www.mlive.com Open in urlscan Pro
2a02:26f0:11a::217:9a39 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.verifyacc0unt.com/
Effective URL:
https://www.mlive.com/
Submission: On January 18 via automatic, source certstream-suspicious (January 18th 2023, 10:25:45 pm UTC) — Scanned from DE

Summary HTTP 449 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 121 IPs in 12 countries across 83 domains to perform 449 HTTP transactions. The main IP is 2a02:26f0:11a::217:9a39, located in Vienna, Austria and belongs to AKAMAI-ASN1, NL. The main domain is www.mlive.com. The Cisco Umbrella rank of the primary domain is 43996.
TLS certificate: Issued by R3 on December 27th 2022. Valid for: 3 months.

This is the only time www.mlive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	134.209.208.251 134.209.208.251	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	34.199.56.222 34.199.56.222	14618 (AMAZON-AES) (AMAZON-AES)
35	2a02:26f0:11a... 2a02:26f0:11a::217:9a39	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1901:0:3... 2600:1901:0:328a::1	15169 (GOOGLE) (GOOGLE)
1	13.32.110.8 13.32.110.8	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.77 13.32.27.77	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:11a... 2a02:26f0:11a:487::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:1a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
47	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:a6e0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	23.64.52.128 23.64.52.128	16625 (AKAMAI-AS) (AKAMAI-AS)
3	108.138.4.10 108.138.4.10	16509 (AMAZON-02) (AMAZON-02)
3	18.66.97.9 18.66.97.9	16509 (AMAZON-02) (AMAZON-02)
1	92.123.36.4 92.123.36.4	16625 (AKAMAI-AS) (AKAMAI-AS)
13	52.84.106.104 52.84.106.104	16509 (AMAZON-02) (AMAZON-02)
5	2.18.37.133 2.18.37.133	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2606:4700::68... 2606:4700::6811:bab1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.110.73 13.32.110.73	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400d:80a::200d	15169 (GOOGLE) (GOOGLE)
7	2600:9000:214... 2600:9000:214f:8000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	52.223.1.76 52.223.1.76	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.17.12 18.66.17.12	16509 (AMAZON-02) (AMAZON-02)
1	2.18.37.49 2.18.37.49	16625 (AKAMAI-AS) (AKAMAI-AS)
2	143.204.215.7 143.204.215.7	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:11a... 2a02:26f0:11a::217:9a4a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.16.157 199.232.16.157	54113 (FASTLY) (FASTLY)
1	13.32.13.117 13.32.13.117	16509 (AMAZON-02) (AMAZON-02)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
1	13.225.78.86 13.225.78.86	16509 (AMAZON-02) (AMAZON-02)
1	23.203.125.36 23.203.125.36	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.44.162.166 52.44.162.166	14618 (AMAZON-AES) (AMAZON-AES)
1	54.194.186.27 54.194.186.27	16509 (AMAZON-02) (AMAZON-02)
3	52.48.35.78 52.48.35.78	16509 (AMAZON-02) (AMAZON-02)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:730... 2600:1f18:730:b120:4d89:3f20:fa5:8c17	14618 (AMAZON-AES) (AMAZON-AES)
1	18.207.63.238 18.207.63.238	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400d:803::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	108.128.47.128 108.128.47.128	16509 (AMAZON-02) (AMAZON-02)
1	104.87.141.138 104.87.141.138	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:230... 2600:9000:2304:4200:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	3.217.241.65 3.217.241.65	14618 (AMAZON-AES) (AMAZON-AES)
7	54.163.174.71 54.163.174.71	14618 (AMAZON-AES) (AMAZON-AES)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:400d:80e::200e	15169 (GOOGLE) (GOOGLE)
1	63.34.81.234 63.34.81.234	16509 (AMAZON-02) (AMAZON-02)
1	18.66.23.210 18.66.23.210	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
2	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1	2001:41d0:701... 2001:41d0:701:1000::96f	16276 (OVH) (OVH)
1	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.156.182.228 54.156.182.228	14618 (AMAZON-AES) (AMAZON-AES)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
6	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:f70... 2a02:26f0:f700:49c::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	44.195.15.34 44.195.15.34	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:402... 2a00:1450:4025:401::9b	15169 (GOOGLE) (GOOGLE)
1	104.87.139.186 104.87.139.186	16625 (AKAMAI-AS) (AKAMAI-AS)
6	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:211... 2600:9000:211e:2200:a:e047:752:5701	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
15 37	142.251.208.98 142.251.208.98	15169 (GOOGLE) (GOOGLE)
6 14	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
6 9	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
3 6	34.250.91.224 34.250.91.224	16509 (AMAZON-02) (AMAZON-02)
30	2a00:1450:400... 2a00:1450:400d:80e::2006	15169 (GOOGLE) (GOOGLE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 4	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
5 5	18.198.61.82 18.198.61.82	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
4 4	213.155.156.164 213.155.156.164	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 5	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.250.180.226 142.250.180.226	15169 (GOOGLE) (GOOGLE)
2	18.193.126.69 18.193.126.69	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
5 5	52.58.228.255 52.58.228.255	16509 (AMAZON-02) (AMAZON-02)
2 2	54.216.196.145 54.216.196.145	16509 (AMAZON-02) (AMAZON-02)
3 4	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1	3.75.3.113 3.75.3.113	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.186.255.72 35.186.255.72	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:f015	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
23	2600:1f13:800... 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:b7b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
10	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
1	99.86.240.48 99.86.240.48	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:8... 2600:1901:0:8344::	15169 (GOOGLE) (GOOGLE)
1	52.50.45.218 52.50.45.218	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.18.36.94 104.18.36.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	92.123.38.97 92.123.38.97	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2.18.36.193 2.18.36.193	16625 (AKAMAI-AS) (AKAMAI-AS)
3 5	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
1 2	2a05:d018:d29... 2a05:d018:d29:3605:dde3:6cb:7910:6ee0	16509 (AMAZON-02) (AMAZON-02)
2 2	52.209.54.253 52.209.54.253	16509 (AMAZON-02) (AMAZON-02)
2 2	54.217.17.172 54.217.17.172	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:6cee:426e:7a2:b82d	16509 (AMAZON-02) (AMAZON-02)
1	172.64.151.162 172.64.151.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 5	67.220.226.233 67.220.226.233	16509 (AMAZON-02) (AMAZON-02)
3 4	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	146.59.148.16 146.59.148.16	16276 (OVH) (OVH)
2 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.190.87 185.64.190.87	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
449	121

1 134.209.208.251 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.verifyacc0unt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.56.222 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-56-222.compute-1.amazonaws.com

mlive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a02:26f0:11a::217:9a39 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

www.mlive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:328a::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

satisfycork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.110.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-8.vie50.r.cloudfront.net

cdn.sophi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-77.fra56.r.cloudfront.net

apps.sophi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a:487::11a6 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1a55 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:a6e0 (United States)

ASN13335 (CLOUDFLARENET, US)

pub.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.64.52.128 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-52-128.deploy.static.akamaitechnologies.com

micro.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.97.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-9.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.36.4 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-36-4.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.84.106.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-106-104.bud50.r.cloudfront.net

h312.mlive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.37.133 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-37-133.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:bab1 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-v3.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.110.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-73.vie50.r.cloudfront.net

ats-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80a::200d (Ireland)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:214f:8000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.223.1.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8fd921d2017b5f79.awsglobalaccelerator.com

collector2.sophi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.17.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-17-12.vie50.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.37.49 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-37-49.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-7.fra53.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::217:9a4a (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.13.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-13-117.vie50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-86.fra2.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.203.125.36 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-36.deploy.static.akamaitechnologies.com

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.44.162.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-162-166.compute-1.amazonaws.com

advancelocal.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.186.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-186-27.eu-west-1.compute.amazonaws.com

privacy.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.48.35.78 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-35-78.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b120:4d89:3f20:fa5:8c17 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.207.63.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-63-238.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.128.47.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-47-128.eu-west-1.compute.amazonaws.com

vtrk.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.87.141.138 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-87-141-138.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2304:4200:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.217.241.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-241-65.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.163.174.71 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-174-71.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::200e (Ireland)

ASN15169 (GOOGLE, US)

ampcid.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.23.210 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-210.vie50.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:701:1000::96f (France)

ASN16276 (OVH, FR)

lbs.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.156.182.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-182-228.compute-1.amazonaws.com

exchange.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f700:49c::11a6 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.195.15.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-15-34.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.87.139.186 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-87-139-186.deploy.static.akamaitechnologies.com

ead.mlive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:2200:a:e047:752:5701 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 142.251.208.98 (United States) 15 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 185.80.39.216 (Canada) 6 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.252.173.215 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.250.91.224 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-91-224.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:400d:80e::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States) 3 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.198.61.82 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-61-82.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.155.156.164 (Sweden) 4 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-164.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.33.19 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.180.226 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.126.69 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-126-69.eu-central-1.compute.amazonaws.com

prebid-a.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.58.228.255 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-228-255.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.216.196.145 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-196-145.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.253 (London, United Kingdom) 3 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.3.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-3-113.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.255.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.255.186.35.bc.googleusercontent.com

app.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)

c2.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b7b1 (United States)

ASN13335 (CLOUDFLARENET, US)

buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

static.advance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

fonts.advance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.240.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-48.vie50.r.cloudfront.net

check.analytics.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.45.218 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-45-218.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.38.97 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-38-97.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.36.193 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-36-193.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.155.104 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:dde3:6cb:7910:6ee0 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.54.253 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-54-253.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.217.17.172 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-17-172.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:6cee:426e:7a2:b82d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 67.220.226.233 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.234 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.59.148.16 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.87 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	googlesyndication.com eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 156	316 KB
56	doubleclick.net 15 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 321	291 KB
50	mlive.com 1 redirects mlive.com — Cisco Umbrella Rank: 40281 www.mlive.com — Cisco Umbrella Rank: 43996 h312.mlive.com — Cisco Umbrella Rank: 82480 ead.mlive.com — Cisco Umbrella Rank: 95108	2 MB
36	adsafeprotected.com 3 redirects static.adsafeprotected.com — Cisco Umbrella Rank: 633 fw.adsafeprotected.com — Cisco Umbrella Rank: 799 dt.adsafeprotected.com — Cisco Umbrella Rank: 591	296 KB
30	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 280	359 KB
20	casalemedia.com 8 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 487 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 434 dsum.casalemedia.com — Cisco Umbrella Rank: 1297	15 KB
16	advance.net static.advance.net — Cisco Umbrella Rank: 29852 fonts.advance.net — Cisco Umbrella Rank: 63409	381 KB
15	rubiconproject.com 6 redirects micro.rubiconproject.com — Cisco Umbrella Rank: 2808 ads.rubiconproject.com — Cisco Umbrella Rank: 2657 fastlane.rubiconproject.com — Cisco Umbrella Rank: 450 prebid-a.rubiconproject.com — Cisco Umbrella Rank: 2882 eus.rubiconproject.com — Cisco Umbrella Rank: 532 token.rubiconproject.com — Cisco Umbrella Rank: 551 pixel.rubiconproject.com — Cisco Umbrella Rank: 306	140 KB
14	amazon-adsystem.com 6 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 293 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 492 s.amazon-adsystem.com — Cisco Umbrella Rank: 279 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 960	58 KB
12	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 444 ads.pubmatic.com — Cisco Umbrella Rank: 463 image6.pubmatic.com — Cisco Umbrella Rank: 702 simage2.pubmatic.com — Cisco Umbrella Rank: 654 image2.pubmatic.com — Cisco Umbrella Rank: 862 aud.pubmatic.com — Cisco Umbrella Rank: 4371	26 KB
11	google.com accounts.google.com — Cisco Umbrella Rank: 73 ampcid.google.com — Cisco Umbrella Rank: 2189 adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	80 KB
10	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 199	94 KB
10	sophi.io cdn.sophi.io — Cisco Umbrella Rank: 17268 apps.sophi.io — Cisco Umbrella Rank: 28693 collector2.sophi.io — Cisco Umbrella Rank: 23672	45 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 381	237 KB
9	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 207	10 KB
9	matheranalytics.com 1 redirects js.matheranalytics.com — Cisco Umbrella Rank: 9633 www.i.matheranalytics.com — Cisco Umbrella Rank: 9405 app.matheranalytics.com — Cisco Umbrella Rank: 14648	43 KB
8	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1032 exchange.postrelease.com — Cisco Umbrella Rank: 6009	5 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 22 region1.google-analytics.com — Cisco Umbrella Rank: 2439	21 KB
8	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1039 privacy.crwdcntrl.net — Cisco Umbrella Rank: 25050 bcp.crwdcntrl.net — Cisco Umbrella Rank: 904 id.crwdcntrl.net — Cisco Umbrella Rank: 1411	38 KB
7	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1412 insight.adsrvr.org — Cisco Umbrella Rank: 622 match.adsrvr.org — Cisco Umbrella Rank: 301	4 KB
7	tinypass.com experience.tinypass.com — Cisco Umbrella Rank: 7442 cdn.tinypass.com — Cisco Umbrella Rank: 5423 buy.tinypass.com — Cisco Umbrella Rank: 9055 api-v3.tinypass.com — Cisco Umbrella Rank: 17373	146 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	340 B
6	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 938 id5-sync.com — Cisco Umbrella Rank: 393	36 KB
5	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 276	2 KB
5	w55c.net 5 redirects pm.w55c.net — Cisco Umbrella Rank: 689	4 KB
5	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 373 www.linkedin.com — Cisco Umbrella Rank: 592 px4.ads.linkedin.com — Cisco Umbrella Rank: 6336	3 KB
5	moatads.com z.moatads.com — Cisco Umbrella Rank: 446 px.moatads.com — Cisco Umbrella Rank: 531	86 KB
4	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 590	2 KB
4	onetag-sys.com 3 redirects onetag-sys.com — Cisco Umbrella Rank: 691	1 KB
4	de17a.com 4 redirects d5p.de17a.com — Cisco Umbrella Rank: 4845	1 KB
4	quantserve.com 3 redirects cms.quantserve.com — Cisco Umbrella Rank: 636	2 KB
4	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 385 mug.criteo.com — Cisco Umbrella Rank: 2848 dis.criteo.com — Cisco Umbrella Rank: 703	8 KB
4	doubleverify.com pub.doubleverify.com — Cisco Umbrella Rank: 5562 vtrk.doubleverify.com — Cisco Umbrella Rank: 1639	18 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2596 google-bidout-d.openx.net — Cisco Umbrella Rank: 2546	672 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	145 KB
3	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1057 lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1305	1 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8470	1 KB
3	liadm.com 1 redirects rp.liadm.com — Cisco Umbrella Rank: 1491 rp4.liadm.com — Cisco Umbrella Rank: 7053 idx.liadm.com — Cisco Umbrella Rank: 2117	1 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 153	244 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com — Cisco Umbrella Rank: 3812	1 KB
2	exelator.com 2 redirects loada.exelator.com — Cisco Umbrella Rank: 26833	2 KB
2	onaudience.com 2 redirects pixel.onaudience.com — Cisco Umbrella Rank: 2968	918 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 480	1 KB
2	scoota.co 2 redirects r.scoota.co — Cisco Umbrella Rank: 31885	1 KB
2	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 417	1 KB
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 605 cdn.indexww.com — Cisco Umbrella Rank: 1594	2 KB
2	rlcdn.com check.analytics.rlcdn.com — Cisco Umbrella Rank: 4027 api.rlcdn.com — Cisco Umbrella Rank: 760	637 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 728 s.tribalfusion.com — Cisco Umbrella Rank: 1773	1 KB
2	avct.cloud 2 redirects ads.avct.cloud — Cisco Umbrella Rank: 3289	890 B
2	media.net prebid.media.net — Cisco Umbrella Rank: 1038 contextual.media.net — Cisco Umbrella Rank: 543	8 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2591 p1.parsely.com — Cisco Umbrella Rank: 1960	21 KB
2	blueconic.net advancelocal.blueconic.net — Cisco Umbrella Rank: 24536	2 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 158	2 KB
2	privacymanager.io ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 4724 geo.privacymanager.io — Cisco Umbrella Rank: 1686	29 KB
2	teads.tv a.teads.tv — Cisco Umbrella Rank: 1406 at.teads.tv — Cisco Umbrella Rank: 4778	4 KB
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 619	569 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	200 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1247 c.go-mpulse.net — Cisco Umbrella Rank: 607	50 KB
2	satisfycork.com satisfycork.com — Cisco Umbrella Rank: 25522	21 KB
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 788	612 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 453	725 B
1	adroll.com d.adroll.com — Cisco Umbrella Rank: 1446	181 B
1	33across.com lexicon.33across.com — Cisco Umbrella Rank: 1696	249 B
1	piano.io c2.piano.io — Cisco Umbrella Rank: 3895	3 KB
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2725	104 B
1	emxdgt.com cs.emxdgt.com — Cisco Umbrella Rank: 1048	55 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 31333	612 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 554	539 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2788	2 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 637	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2762	8 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 357	901 B
1	google.nl ampcid.google.nl — Cisco Umbrella Rank: 60441	460 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 618	725 B
1	t.co t.co — Cisco Umbrella Rank: 542	375 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 820	376 B
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1201	17 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 621	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 675	5 KB
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 3101	149 KB
1	cloudfront.net d1z2jf7jlzjs58.cloudfront.net	1 KB
1	verifyacc0unt.com 1 redirects www.verifyacc0unt.com	462 B
0	chocolateplatform.com Failed cs.chocolateplatform.com Failed
449	83

