
content-encoding: gzip
etag: "TFjIU174W8I7nbu1DVEZpA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 06 Sep 2022 20:49:46 GMT

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 125 KB
125 KB 45ms
16ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://whitesalmonbruins.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 20:32:16 GMT
x-content-type-options: nosniff
age: 433050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128352
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2023 20:32:16 GMT

GET
H3 200 didna_util_v4.4.5.min.js.gz Show response
storage.googleapis.com/didna-dev/experimental/ 196 KB
57 KB 76ms
25ms Script
text/javascript 2a00:1450:4001:80f::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/didna-dev/experimental/didna_util_v4.4.5.min.js.gz
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/vnn/vnnsports/didna_config.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2c5a8ab96689ef2111186085dca4345239ac4367d7f7547240fe2e274726ed16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:29:32 GMT
content-encoding: gzip
age: 1214
x-guploader-uploadid: ADPycdvXQUc3SYcrgOLCMT6nEPJyGmhUlsUrpYL7PqfGor9N8Wu99I7dvkJj4yF7vpLsHWzzpFaXMKf-MsUxROZ9HO5ds5ztTSHN
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58376
last-modified: Fri, 29 Jul 2022 15:05:28 GMT
server: UploadServer
etag: "c48d3168f11cafe88b6885345ef464fd"
vary: Accept-Encoding
x-goog-hash: crc32c=VlK1yQ==, md5=xI0xaPEcr+iLaIU0XvRk/Q==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1659107128253807
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 58376
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 31 Aug 2022 20:29:32 GMT

GET
BLOB 200
OK 4788dcc7-23ff-4cf0-9820-4bb6aef48b7a Show response
https://whitesalmonbruins.com/ 444 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/vnn/vnnsports/didna_config.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63204a4366f70331c617799720504e257d997307ac8dbb414c695613aa772e2a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 454682
Content-Type: text/javascript

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/P8JTYHxnfThketEhV7hAwuIlzBs/gpt_and_prebid/ 91 KB
22 KB 508ms
27ms Script
text/javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/P8JTYHxnfThketEhV7hAwuIlzBs/gpt_and_prebid/config.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-dev/experimental/didna_util_v4.4.5.min.js.gz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b500e6a0015b9af9c4d56c46bdb53bea40a4b6f93404f081702c79e14fd423d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:47 GMT
Content-Encoding: gzip
Age: 1064
X-Cache: HIT
Connection: keep-alive
Content-Length: 21446
x-amz-id-2: OOR0b6wyUzzD6bQ4mfbkYCmI/52ryk+Ryh6eaNj+0AGT8TgXtzhDMtprZHHowQ7toeynRpkBOD4=
X-Served-By: cache-fra19157-FRA
Last-Modified: Tue, 30 Aug 2022 19:31:28 GMT
Server: AmazonS3
X-Timer: S1661892587.006114,VS0,VE1
ETag: "6f2ab5550df6bcdf6f3090a842f5af80"
x-amz-request-id: 2JX1YRSH839J9RNG
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 1

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/159745/4535/ 213 KB
65 KB 482ms
18ms Script
application/javascript 23.47.208.212
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-dev/experimental/didna_util_v4.4.5.min.js.gz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.47.208.212 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-208-212.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 01468d0365981ec4c5b2ac916a2df5ed997ab8fd45e6123ea68a117f72ae83e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:46 GMT
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 21:27:50 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=70677
accept-ranges: bytes
content-type: application/javascript
content-length: 66316
expires: Wed, 31 Aug 2022 16:27:43 GMT

GET
H3 200 297498244206549 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 166ms
145ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/297498244206549?v=2.9.78&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9f6ea04dfa28ea9e403c69a2fe9dad0714e425125d7e7ba3f7f84462fc2a13b7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: bnltmqNl9YLuvL4J8lQIQmjqvBoDrv5E+geH1Thp0TGVK9Z2O3xSzLhW/JaUAxaQTeMA3oBUxOH5Ea/g94p/4A==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 30 Aug 2022 20:49:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 pubads_impl_2022082901.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
129 KB 64ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069257

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b98ba65804117309185fd18cda5608fa31f342b3c626715722721ebc93f4231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35302
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132076
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 08:35:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 30 Aug 2023 11:01:24 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 43 B
81 B 76ms
48ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=whitesalmonbruins.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5da654e171b73f3a731978550c89ac8cbc85805ba416bdad8fefd717f98e6a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Aug 2022 20:49:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57
x-xss-protection: 0
expires: Tue, 30 Aug 2022 20:49:46 GMT

GET
BLOB 206
Partial Content 77aa6dc4-30ee-4bde-8209-308c60efd49a
https://whitesalmonbruins.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://whitesalmonbruins.com/77aa6dc4-30ee-4bde-8209-308c60efd49a
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content d643df6a-0971-4d16-80ff-5b64521e2ee3
https://whitesalmonbruins.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://whitesalmonbruins.com/d643df6a-0971-4d16-80ff-5b64521e2ee3
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 303 KB
86 KB 42ms
19ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=35a620d9a26018fa314325893829d9bf

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

36684a8b89cd39f590772b096829dcbda7e194bb1f0ef1e0ca28157c80a34237

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://whitesalmonbruins.com/
Origin: https://whitesalmonbruins.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: iA7BJsEcfevEMMjW6ArUlQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87972
x-fb-rlafr: 0
x-fb-debug: YZKECOA/OyJU300nClv7g0xPD3RTTO2pHXelovmB7muWWVaTwI/AvgtL7tPGbir9B0p/ZKrmZtusg+CJM8aHdg==
x-fb-content-md5: 7561327d676070d9717c37fc35ded560
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 30 Aug 2022 20:49:47 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "e3d2c80ab635e2995c45da06953e1f5e"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 30 Aug 2023 16:35:29 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
351 B 47ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-H5WYGT4MKE&gtm=2oe8t0&_p=625256185&cid=1659917486.1661892587&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661892587&sct=1&seg=0&dl=https%3A%2F%2Fwhitesalmonbruins.com%2F&dt=Columbia%20High%20School%20(White%20Salmon)%20-%20Team%20Home%20Columbia%20High%20School%20(White%20Salmon)%20Bruins%20Sports&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5WYGT4MKE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://whitesalmonbruins.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-7JSA-he1aLrtV.js Show response
rules.quantcount.com/ 209 B
691 B 39ms
8ms Script
application/javascript 2600:9000:223c:3000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-7JSA-he1aLrtV.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:3000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70c7527733111f9e22234234bb84e157cbfb6a45916bd0a570243e2d1083a2c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:36:04 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
age: 1065
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 209
last-modified: Mon, 22 Aug 2022 11:04:25 GMT
server: AmazonS3
etag: "b760df88b5ad7735bda3a29e8ea50faa"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: T7tBP9u1_ZuCi_fWAWUu_fcVkmHz_HG-VadLfUf7NnAmJJ6gx-BoQw==

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 58ms
19ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=297498244206549&ev=PageView&dl=https%3A%2F%2Fwhitesalmonbruins.com%2F&rl=&if=false&ts=1661892587038&sw=1600&sh=1200&v=2.9.78&r=stable&ec=0&o=30&fbp=fb.1.1661892587037.1887108897&it=1661892586424&coo=false&rqm=GET

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 30 Aug 2022 20:49:47 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 74ms
22ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=625256185&t=pageview&_s=1&dl=https%3A%2F%2Fwhitesalmonbruins.com%2F&ul=en-us&de=UTF-8&dt=Columbia%20High%20School%20(White%20Salmon)%20-%20Team%20Home%20Columbia%20High%20School%20(White%20Salmon)%20Bruins%20Sports&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAAC~&jid=944186839&gjid=60180856&cid=1659917486.1661892587&tid=UA-35580852-1&_gid=196283028.1661892587&_r=1&_slc=1&z=1871075407

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://whitesalmonbruins.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 71ms
22ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=625256185&t=pageview&_s=1&dl=https%3A%2F%2Fwhitesalmonbruins.com%2F&ul=en-us&de=UTF-8&dt=Columbia%20High%20School%20(White%20Salmon)%20-%20Team%20Home%20Columbia%20High%20School%20(White%20Salmon)%20Bruins%20Sports&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAAC~&jid=968733291&gjid=2104105888&cid=1659917486.1661892587&tid=UA-180637122-71&_gid=196283028.1661892587&_r=1&_slc=1&z=2007140024

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://whitesalmonbruins.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202208101343/ 203 KB
65 KB 11ms
10ms Script
application/javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202208101343/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/P8JTYHxnfThketEhV7hAwuIlzBs/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f83dccda0f23005e073046554fcb6f70e6cc5c6d5a31482d8cbf00c3cae72a69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:47 GMT
Content-Encoding: gzip
Age: 768143
X-Cache: HIT
Connection: keep-alive
Content-Length: 66315
x-amz-id-2: 5oiLf2r02/nJDmxvK6nutnHLLVBWiErSyGJWf2jPQ0C/kMlbNQsHwANVqlvY0Jpg9Ncfj8yN/Uo=
X-Served-By: cache-fra19157-FRA
Last-Modified: Thu, 11 Aug 2022 17:11:38 GMT
Server: AmazonS3
X-Timer: S1661892587.102901,VS0,VE0
ETag: "6dc02234ec68d77d35e4d6a9fe8b646f"
x-amz-request-id: A6R0AVYXX1R3HAWQ
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 6243039

GET
H2 200 pixel
pxl.qccerttest.com/ 35 B
548 B 57ms
7ms Image
image/gif 2600:9000:223d:ea00:11:615:7240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pxl.qccerttest.com/pixel?r=131926019;fpan=1;fpa=P0-16959971-1661892587098;pbc=;ns=0;ce=1;qjs=1;qv=223cf405-20220825122038;ref=;cm=;gdpr=0;d=whitesalmonbruins.com;dst=0;et=1661892587097;tzo=0;url=https%3A%2F%2Fwhitesalmonbruins.com%2F;ogl=site_name.Columbia%20High%20School%2Ctitle.Columbia%20High%20School%2Curl.https%3A%2F%2Fwhitesalmonbruins%252Ecom%2F%2Ctype.website%2Cdescription.Columbia%20High%20School%2Cimage.http%3A%2F%2Fs3-us-west-2%252Eamazonaws%252Ecom%2Fsportshub2-uploads-prod%2Ffiles%2Fsites%2F2708%2F2020%2F%2Cimage%3Asecure_url.https%3A%2F%2Fs3-us-west-2%252Eamazonaws%252Ecom%2Fsportshub2-uploads-prod%2Ffiles%2Fsites%2F2708%2F2020%2Cimage%3Atype.image%2Fpng%2Cimage%3Awidth.1178%2Cimage%3Aheight.1178

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:ea00:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 05:55:33 GMT
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 53655
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000
content-length: 35
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "55d25e9dc950d5db4d53a3b195c046c6"
vary: Accept-Encoding, Origin
content-type: image/gif
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
x-amz-cf-id: tzt_Ec0lwNzZwtCANnj_3-lnS1J1CV0JNEt7FXtG7Bu8vfde3cJzyg==

GET
H2 200 pixel;r=1447057313;labels=Site.https%3A%2F%2Fwhitesalmonbruins.com%2CState.WA;rf=0;a=p-7JSA-he1aLrtV;url=https%3A%2F%2Fwhitesalmonbruins.com%2F;uht=2;fpan=0;fpa=P0-16959971-1661892587098;pbc=;ns=0;...
pixel.quantserve.com/ 35 B
371 B 12ms
12ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1447057313;labels=Site.https%3A%2F%2Fwhitesalmonbruins.com%2CState.WA;rf=0;a=p-7JSA-he1aLrtV;url=https%3A%2F%2Fwhitesalmonbruins.com%2F;uht=2;fpan=0;fpa=P0-16959971-1661892587098;pbc=;ns=0;ce=1;qjs=1;qv=223cf405-20220825122038;cm=;gdpr=0;ref=;d=whitesalmonbruins.com;dst=0;et=1661892587100;tzo=0;ogl=site_name.Columbia%20High%20School%2Ctitle.Columbia%20High%20School%2Curl.https%3A%2F%2Fwhitesalmonbruins%252Ecom%2F%2Ctype.website%2Cdescription.Columbia%20High%20School%2Cimage.http%3A%2F%2Fs3-us-west-2%252Eamazonaws%252Ecom%2Fsportshub2-uploads-prod%2Ffiles%2Fsites%2F2708%2F2020%2F%2Cimage%3Asecure_url.https%3A%2F%2Fs3-us-west-2%252Eamazonaws%252Ecom%2Fsportshub2-uploads-prod%2Ffiles%2Fsites%2F2708%2F2020%2Cimage%3Atype.image%2Fpng%2Cimage%3Awidth.1178%2Cimage%3Aheight.1178;ses=8b7d774b-4d78-40e4-93b5-2a61c7d0116d

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:47 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 39ms
18ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=297498244206549&ev=Microdata&dl=https%3A%2F%2Fwhitesalmonbruins.com%2F&rl=&if=false&ts=1661892587541&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Columbia%20High%20School%20(White%20Salmon)%20%20-%20Team%20Home%20Columbia%20High%20School%20(White%20Salmon)%20Bruins%20Sports%22%2C%22meta%3Adescription%22%3A%22Follow%20the%20%20Bruins%20schedule%2C%20roster%2C%20events%20and%20photos%20all%20in%20one%20place.%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Columbia%20High%20School%22%2C%22og%3Atitle%22%3A%22Columbia%20High%20School%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwhitesalmonbruins.com%2F%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Adescription%22%3A%22Columbia%20High%20School%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fs3-us-west-2.amazonaws.com%2Fsportshub2-uploads-prod%2Ffiles%2Fsites%2F2708%2F2020%2F10%2F28202819%2Fcolumbia_logo_outline.png%22%2C%22og%3Aimage%3Asecure_url%22%3A%22https%3A%2F%2Fs3-us-west-2.amazonaws.com%2Fsportshub2-uploads-prod%2Ffiles%2Fsites%2F2708%2F2020%2F10%2F28202819%2Fcolumbia_logo_outline.png%22%2C%22og%3Aimage%3Atype%22%3A%22image%2Fpng%22%2C%22og%3Aimage%3Awidth%22%3A%221178%22%2C%22og%3Aimage%3Aheight%22%3A%221178%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.78&r=stable&ec=1&o=30&fbp=fb.1.1661892587037.1887108897&it=1661892586424&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 30 Aug 2022 20:49:47 GMT

POST
H/1.1 200
OK admin-ajax.php Show response
whitesalmonbruins.com/wp-admin/ 0
1 KB 676ms
676ms XHR
text/html 44.235.104.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://whitesalmonbruins.com/wp-admin/admin-ajax.php

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/wp-includes/js/jquery/jquery.js?ver=1.12.4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

44.235.104.156 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-235-104-156.us-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://whitesalmonbruins.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-backend-host: whitesalmonbruins.com
x-now-datetime: Tue, 30 Aug 2022 20:49:48 GMT
age: 0
x-powered-by: PHP/7.4.21
x-cache: MISS
x-backend-server: ip-172-31-36-103.us-west-2.compute.internal
content-length: 25
via: 1.1 varnish-v4
access-control-allow-origin: https://whitesalmonbruins.com
referrer-policy: strict-origin-when-cross-origin
x-robots-tag: noindex
server: nginx
x-uncacheable: true
x-cacheable: NO
x-frame-options: SAMEORIGIN
x-response-host: whitesalmonbruins.com
vary: Accept-Encoding
x-varnish: 502890580
x-cache-datetime: Tue, 30 Aug 2022 20:49:48 GMT
x-response-path: /wp-admin/admin-ajax.php
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-cache-server: ip-172-31-34-33.us-west-2.compute.internal
x-cache-age-extended: 0 minutes
accept-ranges: bytes
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 132ms
132ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: vnn-sportshub.s3-us-west-2.amazonaws.com
URL: https://vnn-sportshub.s3-us-west-2.amazonaws.com/production/77735b9/scripts/main_77735b9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7671c9671e2d96ec3e4238268ba25e333ec71fea6ecac5576cbcef87e69c8003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28554
x-xss-protection: 0
server: sffe
etag: "1319 / 233 of 1000 / last-modified: 1661878086"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 30 Aug 2022 20:49:47 GMT

GET
H/1.1 200
OK widget_iframe.9d00f3a022654eb8edfbc3190e981f9d.html Show response
platform.twitter.com/widgets/ Frame 5295 320 KB
104 KB 9ms
8ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.9d00f3a022654eb8edfbc3190e981f9d.html?origin=https%3A%2F%2Fwhitesalmonbruins.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6727) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://whitesalmonbruins.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1216700
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Tue, 30 Aug 2022 20:49:47 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Mon, 15 Aug 2022 23:01:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6727)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 5295 709 B
589 B 134ms
112ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=2f0938557c22d4dcd1155d4a7caec79ab34c6366

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.9d00f3a022654eb8edfbc3190e981f9d.html?origin=https%3A%2F%2Fwhitesalmonbruins.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

d65246f2a98e02b32e2a0d80916e65eab499aebe923d078037efd692b31cef58

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-response-time: 105
date: Tue, 30 Aug 2022 20:49:47 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 20:49:48 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 2792567235e552bead0d9634d6d6af30a1e28cb25311c4430e767d84ecad67b3
content-length: 308

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
943 B 40ms
14ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1928995
x-amz-request-id: tx2c2a7f1003e44e2d861b5-00629f4bc7
x-amz-id-2: tx2c2a7f1003e44e2d861b5-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMjagfO3wIOdmcnexE2T%2FpMz9hbt4sTlrKaXHwdjmm%2Ft43rXU3Z4ct%2Bo0ShPJ3LeGkS7HeYSxG9oaPw7AlESdrej7Xj%2F8cpREtOWvMmHk7PH6nzCsRh9nGExNC65q2KbjZs2bDxVlx9QFs%2F%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 7430652338319a03-FRA

GET
H2 200 arj Show response
didna-d.openx.net/w/1.0/ 73 B
145 B 69ms
25ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://didna-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwhitesalmonbruins.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=19887aab-1935-4323-9e9d-3bd4c2f77103&nocache=1661892588008&pubcid=35b4d28a-26a4-4775-99c9-4eeabf5d21e8&aus=970x90&divids=gpt-ad-9515954587489615&aucs=&auid=557540962&aumfs=50
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 16505f38e730970522591a4f68a1faa6cd2b7eeba98a99bbab49aaac8eff701a

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://whitesalmonbruins.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 87ms
66ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

3c491107719ff0934adef33e850be95d8f708acff22e4e091f948dd55951934b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 20:49:48 GMT
X-Proxy-Origin: 178.162.209.139; 178.162.209.139; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2c5e4f66-ac56-493b-b6ea-ca3595bd5083
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://whitesalmonbruins.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
640 B 228ms
154ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUJY6S41
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d3eae5142f5987f4ad1ce3c6408d57d3b2803498f1bb1c6e09d0c3f7c7f3a428

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://whitesalmonbruins.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 284 B
1 KB 69ms
23ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=373884&zone_id=2046816&size_id=55&eid_pubcid.org=35b4d28a-26a4-4775-99c9-4eeabf5d21e8%5E1&rf=https%3A%2F%2Fwhitesalmonbruins.com%2F&tk_flint=pbjs_lite_v6.29.0&x_source.tid=19887aab-1935-4323-9e9d-3bd4c2f77103&l_pb_bid_id=83a3bd16a97299&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&slots=1&rand=0.8619707811313893
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3fedbd00262cb11bb1107567641fd20c220c8258950a48af3f4c33c98fe67cca

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 20:49:48 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://whitesalmonbruins.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
162 B 96ms
21ms XHR
text/plain 52.57.222.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.222.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-222-146.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://whitesalmonbruins.com
date: Tue, 30 Aug 2022 20:49:48 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
174 B 58ms
15ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Tue, 30 Aug 2022 20:49:47 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://whitesalmonbruins.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
531 B 71ms
15ms XHR
application/json 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.0
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 01a265331b9628555e0d48fc6e79bcb756fecaa7b9f89096d5b22ca5e2f2c873

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
pod: X-Sovrn-Pod: ad_ap6ams1
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://whitesalmonbruins.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 24

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 93 B
186 B 691ms
103ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dpjFFMPkSr6AKmaKkGJozW
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 7a5431db35a714d13850ea6a64be34cd03bc884ec9a97c583dfa3fa2f65bf7fd

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://whitesalmonbruins.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
782 B 214ms
150ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUJY6S41
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: f4cfafd1f79402cbadb2253fa68f20c9d5fe73ba76143a2b176ef00f6faad86c

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://whitesalmonbruins.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 arj Show response
didna-d.openx.net/w/1.0/ 73 B
145 B 56ms
24ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://didna-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwhitesalmonbruins.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=50e74041-ce25-4752-aba1-381bb481025e&nocache=1661892588022&pubcid=35b4d28a-26a4-4775-99c9-4eeabf5d21e8&aus=88x31&divids=gpt-ad-8361338331320487&aucs=&auid=557540962&aumfs=50
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 459c2189971018261becc38bd1529809e6b2947d988711dfe1caff5f98e44d25

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://whitesalmonbruins.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
18 B 54ms
18ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Tue, 30 Aug 2022 20:49:47 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://whitesalmonbruins.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 93 B
367 B 685ms
103ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dpjFFMPkSr6AKmaKkGJozW
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 96e24601b058cc2d376b6a5ff12d1ccca9859f5fd60b2abb42fed33825a17bbc

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://whitesalmonbruins.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 60ms
46ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

526e602aa4e4262bf377dab7d93fc49a4b4100ce63460391017954722dccf3e7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 20:49:48 GMT
X-Proxy-Origin: 178.162.209.139; 178.162.209.139; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c10d2e76-0090-4ad3-9df1-a6e6fb334b61
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://whitesalmonbruins.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
18 B 51ms
17ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Tue, 30 Aug 2022 20:49:47 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://whitesalmonbruins.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

GET
H2 200 arj Show response
didna-d.openx.net/w/1.0/ 73 B
382 B 51ms
24ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://didna-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwhitesalmonbruins.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9e577031-7d8b-49ed-8e15-05a786249bdb&nocache=1661892588026&pubcid=35b4d28a-26a4-4775-99c9-4eeabf5d21e8&aus=300x250&divids=gpt-ad-9900645148146683&aucs=&auid=557540962
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a6abd01f2a5ef3fd5d2bdddda2a92397e790289ea9f374d088ddc8f81d09ee86

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://whitesalmonbruins.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
531 B 64ms
17ms XHR
application/json 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.0
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: c59c97aca6024832c7a7420184ae6d42054dc065f6230629fd64f5aea60eeafc

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
pod: X-Sovrn-Pod: ad_ap6ams1
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://whitesalmonbruins.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 24

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
638 B 214ms
155ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUJY6S41
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: bdf14d05fea4159cb7125759f7a0182d19eb0e1c3220b7c09361d086ea3a4088

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://whitesalmonbruins.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 81ms
66ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

5962b6aad1261c08add6f4345724bb209cb43d08c2997ae9361595a134220d20

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 20:49:48 GMT
X-Proxy-Origin: 178.162.209.139; 178.162.209.139; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 53114fca-eebf-4914-9ad1-5bdaf617ce28
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://whitesalmonbruins.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
161 B 207ms
144ms XHR
text/plain 52.57.222.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.222.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-222-146.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://whitesalmonbruins.com
date: Tue, 30 Aug 2022 20:49:48 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 93 B
184 B 690ms
113ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dpjFFMPkSr6AKmaKkGJozW
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: f09e0899cbe82d68782233d5cdfaf842dab4d104e152dad805cd01b35e8d73a3

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://whitesalmonbruins.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 284 B
1 KB 62ms
19ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=373884&zone_id=2046816&size_id=15&eid_pubcid.org=35b4d28a-26a4-4775-99c9-4eeabf5d21e8%5E1&rf=https%3A%2F%2Fwhitesalmonbruins.com%2F&tk_flint=pbjs_lite_v6.29.0&x_source.tid=9e577031-7d8b-49ed-8e15-05a786249bdb&l_pb_bid_id=46c285d8a68cc5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3256899560557567
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a3d7a41467a4641247d07f80b9cdfde40012384ad6ad0ba81fafed5d0647de01

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 20:49:48 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://whitesalmonbruins.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 284 B
1 KB 66ms
17ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=373884&zone_id=2046816&size_id=15&eid_pubcid.org=35b4d28a-26a4-4775-99c9-4eeabf5d21e8%5E1&rf=https%3A%2F%2Fwhitesalmonbruins.com%2F&tk_flint=pbjs_lite_v6.29.0&x_source.tid=9e577031-7d8b-49ed-8e15-05a786249bdb&l_pb_bid_id=47122e1fb146f01&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.12968330733979982
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5c69722f9998182684839173177f8901425ed4bb7651752a91606aee25917751

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 20:49:48 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://whitesalmonbruins.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 / Show response
client.crisp.chat/settings/website/5b03558c-102b-4536-885a-278b7496538b/prelude/ 213 B
626 B 41ms
41ms Script
application/javascript 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/5b03558c-102b-4536-885a-278b7496538b/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2022-7-30-20-49

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b2be41e

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee3aaae7cb4312dfe3be5e4e4d623de83da6c01a5332ff7ef9060195e51235b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 30 Aug 2022 20:49:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: false
cf-ray: 743065234ed8903d-FRA
access-control-allow-headers: Content-Type, Origin
expires: Wed, 31 Aug 2022 00:49:48 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 58ms
41ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: txc33a287806374ad89d1af-00630bd452
cf-ray: 743065236a559a05-FRA
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-id-2: txc33a287806374ad89d1af-00630bd452
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fpJwEuY9LK46v7Z8LsIAW2YNoJ%2BPguRcV%2FGA3YehXVwp5CwNF4IZ3m8VXrqw%2BzyYE2m6rpUBAGa4eonmAVnWpTkagw7ZGjJAeI%2BtzoED4jWdHiMbK5CuBDJ2p%2FbmjB522lmctfFNW%2BQ8NlG"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1652176651393042
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: Authorization

GET
H3 200 / Show response
client.crisp.chat/settings/website/5b03558c-102b-4536-885a-278b7496538b/ 2 KB
1 KB 16ms
15ms Script
application/javascript 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/5b03558c-102b-4536-885a-278b7496538b/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1659623390238

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b2be41e

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a02e2288de9800ea3c608e4570b2068d72a6d571dd94b47b6124a65e195c468

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7801
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 30 Aug 2022 18:39:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: false
cf-ray: 743065239f4c903d-FRA
access-control-allow-headers: Content-Type, Origin
expires: Wed, 31 Aug 2022 00:49:48 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
531 B 19ms
19ms XHR
application/json 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.0
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 39472e8b0803377869f295c9f7b1d041aab785ae6420672386b38f45ceac2d85

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
pod: X-Sovrn-Pod: ad_ap6ams1
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://whitesalmonbruins.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 24

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 93 B
175 B 618ms
105ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dpjFFMPkSr6AKmaKkGJozW
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: c2f6b5332a308b0eea30cfb28f7c69acae83c691e65122c6dd7fe5581d7ed6e4

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://whitesalmonbruins.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 66ms
66ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