	Domain	Requested by
41	pagead2.googlesyndication.com	securepubads.g.doubleclick.net eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.mlive.com www.googletagservices.com
37	cm.g.doubleclick.net	15 redirects googleads.g.doubleclick.net eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
35	www.mlive.com	www.mlive.com
30	s0.2mdn.net	www.mlive.com s0.2mdn.net eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
23	dt.adsafeprotected.com	eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
14	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
13	static.advance.net	buy.tinypass.com www.mlive.com
13	h312.mlive.com	www.mlive.com h312.mlive.com
10	cdnjs.cloudflare.com	buy.tinypass.com
10	cdn.cookielaw.org	www.mlive.com cdn.cookielaw.org
9	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
8	collector2.sophi.io	cdn.sophi.io
7	jadserve.postrelease.com	s.ntv.io www.mlive.com
7	static.adsafeprotected.com	satisfycork.com eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
6	googleads4.g.doubleclick.net	www.mlive.com
6	fw.adsafeprotected.com	3 redirects www.mlive.com
6	googleads.g.doubleclick.net	eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com pagead2.googlesyndication.com
6	www.facebook.com	www.mlive.com
6	www.i.matheranalytics.com	www.mlive.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.mlive.com
6	securepubads.g.doubleclick.net	www.mlive.com securepubads.g.doubleclick.net
5	aax-eu.amazon-adsystem.com	3 redirects ads.pubmatic.com
5	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com
5	x.bidswitch.net	5 redirects
5	match.adsrvr.org	eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com ssum-sec.casalemedia.com
5	pm.w55c.net	5 redirects
4	image2.pubmatic.com	ads.pubmatic.com
4	c1.adform.net	3 redirects ads.pubmatic.com
4	pixel.rubiconproject.com	2 redirects
4	token.rubiconproject.com	4 redirects
4	buy.tinypass.com	cdn.tinypass.com buy.tinypass.com
4	onetag-sys.com	3 redirects eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
4	ssum-sec.casalemedia.com	2 redirects js-sec.indexww.com ssum-sec.casalemedia.com
4	d5p.de17a.com	4 redirects
4	cms.quantserve.com	3 redirects eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
4	www.google.com	tpc.googlesyndication.com eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
4	id5-sync.com	cdn.id5-sync.com micro.rubiconproject.com
4	eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	simage2.pubmatic.com	ads.pubmatic.com
3	fonts.advance.net	static.advance.net
3	www.googletagservices.com	eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
3	px.moatads.com	www.mlive.com
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	px.ads.linkedin.com	2 redirects
3	bcp.crwdcntrl.net	tags.crwdcntrl.net
3	connect.facebook.net	www.mlive.com connect.facebook.net
3	accounts.google.com	www.mlive.com accounts.google.com
3	tags.crwdcntrl.net	www.mlive.com securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	www.mlive.com c.amazon-adsystem.com
2	visitor.fiftyt.com	2 redirects
2	loada.exelator.com	2 redirects
2	pixel.onaudience.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	r.scoota.co	2 redirects
2	pr-bh.ybp.yahoo.com	1 redirects ssum-sec.casalemedia.com
2	eus.rubiconproject.com	micro.rubiconproject.com eus.rubiconproject.com
2	ads.pubmatic.com	micro.rubiconproject.com
2	ads.avct.cloud	2 redirects
2	prebid-a.rubiconproject.com	micro.rubiconproject.com
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects
2	lb.eu-1-id5-sync.com	cdn.id5-sync.com micro.rubiconproject.com
2	cdn.id5-sync.com	www.mlive.com securepubads.g.doubleclick.net
2	vtrk.doubleverify.com	pub.doubleverify.com
2	region1.google-analytics.com	www.googletagmanager.com
2	advancelocal.blueconic.net	h312.mlive.com
2	js.matheranalytics.com	1 redirects www.mlive.com
2	sb.scorecardresearch.com	www.mlive.com
2	z.moatads.com	www.mlive.com z.moatads.com
2	pub.doubleverify.com	www.mlive.com pub.doubleverify.com
2	geolocation.onetrust.com	cdn.cookielaw.org
2	www.googletagmanager.com	www.mlive.com www.googletagmanager.com
2	satisfycork.com	www.mlive.com satisfycork.com
1	um.simpli.fi
1	aud.pubmatic.com
1	dis.criteo.com	1 redirects
1	sync.mathtag.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	d.adroll.com	ssum-sec.casalemedia.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	contextual.media.net	micro.rubiconproject.com
1	js-sec.indexww.com	micro.rubiconproject.com
1	api.rlcdn.com	micro.rubiconproject.com
1	id.crwdcntrl.net	micro.rubiconproject.com
1	lexicon.33across.com	micro.rubiconproject.com
1	check.analytics.rlcdn.com	micro.rubiconproject.com
1	api-v3.tinypass.com	cdn.tinypass.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	c2.piano.io	cdn.tinypass.com
1	app.matheranalytics.com	js.matheranalytics.com
1	s.tribalfusion.com	eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
1	cs.emxdgt.com	eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
1	gcm.ctnsnet.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	mug.criteo.com
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	insight.adsrvr.org	js.adsrvr.org
1	ead.mlive.com	www.mlive.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	idx.liadm.com	micro.rubiconproject.com
1	c.go-mpulse.net	s.go-mpulse.net
1	hbopenbid.pubmatic.com	micro.rubiconproject.com
1	exchange.postrelease.com	micro.rubiconproject.com
1	htlb.casalemedia.com	micro.rubiconproject.com
1	fastlane.rubiconproject.com	micro.rubiconproject.com
1	prebid.media.net	micro.rubiconproject.com
1	lbs.eu-1-id5-sync.com	cdn.id5-sync.com
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	p1.parsely.com	www.mlive.com
1	ampcid.google.nl	www.google-analytics.com
1	analytics.twitter.com	www.mlive.com
1	t.co	www.mlive.com
1	px4.ads.linkedin.com	www.mlive.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	secure.cdn.fastclick.net	www.mlive.com
1	ampcid.google.com	www.google-analytics.com
1	rp4.liadm.com	www.mlive.com
1	rp.liadm.com	1 redirects
1	ads.rubiconproject.com	micro.rubiconproject.com
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	privacy.crwdcntrl.net	tags.crwdcntrl.net
1	at.teads.tv	a.teads.tv
1	geo.privacymanager.io	ats-wrapper.privacymanager.io
1	cdn.tinypass.com	experience.tinypass.com
1	js.adsrvr.org	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	s.ntv.io	www.mlive.com
1	d1z2jf7jlzjs58.cloudfront.net	www.mlive.com
1	ats-wrapper.privacymanager.io	www.mlive.com
1	experience.tinypass.com	www.mlive.com
1	a.teads.tv	www.googletagmanager.com
1	micro.rubiconproject.com	www.mlive.com
1	s.go-mpulse.net	www.mlive.com
1	apps.sophi.io	www.mlive.com
1	cdn.sophi.io	www.mlive.com
1	mlive.com	1 redirects
1	www.verifyacc0unt.com	1 redirects
0	cs.chocolateplatform.com Failed	eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
449	148

This site contains links to these domains. Also see Links.

Domain
ezads.mlive.com
autos.mlive.com
classifieds.mlive.com
foreclosures.mlive.com
link.mlive.com
podcasts.apple.com
www.facebook.com
twitter.com
www.youtube.com
subscription.mlive.com
youtu.be
mlivemediagroup.com
www.mlivemediagroup.com
subscribe.mlive.com
myaccount.mlive.com
hiring.mlive.com
www.advancelocal.com
www.onetrust.com

Subject Issuer	Validity	Valid
advancelocal.web.arc-cdn.net R3	`2022-12-27` - `2023-03-27`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
satisfycork.com R3	`2022-11-11` - `2023-02-09`	3 months	crt.sh
cdn.sophi.io Amazon	`2022-10-18` - `2023-11-15`	a year	crt.sh
apps.sophi.io Amazon	`2022-04-17` - `2023-05-16`	a year	crt.sh
akstat.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-15` - `2023-04-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-08` - `2023-04-08`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
teads.tv R3	`2023-01-05` - `2023-04-05`	3 months	crt.sh
h299.reckon.news Amazon	`2022-07-01` - `2023-07-30`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
*.privacymanager.io Amazon	`2022-08-26` - `2023-09-24`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
*.sophi.io Amazon	`2022-05-11` - `2023-06-09`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1	`2022-10-24` - `2023-10-26`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-12-30` - `2024-01-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-28` - `2023-01-26`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.blueconic.net Amazon	`2022-07-08` - `2023-08-06`	a year	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
vtrk.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-12-05` - `2024-01-06`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2022-12-02` - `2023-12-02`	a year	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
www.i.matheranalytics.com Amazon	`2022-12-14` - `2024-01-13`	a year	crt.sh
*.postrelease.com Amazon	`2022-11-27` - `2023-12-25`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.google.nl GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.liadm.com Amazon	`2022-09-30` - `2023-10-29`	a year	crt.sh
li.lisecurelink.com R3	`2023-01-06` - `2023-04-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2022-12-02` - `2023-03-02`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2022-11-29` - `2023-02-27`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
app.matheranalytics.com GTS CA 1D4	`2022-12-16` - `2023-03-16`	3 months	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2022-04-27` - `2023-04-26`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-11-04` - `2023-12-03`	a year	crt.sh
advancelocal.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-04-25` - `2023-05-27`	a year	crt.sh
analytics.rlcdn.com Amazon	`2022-07-27` - `2023-08-25`	a year	crt.sh
lexicon.33across.com GTS CA 1D4	`2022-12-21` - `2023-03-21`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2022-07-20` - `2023-07-19`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh

This page contains 38 frames:

Primary Page: https://www.mlive.com/
Frame ID: 8B80550F90CBA337A8F11E8FB9F052B0
Requests: 199 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 100861995AAA573A0E551FC1D069D8C3
Requests: 1 HTTP requests in this frame

Frame: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1816EF975ECDF279B028FE69EE5A8DF7
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=4pdxx2d&ref=https%3A%2F%2Fwww.mlive.com%2F&upid=p5qqvcp&upv=1.1.0
Frame ID: 5FB7FE395D7EA6E1202B505A93811DE3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C89BC0F4041057A4ED716CDF8F91E0C5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 006E618E45ECA2C05FDDE9BD3AE3FC80
Requests: 2 HTTP requests in this frame

Frame: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BADF18E4AF2B4D830BF92039BD1C440D
Requests: 29 HTTP requests in this frame

Frame: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1EE2D9A8E5E237CDFBA4820C5A733D6F
Requests: 31 HTTP requests in this frame

Frame: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C558E4C5D8B509CDA327A5350350548E
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXxyJsm_A2GDi-G2DHpcfC6yOTqCbgRAMNSMalAp7DkHdARImS_0e-nA4NCumbcZXDsZjrrmKypQOndUQwX1BOlG5z408FaCa2jD_CjXRjO7Z4fnPd1hLAu5ENb8T7h3CVJ1hR7UwDOLIeElVIrIColyyztWOdY0JLTd_Qy8WnQrDWx0L2XjuYzLmjjlUMF7KlQujVA
Frame ID: 6DFC621DC68C6858553F714225224805
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWg38x6Ko1JnAp1vS9fwteD5-B40nD6NziJcSC2Amlv--E59igNh7xUFaPKTSwq1024Fi5MIlDl8-wxz0NwyEZcMKgy4F1ISMAigB6AhW58Eq8RVHAo0aosiWzS5mWfUJQD5PkS72sB2aOt6fijZkc4Bzbe7exkYUNF0wXNmI8ihydNGX27oxUHo_oi51a4lSGs6KQN
Frame ID: 360A687D20D95D846A862C4BA7D81EEA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNUu0Qs5wQTWeYvaVQ-45yONzdnvABF7UFOg2C5ilsTxZLrD2az2BWm3mCDs3eR0U0xqRcDV5Z-gfD4SEzRQcIYo5LALgU915eXt8kof6oopQE2HRDruXnm7ae6XWq2adIUU8RXcqmY5XZ_4pjlRjt_w-klh9nz0m3mP-rSXuvuIsttI5cW5F8X5q65YX81qNmLKT7Ow
Frame ID: 8CD67C3B346E7933A2B2799BDC008170
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.mlive.com
Frame ID: D14DD75E8E7E4DC817DEE3DA118FD70B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 32616422A45F29C80A92092B7C4865FD
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B9729EFB5CE33FD612CE62B9D5CEE3EF
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
Frame ID: 9797686DA57B7A4DA7EC75868760AA09
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EE01CEFC39387B9310EA7EB1928EA3AE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9E67A1329CC3D31F0C9CE03EA41698FD
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
Frame ID: 11226702F90892DB83671222CFDA3A9C
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
Frame ID: AA3A5DE0B35563D49710781B2F0C9E67
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D2BC2F5143A60D5502A2E2CC4B0898A1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2798A6499294A8457BC4BA8C0FD4F2AA
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 427EA9359D32A0DA67F06452BE7D147A
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 0EF3F1778784006DF94AF72E03F3EC38
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 0A604C3567FD7A4982E5D2DAB4761E63
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 5361626AEF338EE8630C058847998BAD
Requests: 1 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Frame ID: 308A7935E8CF451A75BF1A4A90EEDE38
Requests: 29 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1E7809D135B0427E7B5ED8BA7EC591B8
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 845163EA2880E8A17A82AA0D5F1A1D05
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Frame ID: 3AFE634CA077A4607D450C65CE5E720E
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F8E11948052D237425B32125143FD081
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B76A162DD5034BB2DBB49EA0D6AF2F5F
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=39470485-8964-43FE-8E04-32CB960666CC&gdpr=0&gdpr_consent=
Frame ID: 2BDAD9B7564C2A3CCFF0D5C779C2D0F9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:683b63c8-71e9-4e00-808d-f22db6f0bc46&gdpr=0&gdpr_consent=
Frame ID: 1A745A647B86BDB5AA727991636680DE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6662396952591420754
Frame ID: BA77E7AC8445402E3B1A28BDA0AA43A5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: BBFA1A04BC70F95B88B83D9609ADC7E9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eAGMBnkDig1jBI0LeFPCDS1T2l1jC9hcfwHWA2uj
Frame ID: EA2405BB87BEBB9083B52BAE3D9EBB58
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=39470485-8964-43FE-8E04-32CB960666CC&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: A5C1B862153699436B783E4DCE8138B4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Michigan Local News, Breaking News, Sports & WeatherLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://www.verifyacc0unt.com/ HTTP 307
https://mlive.com/ HTTP 301
https://www.mlive.com/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

449
Requests

88 %
HTTPS

35 %
IPv6

83
Domains

148
Subdomains

121
IPs

12
Countries

5222 kB
Transfer

14902 kB
Size

128
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://ezads.mlive.com/michigan-adportal/obits/index.html
Title: Place obituary

Search URL Search Domain Scan URL

URL: https://autos.mlive.com/
Title: Autos

Search URL Search Domain Scan URL

URL: https://classifieds.mlive.com/mlive/category/real-estate
Title: Real Estate

Search URL Search Domain Scan URL

URL: https://classifieds.mlive.com/mlive/category/rentals
Title: For Rent

Search URL Search Domain Scan URL

URL: https://foreclosures.mlive.com/
Title: Foreclosures

Search URL Search Domain Scan URL

URL: https://classifieds.mlive.com/mlive
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://classifieds.mlive.com/mlive/category/legals/legal-notice
Title: Public Notices

Search URL Search Domain Scan URL

URL: https://link.mlive.com/join/6fh/signup
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://podcasts.apple.com/us/podcast/michigan-news-from-mlive/id1436032120
Title: Daily Audio Briefing

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mlive/
Title: Visit our Facebook Page

Search URL Search Domain Scan URL

URL: https://twitter.com/mlive/
Title: Follow us on Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/MLiveVideo
Title: Visit us on YouTube

Search URL Search Domain Scan URL

URL: http://subscription.mlive.com/newsletters/
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://youtu.be/QxETrMV72WM
Title: Watch

Search URL Search Domain Scan URL

URL: https://mlivemediagroup.com/careers?utm_source=mlive.com&utm_medium=footer&utm_campaign=careers
Title: Jobs at MLive

Search URL Search Domain Scan URL

URL: https://www.mlivemediagroup.com/?utm_source=mlive.com&utm_medium=footer
Title: MLive Media Group

Search URL Search Domain Scan URL

URL: https://www.mlivemediagroup.com/our-team/?utm_source=mlive.com&utm_medium=footer
Title: Our Team

Search URL Search Domain Scan URL

URL: https://www.mlivemediagroup.com/contact/?utm_source=mlive.com&utm_medium=footer&utm_campaign=advertise
Title: Advertise

Search URL Search Domain Scan URL

URL: https://subscribe.mlive.com/?sitecode=aa
Title: The Ann Arbor News

Search URL Search Domain Scan URL

URL: https://subscribe.mlive.com/?sitecode=bc
Title: The Bay City Times

Search URL Search Domain Scan URL

URL: https://subscribe.mlive.com/?sitecode=fj
Title: The Flint Journal

Search URL Search Domain Scan URL

URL: https://subscribe.mlive.com/?sitecode=gr
Title: The Grand Rapids Press

Search URL Search Domain Scan URL

URL: https://subscribe.mlive.com/?sitecode=jp
Title: Jackson Citizen Patriot

Search URL Search Domain Scan URL

URL: https://subscribe.mlive.com/?sitecode=kg
Title: Kalamazoo Gazette

Search URL Search Domain Scan URL

URL: https://subscribe.mlive.com/?sitecode=mc
Title: Muskegon Chronicle

Search URL Search Domain Scan URL

URL: https://subscribe.mlive.com/?sitecode=sn
Title: The Saginaw News

Search URL Search Domain Scan URL

URL: https://myaccount.mlive.com/
Title: Manage your Subscription

Search URL Search Domain Scan URL

URL: https://hiring.mlive.com/purchase/post-now/
Title: Post a job

Search URL Search Domain Scan URL

URL: https://www.advancelocal.com/

Search URL Search Domain Scan URL

URL: https://www.mlivemediagroup.com/about/?utm_source=mlive.com&utm_medium=footer-article
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.youtube.com/intl/en-US/about/policies/
Title: here

Search URL Search Domain Scan URL

URL: https://www.youtube.com/t/terms
Title: here

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.verifyacc0unt.com/ HTTP 307
https://mlive.com/ HTTP 301
https://www.mlive.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1615 HTTP 301
https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js

Request Chain 84

https://rp.liadm.com/j?dtstmp=1674080737297&se=e30&duid=94c49eadf2ac--01gq3fsp0f0dtsjw30wh60wpvt&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid HTTP 302
https://rp4.liadm.com/j?dtstmp=1674080737297&se=e30&duid=94c49eadf2ac--01gq3fsp0f0dtsjw30wh60wpvt&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid&i6=MmEwMjo2ZWEwOmM3MWI6MDoxMDEyOjcxMjc6MjMyZjo0YmE0&n3pc=true

Request Chain 97

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1674080737412&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3252378%26time%3D1674080737412%26url%3Dhttps%253A%252F%252Fwww.mlive.com%252F%26tm%3Dgtmv2%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1674080737412&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1674080737412&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQJO4YyzZwIYwwAAAYXG_NogMTc1H0hSOPnv379Ftlw-xOs1MOuykroz8BuK1JjqN4XLfMcM33R_9Qh4XptdBaKvkXi1Pw

Request Chain 209

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1

Request Chain 211

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEExt7SCjJSN1_fnzEBkUc90&google_cver=1

Request Chain 212

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8hx4zBG2KKnNtQWAo9KDgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEExt7SCjJSN1_fnzEBkUc90&google_cver=1

Request Chain 213

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBbMsRy9J3q_i_kYpAnP66M&google_cver=1

Request Chain 214

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYwOTA3MzUxMzUxOTU4MDE5NQ%3D%3D

Request Chain 216

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEExt7SCjJSN1_fnzEBkUc90&google_cver=1

Request Chain 217

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8hx4zBG2KKnNtQWAo9KDgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEExt7SCjJSN1_fnzEBkUc90&google_cver=1