898d5a65a866f8b51c0d263fe11666844d44a4c8ec69b47df3e01d5d5cd136c9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 20:49:48 GMT
X-Proxy-Origin: 178.162.209.139; 178.162.209.139; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9181a450-1839-44e9-a00c-4edd837fda09
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://whitesalmonbruins.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 arj Show response
didna-d.openx.net/w/1.0/ 73 B
101 B 40ms
23ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://didna-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwhitesalmonbruins.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0e58a89f-d80c-4c7d-8c23-33dbde9bb3ab&nocache=1661892588094&pubcid=35b4d28a-26a4-4775-99c9-4eeabf5d21e8&aus=300x250&divids=gpt-ad-21894742912652831&aucs=&auid=557540962&aumfs=50
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: c2bd0539fb95f301459cbe380730cbc8d215bb2c6972615db1a1400e15ef9105

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://whitesalmonbruins.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
639 B 145ms
145ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUJY6S41
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: de176447fc0297416c7e98deba94048eb31f8620926c9e23cc08fb68ffbfd3d5

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://whitesalmonbruins.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
20 B 14ms
14ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Tue, 30 Aug 2022 20:49:47 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://whitesalmonbruins.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 284 B
746 B 26ms
26ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=373884&zone_id=2046816&size_id=15&eid_pubcid.org=35b4d28a-26a4-4775-99c9-4eeabf5d21e8%5E1&rf=https%3A%2F%2Fwhitesalmonbruins.com%2F&tk_flint=pbjs_lite_v6.29.0&x_source.tid=0e58a89f-d80c-4c7d-8c23-33dbde9bb3ab&l_pb_bid_id=6262b1f9d6095c1&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&slots=1&rand=0.04098524514496149
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7295d39ac7923799aa9ec6d4ff9d2021da429d942f35b88e10d8253391179869

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 20:49:48 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://whitesalmonbruins.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 284 B
746 B 51ms
50ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=373884&zone_id=2046816&size_id=15&eid_pubcid.org=35b4d28a-26a4-4775-99c9-4eeabf5d21e8%5E1&rf=https%3A%2F%2Fwhitesalmonbruins.com%2F&tk_flint=pbjs_lite_v6.29.0&x_source.tid=0e58a89f-d80c-4c7d-8c23-33dbde9bb3ab&l_pb_bid_id=6339472707f90b8&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&slots=1&rand=0.29710516776122575
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: add41eb1dacf4d0c67a338988d05f7dab69c7b2b61991d77e151aeadbb58ff69

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 20:49:48 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://whitesalmonbruins.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
161 B 16ms
15ms XHR
text/plain 52.57.222.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.222.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-222-146.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://whitesalmonbruins.com
date: Tue, 30 Aug 2022 20:49:48 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

GET
H3 200 en.js Show response
client.crisp.chat/static/javascripts/locales/ 6 KB
3 KB 17ms
16ms Script
application/javascript 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/locales/en.js?b2be41e

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b2be41e

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

886ffb82e1da067712a7eec3fd3fa0a1b8879158d70d5d2d183824cb168434f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 48996
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 13 Jun 2022 13:12:02 GMT
server: cloudflare
etag: W/"62a737a2-182c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=315360000
access-control-allow-credentials: false
cf-ray: 74306523cf88903d-FRA
access-control-allow-headers: Content-Type, Origin
expires: Fri, 27 Aug 2032 20:49:48 GMT

GET
DATA 200
OK truncated
/ 308 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 626caf211b150d21f5c20b05b378cb99540ae81d719b2af1cb1e29081704238d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 /
image.crisp.chat/avatar/operator/fc6286a6-639a-4e8d-a28a-b87200863a22/240/ 9 KB
9 KB 51ms
36ms Image
image/jpeg 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/avatar/operator/fc6286a6-639a-4e8d-a28a-b87200863a22/240/?1

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13e825e30f9fc4fdb02ed224a65050306b93cb674d51b16c566124eaa04c57c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9411
last-modified: Fri, 26 Aug 2022 20:21:53 GMT
server: cloudflare
etag: W/"24c3-182dbd17482"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7430652419f7922b-FRA
expires: Fri, 27 Aug 2032 20:49:48 GMT

GET
H2 200 partner-feed Show response
feed.videos-rapidreplay.com/ 958 B
962 B 943ms
850ms XHR
application/json 2606:4700:3031::ac43:a205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feed.videos-rapidreplay.com/partner-feed?partnerId=474829sj24L&featured=true&nces=530981001664&type=home&sticky=true
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fb08107d5b906f71b0ccf5ebbbfefbd0989158f5f93cf1a4305b1fe00bdb9960

Request headers

Accept: */*
Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:49 GMT
via: 1.1 vegur
etag: W/"3be-rFaB392TPxOtTLG2IF6Sg0Jo5f0"
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 74306524e9699188-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2F%2FwQ6xeOnKRJ3nFvbtN%2B3ua2kT52dmHCq%2BooGg41DUK7UwU4hobOONDFAMwc4GK6CAZhxJji8j0eJzUf7j5uChIFLb7BxsjJu2YbluQpfq5z55yUTlAqA9%2FmXYqZa7%2FJ8%2B8D%2BayCMsmdQDudkGtNswnnoxXEhR78u8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 p Show response
i.simpli.fi/ 761 B
1 KB 69ms
44ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=42572&cb=sifi_att_3299352057507840._hp

Requested by

Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/3cbe8910-f76e-0137-efd4-06a9ed4ca31b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

dd4c3c455b901626bca1fdc147974463f940f4aae92f0685b0885ab13590024a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Tue, 30 Aug 2022 20:49:48 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=FC42D56F65624C479C748E817F24F696&dongle=yf3

37 B
140 B

58ms
8ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=FC42D56F65624C479C748E817F24F696&dongle=yf3
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Tue, 30 Aug 2022 20:49:48 GMT
x-content-type-options: nosniff
server: nginx
location: https://eb2.3lift.com/xuid?mid=7969&xuid=FC42D56F65624C479C748E817F24F696&dongle=yf3
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 29 Aug 2022 20:49:48 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=FC42D56F65624C479C748E817F24F696

43 B
183 B

461ms
196ms

Image
image/gif

2600:1f18:612b:4232:b349:7e6b:417:1a78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=FC42D56F65624C479C748E817F24F696
Protocol: H2
Server: 2600:1f18:612b:4232:b349:7e6b:417:1a78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

date: Tue, 30 Aug 2022 20:49:48 GMT
x-content-type-options: nosniff
server: nginx
location: https://simplifi.partners.tremorhub.com/sync?UISF=FC42D56F65624C479C748E817F24F696
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 29 Aug 2022 20:49:48 GMT

GET
H3

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=FC42D56F65624C479C748E817F24F696
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=FC42D56F65624C479C748E817F24F696

95 B
113 B

36ms
21ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=FC42D56F65624C479C748E817F24F696

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
via: 1.1 google
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=FC42D56F65624C479C748E817F24F696
date: Tue, 30 Aug 2022 20:49:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=FC42D56F65624C479C748E817F24F696
https://d.agkn.com/pixel/10751/?che=1661892588497&ip=178.162.209.139&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219483204259004145408
https://um.simpli.fi/aa_px?sk=219483204259004145408
https://um.simpli.fi/empty.gif

43 B
361 B

62ms
62ms

Image
image/gif

169.50.137.182
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b6.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Tue, 30 Aug 2022 20:49:48 GMT
x-content-type-options: nosniff
server: nginx
location: /empty.gif
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=FC42D56F65624C479C748E817F24F696

0
0

36ms
8ms

Image
text/html

13.225.78.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=FC42D56F65624C479C748E817F24F696
Protocol: H2
Server: 13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-39.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Redirect headers

date: Tue, 30 Aug 2022 20:49:48 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=FC42D56F65624C479C748E817F24F696
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 29 Aug 2022 20:49:48 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 71ms
23ms Image
image/gif 169.50.137.182
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b6.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 29 Aug 2022 20:49:48 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 23ms
21ms Image
image/gif 169.50.137.182
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b6.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 29 Aug 2022 20:49:48 GMT

GET
H2

200

engine
pbid.pro-market.net/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=FC42D56F65624C479C748E817F24F696;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=FC42D56F65624C479C748E817F24F696;mimetype=img;sr
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTU2NDM1NTI2ODY0MjM0NTU4MTc=
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEKdWsWp7vRCFrSijNTLemuM&google_cver=1

43 B
418 B

21ms
20ms

Image
image/gif

2600:1901:0:8eee::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEKdWsWp7vRCFrSijNTLemuM&google_cver=1
Protocol: H2
Server: 2600:1901:0:8eee:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:48 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-5.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEKdWsWp7vRCFrSijNTLemuM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=FC42D56F65624C479C748E817F24F696&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=FC42D56F65624C479C748E817F24F696&j=0&xl8blockcheck=1

0
771 B

2858ms
2857ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=FC42D56F65624C479C748E817F24F696&j=0&xl8blockcheck=1
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Tue, 30 Aug 2022 20:49:52 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=FC42D56F65624C479C748E817F24F696&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 24ms
22ms Image
image/gif 169.50.137.182
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b6.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 29 Aug 2022 20:49:48 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=FC42D56F65624C479C748E817F24F696

0
421 B

460ms
98ms

Image
text/plain

54.161.113.85
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=FC42D56F65624C479C748E817F24F696
Protocol: HTTP/1.1
Server: 54.161.113.85 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-113-85.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 30 Aug 2022 20:49:47 GMT

Redirect headers

date: Tue, 30 Aug 2022 20:49:48 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.bfmio.com/sync?pid=141&uid=FC42D56F65624C479C748E817F24F696
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 29 Aug 2022 20:49:48 GMT

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=FC42D56F65624C479C748E817F24F696

62 B
441 B

249ms
173ms

Image
image/gif

23.7.201.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=FC42D56F65624C479C748E817F24F696
Protocol: H2
Server: 23.7.201.234 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-7-201-234.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length: 62
content-type: image/gif

Redirect headers

date: Tue, 30 Aug 2022 20:49:48 GMT
x-content-type-options: nosniff
server: nginx
location: https://stags.bluekai.com/site/29931?id=FC42D56F65624C479C748E817F24F696
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 29 Aug 2022 20:49:48 GMT

GET
H2

200

tpid=FC42D56F65624C479C748E817F24F696
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=FC42D56F65624C479C748E817F24F696
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=FC42D56F65624C479C748E817F24F696

49 B
279 B

30ms
30ms

Image
image/gif

52.214.46.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=FC42D56F65624C479C748E817F24F696
Protocol: H2
Server: 52.214.46.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-46-176.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:48 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
expires: 0
cache-control: no-cache
x-server: 10.45.18.122
content-type: image/gif
content-length: 49
x-consent: absent

Redirect headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:48 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=FC42D56F65624C479C748E817F24F696
cache-control: no-cache
x-server: 10.45.22.23
content-length: 0
expires: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=FC42D56F65624C479C748E817F24F696

0
459 B

48ms
14ms

Image
text/plain

72.251.249.13
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=FC42D56F65624C479C748E817F24F696
Protocol: HTTP/1.1
Server: 72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 20:49:48 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Expires: Fri, 20 Mar 2009 00:00:00 GMT
X-MERGE: GDPR Optout true
X-Sovrn-Pod: ad_ap2ams1
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

date: Tue, 30 Aug 2022 20:49:48 GMT
x-content-type-options: nosniff
server: nginx
location: https://ce.lijit.com/merge?pid=2&3pid=FC42D56F65624C479C748E817F24F696
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 29 Aug 2022 20:49:48 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=FC42D56F65624C479C748E817F24F696

0
98 B

62ms
20ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=FC42D56F65624C479C748E817F24F696
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Tue, 30 Aug 2022 20:49:48 GMT
x-content-type-options: nosniff
server: nginx
location: https://idsync.rlcdn.com/419566.gif?partner_uid=FC42D56F65624C479C748E817F24F696
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 29 Aug 2022 20:49:48 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1661892588269&cv=7&fst=1661892588269&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1892035657&cv=7&fst=1661892588269&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cook...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1892035657&cv=7&fst=1661892588269&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ssct...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1892035657&cv=7&fst=1661892588269&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...

42 B
548 B

135ms
31ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1892035657&cv=7&fst=1661892588269&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=7HcOY8aZFv6G9fgP4v2nuAk&random=3440599245&ipr=y&prhg=0

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:48 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1892035657&cv=7&fst=1661892588269&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=7HcOY8aZFv6G9fgP4v2nuAk&random=3440599245&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=FC42D56F65624C479C748E817F24F696
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=FC42D56F65624C479C748E817F24F696&__user_check__=1&sync_id=4966cc77-28a5-11ed-970e-1626150c0506

43 B
549 B

16ms
15ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=FC42D56F65624C479C748E817F24F696&__user_check__=1&sync_id=4966cc77-28a5-11ed-970e-1626150c0506
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 20:49:48 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 103
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Tue, 30 Aug 2022 20:49:48 GMT
Server: nginx
Location: /partner?adv_id=7797&uid=FC42D56F65624C479C748E817F24F696&__user_check__=1&sync_id=4966cc77-28a5-11ed-970e-1626150c0506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 137
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=FC42D56F65624C479C748E817F24F696

43 B
1 KB

8ms
7ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=66&code=FC42D56F65624C479C748E817F24F696

Protocol

HTTP/1.1

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 20:49:48 GMT
X-Proxy-Origin: 178.162.209.139; 178.162.209.139; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e58199b0-de3b-46ce-93f7-05fa87ff1e2a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date: Tue, 30 Aug 2022 20:49:48 GMT
x-content-type-options: nosniff
server: nginx
location: https://ib.adnxs.com/setuid?entity=66&code=FC42D56F65624C479C748E817F24F696
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 29 Aug 2022 20:49:48 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=FC42D56F65624C479C748E817F24F696&expires=365

0
239 B

58ms
12ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=FC42D56F65624C479C748E817F24F696&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

date: Tue, 30 Aug 2022 20:49:48 GMT
x-content-type-options: nosniff
server: nginx
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=FC42D56F65624C479C748E817F24F696&expires=365
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 29 Aug 2022 20:49:48 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=FC42D56F65624C479C748E817F24F696

43 B
122 B

24ms
18ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=FC42D56F65624C479C748E817F24F696
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:48 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 30 Aug 2022 20:49:48 GMT
x-content-type-options: nosniff
server: nginx
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=FC42D56F65624C479C748E817F24F696
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 29 Aug 2022 20:49:48 GMT

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
https://um.simpli.fi/g_match?id=&google_gid=CAESEN0swKuO-mKND9kvtcWmTYo&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FC42D56F65624C479C748E817F24F696
https://um.simpli.fi/g_match?id=

0
320 B

15ms
14ms

Image
text/plain

169.50.137.182
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Server

169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b6.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 29 Aug 2022 20:49:48 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 hb Show response
ssc.33across.com/api/v1/ 93 B
133 B 132ms
102ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dpjFFMPkSr6AKmaKkGJozW
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: f5b6f3c81f485f647c3b60d8744798366d9027e6b15127a94a8c4434e5d7e466

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://whitesalmonbruins.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 72ms
72ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b311a90644b62cf903ff7b8014afa6ddea886be5ef9c3671295be1d7420bed5a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 20:49:48 GMT
X-Proxy-Origin: 178.162.209.139; 178.162.209.139; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: bc1d8ebf-656f-469c-ad17-317b678eb7aa
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://whitesalmonbruins.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
531 B 18ms
18ms XHR
application/json 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.0
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 13835d106a1f4c58fa9b2ed0b75ce61998bd968804c29f549a693e765b6ea905

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
pod: X-Sovrn-Pod: ad_ap6ams1
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://whitesalmonbruins.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 24

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 284 B
746 B 48ms
48ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=373884&zone_id=2046816&size_id=15&eid_pubcid.org=35b4d28a-26a4-4775-99c9-4eeabf5d21e8%5E1&rf=https%3A%2F%2Fwhitesalmonbruins.com%2F&tk_flint=pbjs_lite_v6.29.0&x_source.tid=8b9a8eb6-9c31-455d-82fa-950273d8409c&l_pb_bid_id=73ba91afa3ae46a&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&slots=1&rand=0.17773770995784655
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 0a9a62f18dee32cdd39767f3fa09f9f12f88cd97397b708a901d09635ebdbf40

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 20:49:48 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://whitesalmonbruins.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 284 B
746 B 18ms
18ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=373884&zone_id=2046816&size_id=15&eid_pubcid.org=35b4d28a-26a4-4775-99c9-4eeabf5d21e8%5E1&rf=https%3A%2F%2Fwhitesalmonbruins.com%2F&tk_flint=pbjs_lite_v6.29.0&x_source.tid=8b9a8eb6-9c31-455d-82fa-950273d8409c&l_pb_bid_id=74ce5cd5068ebdc&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&slots=1&rand=0.4875411464910393
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: dc829a47ce82421775f09374d4e7f6f22307843a60bf20d1c915fb65624917d6

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 20:49:48 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://whitesalmonbruins.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 arj Show response
didna-d.openx.net/w/1.0/ 73 B
101 B 20ms
20ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://didna-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwhitesalmonbruins.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8b9a8eb6-9c31-455d-82fa-950273d8409c&nocache=1661892588715&pubcid=35b4d28a-26a4-4775-99c9-4eeabf5d21e8&aus=300x250&divids=gpt-ad-6083765471246101&aucs=&auid=557540962&aumfs=50
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 98703baa1a82acc8419bc97586f4fc757a1325d2980fdcbc5e972b358391f5cf

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://whitesalmonbruins.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
41 B 14ms
13ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Tue, 30 Aug 2022 20:49:48 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://whitesalmonbruins.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
640 B 29ms
29ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUJY6S41
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a6154713cb57b7e1170e574c95bd13e54c10f31f08b341a778fca99f955be07c

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://whitesalmonbruins.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
161 B 16ms
16ms XHR
text/plain 52.57.222.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: whitesalmonbruins.com
URL: blob:https://whitesalmonbruins.com/4788dcc7-23ff-4cf0-9820-4bb6aef48b7a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.222.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-222-146.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://whitesalmonbruins.com
date: Tue, 30 Aug 2022 20:49:48 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 57ms
22ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=whitesalmonbruins.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 71ms
24ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=whitesalmonbruins.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
570 B 231ms
231ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4224405830179614&correlator=1764182624103303&eid=31069183%2C31069202%2C31069257%2C31062930%2C31068921&output=ldjh&gdfp_req=1&vrg=2022082901&ptt=17&impl=fifs&iu_parts=21903295476%2CSportsHub2-Local%2Cfeatured_video_header_a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=88x31&ifi=1&adks=3389304956&sfv=1-0-38&fsapi=false&prev_scp=site%3Dwhitesalmonbruins.com%26adLocation%3Datf%26didna_vis%3Dtrue%26didna_refr%3Dfalse&eri=1&cust_params=pub%3Dwhitesalmonbruins.com%26path%3D%252F%26didna_version%3D4&sc=1&cookie_enabled=1&abxe=1&dt=1661892588734&lmt=1661892588&dlt=1661892584217&idt=2836&adxs=857&adys=763&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwhitesalmonbruins.com%2F&frm=20&vis=1&psz=88x31&msz=0x0&fws=4&ohw=88&ga_vid=1659917486.1661892587&ga_sid=1661892589&ga_hid=625256185&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93c3b80f3b3f8450aab811d3290e6638b0de8a963688df65ec05521bf89add3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 541
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://whitesalmonbruins.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 121ms
62ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac2cac04b0044852868fcc158252c0f7f9c96403fbee2ea781d94cb5c30bfc98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11083
x-xss-protection: 0

GET
H2 200 container.html Show response
30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A04E 6 KB
4 KB 85ms
22ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whitesalmonbruins.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 20:49:48 GMT
expires: Wed, 30 Aug 2023 20:49:48 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 323ms
322ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4224405830179614&correlator=3193866502922869&eid=31069183%2C31069202%2C31069257%2C31062930%2C31068921&output=ldjh&gdfp_req=1&vrg=2022082901&ptt=17&impl=fifs&iu_parts=21903295476%2CSportsHub2-Local%2CTitle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90&ifi=2&adks=3437801479&sfv=1-0-38&fsapi=false&prev_scp=site%3Dwhitesalmonbruins.com%26adLocation%3Datf%26didna_vis%3Dtrue%26didna_refr%3Dfalse&eri=1&cust_params=pub%3Dwhitesalmonbruins.com%26path%3D%252F%26didna_version%3D4&sc=1&cookie_enabled=1&abxe=1&dt=1661892588753&lmt=1661892588&dlt=1661892584217&idt=2836&adxs=315&adys=133&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwhitesalmonbruins.com%2F&frm=20&vis=1&psz=1140x106&msz=970x106&fws=516&ohw=1600&ga_vid=1659917486.1661892587&ga_sid=1661892589&ga_hid=625256185&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f566ffa08afb752311315c8991510659c5f06a05f71b7916ffddeb56d57449a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10541
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://whitesalmonbruins.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 144 KB
24 KB 334ms
333ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4224405830179614&correlator=2142405023646033&eid=31069183%2C31069202%2C31069257%2C31062930%2C31068921&output=ldjh&gdfp_req=1&vrg=2022082901&ptt=17&impl=fifs&iu_parts=21903295476%2CSportsHub2-Local%2CGold-B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=3&adks=1492642130&sfv=1-0-38&fsapi=false&prev_scp=site%3Dwhitesalmonbruins.com%26adLocation%3Dbtf%26didna_refr%3Dfalse&eri=1&cust_params=pub%3Dwhitesalmonbruins.com%26path%3D%252F%26didna_version%3D4&sc=1&cookie_enabled=1&abxe=1&dt=1661892588761&lmt=1661892588&dlt=1661892584217&idt=2836&adxs=1030&adys=1667&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwhitesalmonbruins.com%2F&frm=20&vis=1&psz=350x494&msz=350x250&fws=516&ohw=1600&ga_vid=1659917486.1661892587&ga_sid=1661892589&ga_hid=625256185&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba501b7f65c9ed9795f06f39774f6af15d0aa97519ea84d562f0ce74d66a7d57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24131
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://whitesalmonbruins.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
10 KB 321ms
321ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4224405830179614&correlator=1325329630002205&eid=31069183%2C31069202%2C31069257%2C31062930%2C31068921&output=ldjh&gdfp_req=1&vrg=2022082901&ptt=17&impl=fifs&iu_parts=21903295476%2CSportsHub2-Local%2CGold-A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=4&adks=3922865434&sfv=1-0-38&fsapi=false&prev_scp=site%3Dwhitesalmonbruins.com%26adLocation%3Datf%26didna_vis%3Dtrue%26didna_refr%3Dfalse&eri=1&cust_params=pub%3Dwhitesalmonbruins.com%26path%3D%252F%26didna_version%3D4&sc=1&cookie_enabled=1&abxe=1&dt=1661892588768&lmt=1661892588&dlt=1661892584217&idt=2836&adxs=1030&adys=795&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwhitesalmonbruins.com%2F&frm=20&vis=1&psz=300x250&msz=0x0&fws=4&ohw=1600&ga_vid=1659917486.1661892587&ga_sid=1661892589&ga_hid=625256185&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

faae902dcd0a36cf333fcd69214e37f624e808e0c24ccf592eb85361351d2221

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9706
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://whitesalmonbruins.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 54ms
23ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=whitesalmonbruins.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 51ms
22ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=whitesalmonbruins.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 960 B
493 B 285ms
285ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4224405830179614&correlator=2812751353806619&eid=31069183%2C31069202%2C31069257%2C31062930%2C31068921&output=ldjh&gdfp_req=1&vrg=2022082901&ptt=17&impl=fifs&iu_parts=21903295476%2CSportsHub2-Local%2CGold-C&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=5&adks=2556947781&sfv=1-0-38&fsapi=false&prev_scp=site%3Dwhitesalmonbruins.com%26adLocation%3Dbtf%26didna_refr%3Dfalse&eri=1&cust_params=pub%3Dwhitesalmonbruins.com%26path%3D%252F%26didna_version%3D4&sc=1&cookie_enabled=1&abxe=1&dt=1661892588852&lmt=1661892588&dlt=1661892584217&idt=2836&adxs=1030&adys=1927&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwhitesalmonbruins.com%2F&frm=20&vis=1&psz=350x10&msz=0x0&fws=516&ohw=1600&ga_vid=1659917486.1661892587&ga_sid=1661892589&ga_hid=625256185&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77ae9a2f739321c077b08559c0f66cf8576416f32cccd05c932f53b69c1e984a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 464
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://whitesalmonbruins.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 90ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Aug 2022 20:49:48 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9666 13 KB
5 KB 45ms
13ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whitesalmonbruins.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 29540
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 12:37:29 GMT
expires: Wed, 30 Aug 2023 12:37:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4F5A 783 B
535 B 55ms
24ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

81ad7cf9bf8c5c54bc6ea0782f928e2d9381f848bc06787b70618ea00ae9b06f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Yfi3H4aXpZ-QI8hQdxUDcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://whitesalmonbruins.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-Yfi3H4aXpZ-QI8hQdxUDcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 20:49:49 GMT
expires: Tue, 30 Aug 2022 20:49:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 woHX-vsUocJZKT3Xlr8m3oSeq6S0iuLiA_v8-B2MNhs.js Show response
pagead2.googlesyndication.com/bg/ Frame 9666 36 KB
15 KB 42ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/woHX-vsUocJZKT3Xlr8m3oSeq6S0iuLiA_v8-B2MNhs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c281d7fafb14a1c259293dd796bf26de849eaba4b48ae2e203fbfcf81d8c361b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 19:15:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15802
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Aug 2023 19:15:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4F5A 0
0 66ms
47ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082901&jk=4224405830179614&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 78ms
14ms Script
application/javascript 34.102.146.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069257
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 04:49:01 GMT
content-encoding: gzip
age: 1958448
x-guploader-uploadid: ADPycdtWkiBCXz6L6zzIDfoCDdNPoaYz0BeCPnn3mEspucQtbCparX2D-u6-c8GutLCrj7np1zeNAuYgwkuHdqY8lpmvMg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation: 1622140251693895
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 08 Aug 2023 04:49:01 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 295ms
25ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b47eb2c147c468eb6aa9c3ba546db61b822d6d7be251f41e06aefc0d3c828163

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:49 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 00:22:09 GMT
server: nginx
etag: W/"63041db1-9dbd"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 31 Aug 2022 20:49:49 GMT

GET
H2 200 pubcid.min.js Show response
id.sharedid.org/lib/ 732 B
904 B 560ms
176ms Script
application/javascript 54.200.17.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/lib/pubcid.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069257
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.200.17.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-200-17-135.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:49 GMT
cache-control: public, max-age=86400
last-modified: Tue, 30 Aug 2022 16:16:30 GMT
accept-ranges: bytes
content-length: 732
vary: accept-encoding
content-type: application/javascript

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 47 KB
14 KB 47ms
16ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b1cd0accb19f54d04987def8a8fae4a22f9a71b61643c7e55425c1d17c6c711

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:49 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 3339
x-amz-server-side-encryption: AES256
x-amz-request-id: BB1AWZ066SGWB0X0
x-amz-id-2: 0aGwmUxF5SGhPI8KWlN3ItsY39UpRLorKYfiJN95HKUMt80bS47M3rvDTtQtwiSxnQvFgMkinlE=
last-modified: Tue, 30 Aug 2022 09:18:48 GMT
server: cloudflare
etag: W/"eaad443ed2a40ce76bdc9840fa215b1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7430652a1865bb55-FRA

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 29 KB
9 KB 37ms
8ms Script
text/javascript 13.225.78.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069257
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-37.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 094b946adc39ade08f6d927ea066c8fef3ba6ee5c12919873172315ef7428e92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 03:07:38 GMT
content-encoding: gzip
etag: W/"2fa1275c04d6208db458c1ec8559f92d"
last-modified: Tue, 19 Jul 2022 18:12:40 GMT
server: AmazonS3
age: 63732
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: -9vpsyJ-H04ITyKYNbH7Jyp638Mlo5rJnu9Jfr0CZWLYzkjCdRJysQ==

GET
H2 200 uid2-sdk-0.0.1b.js Show response
prod.uidapi.com/static/js/ 4 KB
5 KB 354ms
111ms Script
application/javascript 18.116.102.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069257
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.116.102.143 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-116-102-143.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:49 GMT
cache-control: public, max-age=86400
last-modified: Tue, 17 May 2022 17:30:07 GMT
accept-ranges: bytes
content-length: 4559
vary: accept-encoding
content-type: application/javascript

GET
H3 200 container.html Show response
30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3BE2 6 KB
3 KB 54ms
26ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202208101343/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whitesalmonbruins.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 20:49:49 GMT
expires: Wed, 30 Aug 2023 20:49:49 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C9C1 6 KB
3 KB 37ms
21ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202208101343/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whitesalmonbruins.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 20:49:49 GMT
expires: Wed, 30 Aug 2023 20:49:49 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012208121708000/ Frame 1ADE 221 KB
61 KB 66ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202208101343/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

622cd4a2d30e2b367e91504a877c0284d39bf4ff04c3fdca849996e4df5553af

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 39804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61526
x-xss-protection: 0
server: sffe
date: Tue, 30 Aug 2022 09:46:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b1753c5424806777"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Aug 2023 09:46:25 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 1ADE 14 KB
5 KB 93ms
42ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202208101343/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c6cd6437201b0cf35c1eccffc8e99291167d496c73ab43ecb3cfeec5a5dc28f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 39804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5202
x-xss-protection: 0
server: sffe
date: Tue, 30 Aug 2022 09:46:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "23fb7130d171a0c1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Aug 2023 09:46:25 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 1ADE 94 KB
28 KB 88ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-analytics-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202208101343/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f2c0c4e4c89eae172edef7969867243fca9370249d772d7724ab3bca286e1e1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 39804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28840
x-xss-protection: 0
server: sffe
date: Tue, 30 Aug 2022 09:46:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bd6960dd2dd8774b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Aug 2023 09:46:25 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 1ADE 72 KB
16 KB 93ms
43ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-animation-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202208101343/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8204400aa9812838230020b85aa8a04b36bfda27cb0f4758ed83312a0fd7251

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 516021
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16694
x-xss-protection: 0
server: sffe
date: Wed, 24 Aug 2022 21:29:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0687e169b24ec27f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 24 Aug 2023 21:29:28 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 1ADE 5 KB
2 KB 98ms
48ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-fit-text-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202208101343/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8de5be317de0e910d5ccea3ce5a604f6fe59df71dfc30b8d7272bd1fab48617e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 39804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1914
x-xss-protection: 0
server: sffe
date: Tue, 30 Aug 2022 09:46:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6b6863aa0ddd5cf3"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Aug 2023 09:46:25 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 1ADE 40 KB
13 KB 96ms
47ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-form-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202208101343/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8356135a2910f429eaab41d100680627e417d126cbed99c410f0d5aad490ab2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 39803
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12954
x-xss-protection: 0
server: sffe
date: Tue, 30 Aug 2022 09:46:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "008ca125395468a7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Aug 2023 09:46:26 GMT

GET
DATA 200
OK truncated
/ Frame 1ADE 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb4f5fd1450a96e4600bb6ceb1dd69df60131ce0397617ffedc796545628d34e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 foto.jpg
tpc.googlesyndication.com/sadbundle/8693229276324992263/images/ Frame 1ADE 62 KB
62 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8693229276324992263/images/foto.jpg

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21c72e7a5695296e7f2dac293806501daa3685d282cdd7958c9ce5471a5c7773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 09:10:47 GMT
x-content-type-options: nosniff
age: 41942
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63168
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 13:35:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Aug 2023 09:10:47 GMT

GET
H3 200 verloop.png
tpc.googlesyndication.com/sadbundle/8693229276324992263/images/ Frame 1ADE 22 KB
22 KB 27ms
22ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8693229276324992263/images/verloop.png

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56b1d49cf6d39271532ec2fafc0e82d78bb36dea54ca8d27255f9a3c146f712d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 09:10:47 GMT
x-content-type-options: nosniff
age: 41942
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22111
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 13:35:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Aug 2023 09:10:47 GMT

GET
H3 200 vlak_antraciet.png
tpc.googlesyndication.com/sadbundle/8693229276324992263/images/ Frame 1ADE 2 KB
3 KB 40ms
35ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8693229276324992263/images/vlak_antraciet.png

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f804a0e1ed5bd2471b4327633c137faa520b1deb4759a0e1f07529baa4fd614

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 09:10:47 GMT
x-content-type-options: nosniff
age: 41942
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2536
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 13:35:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Aug 2023 09:10:47 GMT

GET
H3 200 usp1.png
tpc.googlesyndication.com/sadbundle/8693229276324992263/images/ Frame 1ADE 7 KB
7 KB 38ms
34ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8693229276324992263/images/usp1.png

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b42c947c9ce65fe7e39a8e5564195856f6dc5279c8f53612bbdf2e737c2ba6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 09:10:47 GMT
x-content-type-options: nosniff
age: 41942
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7473
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 13:35:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Aug 2023 09:10:47 GMT

GET
H3 200 usp2.png
tpc.googlesyndication.com/sadbundle/8693229276324992263/images/ Frame 1ADE 7 KB
7 KB 39ms
35ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8693229276324992263/images/usp2.png

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1259bc0db2e310227deed73381acff121c6f7805fd61365853c439dc387e21b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 09:10:47 GMT
x-content-type-options: nosniff
age: 41942
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7123
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 13:35:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Aug 2023 09:10:47 GMT

GET
H3 200 tekst1.png
tpc.googlesyndication.com/sadbundle/8693229276324992263/images/ Frame 1ADE 7 KB
7 KB 33ms
29ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8693229276324992263/images/tekst1.png

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d7fd39004fe6c935db12fd9ffdd5ce12cd824f3a25576cca97ec19b303916ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 17:49:27 GMT
x-content-type-options: nosniff
age: 356422
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6868
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 13:35:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Aug 2023 17:49:27 GMT

GET
H3 200 button.png
tpc.googlesyndication.com/sadbundle/8693229276324992263/images/ Frame 1ADE 3 KB
3 KB 38ms
34ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8693229276324992263/images/button.png

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7927ebbfa4839f1f8b0003051ad7d104cabc6e5989af8d7020ce857d4d7e8ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 09:10:47 GMT
x-content-type-options: nosniff
age: 41942
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2911
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 13:35:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Aug 2023 09:10:47 GMT

GET
H3 200 logo_groot.png
tpc.googlesyndication.com/sadbundle/8693229276324992263/images/ Frame 1ADE 9 KB
9 KB 30ms
26ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8693229276324992263/images/logo_groot.png

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77aa4435c36070c4fe83f00c070fa632a67d4afb4f7589a610ab2e2af3776a9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 09:10:47 GMT
x-content-type-options: nosniff
age: 41942
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9121
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 13:35:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Aug 2023 09:10:47 GMT

GET
H3 200 logo.png
tpc.googlesyndication.com/sadbundle/8693229276324992263/images/ Frame 1ADE 6 KB
6 KB 36ms
32ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8693229276324992263/images/logo.png

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e5e47123482a640402e1772fb1d9cf7ca9f3a1929979462391786621733e858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 09:10:47 GMT
x-content-type-options: nosniff
age: 41942
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5914
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 13:35:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Aug 2023 09:10:47 GMT

GET
H3 200 logo_wit.png
tpc.googlesyndication.com/sadbundle/8693229276324992263/images/ Frame 1ADE 6 KB
6 KB 34ms
30ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8693229276324992263/images/logo_wit.png

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fad58d3ef4bc4099482df1e81f5a37a9eef53361fd0d172e5555a4c4c2c2300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 09:10:47 GMT
x-content-type-options: nosniff
age: 41942
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6141
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 13:35:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Aug 2023 09:10:47 GMT

GET
H3 200 border.png
tpc.googlesyndication.com/sadbundle/8693229276324992263/images/ Frame 1ADE 249 B
276 B 37ms
33ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8693229276324992263/images/border.png

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be813938823610c7aa2f958718854f91c60648d6afaa01c409bfb90dbd396bea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 09:10:47 GMT
x-content-type-options: nosniff
age: 41942
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 13:35:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Aug 2023 09:10:47 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1ADE 2 KB
2 KB 31ms
28ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 09:48:38 GMT
x-content-type-options: nosniff
server: cafe
age: 39671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 31 Aug 2022 09:48:38 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1ADE 295 B
319 B 24ms
21ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 07:50:56 GMT
x-content-type-options: nosniff
server: cafe
age: 46733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 31 Aug 2022 07:50:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1ADE 0
0 23ms
21ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTl6LavJWsIGWqOFrvXcKqk24milGMAXbxjIp2U8RCSHzG3fnMw0_qqO0LcHuVsWDaK85_4JVvJ__YSSSlk00PuVki0rg
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1ADE 0
0 59ms
56ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CA9Ld7HcOY7XMMdfkx_APh6K9gA-xrLeDa-7bxICtEBQQASDe48B7YJXCpoKwB6AB3_6ajwHIAQmpAupknPnFzLA-4AIAqAMByAMIqgSSAk_QngFJikNsr5zJYXuELyWg6UbDxAxYLbAJw8wWWsx-hYuL1gOqc9Jx4h-2GEojRf0Bl9Mv_E_GwBpLwr6JtcVZjM1N9J17yo2mcSK7_2qL_9vrEN-SlyKloWxLIaYXd1G-rKvi5gPgUVILHE3fEVBVEeUsurph1DoGu6FdhNb3ovEXUm_cuny22Sv7c1mUxG9Vj80TsHYZLH3GyZEHlg27o8LoyyBkNYdiKGk-qmTq_3i4uQKjRDsy0J_EvxMTS4iTw7Cq6027kLvLogHlrEWmki_Y9_-KeqRfZdkUOAJvh25stQWTf33BrKJ8CAtsS6EA7ZCKCR-XKd4iY5YHVxYZM8hshTtGBxiqdsrrkEgwGmXABPnkxrqRBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeJgeXwAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEO2aDtIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMK0BUBgBcBshceChwIABIUcHViLTk1MDg2MDc5ODAxNzg1MDAY_J11&sigh=jH2om1GM1_g&uach_m=[UACH]&template_id=419
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 200 adunit.js Show response
services.brid.tv/player/build/plugins/ 30 B
398 B 8ms
8ms Script
application/javascript 13.225.78.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.brid.tv/player/build/plugins/adunit.js?s&adnum=
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-107.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c25c4e240bd28a308851f487711c88680072496bf9865fb73a258dff5ca3fd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:39:40 GMT
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
last-modified: Tue, 02 Aug 2022 10:37:19 GMT
server: AmazonS3
age: 858
etag: "097e0949443b72edfbfa1dcac8531e58"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 30
x-amz-cf-id: FJasFA8DgHnkGTFooz4Bx_ZuCRVqSkj-QD-XwKfzjmhruQZAsQQUdA==

GET
H2 200 33424.json Show response
services.brid.tv/services/get/config/ 4 KB
2 KB 196ms
178ms XHR
application/json 13.225.78.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.brid.tv/services/get/config/33424.json
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-107.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 7daf779b6aa8ddaff94b292c1cca365489abd28937afbe0d192911ff2fa4e5df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:49 GMT
content-encoding: br
server: Apache
x-amz-cf-pop: FRA2-C2
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-cache: Miss from cloudfront
access-control-allow-headers: origin, x-requested-with, content-type, accept
x-amz-cf-id: 5pYf9i0PZWYtxknVyqNkf8mZMd6WVKofSg2SC-TiBI3QAb8uT9yL7Q==
via: 1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-served-by: i-09f2b1042e71bc4af

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2224 624 B
297 B 103ms
52ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCD4EIYr7uLCzAB&v=APEucNXW7FogoiY1oDbZYWfrPA5DiwlXUTP2R8De5moJnYHIkLVFWOT3_lfXxjoCy5EVIXo3lfqnOki0UOFnR1pnsAEGTk3tbdf8Qa92H1yzAcE2z0hJrrpsrBROvh0cWPia2sbqH5nqHScE_4_1wQnllM65OzOLBwk3l12kujginlRGbcvjfR8

Requested by

Host: 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
URL: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 20:49:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C9C1 96 KB
35 KB 116ms
69ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CtxtFsuam64LjFHCAxzS5RyQIOSh0nyz3zC8PX1jYV-4-h1qCoq8tXhcij8dF0bQ4yzBt_zwnNNcTOr2wV0nWART2NbYGMq6V3IqL23QXt30nL0OZw0SpVUjVjd7iL1305A1mzmO6QvnQHc89wv7mgJWp9yg&dbm_d=AKAmf-Dr69YRx9enXWxAiclNucypK9fqLXdftAFUnVCR5xZE8LyNHOG970C6g5NZvJkHRLBVEWZI6_4JzbB3XBTUAO048BygkKwxz0IoRcB04NfstP7scvli_so4D4q4fEaC7-GZxw7e16ggK9xKFj5Bc6uEEA7ccYwAvvH8vT5ejghMWimGhqwbouCMfAQGiSTSr0NaXPdRXFksX_knxOnRfGTVb5Pur_1O_7gqHoJfrZOyB_h1TYnOU6VN9H_0QWhAZUL6caC6mamWq0MLPeXGs_JGmPdaGb7N1HBYXhmhO2D2HsuCuoi_qM25bPrvpUqVysScJ8NeGuL09YwX5SXhB53X9PpWiotaJGUFhoEhRbJfQeHPcvMS6u_EGTQxqux7RqhK63a2AZiZFLEvy2HhvKp0XxrwonmcrW_5c_ytz9QKVt9gebr-mC4Y2PmK6DPPKd84ud8yRXrE7O1-ekli_0eoTA5diuM31jsKSva3O_XuEBlyFqOKCyifrUnzkfmVgEKhLJyht95XeEZ-o8Ds1y-X0y68m0N0jQs79wg_phfhfDhDPnLUbq4MnJ8DHJm6uk7tgPOprnH5PPdRG0AFzDjWwKbm-FsvJsii87-pmrWqBs5_g6PH-otCvSPGEPYQ_NSxIY3pkDf0DuRw-ZAAO7EiD8Lkxw2RGFLHV1szjnizD8mkZxDYrBhek1l5mJ4J1GhlkQO1YLKKqDmQ-FNJMrQdP4ijP6Kp9RMmJs7fqcZ2xemw73SHo3AORLRYq8pF86Nf9Z12HQYvSORHRGFgHQqoG9_kd49m2nO41665drYs-VvIuMF1eUk25h4cPq5WXuUiB0fu0bhOF93vJ5NBqb_YjQ-VRIerlRv_KMEHpY3WYzj9EGk1WkOp7x271dJR_z4_yvc_ML1R7kTMSK6y3gaSBpxJxoC3f8vAxU2TF0dbt0qz2VR41hljbQ__NDI3bgzklM6yFaSrL06qy9udk_UKBK3t82yl7M63hzg9dB6OA0AgtOPi4pAwrOxqtwrNAs8u3D0psVz9yZBDwC6ujh8du9xD2rrcynJztGRtZE3HohpptIPq6JjKlLEDElpAyH7bfNZJql8iowbpVISmHtWEHDBD-j_wuoHuNV2GyH2GohmnaWkqwqxLcdeiIHb2d7FvB5G7C_MrHJSIsCIrEqzgrnK2Vvj5voBiO4pgm-UWGU-l0kdeH4S7TnsFti5-AQizM_RvhubgWYd9a7t8kKrAJy4kXZOR3dhNRSVHs9ytl__gcxz8-lQAkO-mz3cfJ8Ut1xbDQIyVnHwSbGbnaE1Tsa8N7r8RSgrksfNJo795Asof9laWsw9yCdWtHK1luL2ODPwCx354nANqUQQ5dA1-SPHLA8g0xqhA78vmHLvO-N6zi-egVeonDnU8-AHcOekZ8PtaQUOBTqOUtHJIEHUlV7LgSfCDBvmhlWmS13yOjuz3S0s3VYlNJL_LuscUNZMhEsjx6co3ata8clTBa1bnyYEs9Q3SVFJ8X3zbMH6geQFkjdGuDT4yh2TcskHgblH_x-cyYGH8IAjKPNxQ5aFJ66UjYFxlaXYD54NGAg60s0YODyQYR1ymkenwu5F2kXLhAUYXgtISzGjkVTBVnqeNSmJfsmZzkJm-WeHEimlyjdv4pNrKxE2Zb6x1GRPrL06cAyncNCPygzeoUdfxp8d4-YC2LJymwP5JKuAvFsxmM69CoYmijJJOCIDyYbYmSBLZHi_3VvAUS5hS-f2oOgRgEj6QYd42vcMqkIveBmnrbo0p0JskfTdj79ECcQa1gwQRbYSS2nm_bp_RK-VPzBzMW745wI-0H2sF6dGDs-Jwrpk9fen5Qa9BONuudq3bHEmaozndQVi-DT7X70Wbqcuq_NPqkY_NP8mPh3E5PXxpul4j5862H3UJdL83ArAnLSxNyctztOP6c-nNHzqrz2Kyt6G90mXf4LSykZjsEBfajrsKDWOD5Ut02lxnGSqJ9Rb8ul9gPTpD42ztDi6M66ir0ddoifcoLu5-otFg6EiH-oVjsHgVtCWSXo0y2sCNXXqgIj0I7U7TQhiJjW6YGvX11EBbu6FOH0JScfhc55heCnxdSyhtV-M_3-mRdRVK4UxwCMjA_LQdi7xgN2zHFvdm9oTqBA2g9ENXkGQBL2nz0S_hmVdzc_vkVGBJRSsPn5VtcytCIMwUOw55_P1g0KPyXQo-OZzze8e9HC2a4XwGodogTCTE4KhUsfyUtJlu6uQYOQvrLwPnOeH5gS8qir4N3WH2DsOhIysERGvc6Y8iLWJu5WXMsGSGkDMrVkRbxQU0lFTrilev_MYkkd-51m0vHXoP-YdqdgeGLnkU9Pjmg5yVBq7XT70lvCmt8HEy8BRio7WYRWAvQUTzNUKYiDVsMfVCV4MsTJcdcv5ugO68jx5hJVR6lLLGTdeTvfZ8TWNIyUiJQ7ebSLWTo4UVxJv_GmCkmGExxXHJ6J6XLIFzztKv56lPy6YHSj2nFG3itqSlIUCnIMM0oc9zxXr-RVBqZryMVCVudekHR9rb6gk5uw2MYXKvCwgEbCq4H_gWTGAT43gsaV0p3TRkd9X0ASFG49sMlKA167WXH-D0DJXy0rM3Q7qTjOShY9WoZk-fyvbTrlFk6AstzqDskvl_HoPyezok4bd3bVb9RY8STC9D-Wk6UPU5X4cz3yfQWTpLDvt5nCe5Wq9-MQ2rvE9aNHfEp8lhW3WPtF0lBLJOYlP39QWKcVNf-Jk5XcXxVNSrkiwnltX37E6_LCv_XkDH2S10HcM-yvlW42gVmw2bmR3gA7KZIKwd0e9c5zApkNM4CEJILLJyaerMbIjmj-5axiWwIuuNO73alpAYYIAlGvz2gEOmmpfJqrmqU26bzNiQJa3BlDKaR7RztV1Xl870EAcOT647TsWYX0SSDw8l8rueLkjgzVyNPfWbfUKTAjUvWvoL-WdOdjpLZcdK365MaNZiz8XKoITYypm5HjDUJ8DLsfu3WBBrTwZqM7yJlvQxefWwjY5eQ9r8jICY7pseH2nwtzqaDZ8AWfONJ7cGKBfEkOt0CoK2FevA_bLXesoYWPTyKU-FjiopsJyGvGhtREq16Rn7BfEjAeMfp6sLaIE7yg25O703AF3ad6mpWEa1B1ojO84D8VRrrxLbRKl5kity-r0f9w&cid=CAASJeRod753iFsQXwQWp65DLX65m532ELP2FK_FEa2xPg4zoXrvRvE&rfl=1%2Chttps%253A%252F%252Fwhitesalmonbruins.com%252F%240

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26d1314015276a599f23209adc369bd8d50bae2e74e56dd78e467ba81fa02bce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35466
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C9C1 42 B
63 B 49ms
48ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DfgCh6hLQRJm4NVOuKhSATfm04OaZnntIN4HX1WLJFiG0qNBm7Ddi3eEQmZckL6ESwaWtEq4V63ZM2CrFY2NxIhrMyBz31lnOfo7bD2RANH1YELX8

Requested by

Host: 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
URL: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame C9C1 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/window_focus_fy2021.js

Requested by

Host: 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
URL: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Sep 2022 20:21:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C9C1 141 KB
44 KB 82ms
32ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
URL: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d94a91612f816c172c583d17bb06e140969a22fae663e7b8cae7d18d55eb2c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44757
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661773661488070"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Aug 2022 20:49:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame C9C1 17 KB
7 KB 15ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
URL: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Sep 2022 20:38:03 GMT

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame C9C1 68 B
345 B 119ms
10ms Image
image/png 18.185.20.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_UDhKVFlIeG5mVGhrZXRFaFY3aEF3dUlsekJzLzI5OTMxMjkyMDg6MzAweDI1MA==&v=5&s=v31gbo88tle&id=eyJkZnAiOnsiYWQiOjUxMzQ3MTU0NjMsImMiOm51bGwsImwiOjAsIm8iOjI5OTMxMjkyMDgsIkEiOiIvMjE5MDMyOTU0NzYvU3BvcnRzSHViMi1Mb2NhbC9Hb2xkLUEiLCJ5Ijo0MjAwOTQsImNvIjowLCJzIjoiZ3B0LWFkLTk5MDA2NDUxNDgxNDY2ODMifX0%3D&sb=undefined&cb=6448779&h=whitesalmonbruins.com&d=eyJ3aCI6IlVEaEtWRmxJZUc1bVZHaHJaWFJGYUZZM2FFRjNkVWxzZWtKekx6STVPVE14TWpreU1EZzZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyOTkzMTI5MjA4LCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by: Host: 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
URL: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.20.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-20-196.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 20:49:49 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 20 B
312 B 30ms
30ms XHR
application/json 52.214.46.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.46.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-46-176.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://whitesalmonbruins.com
expires: 0
cache-control: no-cache
x-server: 10.45.16.164
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 20
x-consent: absent

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
330 B 58ms
14ms XHR
text/plain 141.95.98.67
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.67 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216533.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://whitesalmonbruins.com
date: Tue, 30 Aug 2022 20:49:48 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E9CC 624 B
297 B 54ms
52ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSAfhC3w8UCGP2-7McBMAE&v=APEucNUjjpXjvJ8X-CKEo7nbAM-XwJAOldCN8o-sbMzth4snzA_9gT96jQaHAL7vp2BUnd_tN8WOJ9dB-J_p1mIEPjlMtXnGb9AoHMZgyyDaw9YuKnDzCnivGF0c0gAFyyhKDReEy1iE3P2fIOqD1WFdJG8CDYYACcPkWfbMGeFoclDgeCWwUpc