Request Chain 218

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBbMsRy9J3q_i_kYpAnP66M&google_cver=1

Request Chain 219

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYwOTA3MzUxMzUxOTU4MDE5NQ%3D%3D

Request Chain 220

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEExt7SCjJSN1_fnzEBkUc90&google_cver=1

Request Chain 221

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8hx4zBG2KKnNtQWAo9KDgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEExt7SCjJSN1_fnzEBkUc90&google_cver=1

Request Chain 222

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBbMsRy9J3q_i_kYpAnP66M&google_cver=1

Request Chain 223

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzczNTg2NjQ4OTk4NDA0Mzc0Mg%3D%3D

Request Chain 249

https://gum.criteo.com/sid/json?origin=publishertagids&domain=mlive.com&sn=ChromeSyncframe&so=0&topUrl=www.mlive.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=N2FmKXwvQ2F5MWxuT2J2MVVtdm13YUNvTzNOWTVZQUg4MkRSb3hDQkNIZStNM25RNFlZbnk4d0VLRDhNZ3F1RzBlQlNOYWpReWQyL3ppczBDL0pVMkJocGtNdnBvNWZyRkw1T2JBQ0hPb05pUHpwT3QyWFp6d2h1UStZaHYwTTBlS0RGaC9MTlhhQkhxYnBYaXl6SE1UTmdSaEF0QThEMDNWYSsrVGgvay9zYWpQSE5YWVFZQ3I2dTl6alZpbTJzZ0FwYkdMU3BIei8zb0RYWWVTeUUySWdSa0lrM2p2RnBCRGl5TWNoMkVzZFlkaUtYeDFmVVFodWtVRElROHIzREVxQjFWM0h6SG1XbkRlNi80eWZ6MkpVNHRJQT09fA&cppv=2

Request Chain 252

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJScrRWcM-b7siEXH7UxLAg&google_cver=1&google_push=AavPq0PCv6P3JjSx9z0eZXSnjrWv2sR4sI_YeQCg6N6qrY2lGAkxkFwFZqy9FhHGscwh4Wo8eFBPKolhtf9IIxCkxJDMqR9SBGQ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJScrRWcM-b7siEXH7UxLAg&google_cver=1&google_push=AavPq0PCv6P3JjSx9z0eZXSnjrWv2sR4sI_YeQCg6N6qrY2lGAkxkFwFZqy9FhHGscwh4Wo8eFBPKolhtf9IIxCkxJDMqR9SBGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UWxWQTVqeHMxUGlnU2Y1&google_gid=CAESEJScrRWcM-b7siEXH7UxLAg&google_cver=1&google_push=AavPq0PCv6P3JjSx9z0eZXSnjrWv2sR4sI_YeQCg6N6qrY2lGAkxkFwFZqy9FhHGscwh4Wo8eFBPKolhtf9IIxCkxJDMqR9SBGQ

Request Chain 253

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESED0x9lRGr72hsyB80PF0tK8&google_cver=1&google_push=AavPq0PxGc8AzkSnQhZ-j1w5I1DuqUQF_YvLEi7TSUtPCN6i857hc5dO41yefk8xwQY24Fcaw3Hz3a1rrtfRDKWAccJXtyULCrA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESED0x9lRGr72hsyB80PF0tK8&google_push=AavPq0PxGc8AzkSnQhZ-j1w5I1DuqUQF_YvLEi7TSUtPCN6i857hc5dO41yefk8xwQY24Fcaw3Hz3a1rrtfRDKWAccJXtyULCrA

Request Chain 255

https://d5p.de17a.com/cookies/google?google_gid=CAESEG5aEkrFFlEQVl0TgpFkPyU&google_cver=1&google_push=AavPq0O-rKf_sYfKI6CLDFX_FmJJ2-VWOZtTnxQlMKrkn-U0uzfRgtbNlPeJaPuhj2EZPbAX74Avmu3gqGxA2XDOb8UdchnerA3n HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEG5aEkrFFlEQVl0TgpFkPyU&google_cver=1&google_push=AavPq0O-rKf_sYfKI6CLDFX_FmJJ2-VWOZtTnxQlMKrkn-U0uzfRgtbNlPeJaPuhj2EZPbAX74Avmu3gqGxA2XDOb8UdchnerA3n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0O-rKf_sYfKI6CLDFX_FmJJ2-VWOZtTnxQlMKrkn-U0uzfRgtbNlPeJaPuhj2EZPbAX74Avmu3gqGxA2XDOb8UdchnerA3n

Request Chain 256

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECCOLJzwMZGZ8lqUqLijPuM&google_cver=1&google_push=AavPq0PQMJ1K70w9lg0D8XpsOpi0VskjuxdMtEEeBvaI5ijyX3tu1jK76kKF-K08ZcI6EaGVdsVEBg3MKIB8q250jZrCAAmEfUCm HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECCOLJzwMZGZ8lqUqLijPuM&google_hm=Y8hx4zBG2KKnNtQWAo9KDgAADRMAAAIB&google_nid=index&google_push=AavPq0PQMJ1K70w9lg0D8XpsOpi0VskjuxdMtEEeBvaI5ijyX3tu1jK76kKF-K08ZcI6EaGVdsVEBg3MKIB8q250jZrCAAmEfUCm

Request Chain 276

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIxhe7ZXlV4sfls45rWfvCc&google_cver=1&google_push=AavPq0P8FicxYj1fla6YoxO0fauh12jI7kbLN8afuZdrxaMqQtF8uoh8c-fbUrFJh8uYUHeLKyhoL5-YoMwateZXBO9DHvOrn4c HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0P8FicxYj1fla6YoxO0fauh12jI7kbLN8afuZdrxaMqQtF8uoh8c-fbUrFJh8uYUHeLKyhoL5-YoMwateZXBO9DHvOrn4c&google_hm=3AMySqyK32g_9s5HETgq4Q

Request Chain 277

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJScrRWcM-b7siEXH7UxLAg&google_cver=1&google_push=AavPq0PxQqo5bEwSEpD6uK2aC86_-7i9XVZdm3Ri_0ZnEkln_6oMz2_YGRhJ8urpyQPEhZyTWme_YubfTErLsS5M3GnOfBbVZtc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UWxWQTVqeHMxUGlnU2Y1&google_gid=CAESEJScrRWcM-b7siEXH7UxLAg&google_cver=1&google_push=AavPq0PxQqo5bEwSEpD6uK2aC86_-7i9XVZdm3Ri_0ZnEkln_6oMz2_YGRhJ8urpyQPEhZyTWme_YubfTErLsS5M3GnOfBbVZtc

Request Chain 278

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENB7yyFTdQWx0seCWMBPhfs&google_cver=1&google_push=AavPq0OkWTm8KsmzIGaPjUZ1G7p-GWZHxP4DCCQ9A4JK8zXW8lf6iln5pNDL_K__FRDPI6ENbv0qcQwL-ZxyjbVy9MCbIwGxK9x9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0OkWTm8KsmzIGaPjUZ1G7p-GWZHxP4DCCQ9A4JK8zXW8lf6iln5pNDL_K__FRDPI6ENbv0qcQwL-ZxyjbVy9MCbIwGxK9x9&google_hm=71K3ZNHZQlqxOrXAPIQB04Y

Request Chain 279

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELgXhVNOlVP8cOY-z8EVWTE&google_cver=1&google_push=AavPq0O0L7Wel0ieK32-2EEKlAL4Vq06brj-5PgMn4R8tC9Rsnt_lpMGkTpyxhoDPqsKTmkHnP83ILCMH_zG95G0dD2WYoRTgncw HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELgXhVNOlVP8cOY-z8EVWTE&google_cver=1&google_push=AavPq0O0L7Wel0ieK32-2EEKlAL4Vq06brj-5PgMn4R8tC9Rsnt_lpMGkTpyxhoDPqsKTmkHnP83ILCMH_zG95G0dD2WYoRTgncw HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=ecd8777d-5bb7-4e7e-8b31-5282aec5f4e9&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0O0L7Wel0ieK32-2EEKlAL4Vq06brj-5PgMn4R8tC9Rsnt_lpMGkTpyxhoDPqsKTmkHnP83ILCMH_zG95G0dD2WYoRTgncw&google_hm=NSfxKjNZSNCPjAYOhzm8Jg==

Request Chain 280

https://d5p.de17a.com/cookies/google?google_gid=CAESEG5aEkrFFlEQVl0TgpFkPyU&google_cver=1&google_push=AavPq0OjNxS_gsDWwCP2ckgOPUSe23ZG8G_WZePPrYduWIAk59ZitZxOgU-BeNoBEWtxFgkKMvX4P1Qp3yuWU6w64AVPhc5BMB_6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0OjNxS_gsDWwCP2ckgOPUSe23ZG8G_WZePPrYduWIAk59ZitZxOgU-BeNoBEWtxFgkKMvX4P1Qp3yuWU6w64AVPhc5BMB_6

Request Chain 281

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEOaN0i2iyBFhTLiVElThC-4&google_cver=1&google_push=AavPq0N-WGkDOOBm_pwNsMIhWJdwCRABkEDhaz1F484nSbY8Guo5GIP21RJsIJftU23EkIao-79yecXHQljOKLLscdlyDHf1w9U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0N-WGkDOOBm_pwNsMIhWJdwCRABkEDhaz1F484nSbY8Guo5GIP21RJsIJftU23EkIao-79yecXHQljOKLLscdlyDHf1w9U

Request Chain 286

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIxhe7ZXlV4sfls45rWfvCc&google_cver=1&google_push=AavPq0OZA3l25ZQ3ZA42GOt9q8kgBBiz_h9CY7ODvUI5l-thZ518n7vPXhudcZsDGnuYiUeoPuLgI85VNuHp_VB3-8ymbHKw0lzd HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0OZA3l25ZQ3ZA42GOt9q8kgBBiz_h9CY7ODvUI5l-thZ518n7vPXhudcZsDGnuYiUeoPuLgI85VNuHp_VB3-8ymbHKw0lzd&google_hm=3AMySqyK32g_9s5HETgq4Q

Request Chain 288

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJScrRWcM-b7siEXH7UxLAg&google_cver=1&google_push=AavPq0Op1S4BcZXaSrZls_4TdzCS11Y_XGdQUZFwvpZE5gLRUwbZxK7CW181w0CbdujLNa0u32vxkzsEK-PiBXtrc_CrJ8Sao_8rEQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UWxWQTVqeHMxUGlnU2Y1&google_gid=CAESEJScrRWcM-b7siEXH7UxLAg&google_cver=1&google_push=AavPq0Op1S4BcZXaSrZls_4TdzCS11Y_XGdQUZFwvpZE5gLRUwbZxK7CW181w0CbdujLNa0u32vxkzsEK-PiBXtrc_CrJ8Sao_8rEQ

Request Chain 289

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGOTHcWq9gNed_NtBc0NvQA&google_cver=1&google_push=AavPq0O0YW4J0lc5gUEUgEviFmaONHk0cAf7XPmoVPG8XcTpQT5NLLlZrIpU2mEDb8DhESOihaai6KMVqVG_sALtwG5fOoR4qgmmSQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0O0YW4J0lc5gUEUgEviFmaONHk0cAf7XPmoVPG8XcTpQT5NLLlZrIpU2mEDb8DhESOihaai6KMVqVG_sALtwG5fOoR4qgmmSQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGOTHcWq9gNed_NtBc0NvQA&google_cver=1&google_push=AavPq0O0YW4J0lc5gUEUgEviFmaONHk0cAf7XPmoVPG8XcTpQT5NLLlZrIpU2mEDb8DhESOihaai6KMVqVG_sALtwG5fOoR4qgmmSQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0O0YW4J0lc5gUEUgEviFmaONHk0cAf7XPmoVPG8XcTpQT5NLLlZrIpU2mEDb8DhESOihaai6KMVqVG_sALtwG5fOoR4qgmmSQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 290

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECCOLJzwMZGZ8lqUqLijPuM&google_cver=1&google_push=AavPq0NZmLbeKyBAntFAl_Z8cQ9Dzfb7SzvpisRL3r9dKBmGhfUf_NxW8k3Savhx6UQ8ChaVGGK34fr2rrs5nMsLzVjO3NKSDmx0oQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECCOLJzwMZGZ8lqUqLijPuM&google_hm=Y8hx4zBG2KKnNtQWAo9KDgAADRMAAAIB&google_nid=index&google_push=AavPq0NZmLbeKyBAntFAl_Z8cQ9Dzfb7SzvpisRL3r9dKBmGhfUf_NxW8k3Savhx6UQ8ChaVGGK34fr2rrs5nMsLzVjO3NKSDmx0oQ

Request Chain 291

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEOaN0i2iyBFhTLiVElThC-4&google_cver=1&google_push=AavPq0PsryMNtAJY98wZptyUTfvGP15kdQvPa2VzACphxmu-1XVzY072RnOumX5C-aeC8pv3VPQMFKisN38PneFRZ3itNGCzQiB0Jw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0PsryMNtAJY98wZptyUTfvGP15kdQvPa2VzACphxmu-1XVzY072RnOumX5C-aeC8pv3VPQMFKisN38PneFRZ3itNGCzQiB0Jw

Request Chain 292

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOaN0i2iyBFhTLiVElThC-4&google_cver=1&google_push=AavPq0PddUr3zB3djigArtBrx0lP_SnnoX7MLygcPptskVZiLJJdmBKw90MQuSuykTH0c9ZdfJLELiA-7eg5VbcCAssgfk81tjr4Z_c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0PddUr3zB3djigArtBrx0lP_SnnoX7MLygcPptskVZiLJJdmBKw90MQuSuykTH0c9ZdfJLELiA-7eg5VbcCAssgfk81tjr4Z_c HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 294

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_43HIY-GoDaay-gaUlZNQ&cbFunctionName=goog_wrapCb_43HIY-GoDaay-gaUlZNQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.mlive.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.mlive.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Feea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Feea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:3ae26068-e45b-baff-b3d3-74af00ed02e6,c:1GRI2e,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5dc769c4d9-jnrfd,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:ttkIb1e+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.990511-61634100%7C181%7C182%7C183%7C184%7C191%7C192%7C193%7C194%7C1a1%7C1a2%7C1a3%7C1a4%7C1b,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:27,oid:097b75a8-977f-11ed-8be1-2a02de6c54ac,v:19.8.385,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

Request Chain 296

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_43HIY5OdEZf03gPxt4_QBg&cbFunctionName=goog_wrapCb_43HIY5OdEZf03gPxt4_QBg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.mlive.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.mlive.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Feea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Feea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:1c06a3da-e4e5-86f1-a7e1-608e2ceb09b6,c:1GRI2W,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5dc769c4d9-crrth,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:ttkIb23+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C191%7C192%7C193%7C194%7C1a*.990511-61634100%7C1a1%7C1a2%7C1a3%7C1a4%7C1b,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:20,oid:097b754f-977f-11ed-a88d-ead9b6379d1e,v:19.8.385,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

Request Chain 298

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_43HIY9TsENXL7_UPu4WDMA&cbFunctionName=goog_wrapCb_43HIY9TsENXL7_UPu4WDMA&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.mlive.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.mlive.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Feea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Feea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:fa8a1f38-f8cb-8236-5e99-4aa3661324be,c:1GRI3B,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-555888df59-cljnf,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:ttkIb2J+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C19*.990511-61634100%7C191%7C192%7C193%7C194%7C1a1%7C1a2%7C1a3%7C1a4%7C1a5%7C1b,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:18,oid:097b9cfc-977f-11ed-83f3-72479f40a69a,v:19.8.385,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

Request Chain 418

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8hx4zBG2KKnNtQWAo9KDgAADRMAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8hx4zBG2KKnNtQWAo9KDgAADRMAAAIB&dcc=t

Request Chain 420

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y8hx4zBG2KKnNtQWAo9KDgAADRMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECCOLJzwMZGZ8lqUqLijPuM&google_cver=1

Request Chain 422

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=QlVA5jxs1PigSf5

Request Chain 423

https://x.bidswitch.net/sync?ssp=index HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=251eda27-3be5-4e1d-91fe-0b5818e2443a&ssp=index HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=3527f12a-3359-48d0-8f8c-060e8739bc26&gdpr=&gdpr_consent=&us_privacy=

Request Chain 424

https://match.prod.bidr.io/cookie-sync/ie HTTP 303
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHJYk7HkOQAAB-ihj6a0g&expiration=1675290343

Request Chain 429

https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQyOEc0UE0tTS1LRExD&us_privacy=1---

Request Chain 430

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/3IRQAlt1I1pyAQBlDVwdAw?csrc=&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-crP.QABE2oLM27hhVNYUJZtVMHrmsuoZKc04rQ--~A

Request Chain 431

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1--- HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ri-4RRg2T5yU7CFKzC4McA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ri-4RRg2T5yU7CFKzC4McA

Request Chain 432

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjYxODZjMWE2ZTQxNDNlZjdhYmMxYTk5ZWIwZDVhOTU2ZDBkYmNkOQ&us_privacy=1---

Request Chain 433

https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LD28G4PM-M-KDLC&us_privacy=1---

Request Chain 434

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0aDqKPlfTgmxky1AhJOIqA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0aDqKPlfTgmxky1AhJOIqA

Request Chain 435

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGdaEp1W0NpnCesbXifamw0&google_cver=1

Request Chain 436

https://c1.adform.net/serving/cookie/match?party=14&cid=39470485-8964-43FE-8E04-32CB960666CC&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=39470485-8964-43FE-8E04-32CB960666CC&gdpr=0&gdpr_consent=

Request Chain 437

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:683b63c8-71e9-4e00-808d-f22db6f0bc46&gdpr=0&gdpr_consent=

Request Chain 438

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6662396952591420754

Request Chain 439

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 440

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eAGMBnkDig1jBI0LeFPCDS1T2l1jC9hcfwHWA2uj

Request Chain 441

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=39470485-8964-43FE-8E04-32CB960666CC&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=39470485-8964-43FE-8E04-32CB960666CC&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 442

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OUcEhYlkQ_6OBDLLlgZmzA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 443

https://pixel.onaudience.com/?partner=214&mapped=39470485-8964-43FE-8E04-32CB960666CC&gdpr=0&gdpr_consent= HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=6e30dbd31b40fa02f60216327679e1cb&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

Request Chain 444

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=39470485-8964-43FE-8E04-32CB960666CC&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=39470485-8964-43FE-8E04-32CB960666CC&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=39470485-8964-43FE-8E04-32CB960666CC&addseg=19,36,42

Request Chain 445

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mzk0NzA0ODUtODk2NC00M0ZFLThFMDQtMzJDQjk2MDY2NkND&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 446

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHaKD2oxrt9K5kpvI6aXzKw&google_cver=1