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 20:49:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 97B5 85 KB
35 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cl_O-l5QskcaQ3smWI2HQRfEdiU4_MkkInv1FHaY1Ip8TRD77ynQgox-exAiifH0AoD7VHFm0PL-WJ6GLOujSP8ALhyu8uiBGxpS-l1zgGVw82sSmXXxQOAc3Ew5BYWzrJ_xf4d8kviJdCauNj2iJmjyCndg&dbm_d=AKAmf-A4tnldWNyS5y4OOMVRtboAuZ0x8RNLpQlCT1OsDAErhQ_UWDC5nM59h9zbgR0qe7Y_VSeiKOSAz1i12oPLINAU6wQ2lbYlDRk4ghKqd54mAPJecPAbPsxD7X-FRwevUMLLTFaQmlHD_O_w0ZOFOU5PqI1Q4hjIMTcl_meqWO9jDfdqijff4VVZRkE5DyESZsq87oI6ex45e5dKEcakPxzn0lSXh0RxI6Uqr562iW6cKg44j5qposERyxPVgIeC2XsWWqapBRnATDmENqtm7Jp9qJrvCIdYCgrnB6W69JxMhxpnIwfOIy2E5f4-VKu5zXRCIy4V-OxQdb3X4jHWDYpCFVsj10R9xJJK90_Zu5020zJcTXYE0clQp1GxQMhntwuyUWFsEmQQLXgQJfyBdx23a-PPJSwqxzB9PmxTF9Yojz-beruefVxxD1Iw85PwKqGmfX1JdgWBKmnEvnZYiaUI3iDJ7kmz30dLrElqNKiLSCUFalUbH_wMpr0w4BxbMsJDI6oIGRm8kC0lGq65Bewxmwr6pw3HL9PvpItVvhFue7ezHs73LQgCLtVdB9oheiErPKVCr5mV9PT6EDHSinStysQDQqfYF6h9uGeMy8dQJNhOBLStlzWy62cB1guLpvTvNP__2DItyBhrVUz0M14JPonwuxedkSG9p2GF35eAffLm9ain3J62ZkyYTX6wHCIBPrBwnDWre9gHoELRUqf6H8erBjrDhfSX4bFDpF5sDDiTicYaCg0V917AIfp1SlrIGlFskFz-zDkZfUjGJrwpRjOee59XO6mgu63McA_6uGQLX4tpm0oQZCRCFqr00TVBD9gLkwa4F-Z76KQkc9bMxdCRcC4A6YFpKG2py2T16iKfhg2TzPJAhvxEnJI9fdlw4-ZYqCfWUOrPt67vzU5HHIeAbUFbBjN3Wl-QpEQNX_lXUz1VPLDIkw-PvPRWa1ErgwQt9D4QNve9u4eYwMCCoyd-I0U_B2-Hh7afb4HYhq5ZteICkKfio2BdRBYG8j5gxs8l6K8Rm8sIcQVWFO8uJbrBzsbC7n309pKqLJwfIyw03Nv4iPMnCGZjVtyhzOKOfr6bLZQ-dK4hXKwb8A_gE3RvNgynp1YBsgMuFiBE-7-I3dE19cjp3IO3NWgibTFBTbiOfRY3jRt7PszAotR97zh2CgjU_mxkb8s7uTTe6aCKERul82sRt9aH6bYSgkipcIXiHAFTBnXZfAt7Y5KAj2m5Fon8PLV6oJUznnAfd7xfnr1nJrTbnsBW9EtkaoFN1Il6vQZHtYsfc4uSon6rf9FnvOUrmbwZ8T63loAZJQ4CumXaHTrQvzD2CsP53-b4HdPCuPKHKWBfvDdAVa6n1A2_DAgaZMwsRbrgcEDX7qyQo8KcgfmYn4U-5ZyQD9G0-fMnfrzwMZ9Uo9Sx2oPYKDfxujyV-XsvUDDX0kcy5GFFH5UVJtxKIDqfo8lbZyMQ2lBqZBO9KzeRZvxoV0-Ml3KZwyBw-9Tcc3sNl_wZKQKMGhk2X9fOHteC4jiLn_Awq4so6GKIg-acth5Zdd13N7YZQKFJqn6BfVwuzofAJ4EeG2-_obE3RMIsBL-h6ywboY2IJuhWr3X8oTZuItSO7dqihF1u3d2v64SjY3KrVXxz2YbddJHoxDjbGvcCzVu621O3cPb44EnR5AF_IrDlTohXWOhCHz-p5tKtd1KHPmfruY6Ra-koQ7KIZ50vPRr6Kiwf7FK-H8rDrYxXsp-wgDy6kc63TdIMsuG9jfqYXdhcucQTAiLrCEloAtyuVDF3k1H47QoN6PhzjPUFKbQVUjVUoQDpjV5O3s54QOwQW4bYUEos3s0YYsLkBkdsVGkp_ZdAbP9ANQqr-x8ZmgmVqaVMiF_kIKer3P-7kcF1wFuFkxQWf5h9WhzY8VyCgnN9XsK2BohLDeqnKMiwqvmeQlvlK3NJJFhKDtEeYv35zUHHWVj6QRS6QKZsZ4YbnjD3tIJ7Yt2KOvmi4hC1jO2B5N2ef9IbzJe06lUxPB3UuI6p7Mpgu3YvgdkOBmpXrrTFKZ-RYWS4Qe0YRFie_6JtfnWZOt-tG_vBnOATYnNEsxH8NW7MQkaUrDSxzHAEoecR9yzaAp857kxHbUOpqOCjE1fcl5dSYOgIMdcUlsex6zNTkhxTARdRC_ts2S6ynCLkbD7vn9BbuaBRvyxE486YMdUnyFeptW-M6cgRSy2zQnm7Zxsxb8yzDJY15-mJaAHQo6-PwUBk6Wv3RBiJ23i4IfClDxFXbe3xAa7J7yfXdQ1tA6h9X2oXVAG47jYq2jvLTs8PGYM5euH6NvyHM4dsSdMv8_TQ0WRgcMjiIVzScDOzHD8OlZAnc5UOx0pKEmoGSmTbXMfKu0T6y5eCPaOkqFfs_XG9q7Oxz-Tlji-gfb6H0NzdxDpwvRUF64aWJPALujnY6uIVKKZANCGdq2u4O-0Sz3OhTP5k2tkXNFsWkq_KzQOqtl5qCrfxSHzbl0FkiK27XxEB2hE-c-Mjaua3wf9L1-0t4zkdiBBz0zGKUzZkPBVWU0HNST4Dxa_IH8pbw10gPA8QHyLEuNCA3HE5h8n2y2IkZhhO09Q3hJBCfmVDCaamaomj4liKIEPptwhaYfi-97ojSize7V9l-3Lv1fkGtu4XbD9HMtLF7KjFdHbQQWCxmpF7rlLyQ6eLQCl5x24sHxIGg4WPgLE8NQLIGV3hI1iu_de-dxzHig2pXq_VOII8gawGBDtp7TtZfs4LPTQxJCNspw1ZF8lTUUlm5DHbVJX3iP7iv3tl613OEDUrV5hqDcKTh9m_f4R0VKfWnvpsYY0DtQIN4ZaZdxC7UqFXs-vv7-c3FmJa-JSA8RJM7e1A5MVplEOrVAZ4qWdiHv8m-ODCc55VyZ3DQJPo59J4AxZQK6qlD0-OrQ1FLeryMlUbR85pwu7lDl9GasWfklXSYXSNZ-GNvZXA-FpbXiEnOdXuR-1dvQxOakQ8aOLAgK1AAHQk62RBNHZbWtQnoWKsE4MzqNCdK7TFCzPlV8OtI6bO8PcnZrXxko6guumSNlJm-eyOwGQsfXZB0uA--ERUB5iE-9C06MWbNy2-kg0j9hgUC0-UzRpIRX8MYPV8cJoS9-lJDRc7DK1A2ir9l6ahpe6nDgYojAsy1vxLlp21RArVesDrVYOjjjqbyy0SLdM&cid=CAASJeRoTajFK0AXyYyDBiO1jSgIBPvGLpJbOMIzqg4x9bqCApm1-3w&rfl=2%2Chttps%253A%252F%252Fwhitesalmonbruins.com%252F%240

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

576b893f01ebd1eee04a1f707677356523e358c639a4f7a05f666e97848dfee2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35569
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame 97B5 3 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/window_focus_fy2021.js

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Sep 2022 20:21:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 97B5 141 KB
44 KB 56ms
53ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d94a91612f816c172c583d17bb06e140969a22fae663e7b8cae7d18d55eb2c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44757
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661773661488070"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Aug 2022 20:49:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame 97B5 17 KB
7 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Sep 2022 20:38:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 97B5 0
0 23ms
21ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQfEaqTA3gRAGUmrWFtiUFOAJjqFVIwmQxzgQfkRwPbkMtRVreh-2iiXlqX__DN8cFOJchwC1_bj7lZ04UP_nsJt2-U0w
Requested by: Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 97B5 42 B
63 B 49ms
47ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Da3dI8ir9gRTlV1B0KrwvWaLzOntByKflMNyaCyhk994SBgRfmtpVnYyAVT0zdKEvI5_Hh7sEFhTnVjNjvdrXdhMKSz-TUAbxY2USjcT3UVcyHMPA

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame 3BE2 68 B
345 B 73ms
12ms Image
image/png 18.185.20.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_UDhKVFlIeG5mVGhrZXRFaFY3aEF3dUlsekJzLzI5OTMxMjkyMDg6OTcweDkw&v=5&s=v31gbo88tmk&id=eyJkZnAiOnsiYWQiOjUxMzQ3MTU0NjMsImMiOm51bGwsImwiOjAsIm8iOjI5OTMxMjkyMDgsIkEiOiIvMjE5MDMyOTU0NzYvU3BvcnRzSHViMi1Mb2NhbC9UaXRsZSIsInkiOjAsImNvIjowLCJzIjoiZ3B0LWFkLTk1MTU5NTQ1ODc0ODk2MTUifX0%3D&sb=undefined&cb=8406447&h=whitesalmonbruins.com&d=eyJ3aCI6IlVEaEtWRmxJZUc1bVZHaHJaWFJGYUZZM2FFRjNkVWxzZWtKekx6STVPVE14TWpreU1EZzZPVGN3ZURrdyIsIndkIjp7Im8iOjI5OTMxMjkyMDgsInciOiI5NzAiLCJoIjoiOTAifSwid3IiOjJ9
Requested by: Host: 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
URL: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.20.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-20-196.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 20:49:49 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwhitesalmonbruins.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwhitesalmonbruins.com%2F&rid=esp&cc=1

85 B
103 B

130ms
116ms

Fetch
application/json

34.120.135.53
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwhitesalmonbruins.com%2F&rid=esp&cc=1
Protocol: H3
Server: 34.120.135.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 4fef4c03fdc3666256245ee34de04a1c1e6d58676dcd73c0a854f5c7ffca4b3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:49 GMT
via: 1.1 google
etag: W/"55-fEtAO0rb5ycb0+otKam0Q6wnQBU"
x-powered-by: Express
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://whitesalmonbruins.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Tue, 30 Aug 2022 20:49:49 GMT
via: 1.1 google
access-control-allow-origin: https://whitesalmonbruins.com
x-powered-by: Express
vary: Origin
location: /esp?url=https%3A%2F%2Fwhitesalmonbruins.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9666 0
10 B 13ms
13ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?h_V6uw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1ADE 2 KB
2 KB 13ms
13ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 09:48:38 GMT
x-content-type-options: nosniff
server: cafe
age: 39671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 31 Aug 2022 09:48:38 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1ADE 295 B
319 B 13ms
13ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 07:50:56 GMT
x-content-type-options: nosniff
server: cafe
age: 46733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 31 Aug 2022 07:50:56 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2224
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEWkW2rFH1hctuPxvtrJoj8&google_cver=1

43 B
906 B

50ms
37ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEWkW2rFH1hctuPxvtrJoj8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCD4EIYr7uLCzAB&v=APEucNXW7FogoiY1oDbZYWfrPA5DiwlXUTP2R8De5moJnYHIkLVFWOT3_lfXxjoCy5EVIXo3lfqnOki0UOFnR1pnsAEGTk3tbdf8Qa92H1yzAcE2z0hJrrpsrBROvh0cWPia2sbqH5nqHScE_4_1wQnllM65OzOLBwk3l12kujginlRGbcvjfR8
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 7430652c99315bed-FRA
pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2B1hy5SWNueCUez2Sf8LPkLntfjlPkuw1s5tOhk6gxGuL3WGJckgKOKrWmiUT1Gig5kAR0CVVPInlvIwwg2Amoy9YHPnS4DWo4ajOdxmBONSt6VuWnjypzSsVTAaHODpwwxsKXFgCoKxyg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEWkW2rFH1hctuPxvtrJoj8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2224
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yw537QOSvj5h7NF2vj9DpAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEWkW2rFH1hctuPxvtrJoj8&google_cver=1

43 B
914 B

32ms
31ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEWkW2rFH1hctuPxvtrJoj8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCD4EIYr7uLCzAB&v=APEucNXW7FogoiY1oDbZYWfrPA5DiwlXUTP2R8De5moJnYHIkLVFWOT3_lfXxjoCy5EVIXo3lfqnOki0UOFnR1pnsAEGTk3tbdf8Qa92H1yzAcE2z0hJrrpsrBROvh0cWPia2sbqH5nqHScE_4_1wQnllM65OzOLBwk3l12kujginlRGbcvjfR8
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 7430652e3b965bed-FRA
pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3nHyVqeccTerfVhb%2Bl2Ls%2FNf9LkJWCPe7EDvxr6OFsuGi2BbNQ07P7hD%2FYQIw%2FqbYTpb0Ln3oMDT3IhI7sbqWqL%2B8pqg0RezznG%2FoZLAlql%2F2LZ7qTpSliiT7je37fBK5KKUM9l7HKCTQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEWkW2rFH1hctuPxvtrJoj8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 2224
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOEmeZhVmn2Zk702IUOE6xc&google_cver=1

43 B
1 KB

8ms
7ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOEmeZhVmn2Zk702IUOE6xc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCD4EIYr7uLCzAB&v=APEucNXW7FogoiY1oDbZYWfrPA5DiwlXUTP2R8De5moJnYHIkLVFWOT3_lfXxjoCy5EVIXo3lfqnOki0UOFnR1pnsAEGTk3tbdf8Qa92H1yzAcE2z0hJrrpsrBROvh0cWPia2sbqH5nqHScE_4_1wQnllM65OzOLBwk3l12kujginlRGbcvjfR8

Protocol

HTTP/1.1

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 20:49:49 GMT
X-Proxy-Origin: 178.162.209.139; 178.162.209.139; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 042f64d1-55b8-45a6-bc9f-f177a7a109b8
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOEmeZhVmn2Zk702IUOE6xc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2224
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIxNjM4NTc5ODQ1MzY0NjMyNg%3D%3D

170 B
188 B

24ms
24ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIxNjM4NTc5ODQ1MzY0NjMyNg%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 20:49:49 GMT
X-Proxy-Origin: 178.162.209.139; 178.162.209.139; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4eb927db-0284-41af-8294-4bf30c5edb8f
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIxNjM4NTc5ODQ1MzY0NjMyNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E9CC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEWkW2rFH1hctuPxvtrJoj8&google_cver=1

43 B
907 B

44ms
34ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEWkW2rFH1hctuPxvtrJoj8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSAfhC3w8UCGP2-7McBMAE&v=APEucNUjjpXjvJ8X-CKEo7nbAM-XwJAOldCN8o-sbMzth4snzA_9gT96jQaHAL7vp2BUnd_tN8WOJ9dB-J_p1mIEPjlMtXnGb9AoHMZgyyDaw9YuKnDzCnivGF0c0gAFyyhKDReEy1iE3P2fIOqD1WFdJG8CDYYACcPkWfbMGeFoclDgeCWwUpc
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 7430652c99335bed-FRA
pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gMNLRVO1ZJS6KqKN69VI69VN47a0BqVVO57950Oncaa3VRCzvAuellYi8gM%2BhmfmGhg23bvl8gouB6pTJJnoVX0CWkWpFB5cq%2F%2F0xeCq837koO3hjTPaKdJrz55Y14ftYHeloEWR07q9hg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEWkW2rFH1hctuPxvtrJoj8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E9CC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yw537QOSvj5h7NF2vj9DpAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEWkW2rFH1hctuPxvtrJoj8&google_cver=1

43 B
911 B

41ms
41ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEWkW2rFH1hctuPxvtrJoj8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSAfhC3w8UCGP2-7McBMAE&v=APEucNUjjpXjvJ8X-CKEo7nbAM-XwJAOldCN8o-sbMzth4snzA_9gT96jQaHAL7vp2BUnd_tN8WOJ9dB-J_p1mIEPjlMtXnGb9AoHMZgyyDaw9YuKnDzCnivGF0c0gAFyyhKDReEy1iE3P2fIOqD1WFdJG8CDYYACcPkWfbMGeFoclDgeCWwUpc
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 7430652e3b945bed-FRA
pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GvLkwPSQyvnj29J3zpPu43Q2aEFUDBSaNCBpB1H%2B6Q%2FO1Hx1j7DF7uIhqzO28jz9seB8Djmt%2B7GHg12XsEKWjPDagCfGq7nF4oXWk%2F0rVvPY5PBIjlFpmBjvVTVSPUIzpNc3KuoopaVWTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEWkW2rFH1hctuPxvtrJoj8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E9CC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOEmeZhVmn2Zk702IUOE6xc&google_cver=1

43 B
1 KB

18ms
17ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOEmeZhVmn2Zk702IUOE6xc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSAfhC3w8UCGP2-7McBMAE&v=APEucNUjjpXjvJ8X-CKEo7nbAM-XwJAOldCN8o-sbMzth4snzA_9gT96jQaHAL7vp2BUnd_tN8WOJ9dB-J_p1mIEPjlMtXnGb9AoHMZgyyDaw9YuKnDzCnivGF0c0gAFyyhKDReEy1iE3P2fIOqD1WFdJG8CDYYACcPkWfbMGeFoclDgeCWwUpc

Protocol

HTTP/1.1

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 20:49:49 GMT
X-Proxy-Origin: 178.162.209.139; 178.162.209.139; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5260bf84-5ced-4f69-a8a1-f7fe8167723c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOEmeZhVmn2Zk702IUOE6xc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E9CC
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIxNjM4NTc5ODQ1MzY0NjMyNg%3D%3D

170 B
188 B

28ms
28ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIxNjM4NTc5ODQ1MzY0NjMyNg%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 20:49:49 GMT
X-Proxy-Origin: 178.162.209.139; 178.162.209.139; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 05e3d96c-1251-46e9-9a80-0b593e3b5f65
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIxNjM4NTc5ODQ1MzY0NjMyNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 brid.slideinview.min.js Show response
p.brid.tv/player/build/plugins/slideinview/1.3.38/ 25 KB
7 KB 20ms
9ms Script
application/javascript 13.225.78.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.brid.tv/player/build/plugins/slideinview/1.3.38/brid.slideinview.min.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-107.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94e055760d3ed152d427d3aeb00c17bcd814a9d05a61debf6d612aa674161b7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 22:09:40 GMT
content-encoding: gzip
last-modified: Wed, 24 Aug 2022 08:02:32 GMT
server: AmazonS3
age: 81610
etag: W/"2ed415da21c7fccbdfbbfc8c2f93e511"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: zekV63YBiWHCc1_2A2Yg0t7urhza5RXZG34yzcoIFjgLwy_Y78t_SA==

GET
H2 200 brid.controls.min.js Show response
p.brid.tv/player/build/plugins/controls/1.2.29/ 109 KB
27 KB 21ms
11ms Script
application/javascript 13.225.78.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.brid.tv/player/build/plugins/controls/1.2.29/brid.controls.min.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-107.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 090d86fd13c97c18045be23639ece974ee162dbfdf15416cc7914f348eef9314

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 19:44:34 GMT
content-encoding: gzip
last-modified: Wed, 24 Aug 2022 08:02:30 GMT
server: AmazonS3
age: 3916
etag: W/"0f41cd96fd39442cb3788baffdc39184"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: A8LbsPiG-8knVNSr_zx2Ck0l9QJMxFsd3BB6uXxFfzqomx-Pz0DB7g==

GET
H2 200 brid.gima.min.js Show response
p.brid.tv/player/build/plugins/gima/1.1.56/ 97 KB
26 KB 19ms
8ms Script
application/javascript 13.225.78.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.brid.tv/player/build/plugins/gima/1.1.56/brid.gima.min.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-107.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3cb84f3d3587107d11f993520ea9c661afd98359cdbe1332fbd3bfccd26fb153

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 19:45:30 GMT
content-encoding: gzip
last-modified: Wed, 24 Aug 2022 08:02:30 GMT
server: AmazonS3
age: 3861
etag: W/"684b5453738b5cd3288c5d0ed4604cf7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 5TnEy_vn2xoUE7IcW6QVQjcAdetEMb4H2IPqHjSB-y1m2mhBMH_6hw==

GET
H2 200 brid.googleanalytics.min.js Show response
p.brid.tv/player/build/plugins/googleanalytics/2.0.0/ 18 KB
3 KB 20ms
10ms Script
application/javascript 13.225.78.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.brid.tv/player/build/plugins/googleanalytics/2.0.0/brid.googleanalytics.min.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-107.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fa7fa879e81262176288b521ab57d6729bc399303e2dcd679301dea2cd88040c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 03:20:00 GMT
content-encoding: br
last-modified: Wed, 24 Aug 2022 08:02:30 GMT
server: AmazonS3
age: 66147
etag: W/"70ecba0b608609c684dddd4a1735fee3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: D2p1mPkMI786HHQocFs4p42F7X-UyBAg5CLd7VYofRiPetRJG3NpiA==

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame C9C1 170 KB
59 KB 69ms
23ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
Origin: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 07:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46730
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Aug 2022 07:50:59 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220829/r20110914/elements/html/ Frame C9C1 8 KB
3 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220829/r20110914/elements/html/omrhp.js

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:33:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1007
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Sep 2022 20:33:02 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220829/r20110914/ Frame C9C1 30 KB
12 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220829/r20110914/abg_lite.js

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dac404ab5c3fcdc83e30b66349bccf92526406c5fdd63b9c1394acf78348ac52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:39:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 641
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11766
x-xss-protection: 0
server: cafe
etag: 14053427913132020778
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Sep 2022 20:39:08 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 97B5 170 KB
59 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
Origin: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 07:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46730
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Aug 2022 07:50:59 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220829/r20110914/elements/html/ Frame 97B5 8 KB
3 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220829/r20110914/elements/html/omrhp.js

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:33:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1007
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Sep 2022 20:33:02 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220829/r20110914/ Frame 97B5 30 KB
12 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220829/r20110914/abg_lite.js

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dac404ab5c3fcdc83e30b66349bccf92526406c5fdd63b9c1394acf78348ac52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:39:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 641
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11766
x-xss-protection: 0
server: cafe
etag: 14053427913132020778
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Sep 2022 20:39:08 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame F6FA 15 KB
6 KB 52ms
20ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=whitesalmonbruins.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

2b00ce902e9ef9e7031d76c62a72c1cb0054185e6691e9a72757a31cead715a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://whitesalmonbruins.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6145
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 20:49:48 GMT
server-processing-duration-in-ticks: 2133
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 creative.html Show response
s0.2mdn.net/sadbundle/17152291192751259648/ Frame 0DD9 1 KB
473 B 73ms
22ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17152291192751259648/creative.html?e=69&leftOffset=0&topOffset=0&c=E8Hmb4GesY&t=1&renderingType=2&ev=01_247

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5089ebf7f8ca652e7a0153451389a00ab07d11d0b0028fe6ddfcef076fba0f94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 445
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 20:49:49 GMT
expires: Wed, 30 Aug 2023 20:49:49 GMT
last-modified: Mon, 28 Feb 2022 16:56:03 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C9C1 0
622 B 136ms
56ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvbO_6QoDT4HDFbbIfSJIgyrrr3B1rG_sRWPBQ_LfBYPc9jIcQxFpHlQ85Gi3EDq2QfxIY5cf9dj4duh1LSoqgOz_QxYGvp1ezKFhzfPSDL0inh_OoWdO8vUOm5oLLsXevwkpgp0dRISCB4Fq2d6-vYo-iUY6Bx7buAR56nzDuOemTEIbS5u3DTpxDG5Rczm3jphsZYQYVeCS6EYslLwZZcnaP-k3OWvpMPRQgG-jrF5HBUNgblO7sXerP5EG9x9Z42ACIkr5N7Ryn8b-iOFg4F1-l-PXiHjAPWy2IG14OunpzLXqJxoyc__Gtdl9OKac8dkztSf32-vBkCIuH3kWrpQqQ3uMQthSHq62YUdYaF0rkYhP7OVDQxChFZ87q1jMh1gJf1ey-N7bpbvg2U6-08oQuF7uJOCUxtDPbwYGvWUX4DOKtv27Vk9oRyYhSKLnD0u1daN5MymH428K-Ftd8mA7xrJtPHmgc8OqLFK-LeuYEgd9zRhyQrfHJDvnBfFGJoDynefYabMT8rK-xoMd5bPelxUI5ZyWkZgxSSG37gOsmTeTP2JVu1WxuCk5AEeE8WW2LjHzXE_97I0esYp8VFhcOpUdB2DkJkhjb5bRTBXs2sxWwcX-eetzyhKPZpqLsThzB--pkKBHYq19AF9yS8P_-jNuMvWIcbZO5giLeqJsLQJBSthYcCT6COJqvvk_faKwCA7_QbaHyYC3Gz1I1sXErasGHItAFs8J_ajqEfSmTlYdb8L-Po46euCa9kIMAWbh8TYcSdZVAEJzi8IsEFfCgXKrM4krT8_-E2U2lSbFykU5j4LBPoEAYxXH6k_f20x5puazDQDfVSeON7d-EpobQlFBjL2mgoa5bF7XuX1_Ui3aMx7QS1dzeFfNUizuxIEZ5NQQNbTmA2EbzPkb-M9VcIpL1iLzQXV26Em4y-ZE2xP7qhlI2egV7D-zGHUVebCc13eeG3VWcwbe6m2WcAIcs5vrKT8Y8CWRZ5vnmEKekKk092ZD3sG5OTcLDFY0GHqM2l7BoSbuUHM4AgEwbTJispfB7xP14H_YiTnYes7txYivMMG2cHaYOan6nUZ4C8dqQvUrVcTd2WqWJ_lkxHshypNmboOy62jNDNik3wMN_FvU-lnA1COXX3aUUckBlApHtRM2S4kNVtXSqQLEMpnM5UYFckVnpzR74f-tQUKhAXIwIVo8gZ2t10jqGO31IWJNAP-zfitY0f5PVQZFaCwozsDtXrt6_4xlFPh8RwQA&sai=AMfl-YT9DVBQvqjJWzIoRkWW6hh8bgeI6Jc-tPCwqBJerg24IRXzHegzcd2ZioI_IJ6gPdBOGA_-PkMctUcXR_DEqJmUOtdAT0VR2AGR5OrHpfv0jLRsnuWE9W-ZPzJDvZKjG-BvqKI7FxJTDkO55Y04oU5UIuvxESHesQLZOxrzAokG6RLCpaiBImeU2wwmqN51IlTdsg2WvzBhQqmmKGOtPQZ8&sig=Cg0ArKJSzPTPUA9kwmDhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=137&cbvp=1&cstd=128&cisv=r20220829.74512&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 30 Aug 2022 20:49:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 376 KB
126 KB 47ms
18ms Script
text/javascript 2a00:1450:400e:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128229
x-xss-protection: 0
expires: Tue, 30 Aug 2022 20:49:49 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: p.brid.tv
URL: https://p.brid.tv/player/build/plugins/googleanalytics/2.0.0/brid.googleanalytics.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6469
date: Tue, 30 Aug 2022 19:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 30 Aug 2022 21:02:00 GMT

GET
H2 200 ping.gif
stats-dev.brid.tv/ 0
346 B 53ms
8ms Image
image/gif 13.224.189.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-dev.brid.tv/ping.gif?p=11384&pr=p&dp=d&b=c&pid=33424&s=16|9&apa=0&df=0&os=w&m=0&ow=11507&e=l
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-123.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 03:49:04 GMT
via: 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 09:25:32 GMT
server: AmazonS3
age: 61246
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: TpuCS1aZqf1VHle360HViL7SVf_jXgS2nJVhBhXSC5nku5OgvGDY5Q==

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 97B5 41 KB
15 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 392332
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Aug 2023 07:50:57 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8E3E 1 KB
749 B 14ms
14ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
URL: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22665
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 14:32:04 GMT
etag: 48472445140208031
expires: Wed, 31 Aug 2022 14:32:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 97B5 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1da6bc0e2a0e8b1ede86545014afa032fe822912e615d277a7a84703263fac25

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C9C1 41 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 392332
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Aug 2023 07:50:57 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1A6E 1 KB
749 B 13ms
12ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
URL: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22665
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 14:32:04 GMT
etag: 48472445140208031
expires: Wed, 31 Aug 2022 14:32:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C9C1 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cb18f41a549cb5aa8e55e11a38da6bb88e6176ee07f690fa87ed7d53caa47ef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/ Frame B2F5 11 KB
3 KB 22ms
22ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/index.html?e=69&leftOffset=0&topOffset=0&c=KomSFqTT1J&t=1&renderingType=2&ev=01_247

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9a07d57553a576ae262f48e57028df69cf503b70747f754b1e18e5eb92419ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3317
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 20:49:49 GMT
expires: Wed, 30 Aug 2023 20:49:49 GMT
last-modified: Tue, 12 Apr 2022 10:31:44 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 97B5 0
27 B 87ms
59ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvkFctLm4Pg6IDucdE2EiYlU6E-j2obh9rlzTu2EXeE1ky3y9CmdGgvpKc7al-r778zKyD3cKqronp28gbF4OlWfixUJNmiEQIQGAklO0J-Q5NcRVuOfxjL3yx5APs3G49fowjm4aYXfNdM0qsmN7oI0GXJZv4pEnv73Sxq5xIH59BkEIO1GUg20-eRRaIGe7qA2GFuNGMx4cNXPZEM8tjnjMgburYDy6QX44S2Mv4REbbc6waH1sahefguaDwAYVTTdrF0cHDlfktlAaRSWq94IQlJMZX3RjEaPxCt9XzD2T4vLth564U0mPnfFvm_uCvcqa2Hsogotplca5wyOuioyEMKhqvX3Pnswz8djAIwPD2yxrv5ZLjfn03WxVLSZ-ogk4NzYyr6sdsAASdq76OJdlAy5oTrp5BkPSUFgVbsfF8D7HQ1u83xB73qmatk_D0Eu-tkAgEHyCwVEKu-A90gjMkQtbgd_qoQkyFYjH1A9JQdz8FqefS3_-lNjfcnOuTal7ub5QbVNncwM5ix4txlAmihH-vhK2N5JxrXrgDjst2LBheXTIo4BR-sMpBg5jSmyIWVWd2Pq5g-d2TN6BHmhF63nSB1o2pZYPzxAlsKgB3gdB2H7_zux2qtgdC2GXzskgiTUYnQRtmMGheoWRS8hcuz0qT7EtIqFgWFmwhbyF5kNDSGKygIJQrG_kiWVtNxNoCgUVNb-na_3oIQj6T9j4lSJKp66FWxoDCNHVRLtdiGlBiA4QRfHBn8N7iMDkb0PEmb5JoY0VTxHl_GFyQQN8-BLV69D2EP_lrh5W32p7u0VKj8Tr6FsO_FhMRsenZmyYvgOPE5FrOQGwixxz-DJKOXrUQaUWh5poOwXaGrNz437XsQmeBK4lRaOMDNGUWQ_mZE-4XP5sA2HVyNwhnUN4VEWwNh5xG6_-h3dOF8qLWGHAdgqQaa6NKoE_rSEhmYbthtNPyp-qJgcGocbY_d9QT31ZUv82BYSzennBPYPynoiM5MSwiDH9XPx-n1UqeJIIEbJUPXMRsN9tqSMxpi3zyapFu1XYnNUZKyZ2sSW13ykEkZrdAxHH_DjsweOGkFXHA5KoxlygmmyFWf9I6cL1vHoBpEV60ZNaQwu5lmZ69kjnWWzbQaG3NP5NzeWNrDG4AIMwUn1k70X8EkAnETig84dRzzqn_TWrCABHLyNJ2a2R7QcmxCBYQ2cnjsr85cvQrx00lO6Op1jnx2z8SzGS-1kD-k4f95ezS7dAFjYP_Y7Vu1zU71CYe_cYYRs2oy&sai=AMfl-YRy3Yxr80uaZAKpoOAmDrmkBukUtHMPHQOUmKSJ39q52FU38DyvqQhjkzdep_bY2EjcuzySdjpjumnZIqEx2AYyF7WuVJEfEAPmk7-O14nfSzNUYduNi2PWYXpcdGRiviireiyen__C6qNq6cFfEHHQ4bGysNIZ0yQCtC---sZguUgfLYNxKVCZf6JoV3nl4KLl5WdFtl1A5MGySUJ-SQVGWAnoqpKSdRAGXTpKy4F6fRfp&sig=Cg0ArKJSzNxdepvYDCLbEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=314&cbvp=1&cstd=310&cisv=r20220829.27076&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 30 Aug 2022 20:49:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 72252
stags.bluekai.com/site/ Frame 97B5 62 B
514 B 275ms
273ms Image
image/gif 23.7.201.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/72252?limit=0&phint=event%3Dimp&phint=pid%3D333790633&phint=cid%3D27602381&phint=aid%3D5481501&phint=sid%3D4054586&phint=crid%3D169406718&phint=adid%3D525576444&phint=&phint=uid%3D0!
Requested by: Host: 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
URL: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.7.201.234 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-7-201-234.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:50 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length: 62
content-type: image/gif

GET
H3

200

B20896411.220210114;dc_pre=CPWw5qu47_kCFVaZdwod2MQIww;dc_trk_aid=418605151;dc_trk_cid=99469240;ord=2873227620;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=
ad.doubleclick.net/ddm/trackimp/N5716.2176937TRAVELAUDIENCE0/ Frame 97B5
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N5716.2176937TRAVELAUDIENCE0/B20896411.220210114;dc_trk_aid=418605151;dc_trk_cid=99469240;ord=2873227620;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?%...
https://ad.doubleclick.net/ddm/trackimp/N5716.2176937TRAVELAUDIENCE0/B20896411.220210114;dc_pre=CPWw5qu47_kCFVaZdwod2MQIww;dc_trk_aid=418605151;dc_trk_cid=99469240;ord=2873227620;dc_lat=;dc_rdid=;t...

43 B
64 B

66ms
34ms

Image
image/gif

172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N5716.2176937TRAVELAUDIENCE0/B20896411.220210114;dc_pre=CPWw5qu47_kCFVaZdwod2MQIww;dc_trk_aid=418605151;dc_trk_cid=99469240;ord=2873227620;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?%22BORDER=%220%22HEIGHT=%221%22WIDTH=%221%22ALT=%22Advertisement

Requested by

Host: 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
URL: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f6.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N5716.2176937TRAVELAUDIENCE0/B20896411.220210114;dc_pre=CPWw5qu47_kCFVaZdwod2MQIww;dc_trk_aid=418605151;dc_trk_cid=99469240;ord=2873227620;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?%22BORDER=%220%22HEIGHT=%221%22WIDTH=%221%22ALT=%22Advertisement
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 Bz897scubM-27399.mp4
edge.fast-rapidreplay.com/video/ 3 MB
3 MB 1194ms
1059ms Media
video/mp4 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fast-rapidreplay.com/video/Bz897scubM-27399.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 753686c6c7529298a8991ee4fdc32312d426b123d86428dbcb6e91a88fa59a23

Request headers

Referer: https://whitesalmonbruins.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: 4_z528b70e1cd790dd8784a0e16_f1189beba1f888289_d20210303_m182639_c000_v0001078_t0051
via: 1.1 varnish, 1.1 varnish
etag: "bbd30c256e351648766631dc4537c581"
age: 1
x-amz-meta-src_last_modified_millis: 1614795997139
x-cache: MISS, MISS
Content-Range: bytes 0-2748943/2748944
Content-Length: 2748944
x-amz-id-2: aMhdiczBNMd5k0zkWZME4djjfYW9lVjbT
x-served-by: cache-sjc10033-SJC, cache-fra19134-FRA
last-modified: Wed, 03 Mar 2021 18:26:39 GMT
x-timer: S1661892590.978023,VS0,VE1009
date: Tue, 30 Aug 2022 20:49:51 GMT
x-amz-request-id: e8b81e83df3e8f99
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-type: video/mp4
x-cache-hits: 0, 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 21ms
21ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=625256185&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwhitesalmonbruins.com%2F&ul=en-us&de=UTF-8&dt=Columbia%20High%20School%20(White%20Salmon)%20-%20Team%20Home%20Columbia%20High%20School%20(White%20Salmon)%20Bruins%20Sports&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Brid-Video&ea=Start&el=Columbia%20HS%20(WA)%20-%20Varsity%20Boys%20Football_*0&_u=KADAAEABAAAAAC~&jid=1934621943&gjid=216789634&cid=1659917486.1661892587&tid=UA-87343362-1&_gid=196283028.1661892587&_r=1&_slc=1&z=1225669360

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://whitesalmonbruins.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 47ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-H5WYGT4MKE&gtm=2oe8t0&_p=625256185&cid=1659917486.1661892587&ul=en-us&sr=1600x1200&_eu=C&_z=ccd.v9B&_s=2&sid=1661892587&sct=1&seg=0&dl=https%3A%2F%2Fwhitesalmonbruins.com%2F&dt=Columbia%20High%20School%20(White%20Salmon)%20-%20Team%20Home%20Columbia%20High%20School%20(White%20Salmon)%20Bruins%20Sports&en=video_start&_ee=1&ep.event_label=whitesalmonbruins&epn.event_category=11&ep.non_interaction=true&_et=2824
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5WYGT4MKE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://whitesalmonbruins.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 46ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-H5WYGT4MKE&gtm=2oe8t0&_p=625256185&ul=en-us&cid=1659917486.1661892587&sr=1600x1200&_z=ccd.v9B&_s=3&dl=https%3A%2F%2Fwhitesalmonbruins.com%2F&dt=Columbia%20High%20School%20(White%20Salmon)%20-%20Team%20Home%20Columbia%20High%20School%20(White%20Salmon)%20Bruins%20Sports&sid=1661892587&sct=1&seg=0&en=video_start&ep.event_label=whitesalmonbruins&epn.event_category=11&ep.non_interaction=true&_et=2824
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5WYGT4MKE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://whitesalmonbruins.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
14ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=625256185&t=event&_s=2&dl=https%3A%2F%2Fwhitesalmonbruins.com%2F&ul=en-us&de=UTF-8&dt=Columbia%20High%20School%20(White%20Salmon)%20-%20Team%20Home%20Columbia%20High%20School%20(White%20Salmon)%20Bruins%20Sports&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Brid-Video&ea=Start&el=player_id%3A33424&_u=KADAAEABAAAAAC~&jid=&gjid=&cid=1659917486.1661892587&tid=UA-87343362-1&_gid=196283028.1661892587&z=386895754

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 02:35:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65689
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping.gif
stats-dev.brid.tv/ 0
347 B 10ms
7ms Image
image/gif 13.224.189.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-dev.brid.tv/ping.gif?p=11384&pr=p&dp=d&d=NaN&b=c&pid=33424&s=16|9&os=w&m=0&id=undefined&ow=11507&e=s
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-123.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 03:49:04 GMT
via: 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 09:25:32 GMT
server: AmazonS3
age: 61246
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: 9IqQlT3XNniLVBE1UpjRpWUP-KO4fyZ4XIkePzjdYtWubxGigjPacA==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
15ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=625256185&t=event&_s=3&dl=https%3A%2F%2Fwhitesalmonbruins.com%2F&ul=en-us&de=UTF-8&dt=Columbia%20High%20School%20(White%20Salmon)%20-%20Team%20Home%20Columbia%20High%20School%20(White%20Salmon)%20Bruins%20Sports&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Brid-Video&ea=Play&el=Columbia%20HS%20(WA)%20-%20Varsity%20Boys%20Football_*0&_u=KADAAEABAAAAAC~&jid=&gjid=&cid=1659917486.1661892587&tid=UA-87343362-1&_gid=196283028.1661892587&z=1746308486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 02:35:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65689
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
15ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=625256185&t=event&_s=4&dl=https%3A%2F%2Fwhitesalmonbruins.com%2F&ul=en-us&de=UTF-8&dt=Columbia%20High%20School%20(White%20Salmon)%20-%20Team%20Home%20Columbia%20High%20School%20(White%20Salmon)%20Bruins%20Sports&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Brid-Video&ea=Play&el=player_id%3A33424&_u=KADAAEABAAAAAC~&jid=&gjid=&cid=1659917486.1661892587&tid=UA-87343362-1&_gid=196283028.1661892587&z=2023338245

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 02:35:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65689
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 initial.css
s0.2mdn.net/sadbundle/17152291192751259648/assets/css/ Frame 0DD9 2 KB
1008 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17152291192751259648/assets/css/initial.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17152291192751259648/creative.html?e=69&leftOffset=0&topOffset=0&c=E8Hmb4GesY&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9e15c4552956ffe977ef5ec2483b3ab95cc0c73fbec1df597a9a8ab557082b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17152291192751259648/creative.html?e=69&leftOffset=0&topOffset=0&c=E8Hmb4GesY&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 13:18:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545503
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 979
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 16:56:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Aug 2023 13:18:06 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 0DD9 118 KB
40 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17152291192751259648/creative.html?e=69&leftOffset=0&topOffset=0&c=E8Hmb4GesY&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17152291192751259648/creative.html?e=69&leftOffset=0&topOffset=0&c=E8Hmb4GesY&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 07:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46729
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Aug 2022 07:51:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ Frame 0DD9 82 KB
30 KB 62ms
15ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17152291192751259648/creative.html?e=69&leftOffset=0&topOffset=0&c=E8Hmb4GesY&t=1&renderingType=2&ev=01_247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 20:17:35 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/ Frame 0DD9 233 KB
62 KB 76ms
28ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/jquery-ui.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17152291192751259648/creative.html?e=69&leftOffset=0&topOffset=0&c=E8Hmb4GesY&t=1&renderingType=2&ev=01_247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63865
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 16:10:57 GMT

GET
H3 200 initial.js Show response
s0.2mdn.net/sadbundle/17152291192751259648/assets/js/ Frame 0DD9 17 KB
3 KB 15ms
14ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17152291192751259648/assets/js/initial.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17152291192751259648/creative.html?e=69&leftOffset=0&topOffset=0&c=E8Hmb4GesY&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4613197e4af367199f6835b609e010eb3e5256f982cd18671688fa08e722f83d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17152291192751259648/creative.html?e=69&leftOffset=0&topOffset=0&c=E8Hmb4GesY&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 03:33:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62183
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3154
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 16:56:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Aug 2023 03:33:26 GMT

GET
H3 200 logo.jpg
s0.2mdn.net/sadbundle/17152291192751259648/assets/images/ Frame 0DD9 3 KB
3 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17152291192751259648/assets/images/logo.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17152291192751259648/creative.html?e=69&leftOffset=0&topOffset=0&c=E8Hmb4GesY&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

794d61e219331f90223f84b6f7806082dd2fb5388d3c74af6bab63ad2ce022bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17152291192751259648/creative.html?e=69&leftOffset=0&topOffset=0&c=E8Hmb4GesY&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 13:18:06 GMT
x-content-type-options: nosniff
age: 545503
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2754
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 16:56:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Aug 2023 13:18:06 GMT

GET
H3 200 spinner.gif
s0.2mdn.net/sadbundle/17152291192751259648/assets/images/ Frame 0DD9 7 KB
7 KB 14ms
13ms Image
image/gif 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17152291192751259648/assets/images/spinner.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17152291192751259648/creative.html?e=69&leftOffset=0&topOffset=0&c=E8Hmb4GesY&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcc5de0f53784c98bf4b3345b43f7d95736bd096e7ce0b8132a0555624adc13a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17152291192751259648/creative.html?e=69&leftOffset=0&topOffset=0&c=E8Hmb4GesY&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 08:46:26 GMT
x-content-type-options: nosniff
age: 561803
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6841
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 16:56:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Aug 2023 08:46:26 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame F6FA
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=whitesalmonbruins.com&sn=ChromeSyncframe&so=0&topUrl=whitesalmonbruins.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=DrKfxXx3QU9iUThHRGZFY2JIM1BNRDdXTDIvalNCMFIzRGN3ak1xSHM5bzI2cnFtUktYNUlsTGJZeUI2eVdUN0dHQzBIaXdnbWxBVUxHNGN1cG8vTE56ZmNkR3dXcEpyYnNTTjhmL2ZhbUp2cEhxd0VnaXRzVnBDYS84cD...

443 B
642 B

112ms
20ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=DrKfxXx3QU9iUThHRGZFY2JIM1BNRDdXTDIvalNCMFIzRGN3ak1xSHM5bzI2cnFtUktYNUlsTGJZeUI2eVdUN0dHQzBIaXdnbWxBVUxHNGN1cG8vTE56ZmNkR3dXcEpyYnNTTjhmL2ZhbUp2cEhxd0VnaXRzVnBDYS84cDlZVitRRDFhN0RvVUp2WjFZaHhFVzBiclo2UnNucXBodTN5RmlZTlh5eVZva2NQVGJPSzZQeU9jVDhmdnZxTjg1a3lML3BjNDRadVlMc3hUcVpQMnRVb2JWbnh5Z2RnSEgxeFlybnh3MkFzZHN4Qi9vVlE5UXBCN1V2MEV1eXNOWlE2SUt2K3FnL0Qrcjc3YkxFNTlnb0VDWlpOZGlSbWo0bS9zOWdIYlp4SVZLUFFvQVVsOD18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

c572641410adfe1f556ef8fafa3b93c49a72ed88d1ee656e20ea03bf2790adf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 6057
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=DrKfxXx3QU9iUThHRGZFY2JIM1BNRDdXTDIvalNCMFIzRGN3ak1xSHM5bzI2cnFtUktYNUlsTGJZeUI2eVdUN0dHQzBIaXdnbWxBVUxHNGN1cG8vTE56ZmNkR3dXcEpyYnNTTjhmL2ZhbUp2cEhxd0VnaXRzVnBDYS84cDlZVitRRDFhN0RvVUp2WjFZaHhFVzBiclo2UnNucXBodTN5RmlZTlh5eVZva2NQVGJPSzZQeU9jVDhmdnZxTjg1a3lML3BjNDRadVlMc3hUcVpQMnRVb2JWbnh5Z2RnSEgxeFlybnh3MkFzZHN4Qi9vVlE5UXBCN1V2MEV1eXNOWlE2SUt2K3FnL0Qrcjc3YkxFNTlnb0VDWlpOZGlSbWo0bS9zOWdIYlp4SVZLUFFvQVVsOD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1408
content-length: 567
expires: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 96EE 0
91 B 36ms
21ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://whitesalmonbruins.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Tue, 30 Aug 2022 20:49:49 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3632 22 KB
8 KB 13ms
13ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 392332
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 Aug 2022 07:50:57 GMT
expires: Sat, 26 Aug 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 brid.parser.min.js Show response
p.brid.tv/player/build/plugins/parser/1.1.62/ 83 KB
23 KB 8ms
8ms Script
application/javascript 13.225.78.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.brid.tv/player/build/plugins/parser/1.1.62/brid.parser.min.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-107.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9733f74c8db00fe291f3c517b8035d76e76a4ae52bcebfb4cba273ce8d8d0065

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 21:02:33 GMT
content-encoding: br
last-modified: Wed, 24 Aug 2022 08:02:31 GMT
server: AmazonS3
age: 85636
etag: W/"1b2c7d0111d1b3cb12b04bb05878c71e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: GL4gFs6Q9KjO0jnb0C_vmd4XpFUophouxZSdfZ5PxcT4N-5yllm3tg==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
443 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-87343362-1&cid=1659917486.1661892587&jid=1934621943&gjid=216789634&_gid=196283028.1661892587&_u=KADAAEABAAAAAC~&z=1848010786

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://whitesalmonbruins.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 30 Aug 2022 20:49:49 GMT
content-type: text/plain
access-control-allow-origin: https://whitesalmonbruins.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 72DF 22 KB
8 KB 17ms
16ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 392332
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 Aug 2022 07:50:57 GMT
expires: Sat, 26 Aug 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adlib.css
s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/ Frame B2F5 5 KB
2 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/index.html?e=69&leftOffset=0&topOffset=0&c=KomSFqTT1J&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ac0a8d8faf26b8a5ab31b9a5dcb8778adb98efcea5b4d2e38197e0a06e765c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/index.html?e=69&leftOffset=0&topOffset=0&c=KomSFqTT1J&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 14:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369574
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1887
x-xss-protection: 0
last-modified: Tue, 12 Apr 2022 10:31:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Aug 2023 14:10:15 GMT

GET
H3 200 adStyle.css
s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/ Frame B2F5 3 KB
758 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/adStyle.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/index.html?e=69&leftOffset=0&topOffset=0&c=KomSFqTT1J&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bed53a23d0424d19d4b95ee0ee9dd2cc973c03b8058ac6e8a24dd1143d6862a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/index.html?e=69&leftOffset=0&topOffset=0&c=KomSFqTT1J&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 14:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369574
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 729
x-xss-protection: 0
last-modified: Tue, 12 Apr 2022 10:31:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Aug 2023 14:10:15 GMT

GET
H3 200 Enabler_01_248.js Show response
s0.2mdn.net/879366/ Frame B2F5 118 KB
40 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_248.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/index.html?e=69&leftOffset=0&topOffset=0&c=KomSFqTT1J&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/index.html?e=69&leftOffset=0&topOffset=0&c=KomSFqTT1J&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 21:45:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83050
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41094
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:45:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Aug 2022 21:45:39 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B2F5 57 KB
23 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/index.html?e=69&leftOffset=0&topOffset=0&c=KomSFqTT1J&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/index.html?e=69&leftOffset=0&topOffset=0&c=KomSFqTT1J&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Aug 2022 20:49:49 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/ Frame B2F5 9 KB
9 KB 19ms
18ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/index.html?e=69&leftOffset=0&topOffset=0&c=KomSFqTT1J&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e556f932d7384bfc518f2cf1b97471f12fcad1ae464d0cd1e0da8ca80d5677ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/index.html?e=69&leftOffset=0&topOffset=0&c=KomSFqTT1J&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 14:10:15 GMT
x-content-type-options: nosniff
age: 369575
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8876
x-xss-protection: 0
last-modified: Tue, 12 Apr 2022 10:31:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Aug 2023 14:10:15 GMT

GET
H3 200 adlibUtils-v3.js Show response
s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/ Frame B2F5 25 KB
10 KB 14ms
13ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/adlibUtils-v3.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/index.html?e=69&leftOffset=0&topOffset=0&c=KomSFqTT1J&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6aed3a238eccdba51ccad99da44ae89e563a5e561cff593bdaa35982b8cc16f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/index.html?e=69&leftOffset=0&topOffset=0&c=KomSFqTT1J&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 12:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204096
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10657
x-xss-protection: 0
last-modified: Tue, 12 Apr 2022 10:31:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 28 Aug 2023 12:08:13 GMT

GET
H3 200 utmParser.js Show response
s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/ Frame B2F5 2 KB
460 B 14ms
14ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/utmParser.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/index.html?e=69&leftOffset=0&topOffset=0&c=KomSFqTT1J&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f043e627a711ed963737e07087d39721474eed802ddddb70a1140e0082a418f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/index.html?e=69&leftOffset=0&topOffset=0&c=KomSFqTT1J&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 14:10:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369573
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 431
x-xss-protection: 0
last-modified: Tue, 12 Apr 2022 10:31:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Aug 2023 14:10:16 GMT

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/ Frame B2F5 3 KB
1 KB 18ms
17ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/animation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/index.html?e=69&leftOffset=0&topOffset=0&c=KomSFqTT1J&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3602d0d144084642c0645fc286b71c84cda029a98157d9940811bad312671d3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/index.html?e=69&leftOffset=0&topOffset=0&c=KomSFqTT1J&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 14:10:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369574
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1185
x-xss-protection: 0
last-modified: Tue, 12 Apr 2022 10:31:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Aug 2023 14:10:16 GMT

GET
H3 200 splittext.min.js Show response
s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/ Frame B2F5 5 KB
3 KB 18ms
17ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/splittext.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/index.html?e=69&leftOffset=0&topOffset=0&c=KomSFqTT1J&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a3a93ff195fb60e6bffb8600751899ca4743fe21f8c4c139bb504689e13d0e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/index.html?e=69&leftOffset=0&topOffset=0&c=KomSFqTT1J&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 22:39:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79822
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2535
x-xss-protection: 0
last-modified: Tue, 12 Apr 2022 10:31:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 22:39:28 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 8E3E 35 B
362 B 15ms
9ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFMVwKdbWX3lfgAAzx3I_Ks&google_cver=1&google_push=AehlK4Cy32D78NcaPTUz7q2IEBYkUslxTUMFZx0jb9HOug5GdoOhaczx4eESG4fzGx2qEqSkxOLoAXEpJ1fLpeYtCSsEM09PDvM

Requested by

Host: 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
URL: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8E3E
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI9WQ7u25CrdcAbeLWwNuZQ&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI9WQ7u25CrdcAbeLWwNuZQ&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TVZxN3ptblkxT3Q4YmI1&google_gid=CAESEI9WQ7u25CrdcAbeLWwNuZQ&google_cver=1&google_push=AehlK4C-iKoqRsf2xOdlQJUc1NQl-HXxxQRNlzzI8CT3qsq...

170 B
188 B

27ms
25ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TVZxN3ptblkxT3Q4YmI1&google_gid=CAESEI9WQ7u25CrdcAbeLWwNuZQ&google_cver=1&google_push=AehlK4C-iKoqRsf2xOdlQJUc1NQl-HXxxQRNlzzI8CT3qsqALc1GwDsA2jS_HZV0lynjUlELtZ36MiEQovPpFTffHGU60d8dERQ

Requested by

Host: 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
URL: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 20:49:49 GMT
Server: PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-0b4faee82b62afb2e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TVZxN3ptblkxT3Q4YmI1&google_gid=CAESEI9WQ7u25CrdcAbeLWwNuZQ&google_cver=1&google_push=AehlK4C-iKoqRsf2xOdlQJUc1NQl-HXxxQRNlzzI8CT3qsqALc1GwDsA2jS_HZV0lynjUlELtZ36MiEQovPpFTffHGU60d8dERQ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8E3E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHnJix-a0XZlNMQQPL0qx9A&google_cver=1&google_push=AehlK4D6f6As0Qe1zZCXu7Tw57Fz6mdd6hS-O4a5eHqbhywl7yiK8zWyNDGZ3TCTJw3url6ykhZsFYWg-ETss82p...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4D6f6As0Qe1zZCXu7Tw57Fz6mdd6hS-O4a5eHqbhywl7yiK8zWyNDGZ3TCTJw3url6ykhZsFYWg-ETss82pJ9nf_bk7n5M

170 B
188 B

25ms
24ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4D6f6As0Qe1zZCXu7Tw57Fz6mdd6hS-O4a5eHqbhywl7yiK8zWyNDGZ3TCTJw3url6ykhZsFYWg-ETss82pJ9nf_bk7n5M

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 30 Aug 2022 20:49:51 GMT
Server: MT3 4505 5b23575 master hkg-pixel-x7 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4D6f6As0Qe1zZCXu7Tw57Fz6mdd6hS-O4a5eHqbhywl7yiK8zWyNDGZ3TCTJw3url6ykhZsFYWg-ETss82pJ9nf_bk7n5M
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 30 Aug 2022 20:49:50 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 8E3E
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESELxvq62hABIkIGzkeJcDwW4&google_cver=1&google_push=AehlK4AdkyKpQCbDjEaxOrqRb1GjEp7QzU7JEBsTSdJ1a7qNuIE5KZrJpEdGBaGaCYAPskPzKgesz-D1jA7qoUYfYC8KOcG2guYj&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELxvq62hABIkIGzkeJcDwW4&google_cver=1&google_push=AehlK4AdkyKpQCbDjEaxOrqRb1GjEp7QzU7JEBsTSdJ1a7qNuIE5KZrJpEdGBaGaCYAPskPzKgesz-D1jA7qoUYfYC8KOcG2guY...