Request Chain 448

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5566974250836404484

449 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.mlive.com/
Redirect Chain

https://www.verifyacc0unt.com/
https://mlive.com/
https://www.mlive.com/

416 KB
75 KB

1256ms
958ms

Document
text/html

2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

78e2d1efd1ada3597841230a2e405bd50a490cf7779a529f5ae47b4a7e295818

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-true-ttl: 130 -1
cache-control: private, max-age=60
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Wed, 18 Jan 2023 22:25:36 GMT
etag: W/"66f11-aoVPuukBODffYM6Y2Pd33NYUqG0"
expires: Wed, 18 Jan 2023 22:26:36 GMT
last-modified: Wed, 18 Jan 2023 22:25:36 GMT
referrer-policy: no-referrer-when-downgrade
server: openresty
server-timing: cdn-cache; desc=REVALIDATE edge; dur=142 origin; dur=782
vary: Accept-Encoding
x-akamai-transformed: 9 74521 0 pmb=mRUM,2

Redirect headers

akamai-true-ttl: -1
cache-control: private, max-age=0
content-length: 0
content-security-policy: upgrade-insecure-requests
date: Wed, 18 Jan 2023 22:25:35 GMT
expires: Wed, 18 Jan 2023 22:25:35 GMT
location: https://www.mlive.com/
referrer-policy: no-referrer-when-downgrade
server: AkamaiGHost
server-timing: cdn-cache; desc=HIT edge; dur=1

GET
H2 200 default.css
www.mlive.com/pf/dist/components/output-types/ 45 B
544 B 71ms
65ms Stylesheet
text/css 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/dist/components/output-types/default.css?d=968

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

bba5cf4bf97f335423ef8083a04d8810370b013c18a623e2aec413075ef82ddc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: WEQ6SA0TBBR534EN
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 57
x-amz-id-2: ynQN/HhNeD/ZgUqqbZMT6tGi7XlRcXgGqGt55DtDCAkUuUBPoYi5+r+LoMHOo8SygS5kyUNENoA=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 16:21:54 GMT
server: openresty
etag: "534bb0614e61e484cae7d5dc8ecc424c"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 22:25:36 GMT

GET
H2 200 default.css
www.mlive.com/pf/dist/components/combinations/ 394 KB
60 KB 92ms
86ms Stylesheet
text/css 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/dist/components/combinations/default.css?d=968

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

c663756abb730778dd2a4ef70138217edd31b19c6c0168805060f2c2ab66f540

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: WEQ559BFEP6RCJV7
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 61244
x-amz-id-2: 7qSey7jcxArCFYXqBiNncOj3NRHlAYP7BVK87wrTx4ByAc7/FALz0/os4DWGk29GoX6ffAjhm54=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 16:21:54 GMT
server: openresty
etag: W/"70da005b6372cdc7bb712063eacd0997"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
expires: Thu, 18 Jan 2024 22:25:36 GMT

GET
H2 200 style.css
www.mlive.com/pf/resources/dist/mlive/css/ 2 KB
979 B 101ms
95ms Stylesheet
text/css 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=968

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

f1ff08a77821527cd6afd93ff04ccd359925fa7dcf3512f3762445685128c1b9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: WEQ2J55SZDG2329R
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 493
x-amz-id-2: 3kbzPzQZ/KwQPQ38sDF0qQSDDfeOjjZqMfmyAjZ6dtARSvmj5TbCWckJZpgDFkWgHrYRk4YbhTA=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 16:21:53 GMT
server: openresty
etag: W/"baa000fbd182cb91f7939570452014a1"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Thu, 18 Jan 2024 22:25:36 GMT

GET
H2 200 react.js Show response
www.mlive.com/pf/dist/engine/ 341 KB
101 KB 41ms
37ms Script
application/javascript 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/dist/engine/react.js?d=968

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

62c0a61b98a9573c12f2461083543d1d0699995f9dd0a30f0bc25a55f5e82996

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: WEQ49ZWYN95TN37J
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 103109
x-amz-id-2: AUxeTI2/LTDStBAtKVtmZzhmFcr2CfbXOD2KAiEtz5wiLdfMjdppVGUKofUatV3bn5JOd/07zVI=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 16:21:54 GMT
server: openresty
etag: W/"9067a69b49d4e0203f9b7f87902d89ac"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
expires: Thu, 18 Jan 2024 22:25:36 GMT

GET
H2 200 default.js Show response
www.mlive.com/pf/dist/components/combinations/ 2 MB
355 KB 48ms
44ms Script
application/javascript 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/dist/components/combinations/default.js?d=968

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

985cd7c7d1a829776e8d815d60c9aaae91fa30ec5fc72d9773a532b2b990162e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: WEQ9DRFSYCAWMBR2
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 361909
x-amz-id-2: F38FQnpsIjeKVu7zMZhJpZfR60l23XpdOKl9amERt/xtfGvJRXhFjs0VRQP9htm4b0thm/Y+68A=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 16:21:54 GMT
server: openresty
etag: W/"325f7631b428f5ea0188ca0ebcad5b86"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
expires: Thu, 18 Jan 2024 22:25:36 GMT

GET
H2 200 166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff
www.mlive.com/pf/resources/fonts/ 54 KB
54 KB 101ms
96ms Font
application/font-woff 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/resources/fonts/166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff?d=968

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

6fa8b9c20d5c4f5711f76f4f4adafafc90e8f89bac2c7b3dfc2c7e63abb55d21

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.mlive.com/
Origin: https://www.mlive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: WEQ250RXMTNKVY40
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 54391
x-amz-id-2: IaIXxYWYzaKQ/eqllOHNKp2xnNSe5SUrM/i0jhXDF73no/Utyf508wcfPIAojvQKlfxJiw4UqS4=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 16:21:53 GMT
server: openresty
etag: W/"63c3700153fd19bac6ac63c816251c03"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Thu, 18 Jan 2024 22:25:36 GMT

GET
H2 200 448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff
www.mlive.com/pf/resources/fonts/ 53 KB
53 KB 124ms
120ms Font
application/font-woff 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/resources/fonts/448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff?d=968

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

c942cb01ca7d8956086518f0315ac0be0374cb0f0a38ffe67a52bc4ae7ff5f6f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.mlive.com/
Origin: https://www.mlive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: WEQ5RF5WFZ7Z2EKK
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 53376
x-amz-id-2: SgxFuBVzfQzXO9dMK2QkFaZRQqc1itdFp1tHfiCYcIahRyd7nBL0FmqFbfYiy7pAlE/mMvqZxZA=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 16:21:53 GMT
server: openresty
etag: W/"00b8650c0e6992c5c9ced8f621e43ffd"
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Thu, 18 Jan 2024 22:25:36 GMT

GET
H2 200 a408f907-3ee4-4578-a3d1-4134558cb82a-3.woff
www.mlive.com/pf/resources/fonts/ 53 KB
53 KB 134ms
130ms Font
application/font-woff 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/resources/fonts/a408f907-3ee4-4578-a3d1-4134558cb82a-3.woff?d=968

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

c25ce818c3c2ab4992bc0b61a60d1822f239a638af59ad63ed2fe2028e3037f8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.mlive.com/
Origin: https://www.mlive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: WEQ78SVDWKW469VJ
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 53862
x-amz-id-2: Bjx4PAMy4tp98wAUx9PAVDUb0E0NPmnrTmKzAqjRZXDbuH840mQyCSMGAXqcbaV3rPhuSos5mn4=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 16:21:53 GMT
server: openresty
etag: W/"527a99c70868c89d6be3cc11a8feb999"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Thu, 18 Jan 2024 22:25:36 GMT

GET
H2 200 farnhamheadline-medium.woff
www.mlive.com/pf/resources/fonts/ 37 KB
37 KB 140ms
136ms Font
application/font-woff 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/resources/fonts/farnhamheadline-medium.woff?d=968

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.mlive.com/
Origin: https://www.mlive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: WEQD2CD1WXYPNA0X
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 36831
x-amz-id-2: tVN2DayRkgXR8ymdpoMX5QXDh3vb6e1zDO3hY9LbKUfki1KDJUKVjfLyOPDpjK7Ug1Bs9CPlBjI=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 16:21:53 GMT
server: openresty
etag: W/"05b85684cbf3bc11490297c50cfd67c3"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Thu, 18 Jan 2024 22:25:36 GMT

GET
H2 200 farnhamheadline-semi-bold.woff
www.mlive.com/pf/resources/fonts/ 36 KB
37 KB 147ms
144ms Font
application/font-woff 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/resources/fonts/farnhamheadline-semi-bold.woff?d=968

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.mlive.com/
Origin: https://www.mlive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: WEQ5TTVVPWSRZYFF
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 37066
x-amz-id-2: akXK45sFfxwK85Hr5KiNucA5PbGoWcF+K1zq5Se31MPjWNC3d+sY0GaPmExfLX1zdhA/12X15MI=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 16:21:53 GMT
server: openresty
etag: W/"c9a8222fbabe6b700baacd21dd7a1f61"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Thu, 18 Jan 2024 22:25:36 GMT

GET
H2 200 CTA3OIVB7VAHXM4FTPLNLA7OIM.jpg
www.mlive.com/resizer/E1f5vTBy7jmFbTdwrpxhYXyg7D4=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 35 KB
36 KB 72ms
68ms Image
image/jpeg 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/E1f5vTBy7jmFbTdwrpxhYXyg7D4=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/CTA3OIVB7VAHXM4FTPLNLA7OIM.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

14705e5223ec29f78cc765eb60e7e1e81ef1de9927670522336c862bd9a3a6ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 15:07:02 GMT
server: Akamai Image Manager
etag: "48dc94bbfa6bfa7b7c2e1ee6c7e895d610c0b593"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31509735
server-timing: cdn-cache; desc=HIT, edge; dur=18
content-length: 36218
expires: Thu, 18 Jan 2024 15:07:51 GMT

GET
H2 200 iabCcpaIntegrationScript-noGAM.js Show response
cdn.cookielaw.org/opt-out/ 19 KB
6 KB 51ms
18ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 18 Jan 2023 22:25:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: ZkLmnzyu8aoAQNwZHm6Yqw==
age: 66831
x-ms-lease-status: unlocked
last-modified: Tue, 22 Feb 2022 22:01:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 182db57a-701e-001d-114b-28010c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 78babf5bdc0d2c71-FRA

GET
H2 200 logo_main.svg
www.mlive.com/pf/resources/images/mlive/logos/ 1 KB
1 KB 59ms
55ms Image
image/svg+xml 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/mlive/logos/logo_main.svg?d=968

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

f4ece8f2f5242967e98c6718f283e961576d68b4b7be96124eca22f554dcb275

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: WEQFMRYJ5KX6P0WY
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 660
x-amz-id-2: CCFG5bU8Z291whI/pE28tYz3SLa/0Z2WxohteE9Rlr9l3Fs3wQdJgsqbPBR4G53VTy3H4RU2sbc=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 16:21:54 GMT
server: openresty
etag: W/"351c57e1a77c618772f5966a7f2094ee"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Thu, 18 Jan 2024 22:25:36 GMT

GET
H2 200 logo_main_sm.svg
www.mlive.com/pf/resources/images/mlive/logos/ 2 KB
1 KB 70ms
66ms Image
image/svg+xml 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/mlive/logos/logo_main_sm.svg?d=968

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

a39cd6a9413784646378ab9490f6a80ea1c2eaf4870c1022f44e4e64380c7cda

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: WEQ68G9MHRHT0PNZ
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 902
x-amz-id-2: gZdK+C5kpklqspmB+Hg+s8QKQuP6jddYt5+W/Oxlu7Ohkwx3gSn1/+Byp4mXCkmDNq4c1jdlPD0=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 16:21:54 GMT
server: openresty
etag: W/"cb98cda61d359616349bbc2a92540ddb"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Thu, 18 Jan 2024 22:25:36 GMT

GET
H2 200 social-monochrome.svg
www.mlive.com/pf/resources/images/mlive/logos/ 1 KB
1 KB 70ms
67ms Image
image/svg+xml 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/mlive/logos/social-monochrome.svg?d=968

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

4eb67b42d6abea96d75df507d23f0421da85d5658322720fded36c94cce45d7b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: EBE4FSNEQWR4MR26
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 603
x-amz-id-2: sB3k20inQQuEKKXIpUQCbHYZ9nVlN+pYz8dvX99LPgjc3y3WdalRJJOjOTsRfSU+z+7LG9Gmwns=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 16:21:54 GMT
server: openresty
etag: W/"7819fa78e2e7770bb40587187d83cb87"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Thu, 18 Jan 2024 22:25:36 GMT

GET
H2 200 logo_footer.png
www.mlive.com/pf/resources/images/mlive/logos/ 2 KB
3 KB 133ms
130ms Image
image/webp 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/mlive/logos/logo_footer.png?d=968

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

fbaacd40862bf1ea965f26571bf04a2609f80f3ba82af73ccd0d840bb19db1c2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 16:51:13 GMT
server: Akamai Image Manager
etag: W/"be8042e858f0c6b5cd87834c8aafe76d"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=31515886
server-timing: cdn-cache; desc=HIT, edge; dur=44
content-length: 2314
expires: Thu, 18 Jan 2024 16:50:22 GMT

GET
H2 200 footer-logo-advance.svg
www.mlive.com/pf/resources/images/common/logos/ 18 KB
6 KB 133ms
130ms Image
image/svg+xml 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/common/logos/footer-logo-advance.svg?d=968

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

25c3fb46576f9c03a7aa53f9e84261623a1a1d7aef5cc0024641d040a89c02ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: WEQ52VCF8WY4YV10
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=40
content-length: 5265
x-amz-id-2: A4PBf1GrVvrLP6l/qlG95/6HcY1YBaxpovwsFWtRD6SQp2ZLYrHq1RBQ7tmL0tMTbvrGyaUqXcc=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 16:21:53 GMT
server: openresty
etag: W/"165b66ce6f4daa48f02b4871f04b31e4"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Thu, 18 Jan 2024 22:25:36 GMT

GET
H2 200 ad-choices-arrow.png
www.mlive.com/pf/resources/images/common/logos/ 190 B
555 B 133ms
131ms Image
image/webp 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/common/logos/ad-choices-arrow.png?d=968

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

9ead871d27f3a0d803f4d6139feb2f2694d3a26c54fd6734f789a06aad0f5303

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 16:51:06 GMT
server: Akamai Image Manager
etag: W/"c6e75cc6be8dcb2f2d1ab36209f3c3b7"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=31515962
server-timing: cdn-cache; desc=HIT, edge; dur=36
content-length: 190
expires: Thu, 18 Jan 2024 16:51:38 GMT

GET
H2 200 v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA Show response
satisfycork.com/ 59 KB
21 KB 76ms
20ms Script
text/javascript 2600:1901:0:328a::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

9a6d42551d7f2cb96369a81a765a8e9387a2f6ff966e232821828b784e543d58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Wed, 18 Jan 2023 22:25:36 GMT
x-datacenter: gce-europe-west1
etag: "760389ae5d129e85cbae9bdb26a0172896e73fb788a17a12536d2035943ace02"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-r9p8
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 718439402
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sophi.min.js Show response
cdn.sophi.io/latest/ 124 KB
42 KB 96ms
21ms Script
application/javascript 13.32.110.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sophi.io/latest/sophi.min.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-8.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 096a0419a3787b284e7105edeebc7cf4915cb9549f3b433258f65483acc24510

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 10:15:09 GMT
content-encoding: br
via: 1.1 fadd210e8fada96866356688e5524d10.cloudfront.net (CloudFront)
x-amz-version-id: 77yKHytHO_pcAyQcoklw1dHdk4sqBtp0
last-modified: Tue, 04 Oct 2022 14:09:32 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 43828
x-amz-server-side-encryption: AES256
etag: W/"dfd164092f8d8abc70b55ba8c1bc2e80"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: iWNgYXVBs3WW_v6J3T5DDVfkRpIvq3lfkrFYFC3yi5Ab9-oCbioQAg==

GET
H2 200 al-mlive.segments.min.js Show response
apps.sophi.io/latest/ 4 KB
2 KB 74ms
21ms Script
application/javascript 13.32.27.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sophi.io/latest/al-mlive.segments.min.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-77.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 36b72120fc731ea29b1d2cabe92dc59386f9a1d95b25c965d38e63656ba237f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: Jq1U2kMTOCiBAmHVtPNHt2NT.I9ZGTe8
content-encoding: gzip
via: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
date: Wed, 18 Jan 2023 22:25:36 GMT
last-modified: Thu, 20 Oct 2022 19:50:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 240
etag: W/"1a6bdc48b2d80dff46c51dac3b30ceef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=0
x-amz-cf-id: 0bxOpvYEeR88wmxjGTqPHChTUn9g3lcGWMBUWM14PDmw1_s3HSOjsA==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 24 KB
8 KB 50ms
19ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d277a90920d78efa3d6e473d67240beb26100591c7b02a34bd444aa78ee5d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 18 Jan 2023 22:25:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: WdCEPqU1pnnoNr/cT9hHyQ==
age: 68709
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 8053
x-ms-lease-status: unlocked
last-modified: Tue, 17 Jan 2023 03:30:41 GMT
server: cloudflare
etag: 0x8DAF83B35FDC216
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 31f8b56e-a01e-0079-69d8-2ab1ac000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 78babf5bdc102c71-FRA

GET
H2 200 SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 113ms
28ms Script
application/javascript 2a02:26f0:11a:487::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:11a:487::11a6 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:36 GMT
content-encoding: br
last-modified: Tue, 10 Jan 2023 03:18:00 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 438 KB
123 KB 61ms
38ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b3659bb9abcfda0f33e128bb67a8e7f2c5fd0b3114e5e999014566413ea20c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125818
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 22:03:42 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 18 Jan 2023 22:25:36 GMT

GET
H2 200 01.png
www.mlive.com/pf/resources/images/common/weather/tiny/ 1 KB
2 KB 126ms
126ms Image
image/webp 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/common/weather/tiny/01.png?d=968

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=968

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

3fc70270a527227c6493bc5a1c703f4bef2373f857cb7606b711b4d2fa14684a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/pf/dist/components/combinations/default.css?d=968
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 16:51:05 GMT
server: Akamai Image Manager
etag: W/"943580722d571b890fa63310005293d9"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=31516030
server-timing: cdn-cache; desc=HIT, edge; dur=30
content-length: 1372
expires: Thu, 18 Jan 2024 16:52:46 GMT

GET
H2 200 chevron-white.svg
www.mlive.com/pf/resources/images/common/arrows/ 864 B
966 B 129ms
129ms Image
image/svg+xml 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/common/arrows/chevron-white.svg?d=968

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=968

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/pf/dist/components/combinations/default.css?d=968
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: 9K1YBR6AFBFACZ64
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=29
content-length: 486
x-amz-id-2: 3RgtNKq5BfDc+0INDKjbBtkogryRmcklAU3mj6C2Pp9K4EZp3yDFaru49uLZtVW0VnJHm7wX/bg=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 16:21:53 GMT
server: openresty
etag: W/"691552a6377a1dfc9eeae87d6aeb8931"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Thu, 18 Jan 2024 22:25:36 GMT