43 B
411 B

169ms
153ms

Image
image/gif

2606:4700:4400::6812:230b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELxvq62hABIkIGzkeJcDwW4&google_cver=1&google_push=AehlK4AdkyKpQCbDjEaxOrqRb1GjEp7QzU7JEBsTSdJ1a7qNuIE5KZrJpEdGBaGaCYAPskPzKgesz-D1jA7qoUYfYC8KOcG2guYj&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4AdkyKpQCbDjEaxOrqRb1GjEp7QzU7JEBsTSdJ1a7qNuIE5KZrJpEdGBaGaCYAPskPzKgesz-D1jA7qoUYfYC8KOcG2guYj%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
URL: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:50 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 74306530ad099076-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:50 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 2266
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7430652f4b219076-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELxvq62hABIkIGzkeJcDwW4&google_cver=1&google_push=AehlK4AdkyKpQCbDjEaxOrqRb1GjEp7QzU7JEBsTSdJ1a7qNuIE5KZrJpEdGBaGaCYAPskPzKgesz-D1jA7qoUYfYC8KOcG2guYj&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4AdkyKpQCbDjEaxOrqRb1GjEp7QzU7JEBsTSdJ1a7qNuIE5KZrJpEdGBaGaCYAPskPzKgesz-D1jA7qoUYfYC8KOcG2guYj%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8E3E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJHwAytDGc511seCKrJJNpE&google_push=AehlK4AYPYEmVoLUd49q1CcTNCYnC18Y1ffIjQSAR6cYJcVh2WNgiBHOmS...

170 B
188 B

24ms
24ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJHwAytDGc511seCKrJJNpE&google_push=AehlK4AYPYEmVoLUd49q1CcTNCYnC18Y1ffIjQSAR6cYJcVh2WNgiBHOmSPaAnK920cN98WvqsLGvJ0Bdcl0gjckPEVl2Tm7kF1F

Requested by

Host: 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
URL: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:50 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1661892590.968614,VS0,VE95
x-served-by: cache-fra19174-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJHwAytDGc511seCKrJJNpE&google_push=AehlK4AYPYEmVoLUd49q1CcTNCYnC18Y1ffIjQSAR6cYJcVh2WNgiBHOmSPaAnK920cN98WvqsLGvJ0Bdcl0gjckPEVl2Tm7kF1F
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 8E3E 70 B
265 B 104ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENo0lfxIrq1j6MpK0LiT_Rs&google_cver=1&google_push=AehlK4AQgS-JUYqlZsX0qNO6fF2ncBKCTqORqkjfEiJTaQJcfgvBW1FbN9nBn9PbjQGDQSqgc-4YMizgd8e7-K8YsPRrhxPmn5eA
Requested by: Host: 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
URL: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:50 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8E3E
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELowucEZ1hy-WNVlpnmt6Ek&google_cver=1&google_push=AehlK4CbPSlXeULZM2Y7jSyRs3s3g50aS1MLMkYvdCEoo6Oo2vxuywzp9Qu82lYz2_2148xnUHyNis9G...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELowucEZ1hy-WNVlpnmt6Ek&google_cver=1&google_push=AehlK4CbPSlXeULZM2Y7jSyRs3s3g50aS1MLMkYvdCEoo6Oo2vxuywzp9Qu82lYz2_2148xnUHy...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUxMDUwOTQzMTM5NzkzOTYwOQ&google_push=AehlK4CbPSlXeULZM2Y7jSyRs3s3g50aS1MLMkYvdCEoo6Oo2vxuywzp9Qu82lYz2_2148xnUHyNis...

170 B
188 B

24ms
24ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUxMDUwOTQzMTM5NzkzOTYwOQ&google_push=AehlK4CbPSlXeULZM2Y7jSyRs3s3g50aS1MLMkYvdCEoo6Oo2vxuywzp9Qu82lYz2_2148xnUHyNis9GUCssQyM_W0LzYS2KD9mp

Requested by

Host: 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
URL: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:50 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUxMDUwOTQzMTM5NzkzOTYwOQ&google_push=AehlK4CbPSlXeULZM2Y7jSyRs3s3g50aS1MLMkYvdCEoo6Oo2vxuywzp9Qu82lYz2_2148xnUHyNis9GUCssQyM_W0LzYS2KD9mp
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8E3E 0
12 B 25ms
21ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IxsddKm_3bh_TzEVVCDgyYYtz9t4fU8soLn03dOCiQRNF1c6CoZXJj_sEh3lQZ1R6jzFDG

Requested by

Host: 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
URL: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 1A6E 35 B
362 B 15ms
10ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFMVwKdbWX3lfgAAzx3I_Ks&google_cver=1&google_push=AehlK4CmNla6D_fBgWeJqxzhu9vGhq9jwbCfV3dwZgPD3KxUllk8YlvCR1v8QkVUNC1F1_Ky0iohMWA2_hDS-EuM14ZbADeeEm0rnA

Requested by

Host: 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
URL: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A6E
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI9WQ7u25CrdcAbeLWwNuZQ&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI9WQ7u25CrdcAbeLWwNuZQ&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TVZxN3ptblkxT3Q4YmI1&google_gid=CAESEI9WQ7u25CrdcAbeLWwNuZQ&google_cver=1&google_push=AehlK4CcLPDZjYWkt100-u-LCuQkPIblgDMllIpKYYmdo48...

170 B
188 B

27ms
25ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TVZxN3ptblkxT3Q4YmI1&google_gid=CAESEI9WQ7u25CrdcAbeLWwNuZQ&google_cver=1&google_push=AehlK4CcLPDZjYWkt100-u-LCuQkPIblgDMllIpKYYmdo48h-8ODJrizJ5MncTwUdHNmqEkrgB6wYjwu28a6lgV17Al1MEZc40RaQg

Requested by

Host: 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
URL: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 20:49:49 GMT
Server: PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-0b07b63ab2330e6f2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TVZxN3ptblkxT3Q4YmI1&google_gid=CAESEI9WQ7u25CrdcAbeLWwNuZQ&google_cver=1&google_push=AehlK4CcLPDZjYWkt100-u-LCuQkPIblgDMllIpKYYmdo48h-8ODJrizJ5MncTwUdHNmqEkrgB6wYjwu28a6lgV17Al1MEZc40RaQg
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A6E
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPVhdyZcsMSycAlwBXj55TA&google_cver=1&google_push=AehlK4AWUmUmffmCMFY9VXYre5IYh5OHjoOw0MCUv0KXWbkBhmFa2vG3vFug5KEkv2ksGV1g2kYG56C12On...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4AWUmUmffmCMFY9VXYre5IYh5OHjoOw0MCUv0KXWbkBhmFa2vG3vFug5KEkv2ksGV1g2kYG56C12OnEqKpd2kNYgdes9lV-lg&google_hm=Zsy7j5-KRMCE3uO0Ya...

170 B
188 B

27ms
26ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4AWUmUmffmCMFY9VXYre5IYh5OHjoOw0MCUv0KXWbkBhmFa2vG3vFug5KEkv2ksGV1g2kYG56C12OnEqKpd2kNYgdes9lV-lg&google_hm=Zsy7j5-KRMCE3uO0YaPBm4s

Requested by

Host: 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
URL: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4AWUmUmffmCMFY9VXYre5IYh5OHjoOw0MCUv0KXWbkBhmFa2vG3vFug5KEkv2ksGV1g2kYG56C12OnEqKpd2kNYgdes9lV-lg&google_hm=Zsy7j5-KRMCE3uO0YaPBm4s
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 1A6E 0
174 B 53ms
17ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEG0aQ0Rqu-dhRswocnA1_JM&google_cver=1&google_push=AehlK4DU_KvIjnbRSkPvdmGnkiHyRSa2nTecrL5uyDJ_uHw0QEr978YTZtLqGBFY_dLcGx8zCajuM7DHx3YToGWAx9BtksQJYUBz5w
Requested by: Host: 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
URL: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:49 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A6E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPsfJ1DmVGyYZLCaXVMMJBM&google_cver=1&google_push=AehlK4DjNAJ8VUXzjj_y0ZRDeqPghMzo1QjotpUeT-itIa5p2EwhE46VYlQ9vG4-con2NRRThmb...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdHTlhSVUUtVC00RFI4&google_push=AehlK4DjNAJ8VUXzjj_y0ZRDeqPghMzo1QjotpUeT-itIa5p2EwhE46VYlQ9vG4-con2NRRThmbUpxs55Pzft6w1Aa7P9Mkp9EZ-

170 B
188 B

24ms
24ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdHTlhSVUUtVC00RFI4&google_push=AehlK4DjNAJ8VUXzjj_y0ZRDeqPghMzo1QjotpUeT-itIa5p2EwhE46VYlQ9vG4-con2NRRThmbUpxs55Pzft6w1Aa7P9Mkp9EZ-

Requested by

Host: 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
URL: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdHTlhSVUUtVC00RFI4&google_push=AehlK4DjNAJ8VUXzjj_y0ZRDeqPghMzo1QjotpUeT-itIa5p2EwhE46VYlQ9vG4-con2NRRThmbUpxs55Pzft6w1Aa7P9Mkp9EZ-
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A6E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJgGA7NnHigXtjEML60lyhk&google_cver=1&google_push=AehlK4AHRzBg7Pn6nTHaVsRvKCekF04ue-lYoLHgSPo3UNZCwZc98VoenIzA3QecxcFeT-6wHE...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJgGA7NnHigXtjEML60lyhk&google_cver=1&google_push=AehlK4AHRzBg7Pn6nTHaVsRvKCekF04ue-lYoLHgSPo3UNZCwZc98VoenIzA3QecxcFeT-6wHE...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KN1IzRm5SRTJ1SElRSnJqV2pscjdreVhCV0Q5dmJ5Nn5B&google_push=AehlK4AHRzBg7Pn6nTHaVsRvKCekF04ue-lYoLHgSPo3UNZCwZc98Voen...

170 B
188 B

26ms
25ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KN1IzRm5SRTJ1SElRSnJqV2pscjdreVhCV0Q5dmJ5Nn5B&google_push=AehlK4AHRzBg7Pn6nTHaVsRvKCekF04ue-lYoLHgSPo3UNZCwZc98VoenIzA3QecxcFeT-6wHEaacB6qKjSZTsgPYXoC27zBhLNuVQ

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KN1IzRm5SRTJ1SElRSnJqV2pscjdreVhCV0Q5dmJ5Nn5B&google_push=AehlK4AHRzBg7Pn6nTHaVsRvKCekF04ue-lYoLHgSPo3UNZCwZc98VoenIzA3QecxcFeT-6wHEaacB6qKjSZTsgPYXoC27zBhLNuVQ
date: Tue, 30 Aug 2022 20:49:50 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 um
sync.teads.tv/ Frame 1A6E 23 B
172 B 136ms
32ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHpsOV4Fjbb4yY-YhtPLnP0&google_cver=1&google_push=AehlK4BRnV9L97qIcfW3GbLrLPjsUZrljUXzSfOCJim5NdkbRhlfLJbvi3Wj2oDUDG1df5keHjJv90gGbY-9nYaPYc2WvhPF0Q9Kp9M
Requested by: Host: 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
URL: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:50 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 30 Aug 2022 20:49:50 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1A6E 0
12 B 25ms
21ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LHGYsFtX3-q3fYT2_VWlZxuKwDDr6tTr9X3NM8PgrPBAuljbDQTE9H13lBYyu92bCA_nfNMSo

Requested by

Host: 30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
URL: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 woHX-vsUocJZKT3Xlr8m3oSeq6S0iuLiA_v8-B2MNhs.js Show response
pagead2.googlesyndication.com/bg/ Frame 3632 36 KB
15 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/woHX-vsUocJZKT3Xlr8m3oSeq6S0iuLiA_v8-B2MNhs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c281d7fafb14a1c259293dd796bf26de849eaba4b48ae2e203fbfcf81d8c361b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 19:15:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15802
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Aug 2023 19:15:01 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0DD9 7 KB
6 KB 88ms
55ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5fa73d46ab1d18b5400d95521e491a2c026c9033fbadc9a9191934d891c0205

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Aug 2022 20:49:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5713
x-xss-protection: 0

GET
H3 200 woHX-vsUocJZKT3Xlr8m3oSeq6S0iuLiA_v8-B2MNhs.js Show response
pagead2.googlesyndication.com/bg/ Frame 72DF 36 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/woHX-vsUocJZKT3Xlr8m3oSeq6S0iuLiA_v8-B2MNhs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c281d7fafb14a1c259293dd796bf26de849eaba4b48ae2e203fbfcf81d8c361b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 19:15:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15802
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Aug 2023 19:15:01 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C9C1 0
26 B 51ms
51ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvbO_6QoDT4HDFbbIfSJIgyrrr3B1rG_sRWPBQ_LfBYPc9jIcQxFpHlQ85Gi3EDq2QfxIY5cf9dj4duh1LSoqgOz_QxYGvp1ezKFhzfPSDL0inh_OoWdO8vUOm5oLLsXevwkpgp0dRISCB4Fq2d6-vYo-iUY6Bx7buAR56nzDuOemTEIbS5u3DTpxDG5Rczm3jphsZYQYVeCS6EYslLwZZcnaP-k3OWvpMPRQgG-jrF5HBUNgblO7sXerP5EG9x9Z42ACIkr5N7Ryn8b-iOFg4F1-l-PXiHjAPWy2IG14OunpzLXqJxoyc__Gtdl9OKac8dkztSf32-vBkCIuH3kWrpQqQ3uMQthSHq62YUdYaF0rkYhP7OVDQxChFZ87q1jMh1gJf1ey-N7bpbvg2U6-08oQuF7uJOCUxtDPbwYGvWUX4DOKtv27Vk9oRyYhSKLnD0u1daN5MymH428K-Ftd8mA7xrJtPHmgc8OqLFK-LeuYEgd9zRhyQrfHJDvnBfFGJoDynefYabMT8rK-xoMd5bPelxUI5ZyWkZgxSSG37gOsmTeTP2JVu1WxuCk5AEeE8WW2LjHzXE_97I0esYp8VFhcOpUdB2DkJkhjb5bRTBXs2sxWwcX-eetzyhKPZpqLsThzB--pkKBHYq19AF9yS8P_-jNuMvWIcbZO5giLeqJsLQJBSthYcCT6COJqvvk_faKwCA7_QbaHyYC3Gz1I1sXErasGHItAFs8J_ajqEfSmTlYdb8L-Po46euCa9kIMAWbh8TYcSdZVAEJzi8IsEFfCgXKrM4krT8_-E2U2lSbFykU5j4LBPoEAYxXH6k_f20x5puazDQDfVSeON7d-EpobQlFBjL2mgoa5bF7XuX1_Ui3aMx7QS1dzeFfNUizuxIEZ5NQQNbTmA2EbzPkb-M9VcIpL1iLzQXV26Em4y-ZE2xP7qhlI2egV7D-zGHUVebCc13eeG3VWcwbe6m2WcAIcs5vrKT8Y8CWRZ5vnmEKekKk092ZD3sG5OTcLDFY0GHqM2l7BoSbuUHM4AgEwbTJispfB7xP14H_YiTnYes7txYivMMG2cHaYOan6nUZ4C8dqQvUrVcTd2WqWJ_lkxHshypNmboOy62jNDNik3wMN_FvU-lnA1COXX3aUUckBlApHtRM2S4kNVtXSqQLEMpnM5UYFckVnpzR74f-tQUKhAXIwIVo8gZ2t10jqGO31IWJNAP-zfitY0f5PVQZFaCwozsDtXrt6_4xlFPh8RwQA&sai=AMfl-YT9DVBQvqjJWzIoRkWW6hh8bgeI6Jc-tPCwqBJerg24IRXzHegzcd2ZioI_IJ6gPdBOGA_-PkMctUcXR_DEqJmUOtdAT0VR2AGR5OrHpfv0jLRsnuWE9W-ZPzJDvZKjG-BvqKI7FxJTDkO55Y04oU5UIuvxESHesQLZOxrzAokG6RLCpaiBImeU2wwmqN51IlTdsg2WvzBhQqmmKGOtPQZ8&sig=Cg0ArKJSzPTPUA9kwmDhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=582&vt=11&dtpt=445&dett=3&cstd=128&cisv=r20220829.74512&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Aug 2022 20:49:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 style.css
s0.2mdn.net/sadbundle/17152291192751259648/assets/css/ Frame 0DD9 38 KB
3 KB 14ms
13ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17152291192751259648/assets/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17152291192751259648/assets/js/initial.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af2497deef4e5817714307172348fd769450ff768ae44786d90eff608deb4207

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17152291192751259648/creative.html?e=69&leftOffset=0&topOffset=0&c=E8Hmb4GesY&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 08:48:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 561710
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3307
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 16:56:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Aug 2023 08:48:00 GMT

GET
H3 200 nhdynamic.js Show response
s0.2mdn.net/sadbundle/17152291192751259648/assets/js/ Frame 0DD9 32 KB
5 KB 14ms
14ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17152291192751259648/assets/js/nhdynamic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17152291192751259648/assets/js/initial.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81979f14d2642e23f5e528631a42caf71e2da909e3605a5324dda52cba304d44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17152291192751259648/creative.html?e=69&leftOffset=0&topOffset=0&c=E8Hmb4GesY&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 13:18:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545492
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5410
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 16:56:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Aug 2023 13:18:18 GMT

GET
H3 200 youtubeApi.js Show response
s0.2mdn.net/sadbundle/17152291192751259648/assets/js/ Frame 0DD9 1 KB
484 B 15ms
14ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17152291192751259648/assets/js/youtubeApi.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17152291192751259648/assets/js/initial.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

590c9c8a499bf5bd52784c2bbbe0c69bc4f2f8c2ed0cc0e44c3cdaa62e1d672b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17152291192751259648/creative.html?e=69&leftOffset=0&topOffset=0&c=E8Hmb4GesY&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 11:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464774
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 445
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 16:56:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Aug 2023 11:43:36 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B2F5 7 KB
5 KB 55ms
55ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa041fddc5d3aa3e62945566300b460356cc747b12904e87caa73b2c5f87766d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Aug 2022 20:49:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5581
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 97B5 0
26 B 51ms
51ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvkFctLm4Pg6IDucdE2EiYlU6E-j2obh9rlzTu2EXeE1ky3y9CmdGgvpKc7al-r778zKyD3cKqronp28gbF4OlWfixUJNmiEQIQGAklO0J-Q5NcRVuOfxjL3yx5APs3G49fowjm4aYXfNdM0qsmN7oI0GXJZv4pEnv73Sxq5xIH59BkEIO1GUg20-eRRaIGe7qA2GFuNGMx4cNXPZEM8tjnjMgburYDy6QX44S2Mv4REbbc6waH1sahefguaDwAYVTTdrF0cHDlfktlAaRSWq94IQlJMZX3RjEaPxCt9XzD2T4vLth564U0mPnfFvm_uCvcqa2Hsogotplca5wyOuioyEMKhqvX3Pnswz8djAIwPD2yxrv5ZLjfn03WxVLSZ-ogk4NzYyr6sdsAASdq76OJdlAy5oTrp5BkPSUFgVbsfF8D7HQ1u83xB73qmatk_D0Eu-tkAgEHyCwVEKu-A90gjMkQtbgd_qoQkyFYjH1A9JQdz8FqefS3_-lNjfcnOuTal7ub5QbVNncwM5ix4txlAmihH-vhK2N5JxrXrgDjst2LBheXTIo4BR-sMpBg5jSmyIWVWd2Pq5g-d2TN6BHmhF63nSB1o2pZYPzxAlsKgB3gdB2H7_zux2qtgdC2GXzskgiTUYnQRtmMGheoWRS8hcuz0qT7EtIqFgWFmwhbyF5kNDSGKygIJQrG_kiWVtNxNoCgUVNb-na_3oIQj6T9j4lSJKp66FWxoDCNHVRLtdiGlBiA4QRfHBn8N7iMDkb0PEmb5JoY0VTxHl_GFyQQN8-BLV69D2EP_lrh5W32p7u0VKj8Tr6FsO_FhMRsenZmyYvgOPE5FrOQGwixxz-DJKOXrUQaUWh5poOwXaGrNz437XsQmeBK4lRaOMDNGUWQ_mZE-4XP5sA2HVyNwhnUN4VEWwNh5xG6_-h3dOF8qLWGHAdgqQaa6NKoE_rSEhmYbthtNPyp-qJgcGocbY_d9QT31ZUv82BYSzennBPYPynoiM5MSwiDH9XPx-n1UqeJIIEbJUPXMRsN9tqSMxpi3zyapFu1XYnNUZKyZ2sSW13ykEkZrdAxHH_DjsweOGkFXHA5KoxlygmmyFWf9I6cL1vHoBpEV60ZNaQwu5lmZ69kjnWWzbQaG3NP5NzeWNrDG4AIMwUn1k70X8EkAnETig84dRzzqn_TWrCABHLyNJ2a2R7QcmxCBYQ2cnjsr85cvQrx00lO6Op1jnx2z8SzGS-1kD-k4f95ezS7dAFjYP_Y7Vu1zU71CYe_cYYRs2oy&sai=AMfl-YRy3Yxr80uaZAKpoOAmDrmkBukUtHMPHQOUmKSJ39q52FU38DyvqQhjkzdep_bY2EjcuzySdjpjumnZIqEx2AYyF7WuVJEfEAPmk7-O14nfSzNUYduNi2PWYXpcdGRiviireiyen__C6qNq6cFfEHHQ4bGysNIZ0yQCtC---sZguUgfLYNxKVCZf6JoV3nl4KLl5WdFtl1A5MGySUJ-SQVGWAnoqpKSdRAGXTpKy4F6fRfp&sig=Cg0ArKJSzNxdepvYDCLbEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=575&vt=11&dtpt=261&dett=3&cstd=310&cisv=r20220829.27076&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: whitesalmonbruins.com
URL: https://whitesalmonbruins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Aug 2022 20:49:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 iframe_api Show response
www.youtube.com/ Frame 0DD9 992 B
2 KB 75ms
29ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17152291192751259648/assets/js/youtubeApi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0d1cc07d40854c944dca479425eaf6ebadd770119409c0fae3238ebddaa78728

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 30 Aug 2022 20:49:50 GMT

GET
H3 200 63009_20220801043436777_background_300x250_1.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame 0DD9 30 KB
30 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20220801043436777_background_300x250_1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef83fc662e098946dee779996acbb96e028bea040cc2bc78c2b9ee247bda8e9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17152291192751259648/creative.html?e=69&leftOffset=0&topOffset=0&c=E8Hmb4GesY&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 04:33:41 GMT
x-content-type-options: nosniff
age: 58569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30762
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 11:34:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Aug 2022 04:33:41 GMT

GET
H3 200 63009_20220801043441604_background_300x250_2.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame 0DD9 30 KB
30 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20220801043441604_background_300x250_2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef83fc662e098946dee779996acbb96e028bea040cc2bc78c2b9ee247bda8e9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17152291192751259648/creative.html?e=69&leftOffset=0&topOffset=0&c=E8Hmb4GesY&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 04:33:41 GMT
x-content-type-options: nosniff
age: 58569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30762
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 11:34:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Aug 2022 04:33:41 GMT

GET
H3 200 63009_20220801043444551_background_300x250_3.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame 0DD9 30 KB
30 KB 42ms
42ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20220801043444551_background_300x250_3.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef83fc662e098946dee779996acbb96e028bea040cc2bc78c2b9ee247bda8e9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17152291192751259648/creative.html?e=69&leftOffset=0&topOffset=0&c=E8Hmb4GesY&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 04:33:41 GMT
x-content-type-options: nosniff
age: 58569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30762
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 11:34:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Aug 2022 04:33:41 GMT

GET
H3 200 GothamNarrow-Bold.woff
s0.2mdn.net/sadbundle/17152291192751259648/assets/fonts/ Frame 0DD9 80 KB
80 KB 17ms
17ms Font
font/woff 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17152291192751259648/assets/fonts/GothamNarrow-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17152291192751259648/assets/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a7b3c6dd66c88e7db6eeb6ca64342e2256a61bcd96889b2f6337aca61a0237a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17152291192751259648/assets/css/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 11:43:37 GMT
x-content-type-options: nosniff
age: 464773
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81884
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 16:56:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Aug 2023 11:43:37 GMT

GET
H3 200 GothamNarrow-Medium.woff
s0.2mdn.net/sadbundle/17152291192751259648/assets/fonts/ Frame 0DD9 81 KB
81 KB 18ms
18ms Font
font/woff 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17152291192751259648/assets/fonts/GothamNarrow-Medium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17152291192751259648/assets/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5d958be76e970124b20b9d17b84962fae1ad78a436652cf10194ac5fb3ab27f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17152291192751259648/assets/css/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 11:43:37 GMT
x-content-type-options: nosniff
age: 464773
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82744
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 16:56:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Aug 2023 11:43:37 GMT

GET
H3 200 flecha.png
s0.2mdn.net/sadbundle/17152291192751259648/assets/images/ Frame 0DD9 1 KB
1 KB 27ms
25ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17152291192751259648/assets/images/flecha.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c105e09261837014bfa09a76c87ebcb5dc83606c1ce6f8bae7049b6037c6bed8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17152291192751259648/creative.html?e=69&leftOffset=0&topOffset=0&c=E8Hmb4GesY&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 13:18:19 GMT
x-content-type-options: nosniff
age: 545491
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1061
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 16:56:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Aug 2023 13:18:19 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
52ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022082901&jk=4224405830179614&bg=!PD-lP3vNAAaXrHhMt6w7ACkAdvg8Ws5pysbSbClMXnwdufRk3QGuT8t_ezjG1d0CNhdA0aGiYGqbhQIAAAHAUgAAAAFoAQcKADEcs994CpTvVOdexY78bbQvY_f6vssK1KfjQkWWGBXGleRuD6Q1WM89mShFIE5hDJe0mQLocA2FZlmdjg57lqXkM06alK2tulpBPcoCPUnmI9nPDZALaXdtg4XoDU8a3GhgUERpxt-yi_bUnPyx3-qc0ynEjbXZ3VEtmQStevrJnmIH-eeM2ihXf5lOBd-8D3J0AXVBa81LmP5GWz5JuEp3CYs7aBmZjMfFuLMKpA70hiNJkpGKzQQVXIu5am72P4M0wh9I__XMQN1VFM6wvS_0LTWDTIMWLAVEwfJxtCld_gMnkz8auk6B0anHiygpc5Ujx7Ucfhlgro6GZ5-9n7Jc9txvi69_gaRD6LC-OGo6ENkD8DWc_63t3LZvWHAPKcE2bqp5yXAsFf37mD3hvrWWjpCRNMhag-rX6lgcsh-3cBvMn1mgYZy_eRfJxpZQqSvPkA9NIYJd4x3pLCfl99z_OKvHcnxwzn1_P48tP1zMMt5TvLU2ga6mdhDFINHPfiU_YP1lE6otiKJVgr8cOtRA8B_GbJZ_3jrXeeRhQwB-HdFZR1bsL3lG4Qhu1_HUu9S3k51DgorSjpOusdpYz_vDdUTxFzgRggCxboXu2nm5GrqDSP9DSc5bRuQGKVte7MQRy1joep1I1YEurnUgC5xXc-xB0uv-__tJih95rnfOEq1wmY_26fC_tudiEuU9pLwmIFjptZV7GjVY4HDO-H1uuzMpAoyJuuhjJx6YxNqJw3VZunFQZIkWJzNvaGcsfeB2-5cpvLvP2Gft0MfK--nGuNdzfUFkSetuLOihVvCeJduKyPagxAx45n0Hs_DVEv_5XpxL20lEWL_t0mNLwjV0cNy8ZpALe8r0QK4loX9GkNrxJBco3jMw5EVwCS1yIQrwTKF4URJWbAcBI5MU_R6kPd_IlQ-07XicmwVIH18bwzCMvdYjMhjBMnO7wNaEhCv-1epz-xCJka0iP_DI27pGLJtYeojFtt130nNwrhTEvN4PP2nwSudgA5G_snuhtezA2umUKDkgclDALviF3IYWR-4zHMtdm6Ik_ENq
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0DD9 17 KB
6 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Aug 2022 20:49:50 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B2F5 17 KB
6 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Aug 2022 20:49:50 GMT