GET
H2 200 YZUSC22VO5HQLBYQZEGV7RDK4A.jpg
www.mlive.com/resizer/OoAg2rH6bVpgIHumSdm4kDKZKX0=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 39 KB
39 KB 95ms
94ms Image
image/jpeg 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/OoAg2rH6bVpgIHumSdm4kDKZKX0=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/YZUSC22VO5HQLBYQZEGV7RDK4A.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

0e3e1e68f6bf1ba6af4fc889618b617434eb019734483ca95221fbe6df780d90

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 18:56:12 GMT
server: Akamai Image Manager
etag: "1fd6d7c9ee3a9d46e7d108d36b954224cea6ce30"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31523291
server-timing: cdn-cache; desc=HIT, edge; dur=24
content-length: 39539
expires: Thu, 18 Jan 2024 18:53:47 GMT

GET
H2 200 XBWNOLKVGRBBPJI3Y5FFHY2WPI.jpg
www.mlive.com/resizer/bYtk75sBRO1PtiRrfeKEslPa01M=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 24 KB
25 KB 152ms
152ms Image
image/jpeg 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/bYtk75sBRO1PtiRrfeKEslPa01M=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/XBWNOLKVGRBBPJI3Y5FFHY2WPI.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

f8db4d8837d9917b7d86f1ee4b912c7b2301d7ad5cc055c97577eeda0679048e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 20:16:53 GMT
x-serial: 1233
server: Akamai Image Manager
x-check-cacheable: YES
etag: "5e8f2d6f3d784bb3673162fd30eca8bf703431b2"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31528242
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=219
content-length: 24898
expires: Thu, 18 Jan 2024 20:16:18 GMT

GET
H2 200 ZZMOPLZL65HWJIWRMBNYTWRDDU.jpg
www.mlive.com/resizer/1KeF-uFsBustTW2aZRNxvd3whKs=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 63 KB
63 KB 156ms
156ms Image
image/jpeg 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/1KeF-uFsBustTW2aZRNxvd3whKs=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ZZMOPLZL65HWJIWRMBNYTWRDDU.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

b6996d40dab27da6521e0683ed79d6b8965d3049dcd31326fe352b4b7c9071e6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 05:35:16 GMT
server: Akamai Image Manager
etag: "09c47ff7dbbbce8dcc2e58d1b271eae3b4233ee5"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31475488
server-timing: cdn-cache; desc=HIT, edge; dur=96
content-length: 64250
expires: Thu, 18 Jan 2024 05:37:04 GMT

GET
H2 200 podcast.svg
www.mlive.com/pf/resources/images/mlive/promo/ 7 KB
3 KB 115ms
114ms Image
image/svg+xml 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/mlive/promo/podcast.svg?d=968

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=968

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

b396ae4c9dc4cec9c79931da5c8993ffb15d5d6ed98a14fc00bb4d159c7dd739

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=968
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: SZY4KJ6CCZAY36YG
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=33
content-length: 2589
x-amz-id-2: YOL3Z0qMC/dkZSYFxN6KE8t5xZANxaM0qJpCs8N6AzptqQu3+hKY4BPM1D+LoQPCQfYwLpBiAug=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 16:21:54 GMT
server: openresty
etag: W/"562343e31998148153bc8be55796e6e1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Thu, 18 Jan 2024 22:25:36 GMT

GET
H2 200 chevron-black-right.svg
www.mlive.com/pf/resources/images/common/arrows/ 2 KB
1 KB 114ms
113ms Image
image/svg+xml 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/common/arrows/chevron-black-right.svg?d=968

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=968

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

276ca8da7dd05a55c760ead2eec9d5c74629897d0b5b3e5190d4fc9bd38ea7fc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/pf/dist/components/combinations/default.css?d=968
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: SZY2JBBF5KS0EEYQ
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=38
content-length: 746
x-amz-id-2: X/i73zeef7MDX8YmhDNF3mPm7tcOrb+XIqzJVi9ziKHOxrfHYZkJKcQdGxgB7m22ZiLLy0LnnyU=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 16:21:53 GMT
server: openresty
etag: W/"4347be806f2c6a630a5407afb75ab920"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Thu, 18 Jan 2024 22:25:36 GMT

GET
H2 200 B5IYFMPZLNAQTDWDIV72QLMY3M.jpg
www.mlive.com/resizer/hBmI6qbe94OUGHydIaW6rFvwkzw=/600x337/filters:focal(1222x548:1232x538)/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 23 KB
24 KB 102ms
100ms Image
image/jpeg 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/hBmI6qbe94OUGHydIaW6rFvwkzw=/600x337/filters:focal(1222x548:1232x538)/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/B5IYFMPZLNAQTDWDIV72QLMY3M.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

233965c1ee1e11880cef8e4c6f231d56b0141f33d994e666f64ac5c46e65cfa6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 20:43:42 GMT
server: Akamai Image Manager
etag: "d524b2f4838baa7665c4e94ca5ed542d7f0d7b46"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31529781
server-timing: cdn-cache; desc=HIT, edge; dur=57
content-length: 23818
expires: Thu, 18 Jan 2024 20:41:57 GMT

GET
H2 200 DLMGOXY2GBGSDCCK7X7552IKVU.jpg
www.mlive.com/resizer/C6oYnCU60taRZdfyBxucZiI6uvE=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 42 KB
42 KB 110ms
108ms Image
image/jpeg 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/C6oYnCU60taRZdfyBxucZiI6uvE=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/DLMGOXY2GBGSDCCK7X7552IKVU.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

468abc98211f55c2b8115c01bbe6af4561318edd09fefa83a8e2d990855b196c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 06 Jan 2023 18:30:01 GMT
x-serial: 1533
server: Akamai Image Manager
x-check-cacheable: YES
etag: "ef9efe82a7ce465bf0e02fb38b84088bdd7916e6"
content-type: image/jpeg
cache-control: private, no-transform, max-age=30485049
server-timing: cdn-cache; desc=MISS, edge; dur=28, origin; dur=31
content-length: 42870
expires: Sat, 06 Jan 2024 18:29:45 GMT

GET
H2 200 EY6Z3I7XBJAYPALER5TGZ4C2EM.jpg
www.mlive.com/resizer/v9c2tGdG0MMCVLdRlG3CuRFjeNg=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 36 KB
37 KB 117ms
116ms Image
image/jpeg 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/v9c2tGdG0MMCVLdRlG3CuRFjeNg=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/EY6Z3I7XBJAYPALER5TGZ4C2EM.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

8262f8563aed6484b40603d1ae22c413ac2cc8ccc246e1be16f006803465ed36

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 14:10:41 GMT
server: Akamai Image Manager
etag: "fd3f0ea0f01ab1d43e34e487a6a779e69da6271b"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31506271
server-timing: cdn-cache; desc=HIT, edge; dur=60
content-length: 37076
expires: Thu, 18 Jan 2024 14:10:07 GMT

GET
H2 200 5CU3VVLUE5GV7B234KKXBOY5Y4.jpg
www.mlive.com/resizer/sZDkZDGDAg2fOcQudzjiyqYIYew=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 36 KB
36 KB 130ms
129ms Image
image/jpeg 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/sZDkZDGDAg2fOcQudzjiyqYIYew=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/5CU3VVLUE5GV7B234KKXBOY5Y4.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

16cd91964ad04e4e025ba3759d356ed471bfeefa5c57632a573b22c2aa3dc779

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 07 Jan 2023 15:05:35 GMT
server: Akamai Image Manager
etag: "7fc665dfc141344c301fd177918a3183f71af9e9"
content-type: image/jpeg
cache-control: private, no-transform, max-age=30559152
server-timing: cdn-cache; desc=HIT, edge; dur=66
content-length: 36542
expires: Sun, 07 Jan 2024 15:04:48 GMT

GET
H2 200 PJMXTDKLMZAWBLF4GWDB45ZV6Y.jpg
www.mlive.com/resizer/mvA3q0thhE2b7_uZRaDeJyB1Vu0=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 34 KB
35 KB 112ms
111ms Image
image/jpeg 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/mvA3q0thhE2b7_uZRaDeJyB1Vu0=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/PJMXTDKLMZAWBLF4GWDB45ZV6Y.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

fb81dce53b2c3ea780312463c06f0733672fdf725d8da15b135fda5d23b157e3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 Jan 2023 14:29:38 GMT
server: Akamai Image Manager
etag: "b6806f09115386331a97358212914deb7d9dd995"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31075467
server-timing: cdn-cache; desc=HIT, edge; dur=34
content-length: 35316
expires: Sat, 13 Jan 2024 14:30:03 GMT

GET
H2 200 KINJHD3XDJCTHC5BDPPIBLBSVU.jpg
www.mlive.com/resizer/CpAsAXB7UvBWUGrm6S1bQ916mxw=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 49 KB
50 KB 113ms
112ms Image
image/jpeg 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/CpAsAXB7UvBWUGrm6S1bQ916mxw=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/KINJHD3XDJCTHC5BDPPIBLBSVU.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

e982359ab3f67f3ce5cb19756d143d2d05121c06015da99411cb9ae49ca53dcb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 19:26:15 GMT
x-serial: 33
server: Akamai Image Manager
x-check-cacheable: YES
etag: "8d1f499503fb6f1266ccc373f95a8f8e2bb0fa0d"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31525181
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=42
content-length: 50279
expires: Thu, 18 Jan 2024 19:25:17 GMT

GET
H2 200 IYEEZYCYHBHDTLJDBLHLDEMVL4.jpg
www.mlive.com/resizer/xS4ya3zyJhvEauB43Omcum4YH10=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 31 KB
32 KB 115ms
114ms Image
image/jpeg 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/xS4ya3zyJhvEauB43Omcum4YH10=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/IYEEZYCYHBHDTLJDBLHLDEMVL4.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

b98739daf8d351cc8b8b607b989fcd3bb9fe28c240c25df4f91df043b3736a97

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Wed, 18 Jan 2023 22:25:36 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 12:17:28 GMT
server: Akamai Image Manager
etag: "a2a4519abe3b00f4cd0a5e4f2c51cba84e4928f4"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31499627
server-timing: cdn-cache; desc=HIT, edge; dur=22
content-length: 32113
expires: Thu, 18 Jan 2024 12:19:23 GMT

GET
H2 200 BUFC2BUHSRCPHHJVJ7WDWURUQI.JPG
www.mlive.com/resizer/he4OAISf0C7vrCFcNLmOKcuftF8=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 35 KB
36 KB 551ms
550ms Image
image/jpeg 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/he4OAISf0C7vrCFcNLmOKcuftF8=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/BUFC2BUHSRCPHHJVJ7WDWURUQI.JPG

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

adbee63de992e78fde08ade0b8b1d574115e72457532ec138a410c20ad7a8e0a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Wed, 18 Jan 2023 22:25:37 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 21:51:26 GMT
x-serial: 827
server: Akamai Image Manager
x-check-cacheable: YES
etag: "6639e36788e92342c50a33c33f736fbc8971137a"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31533985
server-timing: cdn-cache; desc=MISS, edge; dur=369, origin; dur=110
content-length: 35920
expires: Thu, 18 Jan 2024 21:52:02 GMT

GET
H2 200 92a6747a-ce11-46a4-93d3-d5b3bd38e0ac.json Show response
cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/ 4 KB
2 KB 32ms
17ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9c4a4336440d59029bb303c4bfbd5f824047fd48384ade8ec1f1077c6886838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 18 Jan 2023 22:25:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: h5EiZwdQT+e8ExrNNVXT2w==
age: 6107
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1537
x-ms-lease-status: unlocked
last-modified: Mon, 09 Jan 2023 18:18:12 GMT
server: cloudflare
etag: 0x8DAF26DDEB1DA3C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1bcf8d4e-d01e-0032-2f56-248036000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 78babf5cbbc32c22-FRA
expires: Thu, 19 Jan 2023 22:25:36 GMT

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 75 B
257 B 63ms
30ms Script
text/javascript 2606:4700::6812:1a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e949e0ba546cccd944b7fc64ebc3f97123638dd1b3af8eec5732cd599c2ed46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 78babf5d6ce59b63-FRA
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 60ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0498c715302d23e589e79869729ff60cbe28470fca23928d3a83c6792b6fa07c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27788
x-xss-protection: 0
server: sffe
etag: "1456 / 37 of 1000 / last-modified: 1674043613"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Jan 2023 22:25:36 GMT

GET
H2 200 pub.js Show response
pub.doubleverify.com/signals/ 67 KB
18 KB 63ms
17ms Script
text/javascript 2606:4700::6812:a6e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/signals/pub.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

818da0a99e5c987d95ab810e69c78fc66712db42e23ef755a391bb841817654a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
content-security-policy: frame-ancestors 'self'
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Server-Timing, Cf-Ray
cache-control: private, max-age=14400, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 78babf5dddbe9bd6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 10071.js Show response
micro.rubiconproject.com/prebid/dynamic/ 420 KB
120 KB 86ms
20ms Script
text/javascript 23.64.52.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=968
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-64-52-128.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e0bc482e5e56597558e97e2fef03ac7090dc92a0f96d20a9f1449653cff4ed51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:36 GMT
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 14:41:00 GMT
server: Apache
vary: Accept-Encoding
edge-cache-tag: prod-prebid-10071_MI_Desktop_Mobile.js
content-type: text/javascript
access-control-expose-headers: x-trp-pba
cache-control: public, must-revalidate, max-age=0
content-length: 121878
x-trp-pba: {"ruleId":"9","rulePos":0,"ruleName":"MI_Default","wrapperName":"10071_MI_Desktop_Mobile","isPrimary":true,"randomProb":83,"account":10071,"device":"desktop","country":"DE","host":"mlive.com","isMobile":false,"isTablet":false,"reqHost":"micro.rubiconproject.com","referrer":["https://www.mlive.com/"],"xForwardedFor":"","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36","query":"","ranAt":"2023-01-18T22:25:36.964Z","runId":"1674080736964-4808","wrapperPath":"/prebid/10071_MI_Desktop_Mobile.js","redirectUrl":"/prebid/get-wrapper/MI_Default/10071_MI_Desktop_Mobile.js"}
expires: Thu, 19 Jan 2023 14:56:10 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 179 KB
45 KB 38ms
7ms Script
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=968
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a1a74eef6e94e2e8414e313d3dac9c34b11fccf52909e9eb833ce2cf70ced650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:01:39 GMT
content-encoding: gzip
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront), 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
last-modified: Tue, 17 Jan 2023 22:31:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 1438
x-amz-server-side-encryption: AES256
etag: W/"09722bdf068e1f62e3d9a9e39a8dde87"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: 5ChiSr3rLnksa748wAwpwfCzpqNYR1I1tNECwnPk6gehJYPCoUp6wA==

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/963/ 51 KB
16 KB 38ms
7ms Script
text/javascript 18.66.97.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=968
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31038db384774b30a90f372136544f5cfd03cb2cfec40cfc8d06697b80c6e638

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 01:24:29 GMT
content-encoding: gzip
via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 18:21:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 75668
etag: W/"e8fc5351ba5fa694b332e7213d30a1f4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: rxzyLrdhK9Xk-fHcnba7ZJLisyShgzCmyRhdfElyelLzVe66-5vBog==

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 11 KB
4 KB 162ms
25ms Script
text/javascript 92.123.36.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.36.4 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-4.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date: Wed, 18 Jan 2023 22:25:37 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id: CBPRAJ7T0JSPRA6Z
etag: "6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 3391
x-amz-id-2: HXC/qEq/6Y8E9VFAR9IDt9+y8k3iOvxTM8x87I6MmIhNfFuVfnQDX155843rEIYaFjHCagx+9Pg=

GET
H2 200 script.js Show response
h312.mlive.com/ 148 KB
45 KB 164ms
89ms Script
text/javascript 52.84.106.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://h312.mlive.com/script.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.106.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-106-104.bud50.r.cloudfront.net

Software

- /

Resource Hash

8cc962bf012bdf8476e37ccbffbdb365c8c366ade8356352396ff090ffc380f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d84412fe91532b74b0fb5833b7857e00.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: BUD50-C1
age: 3
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 46000
x-xss-protection: 1; mode=block
last-modified: Wed, 18 Jan 2023 22:23:01 GMT
server: -
etag: d4ba9378de49478f950acdf7a0cf2f11
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=600
x-robots-tag: noindex, nofollow
x-amz-cf-id: 3X-FxsJPZJmVmv-KAZfg1F1dTqmh2IQ7QjixinFGfNM3busn-wLQ-Q==
expires: Wed, 18 Jan 2023 22:35:34 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/advanceddigitalheader640552616592/ 240 KB
83 KB 82ms
19ms Script
application/x-javascript 2.18.37.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.37.133 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 816d074bbe462e7d8dffb27367cd00d3dff5184ba7fc4b5ee63c4b0456f2cb6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:37 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 16:37:23 GMT
server: AmazonS3
x-amz-request-id: 91J3H26V29H9FJ0N
etag: "74749fcdf424072168f779a7f498f245"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=38326
accept-ranges: bytes
content-length: 85010
x-amz-id-2: gJdNxdkEuoQFfC1Bd4PbL4wUMP0rZ+h32JGt1dhC2o2M1LZsCN8gfQGMLxxpCVAfdZNSklqShHU=

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 338 B
510 B 82ms
52ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=8Gu2Z8RCvZ

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
date: Wed, 18 Jan 2023 22:25:37 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 21:31:23 GMT
server: cloudflare
age: 3254
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 78babf5e1f9c2bc6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: pura8v9oux
expires: Wed, 18 Jan 2023 22:55:37 GMT

GET
H2 200 ats.js Show response
ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ 87 KB
29 KB 90ms
18ms Script
application/javascript 13.32.110.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ats.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-73.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 627fa90737b91d1ae1ef9fe5bbd2e6cfa079af3afcf620278b37f157f8be2e2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: ra0FmYZy.xFAZIDIImJKEJgk0QNUfmlQ
content-encoding: gzip
via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
date: Wed, 18 Jan 2023 21:32:37 GMT
last-modified: Wed, 04 Jan 2023 17:30:09 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 3183
x-amz-server-side-encryption: AES256
etag: W/"526fa276025a71597e996c22cef8e9af"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: Fw_c8N8Q6U_MDPUK9l_KX-x5xxKnH558MsuIi4f7Ngn2DHZQhL3Mzw==

GET
H2 200 client Show response
accounts.google.com/gsi/ 192 KB
76 KB 197ms
115ms Script
application/javascript 2a00:1450:400d:80a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200d , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4156d5c9a9325e0864ff6826eb1e40ca9bd1d8b66dbbcd05d0a8167525cec8b7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-HU31p3kDkkp-J7T09sdR_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:37 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-HU31p3kDkkp-J7T09sdR_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Wed, 18 Jan 2023 22:25:37 GMT

GET
H2 200 main-menu-hamburger-white.svg
www.mlive.com/pf/resources/images/common/icons/ 1 KB
977 B 40ms
40ms Image
image/svg+xml 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/common/icons/main-menu-hamburger-white.svg?d=968

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=968

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

1cb614c81c491878e5b6256098b31fb4f68b7bbde5e60b21334d085db7e37549

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/pf/dist/components/combinations/default.css?d=968
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Wed, 18 Jan 2023 22:25:37 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: WEQDX8FZH989EKFH
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=6
content-length: 455
x-amz-id-2: A/VEqNrx7yOOSgvZ9GJXDWuO+E7uV4DElxdRbk/Q2x6toc/wiF441jkNob58xoZ7UVV9+hYYGjM=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 16:21:53 GMT
server: openresty
etag: W/"4c13e35767d4f1fc45fe58d883b78893"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Thu, 18 Jan 2024 22:25:37 GMT

GET
H2 200 user-white.svg
www.mlive.com/pf/resources/images/common/icons/ 5 KB
3 KB 43ms
42ms Image
image/svg+xml 2a02:26f0:11a::217:9a39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/common/icons/user-white.svg?d=968

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=968

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a39 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/pf/dist/components/combinations/default.css?d=968
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Wed, 18 Jan 2023 22:25:37 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: 9K1P8029QNA2QG65
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=3
content-length: 2508
x-amz-id-2: JbjoznJ9Py+zDAR57c0Lg9h6nH+e6UjyksHDmyeGDVs365UorYV0z6WLwOm7vXsxb/WCp4w5fe8=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jan 2023 16:21:53 GMT
server: openresty
etag: W/"fdc13d9553130cf8463df06e8ba5682d"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Thu, 18 Jan 2024 22:25:37 GMT

GET
H2 200 skeleton.js Show response
static.adsafeprotected.com/ 17 B
466 B 55ms
7ms Script
application/javascript 2600:9000:214f:8000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: satisfycork.com
URL: https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 02:01:00 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 17439878
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: 4Y8bAQUM-kbxh_Uc9uwZy6aIDM3yVnvlJuih6KI0aYoeZGSoMsWVAg==

OPTIONS
H2 200 tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame 0
0 366ms
97ms Preflight 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.mlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.mlive.com
access-control-max-age: 600
content-length: 0
date: Wed, 18 Jan 2023 22:25:37 GMT
server: nginx

POST
H2 200 tp2 Show response
collector2.sophi.io/com.snowplowanalytics.snowplow/ 2 B
222 B 287ms
96ms XHR
text/plain 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.mlive.com
date: Wed, 18 Jan 2023 22:25:37 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 18 Jan 2023 20:26:10 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 7167
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20085
expires: Wed, 18 Jan 2023 22:26:10 GMT

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 72ms
18ms Script
application/javascript 18.66.17.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.17.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-17-12.vie50.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 07:54:59 GMT
Via: 1.1 3e0d912790c2cd730e222487cbb10f98.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-P1
Age: 52238
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 930
Pragma: public
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
ETag: "5eb31be4-3a2"
Content-Type: application/javascript
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
X-Amz-Cf-Id: iLyBJHsb7nhIMebhcGGUkQN25e8EYkmmgpQ1rBrkNThZ5bLGx6e4Ag==
Expires: Thu, 19 Jan 2023 07:54:59 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 536 KB
149 KB 150ms
30ms Script
application/x-javascript 2.18.37.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.49 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-49.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c6a2acafca2240ed410b27b91023f58e3a9196bad947f6b0ddd2aebde99cb5c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 22:25:37 GMT
Content-Encoding: gzip
x-amz-request-id: CWSG3QBRDWE1QYAW
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: ycYcNHFuY8tg+fHZfEJhGUjay21Lh44XjS37XJ6nPTE8qO6bswu+kHLEXz02SfnUYM/EW0lvvzg=
Last-Modified: Fri, 13 Jan 2023 18:33:34 GMT
Server: AmazonS3
ETag: "7dba2af09ac73f5bb0d756e3d509d2dd"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 58ms
8ms Script
application/javascript 143.204.215.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-7.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 00:57:34 GMT
content-encoding: gzip
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 77288
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: WDgmiG64bk-CvzF6WSAmCMKGfjduPMsaaqA4Rmk233VvP1xNwk-nrg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 38ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 18 Jan 2023 22:25:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27815
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: tr063cmP15H6fWikZ4DNJ3l8g1hRYDtdAa6CD4px9uCkRPPTBc+JZmS1d+EawYDhTe5gOPywlffvI9eV6uOIVQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 130ms
29ms Script
application/x-javascript 2a02:26f0:11a::217:9a4a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a4a Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:37 GMT
content-encoding: gzip
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=77199
accept-ranges: bytes
content-length: 4777

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 150ms
30ms Script
application/javascript 199.232.16.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:37 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-vie6323-VIE

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 71ms
18ms Script
application/x-javascript 13.32.13.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.13.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-13-117.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 06:03:06 GMT
Content-Encoding: gzip
Via: 1.1 3cf68d8be617999c7beade955cf69ddc.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: VIE50-C2
Age: 58952
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: u1IqKMpJPIFZO3BGr3_GI7P_K8-yNcLDFGRTxMAuDNS2JhAdt1TQXw==

GET
H2

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma63527/all/15/
Redirect Chain

https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1615
https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js

142 KB
41 KB

8ms
7ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Server: 107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 68b5df8a16ee7bbfd4789f8533b7f9882f9095625a8be1f56e352bc10710484d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:21:01 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 07 Apr 2021 17:41:03 GMT
server: nginx
age: 14676
etag: "8be38a11960c372ea9c4119961294047"
vary: Accept-Encoding
x-cache: HIT Sun, 18 Dec 2022 07:06:40 GMT
content-type: application/x-javascript
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42243

Redirect headers

date: Wed, 18 Jan 2023 22:25:37 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
cache-control: public, max-age=269200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by: 9-gc-europe-west6-8j340954

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
76 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GG8B674XK4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

262435fb19ecd29075d2951cf374027710e8a4a931ffff811cd72aba71e30d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78018
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 18 Jan 2023 22:25:37 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
312 B 36ms
21ms XHR
application/json 2606:4700::6812:1a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 78babf5f2c299295-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202210.1.0/ 381 KB
91 KB 16ms
16ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f97354a4659e6fc1cf05e27b59d333c697c1b0fd6fcaaceaa9af1f6886abe0af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 18 Jan 2023 22:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: DjzI+HdyHvhC2OCs+qd+pw==
age: 68707
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 93164
x-ms-lease-status: unlocked
last-modified: Fri, 16 Dec 2022 04:11:44 GMT
server: cloudflare
etag: 0x8DADF1BA4D9E9D9
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 32db70ae-901e-00bd-53b1-11ce6a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 78babf5f58d52c71-FRA

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 335 KB
98 KB 40ms
25ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=8Gu2Z8RCvZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b732eca42f11e87a582b78d38a41c1f4942bdd83867698a2dc1063458bc46338

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:37 GMT
x-amz-version-id: eNm8702ff_YJi0nCeXYaDAGLuOLDw8Ct
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=86400; includeSubDomains
x-amz-request-id: V75GMY6PQ2HJGD98
age: 12726
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: A8kzKO7Uh+lu222IgY9e0Iv1fdJJUEkpmt6WLn08r7abiLt38ZlV55pi0WM++pd1xfSNDhA2hd8=
last-modified: Fri, 13 Jan 2023 08:46:29 GMT
server: cloudflare
etag: W/"2dca3e79ceb0e68a562a4c8e6c2b4d1f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 78babf5f795b2bc6-FRA
expires: Thu, 19 Jan 2023 02:25:37 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
593 B 169ms
7ms Fetch
application/json 13.225.78.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-86.fra2.r.cloudfront.net
Software: /
Resource Hash: e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 00:53:06 GMT
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront), 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA2-C2
age: 77551
x-amzn-requestid: 74f97786-2a1f-4162-bc1b-47b8226c1b41
x-amzn-trace-id: Root=1-63c742f2-3343bb772998203454b90f32;Sampled=0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: e6dl_GvejoEF_SQ=
content-length: 30
x-amz-cf-id: LjeNsExzBT2i745BcfAvfFWTZ_crjK52_5_sloHvc-d29h67O8tXAQ==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H/1.1 200
OK fpc Show response
at.teads.tv/ 0
336 B 165ms
68ms XHR
text/plain 23.203.125.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_11014&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=8480ba3&
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 22:25:37 GMT
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://www.mlive.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Wed, 18 Jan 2023 22:25:37 GMT

GET
H2 200 cs Show response
advancelocal.blueconic.net/DG/DEFAULT/ 16 B
700 B 316ms
100ms Script
text/javascript 52.44.162.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://advancelocal.blueconic.net/DG/DEFAULT/cs?&callback=bc_json665

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.162.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-162-166.compute-1.amazonaws.com

Software

- /

Resource Hash

fed6701b69123d26282661ec301d9564f2b11018abd79b95cea77d47d97aaaa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 404 pub.json Show response
pub.doubleverify.com/signals/ 48 B
365 B 36ms
25ms Fetch
application/json 2606:4700::6812:a6e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/signals/pub.json?ctx=20823471&cmp=DV460143&signals=ids,bsc&url=https%3A%2F%2Fwww.mlive.com%2F

Requested by

Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14e4901ee2e5c2b93c887cca0a2e3f188379d5ce25edca56836564e10014db76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.mlive.com
access-control-expose-headers: Server-Timing, Cf-Ray
cache-control: private, max-age=900
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 78babf5f9a6c30f4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 set Show response
privacy.crwdcntrl.net/consent/ 301 B
574 B 139ms
52ms XHR
application/json 54.194.186.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy.crwdcntrl.net/consent/set?ct=skip&ca=1&ccd=1&cds=1&cta=1&c=963
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.186.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-186-27.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: f45b1273e5d1a3fae430a81ccc1af5bf28fd4bbab3bc0a6c3bd6dddbc49f5786

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:37 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache
x-server: 10.45.8.10
access-control-allow-credentials: true
content-length: 301
expires: 0

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 60 B
333 B 124ms
34ms XHR
application/json 52.48.35.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.35.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-35-78.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f7bce75f371c49843ee2d1aaf92a4911f5df6d8946d6dae596bbb0cc3a13d35

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:37 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache
x-server: 10.45.30.93
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 pubads_impl_2023011001.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba08a3d19225206e1f616f14c7d6e4f214002374c7086834026cb977a09748fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132153
x-xss-protection: 0
last-modified: Tue, 10 Jan 2023 09:35:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 18 Jan 2024 22:03:05 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 239 B
146 B 57ms
41ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.mlive.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7492e0dcc99580ede56498598b523290b232b6a5efef1e47946bf6fe2f03c0cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121
x-xss-protection: 0
expires: Wed, 18 Jan 2023 22:25:37 GMT

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame 1008 1 KB
2 KB 18ms
18ms Document
text/html 2.18.37.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.37.133 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=1765
content-length: 1374
content-type: text/html
date: Wed, 18 Jan 2023 22:25:37 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
server: AmazonS3
x-amz-id-2: MrdPZgDY1CyIfh5A+NrvWN3zzcPpav9fxlA/H4bKRoXxHGSHeCFTJZ7rA8qWgbhnyFXO+NPKclY=
x-amz-request-id: E79E4895C627A6D1

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 1 KB
2 KB 8ms
8ms XHR
application/json 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3178&u=https%3A%2F%2Fwww.mlive.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e7261fe5ce66c71ad531ce6da47cd76b7b875cea04c6fe7cfe616b0cad05cd3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:06:40 GMT
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 1136
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.mlive.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1378
x-amz-cf-id: 7joL8RgbxKKRHLnm_VyQy9ldlNIGc70827vDBFlBdMChJPr3wlUYrA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 20ms
6ms XHR
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding: gzip
via: 1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)
date: Wed, 18 Jan 2023 01:09:45 GMT
x-amz-cf-pop: FRA56-P6
age: 76553
x-cache: Hit from cloudfront
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: _6mjs29Xl1V0V5CTjY8_0jYvqxGZumLUUA_bpchXw9Ah5wBVw_GeTA==

GET
H2 200 p.js Show response
cdn.parsely.com/keys/mlive.com/ 56 KB
21 KB 54ms
7ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/mlive.com/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-100-58.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 36ea8d266ccb57796d82e6eb05f11c634302a0bc3623c5e7fa7261a1a69e0d90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: public
date: Wed, 18 Jan 2023 04:07:53 GMT
content-encoding: gzip
via: 1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified: Wed, 29 Jun 2022 14:34:05 GMT
server: nginx
x-amz-cf-pop: FRA56-P2
age: 66049
etag: W/"62bc62dd-df3e"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: c4HLzY3m4Sq7trAI8SKE0v7DedK6sT5cZuwD6LOwdYmWn1uFAvlOPw==
expires: Thu, 19 Jan 2023 04:04:48 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 11ms
10ms Image
text/plain 143.204.215.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6034988&c3=&c4=https%3A%2F%2Fwww.mlive.com%2F&cs_it=b3&cv=3.8.0.210223&ns__t=1674080737267&ns_c=UTF-8&c7=https%3A%2F%2Fwww.mlive.com%2F&c8=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&c9=
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-7.fra53.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:37 GMT
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: eW7MroHGxMwS5qJv86O4DadoUE1PKpln_xM9H4izLkmkcZCmhWK6xg==
x-cache: Miss from cloudfront

GET
H2 200 10071-pbjs-floors.json Show response
ads.rubiconproject.com/floors/ 50 KB
6 KB 58ms
21ms XHR
application/json 23.64.52.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/floors/10071-pbjs-floors.json
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-64-52-128.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c70fab6c27edae5d86abd9e1b56fea9d725433e5b2b36ec752b32001111be1f9

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 18 Jan 2023 22:25:37 GMT
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 21:41:00 GMT
server: Apache
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1500
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 5595

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1674080737297&se=e30&duid=94c49eadf2ac--01gq3fsp0f0dtsjw30wh60wpvt&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid
https://rp4.liadm.com/j?dtstmp=1674080737297&se=e30&duid=94c49eadf2ac--01gq3fsp0f0dtsjw30wh60wpvt&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid&i6=MmEwMjo2ZWEwOmM3MWI6MDoxMDEyOjcxMjc6MjMyZjo0YmE0&n3...

42 B
580 B

584ms
99ms

XHR
application/json

18.207.63.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1674080737297&se=e30&duid=94c49eadf2ac--01gq3fsp0f0dtsjw30wh60wpvt&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid&i6=MmEwMjo2ZWEwOmM3MWI6MDoxMDEyOjcxMjc6MjMyZjo0YmE0&n3pc=true

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Server

18.207.63.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-207-63-238.compute-1.amazonaws.com

Software

Resource Hash

5ce8647c88445649306948bab16764727ad0866a64fc66202b97b88176272628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:38 GMT
x-pixel-event-id: a744ad23-55ea-4743-9c7a-01918ec5f5b0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: e644c7804e2622c6
content-length: 42
x-xss-protection: 1; mode=block

Redirect headers

date: Wed, 18 Jan 2023 22:25:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1674080737297&se=e30&duid=94c49eadf2ac--01gq3fsp0f0dtsjw30wh60wpvt&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid&i6=MmEwMjo2ZWEwOmM3MWI6MDoxMDEyOjcxMjc6MjMyZjo0YmE0&n3pc=true
access-control-allow-origin: https://www.mlive.com
request-time: 0
access-control-allow-credentials: true
trace-id: 3b33ab9dc4624d95
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
531 B 154ms
47ms XHR
application/json 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3447a2bf760509a1118868e2eeda668f002a58b1cddceb4ad168931cbce1afb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 18 Jan 2023 22:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.mlive.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94
x-xss-protection: 0

GET
H2 200 120978121945017 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/120978121945017?v=2.9.92&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

06ba300db1ce1eda31c9b51ae06a81186e0ead7f278a60f45e1baead6f81a3d5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 18 Jan 2023 22:25:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110672
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: HVmn94sJxHCaNwQvqty5oW1eNAvR3eHQFV2rjxviKMRdCiPH70CZih+CLvomCDD9cz0maSUYy/9Hn93EaBOn/g==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 36ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GG8B674XK4&gtm=2oe1a1&_p=303086061&cid=2107839299.1674080737&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&sid=1674080737&sct=1&seg=0&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&en=page_view&_fv=1&_nsi=1&_ss=1&ep.headline=undefined&ep.author=undefined&ep.entry_id=undefined&ep.page_type=homepage&ep.product=homepage-beta&ep.platform=desktop&ep.page_path=%2F&ep.user_subscription_status=undefined&ep.ab_test_group_user=sub-group-b&ep.search_term=undefined&ep.targeting_codes=undefined&ep.targeting_codes2=undefined&ep.targeting_codes3=undefined&ep.targeting_codes4=undefined&ep.targeting_codes5=undefined&ep.targeting_codes6=undefined&ep.entry_tags=undefined&ep.referring_subdomain=undefined&ep.browser_cookie_region=undefined&epn.monthly_visit_number=1&ep.content_region=undefined&ep.content_topics=undefined&ep.blog_category=undefined&ep.section=Home%20Page&ep.article_date_original=undefined&ep.article_date_updated=undefined&ep.entity_type=undefined&ep.entity_value=undefined&ep.auxiliaries=undefined&ep.gigya_user_id=undefined&ep.usprivacy_cookie=undefined&ep.userid_flag=false
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GG8B674XK4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
vtrk.doubleverify.com/ 0
182 B 164ms
31ms Ping
text/plain 108.128.47.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=e6e70c50-d33e-47e6-9225-31dd55a94ddc&z=73025084026&ctx=20823471&cd160=6f5bc490-40eb-4bdf-8d7b-0a014bb02811&cd161=https%3A%2F%2Fwww.mlive.com%2F&ea=load-pq&cd180=network&cm180=65&cm181=30&cm182=6&cm183=10&cm184=17&cm185=2&cm186=317&cmp=DV460143
Requested by: Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.47.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-47-128.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: https://www.mlive.com
date: Wed, 18 Jan 2023 22:25:37 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 53 KB
17 KB 160ms
18ms Script
application/javascript 104.87.141.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.87.141.138 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-87-141-138.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:37 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 18:14:48 GMT
server: Apache
etag: "d4ed-5eaee7c12df48-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17131
expires: Wed, 18 Jan 2023 22:40:37 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 32 KB
10 KB 8ms
7ms Script
text/javascript 18.66.97.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 08:18:13 GMT
content-encoding: gzip
via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 50845
x-amz-server-side-encryption: AES256
etag: W/"322a4a4dadec5839e9040f77edf9282d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: hTCsD-MS_YroLrjG0ThrrTEfSLf-807uQPL17yB_BllDIkPZ5yGCOg==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 57 KB
17 KB 45ms
16ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: 8ZJ41Z1X8GC11JVB
age: 88
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 78babf60ada42c37-FRA
x-amz-id-2: qf+7n9O1Ha3wagFKbFuKhjb2T1j08zmuxNlglyQ+tOzOF7yBMKVsQHAGDzfqzBl8sZOsNFK3lYc=