GET
H3 200 Atlantis.jpg_1655453834634_Atlantis.jpg
s0.2mdn.net/dynamic/2/10976178/cdn.ad-lib.io/v2/partners/5c5329a69c0269e89882f108/campaigns/62415cf8ddc025279caa9172/assets/728x90-DTCM/ Frame B2F5 78 KB
78 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10976178/cdn.ad-lib.io/v2/partners/5c5329a69c0269e89882f108/campaigns/62415cf8ddc025279caa9172/assets/728x90-DTCM/Atlantis.jpg_1655453834634_Atlantis.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37f2455236ea05315e6f29a0076ebd6309769a5da45ccef1ad4b098bbfb22839

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/index.html?e=69&leftOffset=0&topOffset=0&c=KomSFqTT1J&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 13:26:10 GMT
x-content-type-options: nosniff
age: 458620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80019
x-xss-protection: 0
last-modified: Fri, 17 Jun 2022 08:17:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 13:26:10 GMT

GET
H3 200 blank.png_1655453834634_blank.png
s0.2mdn.net/dynamic/2/10976178/cdn.ad-lib.io/v2/partners/5c5329a69c0269e89882f108/campaigns/62415cf8ddc025279caa9172/assets/728x90-DTCM/ Frame B2F5 927 B
956 B 14ms
13ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10976178/cdn.ad-lib.io/v2/partners/5c5329a69c0269e89882f108/campaigns/62415cf8ddc025279caa9172/assets/728x90-DTCM/blank.png_1655453834634_blank.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/index.html?e=69&leftOffset=0&topOffset=0&c=KomSFqTT1J&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 10:57:05 GMT
x-content-type-options: nosniff
age: 381165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 927
x-xss-protection: 0
last-modified: Fri, 17 Jun 2022 08:17:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 10:57:05 GMT

GET
H3 200 DINPro-Bold.woff
s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/ Frame B2F5 42 KB
42 KB 15ms
15ms Font
font/woff 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/DINPro-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/adStyle.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f541fd83e4146f610f2c80c98eca8fc669cd7847374b6593b66f97f22c470cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/adStyle.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 14:10:17 GMT
x-content-type-options: nosniff
age: 369573
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42716
x-xss-protection: 0
last-modified: Tue, 12 Apr 2022 10:31:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Aug 2023 14:10:17 GMT

GET
H3 200 DINPro-Medium.woff
s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/ Frame B2F5 41 KB
41 KB 15ms
15ms Font
font/woff 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/DINPro-Medium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/adStyle.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca89afea1a4ffc4b967fa323d521ee56fe3e48c45eef1123efa0079e2e59eec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461875984411656192/728x90-DTCM/adStyle.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 14:30:04 GMT
x-content-type-options: nosniff
age: 368386
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41924
x-xss-protection: 0
last-modified: Tue, 12 Apr 2022 10:31:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Aug 2023 14:30:04 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/113ca41c/www-widgetapi.vflset/ Frame 0DD9 161 KB
52 KB 42ms
13ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/113ca41c/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b9c94ff96f1d6bea75213d32e721afab8fb945321ba96e8fb2559a8134f3909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:31:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53394
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 00:19:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Aug 2023 20:31:38 GMT

GET
H3 200 woHX-vsUocJZKT3Xlr8m3oSeq6S0iuLiA_v8-B2MNhs.js Show response
pagead2.googlesyndication.com/bg/ Frame F3A7 36 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/woHX-vsUocJZKT3Xlr8m3oSeq6S0iuLiA_v8-B2MNhs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c281d7fafb14a1c259293dd796bf26de849eaba4b48ae2e203fbfcf81d8c361b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 19:15:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15802
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Aug 2023 19:15:01 GMT

GET
H3 200 woHX-vsUocJZKT3Xlr8m3oSeq6S0iuLiA_v8-B2MNhs.js Show response
pagead2.googlesyndication.com/bg/ Frame 41E6 36 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/woHX-vsUocJZKT3Xlr8m3oSeq6S0iuLiA_v8-B2MNhs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c281d7fafb14a1c259293dd796bf26de849eaba4b48ae2e203fbfcf81d8c361b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 19:15:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15802
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Aug 2023 19:15:01 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3632 0
20 B 50ms
49ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4iig7XcOY5yWE_6B7_UP0LSdqAUAAAAAOAHgBAI&bg=!v7ylvPjNAAaXrHhMt6w7ACkAdvg8WsGZ0E3kWVOo5Q0OoZt7IEwn1wi3qHNFSIkMDe9NnY2bO8vIFQIAAADTUgAAAAFoAQeZA4S21qBvD2OjQENLXh4UVQeYT8YJJQfcCDN3NQlcPbGk2ruGld8jGWtSlgBDXeUHYgr5NsBDw1yrbb2A1Fzux0BGKa6-UpGZZVPoNdrjfyNI8t9MbjODFfNyblUcnOE5uTXIErD0iVlph4g3giy8QEwtg6xIQPBNzw-pK3GMLyLWZO-cF97gDWh8Lph8KVpf4t-t2MJgJScJ1R4K5T8RpBQ6HITczN2-r7vzf5waasccT4LonM7GJp9L-5xj3SRCyY2OSbcePCnlyYPSZCwHwdWWjqOEdsGFZeD6WEmbROmJu8Vh3cXFnBxaYKh8zSlT3WDsfcp3IDJ5d8I8g_hBVmaBD-zFi3f0FVFjod7ui6_Lv3U4Ewpd940JEAqhqR3gU0FS6ADE7H2tpDmTuERDgMpYhbheS6IkkUr1qYH-T4crAV_YbMjc2x0I-2fkcVh2Y1OmYbPsl6CsdCinEUdj-SwvsUsR8FmVDBMfOnKHGiHOQKh0lIQ5lPN4oa4EOVMOSgae8eFdOQ1sLQqrYO45J3OVGkMjeMsnxBw5shumXlYr3Au4bq87lb76tkBrs_BL5mWGDYk50vITDaHXvHtpmuDopWvNbde_uydcta3OCPBqPgcTU6st6qTEwki56UL3HRAquIRbhlXAaNi-bd-_31cIk92q9l_-ltNJfFr7oNRW8a0y1FSdYyV7q78megiTxhsvfRJex2jO7oiFrASjzmwEsk2bRUtdziI2Z8gyJNkVVmiXZ5l4CN1xldUGL3iSVmUkRq17KbxYAG9aBcU4omdLyI9CBdovTcYObX0SO_8FWIELGcZ-UvxcuNQLP1Rls4xG_Dle4h8xzkf32eUsiHCC1TYfLH013N5CV0KKIywQ0nXM2hpKoAGTOTqH1x5GduT4fhvp05CJ7Pjzze-lcnMxgSovotyF7opkPJW4ClV4IbxwOKaIw8m3-yKQrhd-W6SBwm8RCZrEXPPuhJmGm2PnDI2nl7EOYBnIFhZRUmWMhAtly3mJWAvb1Z-I5GGFR2WdHUrmB2Hbvhj25A1G6jg4JMo_JdIJoB04OBuIA4lu26bnX8-fQ5zlsQG7vL8VjafmCW9i2fA1efpLCz205GnBgf598vAZIcYyLIkDwGVS8hdp_YgsnHKXPvqx7Qjxi6K9x1xkKGVeCE1vCpmGfIChR3IHvDaizxAG1Y1xKrV5ZcPYCDU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 72DF 0
20 B 49ms
49ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZ7RB7XcOY5TXEq-U7_UP8oOogAcAAAAAOAHgBAI&bg=!Xl2lXRnNAAaXrHhMt6w7ACkAdvg8WiVprvZTBy8dKsSBRtfKoU1OsXkm7v_rrmcsi1AmB9wYS9ypbgIAAADYUgAAAAJoAQeZAx8d6Dcn6XkX6RsFcWZaX-EwGmh_M9x7_kpb5WjrXZRJxGEfab-mJJrHgUgmrb6T4naU4T26kd3H9e3WUxDFPPLhs4cH6s9UhqS6SYDewGAZ4QMJlAyD7GX3Dj1vw8fWGQjeuqnPwBZlM_1qIIfPTjhWOJLM5BHYr7hxPgO6a9A7W5_FMgsORlrP1YvnR8sEOp4b3EGKsK2L6agnQz_JxHT5vyPXUqnQB6ka4x4CaOrGb7k9uwd8UeGRpXWo6bPO0chExsAPU94A7m9Jmr091GIeEA7QL9ZYYtZgsl3iQJMXm2xaeXcX4yBvG2KL_2gS4BgN17mmXaEZ72qJeODo_-kcxJf1IhXVzUOehJQBqLwJ-M8co0qEAhIL7pit4ER7R9GklwRDYicj-j0aES7Ul9BslmBRLDXtxmdJykWiD_33mf6QXAMIVm_5c1WJiCKutf1h-EaFtQ6ZZ4ftdtfvbe__s8RQQNyKRfy9j9ZR3ovMNeLEngktx0-dInTV_KRpVjMnM5pfag5mlu4NIwbAEloJOOumgK_dbOZUDFQ70dL3ss1DGE1EpekYRYW10N4Gempcf5NmtZ2XUFd1IYi9D1VyY6X6iSs7haXlWNYmUH-PTemG5e_YWUjxKobndXAG_n8PvRT4fJwqSqNeT6b6O3KXZ4aeSGrdIGLrHudkWayyZCCy-q0-hSWNcKLnonS52Fhn2Vc1GcZiYVNKpjzrGlEJqgbfCUUG1GchPmY_qcY0lhoeHZHjLAJxs-LBLT3-6_yTL1WvQPFII1MPGrPnqs7oKo8bdL_Ds6_OI-Vy8S-IJDv2kRbbIN2GfHjV-KaAVO-SPVPxoZfTVvyLpzbVuxLypCMTuB9I2dcAyxvGmoYot6Hqr0CJ5HkA1nl3CyaQXSIJx9q4Y74Z-ptx4iEB1EcxBJPeaEhh9Abd5dRXdhs8NPxi08xKxOdHA2YwtgyV8CXdN3Ek8fwpvwFEF2odrBs4VKi-XkZlOO0rM9aeqeauVldU1u-4_WOwYi_KV8qQPbXN_jN_nYpP0XFuKMjb96kAMxiI8lZPbT7VX08lb7iS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 97B5 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvkN6MLDfGkkYiRI0fN2-0PQs7vvukrD_UlcZD0V1jMvAw2owIL5vglMWnrTh0lEw2Ewh8Yr3vSgBhEw35KMRbJUQi53JLmncscrnaGFAPCZwpJ1KdkYNeVCY4_xvABl1B_-O0yrA&sai=AMfl-YT1YW1ChGqMk3qa8-EGKB1pQrt7hEVnM5ni30Sv4VkkVwNqODrj6YsLEKwJ8uiAD_K1iPAJv_HPrpM7pPE1mlOb8u35LvGpmH8zIm93eA90b6jo99lDCMe0w2Up&sig=Cg0ArKJSzDvCyGeL3U6oEAE&cid=CAASJeRoTajFK0AXyYyDBiO1jSgIBPvGLpJbOMIzqg4x9bqCApm1-3w&id=lidar2&mcvt=1000&p=133,315,223,1043&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220829&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3437801479&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661892589269&rpt=459&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C9C1 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrpzwWeset3UuDPtGER-vtn8RvuYDecwtu2jsA3SrCyJJMT6Faq4JivU26ZRC8nyF5UvttMXXVkWUKqlMZuMtwrpY7XxYYrqN-set3u2pt78TNC0ipmYaPHpPAVI3ORnI-5ZZ7Iw&sai=AMfl-YQ_RQ9nCuC8lLEgUvjQpAhAzUgB_LznEPKdpIbSTvP0Uf3mLDE8A0oQV8k9nsERXOvToCmJXkn5Tz3tWWrxS5VtPFemnK_dmuLFGB3gv53ogt81R1hAVQXGB50v&sig=Cg0ArKJSzHHx1UpIfpZpEAE&cid=CAASJeRod753iFsQXwQWp65DLX65m532ELP2FK_FEa2xPg4zoXrvRvE&id=lidar2&mcvt=1002&p=795,1030,1045,1330&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220829&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3922865434&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661892589128&rpt=650&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1
https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=medianet&bsw_user_id=5677a99c-e0fd-41f6-bbd2-bd7f2829783a
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=medianet&bsw_user_id=5677a99c-e0fd-41f6-bbd2-bd7f2829783a
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=a21fa785-01f1-449a-b4d4-aeb0ecb2a1eb&ssp=medianet
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5677a99c-e0fd-41f6-bbd2-bd7f2829783a&gdpr=&gdpr_consent=&gdpr_pd=

45 B
465 B

90ms
48ms

Image
image/gif

184.51.8.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5677a99c-e0fd-41f6-bbd2-bd7f2829783a&gdpr=&gdpr_consent=&gdpr_pd=

Protocol

Server

184.51.8.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-51-8-30.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Tue, 30 Aug 2022 20:49:52 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Tue, 30 Aug 2022 20:49:52 GMT

Redirect headers

Location: //contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5677a99c-e0fd-41f6-bbd2-bd7f2829783a&gdpr=&gdpr_consent=&gdpr_pd=
Date: Tue, 30 Aug 2022 20:49:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 pd
u.openx.net/w/1.0/ 43 B
123 B 77ms
19ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:51 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK cksync.php
cs.media.net/ 44 B
410 B 75ms
25ms Image
image/gif 23.47.212.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.212.25 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-212-25.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 20:49:51 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 44
X-MNET-HL2: E
Expires: Tue, 30 Aug 2022 20:49:51 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ 43 B
363 B 223ms
14ms Image
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:51 GMT
server: Kestrel
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 239911
content-type: image/gif
expires: Tue, 30 Aug 2022 00:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=%3Cvsid%3E
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=%3Cvsid%3E
https://contextual.media.net/cksync.php?type=mf&ovsid=e2ace278-ede5-47f0-b2bd-6da9543d2afc&cs=1

45 B
465 B

120ms
64ms

Image
image/gif

184.51.8.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?type=mf&ovsid=e2ace278-ede5-47f0-b2bd-6da9543d2afc&cs=1

Protocol

Server

184.51.8.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-51-8-30.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Tue, 30 Aug 2022 20:49:52 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Tue, 30 Aug 2022 20:49:52 GMT

Redirect headers

Location: //contextual.media.net/cksync.php?type=mf&ovsid=e2ace278-ede5-47f0-b2bd-6da9543d2afc&cs=1
Date: Tue, 30 Aug 2022 20:49:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cksync.php
cs.media.net/
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=MVq7zmnY1Ot8bb5

45 B
623 B

75ms
34ms

Image
image/gif

23.47.212.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=MVq7zmnY1Ot8bb5
Protocol: HTTP/1.1
Server: 23.47.212.25 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-212-25.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 20:49:51 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 45
X-MNET-HL2: E
Expires: Tue, 30 Aug 2022 20:49:51 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 20:49:50 GMT
Server: PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-083ca9c8ddef9a183@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=MVq7zmnY1Ot8bb5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

trg.gif
ads.travelaudience.com/ Frame B2F5
Redirect Chain

https://tags.bluekai.com/site/82519?limit=0&phint=event%3Dimp&phint=aid%3D5481501&phint=cid%3D27602381&phint=crid%3D169406718&phint=pid%3D333790633&phint=segment%3DCUSTOM-AFF-NONDXB-DCO&redir=https...
https://ads.travelaudience.com/trg.gif?ds=dp&acc=SC&lvl=1&pl=dubai&pt=16&rcm=493&pix=0&exid=$_BK_UUID&dp=event_type:impression

35 B
490 B

64ms
21ms

Image
image/gif

35.190.0.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.travelaudience.com/trg.gif?ds=dp&acc=SC&lvl=1&pl=dubai&pt=16&rcm=493&pix=0&exid=$_BK_UUID&dp=event_type:impression
Protocol: H2
Server: 35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.0.190.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:49:53 GMT
content-encoding: gzip
x-engine-version: 0.0.0
server: nginx/1.21.6
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
via: 1.1 google
x-host: tde-deliveryengine-production-6768b6476d-wgvrf
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

location: https://ads.travelaudience.com/trg.gif?ds=dp&acc=SC&lvl=1&pl=dubai&pt=16&rcm=493&pix=0&exid=$_BK_UUID&dp=event_type:impression
date: Tue, 30 Aug 2022 20:49:53 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 17ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-H5WYGT4MKE&gtm=2oe8t0&_p=625256185&cid=1659917486.1661892587&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=4&sid=1661892587&sct=1&seg=0&dl=https%3A%2F%2Fwhitesalmonbruins.com%2F&dt=Columbia%20High%20School%20(White%20Salmon)%20-%20Team%20Home%20Columbia%20High%20School%20(White%20Salmon)%20Bruins%20Sports&en=home_start&_ee=1&ep.event_label=whitesalmonbruins&ep.non_interaction=true&_et=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5WYGT4MKE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 20:49:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://whitesalmonbruins.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping.gif
stats-dev.brid.tv/ 0
346 B 8ms
8ms Image
image/gif 13.224.189.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-dev.brid.tv/ping.gif?p=11384&pr=p&dp=d&d=16&b=c&pid=33424&s=16|9&os=w&m=0&id=undefined&ow=11507&e=fq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-123.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 03:49:04 GMT
via: 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 09:25:32 GMT
server: AmazonS3
age: 61252
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: 4oAmqOId-mcm6R_Ep75wRJMK3pVW2QpzVUeVwrc8Q7q8UhFXGh-oTw==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
14ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=625256185&t=event&ni=1&_s=5&dl=https%3A%2F%2Fwhitesalmonbruins.com%2F&ul=en-us&de=UTF-8&dt=Columbia%20High%20School%20(White%20Salmon)%20-%20Team%20Home%20Columbia%20High%20School%20(White%20Salmon)%20Bruins%20Sports&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Brid-Video&ea=FirstQuartile&el=Columbia%20HS%20(WA)%20-%20Varsity%20Boys%20Football_*0&_u=KADAAEABAAAAAC~&jid=&gjid=&cid=1659917486.1661892587&tid=UA-87343362-1&_gid=196283028.1661892587&z=138801544

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 02:35:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65695
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
15ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=625256185&t=event&_s=6&dl=https%3A%2F%2Fwhitesalmonbruins.com%2F&ul=en-us&de=UTF-8&dt=Columbia%20High%20School%20(White%20Salmon)%20-%20Team%20Home%20Columbia%20High%20School%20(White%20Salmon)%20Bruins%20Sports&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Brid-Video&ea=FirstQuartile&el=player_id%3A33424&_u=KADAAEABAAAAAC~&jid=&gjid=&cid=1659917486.1661892587&tid=UA-87343362-1&_gid=196283028.1661892587&z=1304423762

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whitesalmonbruins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 02:35:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65695
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=373884&zone_id=2046816&size_id=55&eid_pubcid.org=35b4d28a-26a4-4775-99c9-4eeabf5d21e8%5E1&rf=https%3A%2F%2Fwhitesalmonbruins.com%2F&tk_flint=pbjs_lite_v6.29.0&x_source.tid=19887aab-1935-4323-9e9d-3bd4c2f77103&l_pb_bid_id=993e2fd2159f44&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&slots=1&rand=0.12686035781125748

Verdicts & Comments Add Verdict or Comment

243 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

72 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.simpli.fi/	1970-01-20 14:25:14	Name: suid Value: FC42D56F65624C479C748E817F24F696
.whitesalmonbruins.com/	1970-01-20 07:47:48	Name: _fbp Value: fb.1.1661892587037.1887108897
.whitesalmonbruins.com/	1970-01-20 15:14:12	Name: _ga Value: GA1.2.1659917486.1661892587
.whitesalmonbruins.com/	1970-01-20 05:39:38	Name: _gid Value: GA1.2.196283028.1661892587
.whitesalmonbruins.com/	1970-01-20 05:38:12	Name: _gat_vnnTracker Value: 1
.whitesalmonbruins.com/	1970-01-20 05:38:12	Name: _gat_schoolTracker Value: 1
whitesalmonbruins.com/	1970-01-20 15:02:41	Name: qcSxc Value: 1661892587100
.quantserve.com/	1970-01-20 15:08:26	Name: mc Value: 630e77eb-1a603-c61ce-c827b
.whitesalmonbruins.com/	1970-01-20 15:02:41	Name: __qca Value: P0-16959971-1661892587098
whitesalmonbruins.com/	1970-01-20 06:21:24	Name: _pbjs_userid_consent_data Value: 3524755945110770
.whitesalmonbruins.com/	1970-01-20 09:57:24	Name: _pubcid Value: 35b4d28a-26a4-4775-99c9-4eeabf5d21e8
.lijit.com/	1970-01-20 14:23:48	Name: ljtrtb Value: eJyrrgUAAXUA%2BQ%3D%3D
.rubiconproject.com/	1970-01-20 14:23:48	Name: khaos Value: L7GNXRUE-T-4DR8
.rubiconproject.com/	1970-01-20 14:23:48	Name: audit Value: 1\|naVuGyos1qqgoWp/BRBy5y+IXqvPVzt4X6LBWwGzep0JDp7MRhFcaT0l49xwcX/oX5jLhGs4YeTo4nAZuWA9Fj79QniQXr/UnNTglat5Vb9t3L0jQtGnAA==
.adnxs.com/	1970-01-20 07:47:48	Name: uuid2 Value: 6216385798453646326
.simpli.fi/	1970-01-20 05:48:17	Name: uid_syncd_secure Value: true
.tapad.com/	1970-01-20 07:04:36	Name: TapAd_TS Value: 1661892588412
.tapad.com/	1970-01-20 07:04:36	Name: TapAd_DID Value: 78dfdca2-8fbb-4e47-8550-10caecc678ba
.doubleclick.net/	1970-01-20 14:59:48	Name: IDE Value: AHWqTUmYGc8wj4Rr0Id9haiD0g73UGLgt7ojk36fKuVsBjWMXUtwcq-cFPS-uIlFAVw
.pro-market.net/	1970-01-20 06:21:24	Name: anHistory Value: "-16vkogopw74uh+2+!#7%.$d!P1t"
.tapad.com/	1970-01-20 07:04:36	Name: TapAd_3WAY_SYNCS Value:
.spotxchange.com/	1970-01-20 06:18:31	Name: audience Value: 4966cc41-28a5-11ed-970e-1626150c0506
whitesalmonbruins.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ot9t11pcsio6npdu3f78e8eegi
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.pro-market.net/	1970-01-20 09:57:24	Name: anProfile Value: "-16vkogopw74uh+1+1f=1+1g=1+1j=41+rs=s+rt=2A000C982050A0070002000000000014+s2=(rhg4j0)+vm=24-FC42D56F65624C479C748E817F24F696:53-CAESEKdWsWp7vRCFrSijNTLemuM"
.agkn.com/	1970-01-20 14:23:48	Name: ab Value: 0001%3AKVSYOeRP%2Bg%2FzX0RX2VuY6GMDjQy5aey6
.agkn.com/	1970-01-20 14:23:48	Name: u Value: C\|0AAAAAAAAKqE0bAAAAAAA
.adnxs.com/	1970-01-20 07:47:48	Name: icu Value: ChgIn7xhEAoYAyADKAMw7O-5mAY4A0ADSAMQ7O-5mAYYAg..
.bfmio.com/	1970-01-20 14:23:48	Name: __141_cid Value: FC42D56F65624C479C748E817F24F696
.bfmio.com/	1970-01-20 14:23:48	Name: __io_cid Value: b51899a1db8491b6df596c57346ad06cb8d03e49
.whitesalmonbruins.com/	1970-01-20 14:59:48	Name: __gads Value: ID=a18bb5ef4b794389:T=1661892588:S=ALNI_MbQcmKOFD95PVFpMuTmNUkBiVvB0w
.casalemedia.com/	1970-01-20 14:23:48	Name: CMID Value: Yw537QOSvj5h7NF2vj9DpAAA
.casalemedia.com/	1970-01-20 07:47:48	Name: CMPS Value: 1183
.casalemedia.com/	1970-01-20 07:47:48	Name: CMPRO Value: 1183
.openx.net/	1970-01-20 14:23:48	Name: i Value: 1c7ef2f9-f612-4567-b750-98d76bbeeda2\|1661892589
.adnxs.com/	1970-01-20 07:47:48	Name: anj Value: dTM7k!M40<EVNsVF']wIg2E?`wt]dU!]tcR8i_jC:lq+Z:3[F_afl([P=9H[P<r-_ah8m_fpuL].i:]VzwTxVELAjW.k![^]uRRFqX^TT_%Z.K):x>K7l*=t`>%gOZn$fz547siT5<593:eKVMDkcd#A^e+.<Q!2S2o>bPMv
.criteo.com/	1970-01-20 14:59:48	Name: uid Value: ea4fc9dd-f633-41e5-8eb6-0404818f2d24
.casalemedia.com/	1970-01-20 07:47:48	Name: CMTS Value: 5142
.whitesalmonbruins.com/	1970-01-20 05:38:12	Name: _gat_BridTracker Value: 1
.whitesalmonbruins.com/	1970-01-20 15:14:12	Name: _ga_H5WYGT4MKE Value: GS1.1.1661892587.1.0.1661892589.0.0.0
.quantserve.com/	1970-01-20 07:47:48	Name: d Value: EEMBCQH9JoEA
.w55c.net/	1970-01-20 15:08:26	Name: wfivefivec Value: MVq7zmnY1Ot8bb5
.blismedia.com/	1970-01-20 14:23:52	Name: b Value: 630E77EDCB1BFAB95A5CD853BLIS
.adform.net/	1970-01-20 06:22:50	Name: C Value: 1
.w55c.net/	1970-01-20 06:21:24	Name: matchgoogle Value: 5
.ctnsnet.com/	1970-01-20 14:23:48	Name: cid_66ccbb8f9f8a44c084dee3b461a3c19b Value: 1
.ctnsnet.com/	1970-01-20 14:23:48	Name: gid_CAESEPVhdyZcsMSycAlwBXj55TA Value: 1
.adform.net/	1970-01-20 07:04:36	Name: uid Value: 7510509431397939609
.everesttech.net/	1970-01-20 14:23:48	Name: everest_g_v2 Value: g_surferid~Yw537gAKTaZs8AAK
.whitesalmonbruins.com/	1970-01-20 14:59:48	Name: cto_bundle Value: mOzsx19MVmFRQ0NuMDNDNWJ5VkNFbGR6VEp3VXE1NzB0dlV5N0pFU1UyJTJCZ2xMRnc3Q2ZNVEh3Q0E0bDRaUWp5M2VuSXJGcDNJZ0pTcFFjQzBYRzZNUHVKa0hrbVVXdlgwSUxUenI3VkxkTUdCb2oxOTNBNERkRzJZUlJoOWYzcGNCcHR3MW9uYUtRTCUyRjY3cjd3Q1I2Y0loRGV4UUdOY3lIR2dRTmFoT1hadkN3d0FJJTNE
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 3Pb3kWqUaL4
.youtube.com/	1970-01-20 09:57:24	Name: VISITOR_INFO1_LIVE Value: 73J1q5jKRRA
.yahoo.com/	1970-01-20 14:24:10	Name: A3 Value: d=AQABBO53DmMCEGcJHPfStC8t4kUL1wdqwHsFEgEBAQHJD2MYYwAAAAAA_eMAAA&S=AQAAAhz4Ug4vK5OSM_-A5SgSrX4
.analytics.yahoo.com/	1970-01-20 14:23:48	Name: IDSYNC Value: 18yx~26vw
.tribalfusion.com/	1970-01-20 07:47:48	Name: ANON_ID Value: acnseFr2PKcFuYnRYa7QZcNN0TZdvBn3yP672HQetbkhSvyZc2dM7Jb0FPHiuPinmHW72INjp3NctPG7y0319rf
.mathtag.com/	1970-01-20 15:04:07	Name: uuid Value: 9434630e-77ef-4a00-a134-53ee2904ed5f
.mathtag.com/	1970-01-20 06:21:24	Name: mt_mop Value: 4:1661892591
.w55c.net/	1970-01-20 06:21:24	Name: matchmedianet Value: 5
.bidswitch.net/	1970-01-20 14:23:48	Name: tuuid Value: 5677a99c-e0fd-41f6-bbd2-bd7f2829783a
.bidswitch.net/	1970-01-20 14:23:48	Name: c Value: 1661892591
.bidswitch.net/	1970-01-20 14:23:48	Name: tuuid_lu Value: 1661892591
.media.net/	1970-01-20 14:22:22	Name: data-xu Value: MVq7zmnY1Ot8bb5~~8
.mfadsrvr.com/	1970-01-20 15:14:12	Name: c Value: 1661892591
.mfadsrvr.com/	1970-01-20 15:14:12	Name: tuuid_lu Value: 1661892591
.mfadsrvr.com/	1970-01-20 15:14:12	Name: tuuid Value: a21fa785-01f1-449a-b4d4-aeb0ecb2a1eb
.mfadsrvr.com/	1970-01-20 15:14:12	Name: bsw_uid Value: 5677a99c-e0fd-41f6-bbd2-bd7f2829783a
.mfadsrvr.com/	1970-01-20 15:14:12	Name: ssh Value: !bidswitch,1661892591
.media.net/	1970-01-20 14:22:22	Name: data-bs Value: 5677a99c-e0fd-41f6-bbd2-bd7f2829783a~~1
.media.net/	1970-01-20 14:23:48	Name: data-mf Value: e2ace278-ede5-47f0-b2bd-6da9543d2afc~~1
.exelator.com/	1970-01-20 08:31:00	Name: EE Value: "e82e4a679f544a332ad652dd20a606cd"
.exelator.com/	1970-01-20 08:31:00	Name: ud Value: "eJxrXxzq6XKLQSHVwijVJNHM3DLN1MQk0djYKDHFzNQoJcXIINHMwCw5ZXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVywAswJcw1asCS%252FKDN9kYvr4qKUNMZFJcWngg9WOAEARWAnDQ%253D%253D"
.travelaudience.com/	1970-01-20 15:08:26	Name: _tracker Value: %7B%22UUID%22%3A%22C86075E2-3B6E-4CB9-B2DE-6FA3626F0BF5%22%7D