POST
H3 200 v2smywviGzX3wv10ilWZG-JbGdUvbOC1nCEMGb_7TK8p0g4cX11jGMlrES3b5N6xWH9zfvKh_ Show response
satisfycork.com/ 191 B
218 B 48ms
25ms Fetch
application/json 2600:1901:0:328a::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://satisfycork.com/v2smywviGzX3wv10ilWZG-JbGdUvbOC1nCEMGb_7TK8p0g4cX11jGMlrES3b5N6xWH9zfvKh_

Requested by

Host: satisfycork.com
URL: https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

6e317522922924357c7f726715910de5484ec940bd35f8600751818cb3fbfbf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Wed, 18 Jan 2023 22:25:37 GMT
via: 1.1 google
x-buildnumber: 718439402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
x-hostname: fen-hoothoot-europe-west1-spot-r9p8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Wed, 18 Jan 2023 22:25:36 GMT

GET
H2 200 style
accounts.google.com/gsi/ 533 B
585 B 224ms
224ms Stylesheet
text/css 2a00:1450:400d:80a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200d , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yk4oi8lLUKqW5I5CsDonBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-yk4oi8lLUKqW5I5CsDonBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Wed, 18 Jan 2023 22:25:37 GMT

GET
H2 200 status Show response
accounts.google.com/gsi/ 40 B
526 B 70ms
69ms XHR
application/json 2a00:1450:400d:80a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=339703812340-kido2ms26ssegr4jpn27vo7ro7hgkjme.apps.googleusercontent.com&as=KFxn33Oi3UbvmYfCzYvvbQ

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200d , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f9222255c3260687d32abe32d74bb45500265a88b6caf2e2ef5991c533902077

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pZfeYxN_HrPv9KZZ9-DcxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-pZfeYxN_HrPv9KZZ9-DcxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/ff2abdb3-041c-409c-8bea-2a017f6e523b/ 82 KB
18 KB 22ms
22ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/ff2abdb3-041c-409c-8bea-2a017f6e523b/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a1e5d9e26a665a689463fc717c0ec3b95359a2d2d9c14bb1d5bb4ea657ea6e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 18 Jan 2023 22:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jTbyPEJB+DhpFyttDKEeaQ==
age: 8309
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 17871
x-ms-lease-status: unlocked
last-modified: Mon, 09 Jan 2023 18:18:18 GMT
server: cloudflare
etag: 0x8DAF26DE2082E36
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6a3896a9-301e-0099-0256-245724000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 78babf60c8982c22-FRA
expires: Thu, 19 Jan 2023 22:25:37 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3252378/domain/mlive.com/ 36 B
376 B 160ms
52ms XHR
application/json 2600:9000:2304:4200:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3252378/domain/mlive.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:4200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 21:56:08 GMT
content-encoding: gzip
via: 1.1 581d2b2095e9ae9fc9bd8c38d2258832.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
age: 1769
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: dZuB1v-cnArR5_E_YoaECd0AKxZVqYABpTZj063AefsTO-X_18_ZUA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1674080737412&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3252378%26time%3D1674080737412%26url%3Dhttps%253A%252F%252Fwww.mlive.com%252F%26t...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1674080737412&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1674080737412&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQJO4YyzZwIYwwAAAYXG_NogMTc1H0hSOPnv379Ftlw-xOs1MOuykro...

0
267 B

484ms
102ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1674080737412&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQJO4YyzZwIYwwAAAYXG_NogMTc1H0hSOPnv379Ftlw-xOs1MOuykroz8BuK1JjqN4XLfMcM33R_9Qh4XptdBaKvkXi1Pw
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:38 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 7BB6AD43F4DE4F7C8CFDA2D4553C37AC Ref B: FRAEDGE2008 Ref C: 2023-01-18T22:25:38Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXykUu7X+dYKW7DRqDefQ==

Redirect headers

date: Wed, 18 Jan 2023 22:25:37 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 1C2E088902194ADDB552AE8F6ACC27A8 Ref B: FRAEDGE2013 Ref C: 2023-01-18T22:25:37Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1674080737412&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQJO4YyzZwIYwwAAAYXG_NogMTc1H0hSOPnv379Ftlw-xOs1MOuykroz8BuK1JjqN4XLfMcM33R_9Qh4XptdBaKvkXi1Pw
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXykUuz94JiE0AVNZfoAQ==

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 1022ms
99ms Image
image/gif 3.217.241.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sec=Home%20Page&prem=0&ptype=homepage&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=d16ce55b-6242-4c12-a7bf-3f5e0122076f&pid=4b7bbd1a-87c5-40c3-98c0-069ec739c130&dtm=1674080737425&qnm=_matherq&visible=1&tabid=352e4151-74be-4fc7-9be3-5204e7e4b557&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x12106&tofa=1674080737&vid=1&lvidt=1674080737&duid=7a9e080fcbe1b501&fp=1279215348&cid=ma63527&mrk=484602605&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY3NDA4MDczMzUzMSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxNy4xbWIiLCJoZWFwVCI6IjI2bWIiLCJmc3RQYWludCI6IjMwNzUiLCJmZXRjaFMiOiIxNjQ1IiwiZG9tYWluUyI6IjE2NDciLCJkb21haW5FIjoiMTgzOSIsImNvbm5TIjoiMTgzOSIsImNvbm5FIjoiMTk0NCIsInNzbFMiOiIxODY3IiwicmVxdVMiOiIxOTQ0IiwicmVzcFMiOiIyOTAyIiwicmVzcEUiOiIzMDgxIiwiZG9tTG9hZCI6IjI5MTIiLCJkb21JbnRlciI6IjMxMTUiLCJkb21Mb2FkUyI6IjMyOTgiLCJkb21Mb2FkRSI6IjM0NTcifSwiaWRlbnRpdGllcyI6W3sidHlwZSI6ImdhIiwiaWQiOiIyMTA3ODM5Mjk5IiwicmVmVGltZSI6IjE2NzQwODA3Mzc0MjUifV0sInVzZXJEYXRhIjp7ImlzTG9jYWwiOiIwIn19
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.241.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-241-65.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Wed, 18 Jan 2023 22:25:38 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 t Show response
jadserve.postrelease.com/ 4 KB
2 KB 330ms
116ms Script
text/javascript 54.163.174.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.mlive.com%2F&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.174.71 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-174-71.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 43683fc0457ca515c260b46888c8c3f74b77eb99a63d1d06df070f0f85e066d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:37 GMT
content-encoding: gzip
server: nginx/1.12.2
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 1435
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
375 B 156ms
114ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=c29d4663-f619-45ee-9365-c39dd614c887&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=1dc2cc21-b952-4e5b-8cf9-a66b9d79e031&tw_document_href=https%3A%2F%2Fwww.mlive.com%2F&tw_iframe_status=0&txn_id=o8yo8&type=javascript&version=2.3.29

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-response-time: 106
date: Wed, 18 Jan 2023 22:25:36 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 5103cca9f79ff221
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: a7a63885d02a2f4a00535b4eeadb5738b199070c350f832d66312e61030863ce
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
725 B 224ms
118ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=c29d4663-f619-45ee-9365-c39dd614c887&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=1dc2cc21-b952-4e5b-8cf9-a66b9d79e031&tw_document_href=https%3A%2F%2Fwww.mlive.com%2F&tw_iframe_status=0&txn_id=o8yo8&type=javascript&version=2.3.29

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-response-time: 110
date: Wed, 18 Jan 2023 22:25:36 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 9a9630290d35faca
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 7f1fbef6ff5bada9e3caf6f3585ec2dbe47582c55fad2e8140a799031c55d910
content-length: 43

POST
H2 200 publisher:getClientId Show response
ampcid.google.nl/v1/ 3 B
460 B 153ms
46ms XHR
application/json 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.nl/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 18 Jan 2023 22:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.mlive.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

POST
H2 204 /
vtrk.doubleverify.com/ 0
181 B 32ms
31ms Ping
text/plain 108.128.47.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=e6e70c50-d33e-47e6-9225-31dd55a94ddc&z=656233694752&ctx=20823471&cd160=37d45d73-d05f-47d7-9df8-35b49db56103&cd161=https%3A%2F%2Fwww.mlive.com%2F&ea=error&cd110=unknown%20error&cmp=DV460143
Requested by: Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.47.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-47-128.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: https://www.mlive.com
date: Wed, 18 Jan 2023 22:25:37 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
260 B 168ms
32ms Image
image/gif 63.34.81.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1674080737533&plid=84304821&idsite=mlive.com&url=https%3A%2F%2Fwww.mlive.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.mlive.com%2F&sref=&sts=1674080737529&slts=0&title=Michigan+Local+News%2C+Breaking+News%2C+Sports+%26amp%3B+Weather&date=Wed+Jan+18+2023+22%3A25%3A37+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=83941478&u=pid%3D237bd86b823889b203761f5456d8c4fb
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 22:25:37 GMT
Cache-Control: no-cache
Last-Modified: Wednesday, 18-Jan-2023 22:25:37 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 64 B
503 B 131ms
76ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3178&u=https%3A%2F%2Fwww.mlive.com%2F&pid=PLafSZsTgevFQ&cb=0&ws=1600x1200&v=23.112.1442&t=1500&slots=%5B%7B%22sd%22%3A%22ad-small-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22Advance_MI_BTF_DESKTOP%22%7D%2C%7B%22sd%22%3A%22ad-small-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22Advance_MI_BTF_DESKTOP%22%7D%2C%7B%22sd%22%3A%22ad-large-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22Advance_MI_BTF_DESKTOP%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-210.vie50.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:37 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6183f44271d091c21804d467f8a4ce20.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: N1S37HTT0KZ12J4NJGJ3
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.mlive.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: u2fMV6Vz-5vtUy8uS2fvhky9GdHMenqugH4Mg7PxVeWC2WrD_Z43GA==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 45ms
20ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.mlive.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 40ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.mlive.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
602 B 52ms
52ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0867a7530d60d439855bb961063f655d9e8fca705f398a9c4a2b81063463e61e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 572
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1816 6 KB
3 KB 116ms
41ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 22:25:37 GMT
expires: Thu, 18 Jan 2024 22:25:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202210.1.0/assets/ 13 KB
3 KB 18ms
17ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 18 Jan 2023 22:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JuDKxv1jf1Hw0JXasvCaSg==
age: 47033
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3007
x-ms-lease-status: unlocked
last-modified: Fri, 16 Dec 2022 04:11:35 GMT
server: cloudflare
etag: 0x8DADF1B9F221620
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 3edf7035-101e-00e8-046a-11251d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 78babf620a2c2c22-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202210.1.0/assets/ 62 KB
15 KB 19ms
19ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cef181b89850405f733232c050e35b633a648eacee98005f2663b481ac3b0db4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 18 Jan 2023 22:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /7imwDAj2tnNrmXTQyqG0A==
age: 47033
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 14749
x-ms-lease-status: unlocked
last-modified: Fri, 16 Dec 2022 04:11:35 GMT
server: cloudflare
etag: 0x8DADF1B9F855CD4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: b4c4c484-601e-016b-0f6a-11c3e5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 78babf620a2e2c22-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202210.1.0/assets/ 21 KB
4 KB 20ms
20ms Fetch
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

087d847ee64707e372f572145600ecbcb13f2dd2382fd8962326f2fed03dd85d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 18 Jan 2023 22:25:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oQsmwuIlJWH4cKDxpI1ltA==
age: 53228
x-ms-lease-status: unlocked
last-modified: Fri, 16 Dec 2022 04:11:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: d9fc7188-301e-001a-016a-11f789000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 78babf620a2f2c22-FRA

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
332 B 32ms
32ms XHR
application/json 52.48.35.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.35.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-35-78.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 00b06716521cdf06825e2c3edd34c32c664661fbaee522c0ad506d974f9f0b37

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:37 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache
x-server: 10.45.18.61
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H3 200 230823541501762 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/230823541501762?v=2.9.92&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

36bbec4886122176fb7105cd5dd8153d3766a354ee787b4b22f5b2921f9c6cf4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 18 Jan 2023 22:25:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110225
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ouOxVyNNuQzVdT+sjCs/+5cXf9yL7JjggmxgWpGIl9uJAdwoFaYo4+vtLW0gOHp10m5jg33mIQXsgnmhe0jiZw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
400 B 40ms
8ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

22afd8288717673f7b21225452c34fb4dfb8c7d15ea0936b4c3cf210470c7123

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mlive.com
date: Wed, 18 Jan 2023 22:25:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 74 B
248 B 39ms
8ms XHR
application/json 2001:41d0:701:1000::96f
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::96f , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: b924bd97343b560ecbbcdf08003f8eca672d7ee71680eb7b839b0e142582f1af

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mlive.com
date: Wed, 18 Jan 2023 22:25:37 GMT
content-length: 74
vary: Origin
content-type: application/json

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
599 B 618ms
27ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU211111
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d6b826ecfbe80a7e2c69ac97f8f1e36bfa71a45e5bd3616ec49f45f4f4744f79

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:38 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.mlive.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Wed, 18 Jan 2023 22:25:38 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 613 B
2 KB 942ms
355ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10071&site_id=311380&zone_id=1580874%3B1580870%3B1580874&size_id=15&eid_pubcid.org=bdf46d5a-2aec-4386-88b0-d846aef35357%5E1&rf=https%3A%2F%2Fwww.mlive.com%2F&tg_i.aupname=344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Right%2Crg_platform%3Ddesktop%3B344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Left%2Crg_platform%3Ddesktop%3B344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Right%2Crg_platform%3Ddesktop&tg_i.pbadslot=344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-2%3B344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-1%3B344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-large-1&tk_flint=dmpbjs_v7.22.0&x_source.tid=724945f4-53a9-47c9-ae5a-fdd6be4870cf%3B7480620d-c89e-4229-b05a-b41c2e2a3e61%3Bec0cd41a-b19b-473f-b66b-c07435976fcb&l_pb_bid_id=68ef2fc29c6e85%3B775761f8fe5da2%3B886b51afa6309&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.22%3B0.21%3B0.47&rp_maxbids=1&p_gpid=344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-2%3B344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-1%3B344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-large-1&slots=3&rand=0.9441781824448301
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 26bebac177d0f98a8e8db5c4a9e44e7423b5fac37929bb5e2c98d930e3c6d9d8

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:38 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.mlive.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
568 B 609ms
35ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=488240&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2297c8c5b1e9e4f5%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.mlive.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%227.22.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.mlive.com%2F%22%2C%22tmax%22%3A1000%2C%22syncsPerBidder%22%3A3%2C%22pbadslot%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-large-1%22%2C%22adunitcode%22%3A%22ad-large-1%22%2C%22divId%22%3A%22ad-large-1%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221044582d7cc2233%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22488240%22%2C%22fl%22%3A%22p%22%2C%22bidfloor%22%3A0.22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%22%2C%22gpid%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-2%22%2C%22tid%22%3A%22724945f4-53a9-47c9-ae5a-fdd6be4870cf%22%7D%2C%22bidfloor%22%3A0.22%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%2211d40e5fd9b46b8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22488238%22%2C%22fl%22%3A%22p%22%2C%22bidfloor%22%3A0.21%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%22%2C%22gpid%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-1%22%2C%22tid%22%3A%227480620d-c89e-4229-b05a-b41c2e2a3e61%22%7D%2C%22bidfloor%22%3A0.21%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%221270cdfbc13782f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22488240%22%2C%22fl%22%3A%22p%22%2C%22bidfloor%22%3A0.47%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%22%2C%22gpid%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-large-1%22%2C%22tid%22%3A%22ec0cd41a-b19b-473f-b66b-c07435976fcb%22%7D%2C%22bidfloor%22%3A0.47%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%226e88e945-2f0e-440a-b065-e54d7fa4fb43%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22bdf46d5a-2aec-4386-88b0-d846aef35357%22%7D%5D%7D%5D%7D%7D
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ba38abe8b1e801c913c77ca9f89d8f058b0a2ed431fa3f0c1ad4ec874a9eab

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvmZyYcaYg%2FqUPXKrHLrRM5tRUGNGinX46YNgSt7mv%2FcnqQPTvixZGSAYmThDCPagrn1OnqSAVWF3O7AbqSG68VDmNkucGp9%2BV0xRN4t3ZW4pEY8UGm1UvZb%2BtgFa5v%2BMjTKlOWV"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 78babf660cba2ba3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

GET
H2 200 prebid Show response
exchange.postrelease.com/ 0
392 B 683ms
104ms XHR
application/json 54.156.182.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.postrelease.com/prebid?ntv_ptd=1134022,1134019&ntv_pas=eyIxMTM0MDE5IjpbWzMwMCwyNTBdXSwiMTEzNDAyMiI6W1szMDAsMjUwXV0sImxlbmd0aCI6Mn0=&ntv_ppf=eyJhZC1zbWFsbC0yIjp7ImJhbm5lciI6eyIzMDB4MjUwIjowLjIyLCIqIjowLjIyfSwiKiI6eyIqIjowLjIsIjMwMHgyNTAiOjAuMn19LCJhZC1zbWFsbC0xIjp7ImJhbm5lciI6eyIzMDB4MjUwIjowLjIxLCIqIjowLjIxfSwiKiI6eyIqIjowLjIsIjMwMHgyNTAiOjAuMn19LCJhZC1sYXJnZS0xIjp7ImJhbm5lciI6eyIzMDB4MjUwIjowLjQ3LCIqIjowLjQ3fSwiKiI6eyIqIjowLjIsIjMwMHgyNTAiOjAuMn19fQ==&ntv_pb_rid=13de4be4f510252&ntv_ppc=W3siYWRVbml0Q29kZSI6ImFkLXNtYWxsLTIiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXV19fX0seyJhZFVuaXRDb2RlIjoiYWQtc21hbGwtMSIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdXX19fSx7ImFkVW5pdENvZGUiOiJhZC1sYXJnZS0xIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF1dfX19XQ==&ntv_dbr=eyJhZC1zbWFsbC0yIjowLCJhZC1zbWFsbC0xIjowLCJhZC1sYXJnZS0xIjowfQ==&ntv_url=https%3A%2F%2Fwww.mlive.com%2F
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.182.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-182-228.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:38 GMT
content-encoding: gzip
server: nginx/1.12.2
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.mlive.com
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-length: 20
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 693ms
118ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mlive.com
date: Wed, 18 Jan 2023 22:25:37 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 664 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/ 171 KB
32 KB 630ms
630ms XHR
application/json 52.84.106.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://h312.mlive.com/DG/DEFAULT/rest/rpc/664?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-01-18T22%3A25%3A37%2B00%3A00&ts=1674080737681