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=373884&zone_id=2046816&size_id=55&eid_pubcid.org=35b4d28a-26a4-4775-99c9-4eeabf5d21e8%5E1&rf=https%3A%2F%2Fwhitesalmonbruins.com%2F&tk_flint=pbjs_lite_v6.29.0&x_source.tid=19887aab-1935-4323-9e9d-3bd4c2f77103&l_pb_bid_id=993e2fd2159f44&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&slots=1&rand=0.12686035781125748 Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=FC42D56F65624C479C748E817F24F696 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=FC42D56F65624C479C748E817F24F696 Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

30597e32e6cdb51c7c11053571979b41.safeframe.googlesyndication.com
a.tribalfusion.com
aa.agkn.com
ad.doubleclick.net
ads.pubmatic.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ap.lijit.com
bcp.crwdcntrl.net
btlr.sharethrough.com
c1.adform.net
cdn.ampproject.org
cdn.id5-sync.com
ce.lijit.com
client.crisp.chat
cm.g.doubleclick.net
cms.quantserve.com
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
contextual.media.net
cs.media.net
d.agkn.com
didna-d.openx.net
dis.criteo.com
dsum-sec.casalemedia.com
eb2.3lift.com
edge.fast-rapidreplay.com
fastlane.rubiconproject.com
feed.videos-rapidreplay.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
i.simpli.fi
ib.adnxs.com
id.sharedid.org
id5-sync.com
idsync.rlcdn.com
image.crisp.chat
imasdk.googleapis.com
loadm.exelator.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
p.brid.tv
pagead2.googlesyndication.com
pbid.pro-market.net
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
pm.w55c.net
prebid.a-mo.net
prebid.media.net
prod.uidapi.com
protected-by.clarium.io
pxl.qccerttest.com
region1.google-analytics.com
rtb.mfadsrvr.com
rules.quantcount.com
s.tribalfusion.com
s0.2mdn.net
s3-us-west-2.amazonaws.com
script.4dex.io
secure.quantserve.com
securepubads.g.doubleclick.net
services.brid.tv
simplifi.partners.tremorhub.com
ssc.33across.com
stags.bluekai.com
static.criteo.net
stats-dev.brid.tv
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
sync.bfmio.com
sync.intentiq.com
sync.mathtag.com
sync.search.spotxchange.com
sync.teads.tv
syndication.twitter.com
tag.simpli.fi
tags.bluekai.com
tags.crwdcntrl.net
tpc.googlesyndication.com
tr.blismedia.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
vnn-player.rapidreplay.co
vnn-sportshub.s3-us-west-2.amazonaws.com
vnn-sportshub3.s3.us-west-2.amazonaws.com
vnnsportshub.net
whitesalmonbruins.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.rapidreplay.co
www.youtube.com
x.bidswitch.net
fastlane.rubiconproject.com
103.229.206.240
104.18.19.126
104.244.42.136
13.224.189.123
13.225.78.107
13.225.78.37
13.225.78.39
13.248.245.213
141.95.98.67
142.250.186.130
142.250.186.162
142.250.186.98
147.75.85.234
15.197.193.217
151.101.130.49
151.101.193.91
151.101.65.194
169.50.137.179
169.50.137.182
172.217.18.6
178.250.0.157
178.250.2.151
18.116.102.143
18.185.20.196
18.195.201.66
184.51.8.30
185.94.180.125
2001:4860:4802:34::36
216.52.2.30
23.35.237.56
23.47.208.212
23.47.212.25
23.7.201.234
2600:1901:0:8eee::
2600:1f18:612b:4232:b349:7e6b:417:1a78
2600:9000:223c:3000:6:44e3:f8c0:93a1
2600:9000:223d:ea00:11:615:7240:93a1
2602:803:c003:200::41
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:3456
2606:4700:20::681a:8a9
2606:4700:20::ac43:4a8e
2606:4700:3031::ac43:a205
2606:4700:4400::6812:230b
2606:4700::6812:1c5b
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:801::200e
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2010
2a00:1450:4001:810::2004
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:400c:c06::9b
2a00:1450:400e:810::200a
2a02:2638:1::13
2a02:2638:1::3
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
3.122.47.104
3.124.137.184
3.126.56.137
3.67.147.59
34.102.146.192
34.107.148.139
34.120.135.53
34.149.20.76
34.96.105.8
35.186.193.173
35.190.0.66
35.227.248.159
35.244.159.8
35.244.174.68
37.157.6.246
37.252.172.249
44.235.104.156
52.17.63.11
52.214.46.176
52.218.252.24
52.57.222.146
52.92.149.66
54.161.113.85
54.200.17.135
54.78.254.47
69.173.144.139
72.251.249.13
01468d0365981ec4c5b2ac916a2df5ed997ab8fd45e6123ea68a117f72ae83e3
01a265331b9628555e0d48fc6e79bcb756fecaa7b9f89096d5b22ca5e2f2c873
01f23e4c65757159ae344433d205b5cfa95a040c1cd7fab5f148d4675a985feb
090d86fd13c97c18045be23639ece974ee162dbfdf15416cc7914f348eef9314
094b946adc39ade08f6d927ea066c8fef3ba6ee5c12919873172315ef7428e92
0a9a62f18dee32cdd39767f3fa09f9f12f88cd97397b708a901d09635ebdbf40
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b8c00264b205b205dfe812b1eb0e376e83c3cfd5c0a9f2a08290163ba195e8b
0d1cc07d40854c944dca479425eaf6ebadd770119409c0fae3238ebddaa78728
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259bc0db2e310227deed73381acff121c6f7805fd61365853c439dc387e21b4
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13835d106a1f4c58fa9b2ed0b75ce61998bd968804c29f549a693e765b6ea905
139a25bfa33ee842127c547a4d3f22aa14f8aeb58dff6fa45ef585b9a831ab1c
13e825e30f9fc4fdb02ed224a65050306b93cb674d51b16c566124eaa04c57c7
157fe313a8be5324f88d86efd11d11d1447992f02be3761235839483031e0da1
16505f38e730970522591a4f68a1faa6cd2b7eeba98a99bbab49aaac8eff701a
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
1b98ba65804117309185fd18cda5608fa31f342b3c626715722721ebc93f4231
1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1
1da6bc0e2a0e8b1ede86545014afa032fe822912e615d277a7a84703263fac25
1f375ff6aacb00bfea8e07ed3cc5328d30eb9bc172e1a975dda2eabdffafb286
205ff168565f22720b5f153e9e932c9c1b2632afde30f4648eebd4b8dab68626
21c72e7a5695296e7f2dac293806501daa3685d282cdd7958c9ce5471a5c7773
22ba33a81c7991dc6f5cf53028a16627e04dfb39f079c06f75e8366a5da29659
22edc41e7baaf0c0b4bbb9e0b190be8af963fd43aba2d4be74a3e2bd84071f05
24559cb630d9fc7ad4c9c2ceb19663a2dacdc44af12c572d7f08a28e1e74218a
26d1314015276a599f23209adc369bd8d50bae2e74e56dd78e467ba81fa02bce
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f
2ada70afa274836a30c3053c3164001ac078a0be1eea8cd7b45abe22e726cf13
2b00ce902e9ef9e7031d76c62a72c1cb0054185e6691e9a72757a31cead715a1
2c5a8ab96689ef2111186085dca4345239ac4367d7f7547240fe2e274726ed16
2c6cd6437201b0cf35c1eccffc8e99291167d496c73ab43ecb3cfeec5a5dc28f
2d7fd39004fe6c935db12fd9ffdd5ce12cd824f3a25576cca97ec19b303916ec
2e0885c84608640abfc17d488abacc7769ef20df458fc6b3ee248f2bc92db760
2f499eed261fb484fd18265eeecf9f61fa8cd2745dcf998a3ebb51b7c1553616
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
33558069624c6849e3bedf4ef9ead7bf4cef2afdd7ecb64758a660fa4ae5ed8d
3431b006c9b146d98a4699819a67951e5cd2b212b2f46705257103c590f83e64
34ac8f8591b2aa6be116d30208a7fa2f4a1796b970e6ba7d41d372350a98095d
3602d0d144084642c0645fc286b71c84cda029a98157d9940811bad312671d3f
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36684a8b89cd39f590772b096829dcbda7e194bb1f0ef1e0ca28157c80a34237
37f2455236ea05315e6f29a0076ebd6309769a5da45ccef1ad4b098bbfb22839
39472e8b0803377869f295c9f7b1d041aab785ae6420672386b38f45ceac2d85
3a2039890e62c58c39b56fd3ee5abecc62985bba35551519d40e9fe2fa23ddb7
3a3a93ff195fb60e6bffb8600751899ca4743fe21f8c4c139bb504689e13d0e1
3c491107719ff0934adef33e850be95d8f708acff22e4e091f948dd55951934b
3cb84f3d3587107d11f993520ea9c661afd98359cdbe1332fbd3bfccd26fb153
3d94a91612f816c172c583d17bb06e140969a22fae663e7b8cae7d18d55eb2c6
3e5e47123482a640402e1772fb1d9cf7ca9f3a1929979462391786621733e858
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f2c0c4e4c89eae172edef7969867243fca9370249d772d7724ab3bca286e1e1
3f804a0e1ed5bd2471b4327633c137faa520b1deb4759a0e1f07529baa4fd614
3fad58d3ef4bc4099482df1e81f5a37a9eef53361fd0d172e5555a4c4c2c2300
3fedbd00262cb11bb1107567641fd20c220c8258950a48af3f4c33c98fe67cca
42b51cb8b1e59f45ab474735a459d8cc196fd853bfed0b99d2ba8f6dafe2d0a3
44591a2b27d0068a321f413295ab1d6f91cefbdc1bcd0d7be9133fb225f923c7
459c2189971018261becc38bd1529809e6b2947d988711dfe1caff5f98e44d25
4613197e4af367199f6835b609e010eb3e5256f982cd18671688fa08e722f83d
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4a6ec2fbc8dc315ff2b987bbbe53ff9bdaad78dc08cc85e80cb1d876ebbfb91e
4b1cd0accb19f54d04987def8a8fae4a22f9a71b61643c7e55425c1d17c6c711
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb344435206a7fc7a97dc06bacfebbc9c8689fd9b57a82d68dbc756c0fd4926
4fef4c03fdc3666256245ee34de04a1c1e6d58676dcd73c0a854f5c7ffca4b3c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5089ebf7f8ca652e7a0153451389a00ab07d11d0b0028fe6ddfcef076fba0f94
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
526e602aa4e4262bf377dab7d93fc49a4b4100ce63460391017954722dccf3e7
53a2fba13befd56afc9d4fd1414ae0ba3f537a98451df3d110b0caabe57cb020
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b1d49cf6d39271532ec2fafc0e82d78bb36dea54ca8d27255f9a3c146f712d
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
576b893f01ebd1eee04a1f707677356523e358c639a4f7a05f666e97848dfee2
590c9c8a499bf5bd52784c2bbbe0c69bc4f2f8c2ed0cc0e44c3cdaa62e1d672b
5962b6aad1261c08add6f4345724bb209cb43d08c2997ae9361595a134220d20
599f7defaffc9a8c4ea9769a0cd71a73e2f65bfc61d669ff5aee16002d6b7293
5b5999ee79684f84842959744c998747859fa7a5a4965b882f18abe92e64922b
5c69722f9998182684839173177f8901425ed4bb7651752a91606aee25917751
5f043e627a711ed963737e07087d39721474eed802ddddb70a1140e0082a418f
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622cd4a2d30e2b367e91504a877c0284d39bf4ff04c3fdca849996e4df5553af
626caf211b150d21f5c20b05b378cb99540ae81d719b2af1cb1e29081704238d
63204a4366f70331c617799720504e257d997307ac8dbb414c695613aa772e2a
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
699efe9d2f2519e17decd95224b30c662c11906deb21502194e93c25fa7ce87a
6a02e2288de9800ea3c608e4570b2068d72a6d571dd94b47b6124a65e195c468
6a7b3c6dd66c88e7db6eeb6ca64342e2256a61bcd96889b2f6337aca61a0237a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6aed3a238eccdba51ccad99da44ae89e563a5e561cff593bdaa35982b8cc16f5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d16522a5edaff3d0e4f3c1ab73f5a1ede3c6e83aa4ac1354072f15f7422bd93
70c7527733111f9e22234234bb84e157cbfb6a45916bd0a570243e2d1083a2c2
7295d39ac7923799aa9ec6d4ff9d2021da429d942f35b88e10d8253391179869
753686c6c7529298a8991ee4fdc32312d426b123d86428dbcb6e91a88fa59a23
7671c9671e2d96ec3e4238268ba25e333ec71fea6ecac5576cbcef87e69c8003
77aa4435c36070c4fe83f00c070fa632a67d4afb4f7589a610ab2e2af3776a9e
77ae9a2f739321c077b08559c0f66cf8576416f32cccd05c932f53b69c1e984a
78d846776f79e717b18e180f50c99bc5be503eeb2738ac34838bd1a5e8d9bf7c
794d61e219331f90223f84b6f7806082dd2fb5388d3c74af6bab63ad2ce022bb
79decf850929083220ca9e155f68ce4cafac71fe2edfd7a989ac471567c53a11
7a5431db35a714d13850ea6a64be34cd03bc884ec9a97c583dfa3fa2f65bf7fd
7ac0a8d8faf26b8a5ab31b9a5dcb8778adb98efcea5b4d2e38197e0a06e765c2
7b9c94ff96f1d6bea75213d32e721afab8fb945321ba96e8fb2559a8134f3909
7c3f9b8368dd8a54223f502176013b37c5ef33a262fea9229a1c600f75f76c6b
7daf779b6aa8ddaff94b292c1cca365489abd28937afbe0d192911ff2fa4e5df
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
815ee379589e2686af0a423df3987810358aaa03ea11a46250de270ad307a383
81979f14d2642e23f5e528631a42caf71e2da909e3605a5324dda52cba304d44
81ad7cf9bf8c5c54bc6ea0782f928e2d9381f848bc06787b70618ea00ae9b06f
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
886ffb82e1da067712a7eec3fd3fa0a1b8879158d70d5d2d183824cb168434f4
898d5a65a866f8b51c0d263fe11666844d44a4c8ec69b47df3e01d5d5cd136c9
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b460c1f4225100114426139412fd569dde8ae5f4d47d43f2a8589ba2fd43b9f
8bac9c023fad9d6721b69f7fe5cfbd0da812fd66ec2c428ae4a141cc44f2e4e9
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d8777bd45513cd2873992c0bccfe45a5fe267f41ffb4466a0ec809be8adbd0a
8dc87c6c3255df17b7f2ab127a4378dd9238717343616de074558c00aabaeed2
8de5be317de0e910d5ccea3ce5a604f6fe59df71dfc30b8d7272bd1fab48617e
8f4efabe25d05487d3faeaaeaa0dbf0e528760370ccf12b0aa8a300f6845db5f
8f541fd83e4146f610f2c80c98eca8fc669cd7847374b6593b66f97f22c470cc
93c3b80f3b3f8450aab811d3290e6638b0de8a963688df65ec05521bf89add3d
94e055760d3ed152d427d3aeb00c17bcd814a9d05a61debf6d612aa674161b7a
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
96e24601b058cc2d376b6a5ff12d1ccca9859f5fd60b2abb42fed33825a17bbc
9733f74c8db00fe291f3c517b8035d76e76a4ae52bcebfb4cba273ce8d8d0065
98703baa1a82acc8419bc97586f4fc757a1325d2980fdcbc5e972b358391f5cf
998976feab6111201521d34f61e2fdddfe53312f5dec66d02643fff36ffc7477
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b42c947c9ce65fe7e39a8e5564195856f6dc5279c8f53612bbdf2e737c2ba6b
9bbe2cd0fdc79b42a037106de4460223adca5ae2ed125103b16dd08e3d0e79ea
9c25c4e240bd28a308851f487711c88680072496bf9865fb73a258dff5ca3fd9
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9cb18f41a549cb5aa8e55e11a38da6bb88e6176ee07f690fa87ed7d53caa47ef
9f6ea04dfa28ea9e403c69a2fe9dad0714e425125d7e7ba3f7f84462fc2a13b7
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a33cb72f03bce353499b20acc7f39571e610402f7470d4c2683313cd76b86c8c
a3d7a41467a4641247d07f80b9cdfde40012384ad6ad0ba81fafed5d0647de01
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5d958be76e970124b20b9d17b84962fae1ad78a436652cf10194ac5fb3ab27f
a6154713cb57b7e1170e574c95bd13e54c10f31f08b341a778fca99f955be07c
a6abd01f2a5ef3fd5d2bdddda2a92397e790289ea9f374d088ddc8f81d09ee86
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7927ebbfa4839f1f8b0003051ad7d104cabc6e5989af8d7020ce857d4d7e8ae
aa041fddc5d3aa3e62945566300b460356cc747b12904e87caa73b2c5f87766d
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
ac2cac04b0044852868fcc158252c0f7f9c96403fbee2ea781d94cb5c30bfc98
ac77f56914ee369776d6cffd0f5a732ea96543ed65cfd0f787ce9d246f391334
add41eb1dacf4d0c67a338988d05f7dab69c7b2b61991d77e151aeadbb58ff69
ae06f6d12ca07e78cbe3a636b1f07053f14d9e54c58486a6e15470747abf0fa8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af2497deef4e5817714307172348fd769450ff768ae44786d90eff608deb4207
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b311a90644b62cf903ff7b8014afa6ddea886be5ef9c3671295be1d7420bed5a
b47eb2c147c468eb6aa9c3ba546db61b822d6d7be251f41e06aefc0d3c828163
b500e6a0015b9af9c4d56c46bdb53bea40a4b6f93404f081702c79e14fd423d2
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b5da654e171b73f3a731978550c89ac8cbc85805ba416bdad8fefd717f98e6a8
b5fa73d46ab1d18b5400d95521e491a2c026c9033fbadc9a9191934d891c0205
b9a07d57553a576ae262f48e57028df69cf503b70747f754b1e18e5eb92419ad
ba501b7f65c9ed9795f06f39774f6af15d0aa97519ea84d562f0ce74d66a7d57
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcc5de0f53784c98bf4b3345b43f7d95736bd096e7ce0b8132a0555624adc13a
bdf14d05fea4159cb7125759f7a0182d19eb0e1c3220b7c09361d086ea3a4088
be813938823610c7aa2f958718854f91c60648d6afaa01c409bfb90dbd396bea
bed53a23d0424d19d4b95ee0ee9dd2cc973c03b8058ac6e8a24dd1143d6862a1
c105e09261837014bfa09a76c87ebcb5dc83606c1ce6f8bae7049b6037c6bed8
c281d7fafb14a1c259293dd796bf26de849eaba4b48ae2e203fbfcf81d8c361b
c2bd0539fb95f301459cbe380730cbc8d215bb2c6972615db1a1400e15ef9105
c2f6b5332a308b0eea30cfb28f7c69acae83c691e65122c6dd7fe5581d7ed6e4
c572641410adfe1f556ef8fafa3b93c49a72ed88d1ee656e20ea03bf2790adf8
c59c97aca6024832c7a7420184ae6d42054dc065f6230629fd64f5aea60eeafc
c68c188e4d0a307de705a23afb896869ac0ff6b148e31b6ed744a920fda55469
c8204400aa9812838230020b85aa8a04b36bfda27cb0f4758ed83312a0fd7251
c8356135a2910f429eaab41d100680627e417d126cbed99c410f0d5aad490ab2
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
ca89afea1a4ffc4b967fa323d521ee56fe3e48c45eef1123efa0079e2e59eec4
cd538094f00a8f620f7f12c0a7ac0fcca74ee7b4388955470cd7f14c4fb602a5
ce7aac645a54f825051287a67f84691ce401d7a14a7f5fb9a6bffd08135a2b77
ceddb928d1ffb901318781f7e38ca0d034ddab0cd68736d11b7cdd9a4a7d2e69
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3eae5142f5987f4ad1ce3c6408d57d3b2803498f1bb1c6e09d0c3f7c7f3a428
d65246f2a98e02b32e2a0d80916e65eab499aebe923d078037efd692b31cef58
d8595a3c5518e825c2b6afe7ae506e8aa58abe31fa35247925e6ee7b27bd4a26
dac404ab5c3fcdc83e30b66349bccf92526406c5fdd63b9c1394acf78348ac52
dbb83acce0eb40784b78a49b626b1016c9dc304ce34f3f295e8121f6afc319a1
dc829a47ce82421775f09374d4e7f6f22307843a60bf20d1c915fb65624917d6
dcfa878221722e3086652ae67ab87179785cdf763f1a4ac17dd62b1c88ff0a58
dd4c3c455b901626bca1fdc147974463f940f4aae92f0685b0885ab13590024a
de176447fc0297416c7e98deba94048eb31f8620926c9e23cc08fb68ffbfd3d5
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d64b6f861441f9cf263699ba265c040bf7d58c7fd01bc7b7e83ec064b43047
e556f932d7384bfc518f2cf1b97471f12fcad1ae464d0cd1e0da8ca80d5677ab
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9e15c4552956ffe977ef5ec2483b3ab95cc0c73fbec1df597a9a8ab557082b7
eb4f5fd1450a96e4600bb6ceb1dd69df60131ce0397617ffedc796545628d34e
ec449e3ee89148b586be49494c010cf223a4dc702931f098b25e31d87adafa14
ee3aaae7cb4312dfe3be5e4e4d623de83da6c01a5332ff7ef9060195e51235b1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef83fc662e098946dee779996acbb96e028bea040cc2bc78c2b9ee247bda8e9d
f09e0899cbe82d68782233d5cdfaf842dab4d104e152dad805cd01b35e8d73a3
f4cfafd1f79402cbadb2253fa68f20c9d5fe73ba76143a2b176ef00f6faad86c
f566ffa08afb752311315c8991510659c5f06a05f71b7916ffddeb56d57449a2
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5b6f3c81f485f647c3b60d8744798366d9027e6b15127a94a8c4434e5d7e466
f62054be93b9f30643e209e390ae4299eb0501d1d89d9c8a3c6ee496ea9bd99c
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
f83dccda0f23005e073046554fcb6f70e6cc5c6d5a31482d8cbf00c3cae72a69
fa7fa879e81262176288b521ab57d6729bc399303e2dcd679301dea2cd88040c
faae902dcd0a36cf333fcd69214e37f624e808e0c24ccf592eb85361351d2221
fb08107d5b906f71b0ccf5ebbbfefbd0989158f5f93cf1a4305b1fe00bdb9960
fbe3322149369708038a2dec8b5ab605f88f2f9a07291585babc870b3df401da
fdc75abfec596987a2afc3cf319be7a665deb7f6323232a3482781369ae2536c

whitesalmonbruins.com Open in urlscan Pro 44.235.104.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

348 Requests

86 %HTTPS

39 %IPv6

72 Domains

112 Subdomains

87 IPs

10 Countries

9342 kBTransfer

15233 kBSize

72 Cookies

32 Outgoing links

Page URL History

Redirected requests

348 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

whitesalmonbruins.com Open in urlscan Pro
44.235.104.156 Public Scan

Screenshot
Live screenshot

Full Image

348
Requests

86 %
HTTPS

39 %
IPv6

72
Domains

112
Subdomains

87
IPs

10
Countries

9342 kB
Transfer

15233 kB
Size

72
Cookies

348 HTTP transactions
4 data transactions