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.106.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-106-104.bud50.r.cloudfront.net

Software

- /

Resource Hash

bdbc9c9149e3f7fe9e6ab1e9065bedba42a1216ca492bf2e875dbba4d7517f85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 18 Jan 2023 22:25:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d84412fe91532b74b0fb5833b7857e00.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: BUD50-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 31663
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: pGIeOjSRby3s9zNaO82DIonPp49wfU6RGmu7S0lXakMqlOX21hIPNA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 15ms
14ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=303086061&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAQCACgFK~&jid=1613339008&gjid=314918650&cid=2107839299.1674080737&tid=UA-16643585-16&_gid=11235872.1674080738&_r=1&_slc=1&gtm=2wg1a1TLXFLCR&cd1=undefined&cd2=undefined&cd3=undefined&cd6=undefined&cd11=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd46=homepage-beta&cd47=desktop&cd50=GA%20pageview%20-%20template%20-%20All%20Pages&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=undefined&cd62=undefined&cd63=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-b&cd61=2107839299.1674080737&z=622990724

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tp2 Show response
collector2.sophi.io/com.snowplowanalytics.snowplow/ 2 B
221 B 97ms
97ms XHR
text/plain 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.mlive.com
date: Wed, 18 Jan 2023 22:25:37 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

POST
H/1.1 200 392.json Show response
id5-sync.com/g/v2/ 216 B
623 B 528ms
8ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/392.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

d4437d3ca3c647274d2780d93f1a27a6a408e19602ff2e0c14df6e15f3b48a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mlive.com
date: Wed, 18 Jan 2023 22:25:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 523ms
10ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=120978121945017&ev=PageView&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1674080737738&sw=1600&sh=1200&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1674080737736.97167446&it=1674080737315&coo=false&rqm=GET

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 18 Jan 2023 22:25:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 523ms
11ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=230823541501762&ev=PageView&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1674080737739&sw=1600&sh=1200&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1674080737736.97167446&it=1674080737315&coo=false&rqm=GET

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 18 Jan 2023 22:25:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 524ms
11ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=120978121945017&ev=ViewContent&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1674080737740&cd[article_content_tier]=free&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=undefined&cd[content_type]=homepage&cd[content_category]=Home%20Page&cd[content_name]=undefined&sw=1600&sh=1200&v=2.9.92&r=stable&ec=1&o=30&fbp=fb.1.1674080737736.97167446&it=1674080737315&coo=false&tm=1&rqm=GET

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 18 Jan 2023 22:25:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 524ms
12ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=230823541501762&ev=ViewContent&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1674080737741&cd[article_content_tier]=free&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=undefined&cd[content_type]=homepage&cd[content_category]=Home%20Page&cd[content_name]=undefined&sw=1600&sh=1200&v=2.9.92&r=stable&ec=1&o=30&fbp=fb.1.1674080737736.97167446&it=1674080737315&coo=false&tm=1&rqm=GET

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 18 Jan 2023 22:25:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 FormLogo.jpg
cdn.cookielaw.org/logos/57316691-7a35-4427-b868-f6c059de9bc0/9db7a06a-4f0a-4b5b-8abb-9f3aac23afb7/f8bc963b-b2e8-45f7-80d3-988cede5f448/ 89 KB
89 KB 18ms
17ms Image
image/jpeg 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/57316691-7a35-4427-b868-f6c059de9bc0/9db7a06a-4f0a-4b5b-8abb-9f3aac23afb7/f8bc963b-b2e8-45f7-80d3-988cede5f448/FormLogo.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abb22177c1f36f82f451ba3b46fd96e4bc0f5b5ad510b15b4d5ec37fc1e9b7f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 18 Jan 2023 22:25:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /VgjLzERih8MeSo4vme4Lw==
age: 64867
content-length: 90639
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Tue, 15 Dec 2020 19:27:11 GMT
server: cloudflare
etag: 0x8D8A12F6B751639
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: c4ce03f6-a01e-011b-01d2-21b021000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 78babf631ddf2c71-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 25ms
25ms Image
image/svg+xml 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 18 Jan 2023 22:25:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 68709
x-ms-lease-status: unlocked
last-modified: Tue, 17 Jan 2023 03:30:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: a782e481-301e-011e-7dd9-2a445e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 78babf631de12c71-FRA

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 51 B
323 B 527ms
47ms XHR
application/json 2a02:26f0:f700:49c::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ&d=www.mlive.com&t=5580269&v=1.720.0&sl=0&si=5d0ea5bd-277a-4128-a286-076e99e10f9b-ropcym&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=468260
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:f700:49c::11a6 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 28445ab5a58bac3609ddba4d1200c1797a766b538fd6b0bdb0926fbe386f327c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 18 Jan 2023 22:25:38 GMT
Cache-Control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 51
Content-Type: application/json

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 104ms
103ms Image
image/gif 54.163.174.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=1982139&ntv_pl=773533
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.174.71 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-174-71.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:37 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 122ms
120ms Image
image/gif 54.163.174.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=2ee01261-7f95-48af-bc24-3ff25fe519b2&ntv_fl=MMTdWyeJBcdLcDTtFfyiRIW1J4RFfT92NPEX72OFNwaxQry19iL5K4W8gkAadol6BOhwEKBF-N1JZVCwI8LcHfX49UaEqy6EWr1ZEQvgetPJ_4i0YbkWOQtPMuOYfBM_Idk8iGhO0I-6-TBFAXaabRflBW55sSDgrRYRZKsrv2BdxCXe5_T-v-HUidlDPbPg&ntv_ht=4XHIYwA&ntv_at=303,302&ntv_a=AAAAAAAAAAnc0LA&ord=1674080737786&ntv_it
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.174.71 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-174-71.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:37 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 115ms
112ms Image
image/gif 54.163.174.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=a310853d-1a34-4753-aa30-90654669c600&ntv_fl=wklKktgzCnjHRw7QsGHOxzNhXSYYdxQ6qfiLggX0SK5ukeIoogCCTzgMXgZ-HD4JH6IAGBEUWAISqwZX4wSR-CIB8eSpRa1-2IIf-5zWRdM5NklrKpJfKvGqxk_1eDPu_xa8hgAAOPEYpw7qr1k2RezVxTnq_d91DEYYNSvYuIdR2ez0Dg1yhxAnAAdeqoa9&ntv_ht=4XHIYwA&ntv_at=303&ntv_a=AAAAAAAAAAUr0QA&ord=1674080737788&ntv_it
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.174.71 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-174-71.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:37 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 112ms
110ms Image
image/gif 54.163.174.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=a84cab46-5b6f-4805-a510-3b286e366c56&ntv_fl=No53AUp_qTJmWJYNLYz3zDH7Dla8D2Bigrcdt2SscM1HQC-a3AyeBKxqojdgIF7EPVfe75AhooBLaTfaFKXx1to1iF9ITKeHsa2M92HlqlAu_He4dwlIuy2GcOv_Geo9Jq_Fvgacj7q19YZqfDEQFYT7oqqERsHu93eiK1QmDAHgMzSN87P8BSH3zSjbmC3F&ntv_ht=4XHIYwA&ntv_at=303&ntv_a=AAAAAAAAAAU70QA&ord=1674080737788&ntv_it
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.174.71 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-174-71.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:37 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 106ms
104ms Image
image/gif 54.163.174.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=1a3c06bb-590b-4236-92cf-7b36ca223c62&ntv_fl=miNEdYZhkQ016qn5OkGErteWbVfee99L6iQoR7ftguSZJQ6gqBdmWJIK2jY3sUwSq0x1A8WUiPVvjDIWYo1q0kWjxFJ62xU0FtmGsrrSXTdxA44TmcVhYHnsa8XQNwvTYvJPmmU767Ii9oLX4FpDwToJfgLsecRZwtGNBl84aOhYnHz60YmrAXM_Up3_wPac&ntv_ht=4XHIYwA&ntv_at=303&ntv_a=AAAAAAAAAAVL0QA&ord=1674080737788&ntv_it
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.174.71 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-174-71.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:37 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
427 B 105ms
104ms Image
image/gif 54.163.174.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1097042&ntv_gdpr_consent=&ntv_it
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.174.71 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-174-71.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:37 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 22ms
21ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.mlive.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.mlive.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 831 B
390 B 312ms
312ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dcf011ca851691e20980358301bebb1cc51e129372ba77477958f28caf154a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 359
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 3723 Show response
idx.liadm.com/idex/prebid/ 0
312 B 319ms
103ms XHR
text/plain 44.195.15.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/prebid/3723?duid=94c49eadf2ac--01gq3fsp0f0dtsjw30wh60wpvt&resolve=nonId

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.195.15.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-195-15-34.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mlive.com
date: Wed, 18 Jan 2023 22:25:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
trace-id: ba9c9dbf3ace1596
vary: Origin
request-time: 3

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 25ms
12ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=120978121945017&ev=Microdata&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1674080738240&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22og%3Adescription%22%3A%22Get%20the%20latest%20Michigan%20Local%20News%2C%20Sports%20News%20%26amp%3B%20US%20breaking%20News.%20View%20daily%20MI%20weather%20updates%2C%20watch%20videos%20and%20photos%2C%20join%20the%20discussion%20in%20forums.%20Find%20more%20news%20articles%20and%20stories%20online%20at%20MLive.com%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fmedia.mlive.com%2Fstatic%2Fmlive%2Fstatic%2Fimg%2Flogos%2Flogo_fb.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22og%3Asite_name%22%3A%22mlive%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22headline%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22url%22%3A%22https%3A%2F%2Fwww.mlive.com%22%7D%5D&sw=1600&sh=1200&v=2.9.92&r=stable&ec=2&o=30&fbp=fb.1.1674080737736.97167446&it=1674080737315&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 18 Jan 2023 22:25:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H2 200 tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame 0
0 97ms
97ms Preflight 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.mlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.mlive.com
access-control-max-age: 600
content-length: 0
date: Wed, 18 Jan 2023 22:25:37 GMT
server: nginx

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 18ms
12ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=230823541501762&ev=Microdata&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1674080738248&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22og%3Adescription%22%3A%22Get%20the%20latest%20Michigan%20Local%20News%2C%20Sports%20News%20%26amp%3B%20US%20breaking%20News.%20View%20daily%20MI%20weather%20updates%2C%20watch%20videos%20and%20photos%2C%20join%20the%20discussion%20in%20forums.%20Find%20more%20news%20articles%20and%20stories%20online%20at%20MLive.com%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fmedia.mlive.com%2Fstatic%2Fmlive%2Fstatic%2Fimg%2Flogos%2Flogo_fb.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22og%3Asite_name%22%3A%22mlive%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22headline%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22url%22%3A%22https%3A%2F%2Fwww.mlive.com%22%7D%5D&sw=1600&sh=1200&v=2.9.92&r=stable&ec=2&o=30&fbp=fb.1.1674080737736.97167446&it=1674080737315&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 18 Jan 2023 22:25:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
438 B 62ms
18ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-16643585-16&cid=2107839299.1674080737&jid=1613339008&gjid=314918650&_gid=11235872.1674080738&_u=aADAAEAAAAQCACgFK~&z=1891283716

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 18 Jan 2023 22:25:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=303086061&t=event&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ad&ea=opportunity&el=nativo&ev=0&_u=aDDAAEABAAQCACgFK~&jid=&gjid=&cid=2107839299.1674080737&tid=UA-16643585-16&_gid=11235872.1674080738&gtm=2wg1a1TLXFLCR&cd1=undefined&cd2=1---&cd3=undefined&cd6=&cd11=&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd46=homepage-beta&cd47=desktop&cd50=GA%20-%20event%20call&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=&cd62=undefined&cd63=&cd64=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-b&cd61=2107839299.1674080737&cd98=undefined&z=1374206245

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 18:07:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15487
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 334187333a7bc057ede431a7d2154a57 Show response
h312.mlive.com/plugin/plugin/ 137 KB
37 KB 43ms
43ms Script
text/javascript 52.84.106.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://h312.mlive.com/plugin/plugin/334187333a7bc057ede431a7d2154a57

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.106.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-106-104.bud50.r.cloudfront.net

Software

- /

Resource Hash

4e01dd4ead8cd99388fcdef83de1572f169d9ea3f819d3e39899802537c6a05f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 14:41:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d84412fe91532b74b0fb5833b7857e00.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: BUD50-C1
age: 114226
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 37289
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Jan 2023 14:41:52 GMT
server: -
etag: 334187333a7bc057ede431a7d2154a57
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: U9iGejqL_NdQac9M-NWtZ9iiCPhcW3OoJqmiigKVMlvtnzIppNkyLg==
expires: Wed, 17 Jan 2024 14:41:52 GMT

POST
H2 200 LB-Zone-1 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/664/ 354 B
1016 B 521ms
520ms XHR
application/json 52.84.106.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://h312.mlive.com/DG/DEFAULT/rest/rpc/664/LB-Zone-1?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=5bbf8ade-d825-43e7-b29e-2dbac590e831&overruleReferrer=&time=2023-01-18T22%3A25%3A38%2B00%3A00&ts=1674080738379

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.106.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-106-104.bud50.r.cloudfront.net

Software

- /

Resource Hash

60f7130abb4445a6591183982a56a41029d92d234bd3b3aa04bcf57a5ba288cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 18 Jan 2023 22:25:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d84412fe91532b74b0fb5833b7857e00.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: BUD50-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 232
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: AwpYsT1S0JlYNZ-y7KRoAIJUu3noS5bauY9gb2Qq68IIxY2jkDV_BQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK baker
ead.mlive.com/ 19 B
362 B 208ms
20ms Image
image/gif 104.87.139.186
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ead.mlive.com/baker?dtstmp=1674080738381
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.87.139.186 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-87-139-186.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Expires: Wed, 18 Jan 2023 22:25:38 GMT
Pragma: no-cache
Date: Wed, 18 Jan 2023 22:25:38 GMT
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 19
Content-Type: image/gif

POST
H2 200 tp2 Show response
collector2.sophi.io/com.snowplowanalytics.snowplow/ 2 B
221 B 97ms
97ms XHR
text/plain 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.mlive.com
date: Wed, 18 Jan 2023 22:25:38 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

OPTIONS
H2 200 tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame 0
0 97ms
97ms Preflight 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.mlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.mlive.com
access-control-max-age: 600
content-length: 0
date: Wed, 18 Jan 2023 22:25:38 GMT
server: nginx

GET
H2 200 bd65e69ffbdfd9d46cdc7453722522c6 Show response
h312.mlive.com/plugin/library/ 317 KB
100 KB 22ms
21ms Script
text/javascript 52.84.106.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://h312.mlive.com/plugin/library/bd65e69ffbdfd9d46cdc7453722522c6

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.106.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-106-104.bud50.r.cloudfront.net

Software

- /

Resource Hash

8b49445f4f8048df18ced0609d3287bc4cd8977b7a5dd972fe13d6ac98bfb710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 06:49:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d84412fe91532b74b0fb5833b7857e00.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: BUD50-C1
age: 1697795
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 102121
x-xss-protection: 1; mode=block
last-modified: Thu, 29 Dec 2022 06:49:03 GMT
server: -
etag: bd65e69ffbdfd9d46cdc7453722522c6
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: CeFxIVGeETZZnKjEPopd5xv0huNm8tqD9SdFWkFIWcysh-yhbqSstg==
expires: Sat, 30 Dec 2023 06:49:03 GMT

POST
H2 200 LB-Zone-1 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/664/ 4 KB
2 KB 468ms
468ms XHR
application/json 52.84.106.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.106.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-106-104.bud50.r.cloudfront.net

Software

- /

Resource Hash

5db8e0529ca8dfd0abc6a9c20f0ffd84986f4f41f12e4c8e7db6aa70b80b7fe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 18 Jan 2023 22:25:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d84412fe91532b74b0fb5833b7857e00.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: BUD50-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 1300
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: HguhvaXxxD1AGOvtWEYLm9cBOaKV2WBCCZJPd6XgNkZzKQrwFg0pGg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 82ms
18ms Image
image/gif 2.18.37.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ADVANCEDDIGITAL_HEADER1&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&t=1674080737186&de=584090078202&rx=637731665736&m=0&ar=67fa5e2a4e8-clean&iw=60394b0&q=1&cb=0&cu=1674080737186&ll=2&lm=0&ln=0&em=0&en=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=advanceddigitalheader640552616592&fd=1&it=500&ti=0&ih=2&pe=1%3A3075%3A3075%3A0%3A3115&fs=201243&na=1704799415&cs=0
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.37.133 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 Jan 2023 22:25:38 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 79ms
57ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d362717cb0e1cbb5e977beaccba5b8680654dfe136bdf00131f29d9751c31fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11030
x-xss-protection: 0

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 5FB7 0
182 B 115ms
29ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=4pdxx2d&ref=https%3A%2F%2Fwww.mlive.com%2F&upid=p5qqvcp&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Wed, 18 Jan 2023 22:25:38 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.mlive.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.mlive.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 54 KB
17 KB 380ms
379ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4198559088215165&correlator=1837784186882293&eid=31071151%2C31071579&output=ldjh&gdfp_req=1&vrg=2023011001&ptt=17&impl=fifs&us_privacy=1---&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3&prev_iu_szs=300x250%2C300x250%2C300x250&ifi=3&adks=1117919376%2C1117919391%2C3501067380&didk=2832267644~2832267645~3933728591&sfv=1-0-40&fsbs=1%2C1%2C1&prev_scp=rg_adslot%3DInFeed_Right%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3DMI-desktop-InFeed_Right%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3DMI-desktop-InFeed_Right-2%7Crg_adslot%3DInFeed_Left%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Left%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3DMI-desktop-InFeed_Left%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Left%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3DMI-desktop-InFeed_Left-2%7Crg_adslot%3DInFeed_Right%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D2%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3DMI-desktop-InFeed_Right%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3DMI-desktop-InFeed_Right-2&eri=1&cust_params=IDS%3Dtimeout%26BSC%3Dtimeout%26pts_pid%3De6e70c50-d33e-47e6-9225-31dd55a94ddc%26ccaud%3D0%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop&sc=1&cookie=ID%3D327f61d1e2eb0e92%3AT%3D1674080737%3AS%3DALNI_MYKiRl3-lt3A8HhORjMgsHybe-1HA&gpic=UID%3D00000ba4d1c01c20%3AT%3D1674080737%3ART%3D1674080737%3AS%3DALNI_MbzO31gmIiNsv_chjoWnVtHUdRZOA&abxe=1&dt=1674080738622&lmt=1674080736&dlt=1674080736443&idt=1065&adxs=1135%2C165%2C1135&adys=155%2C827%2C821&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.mlive.com%2F&frm=20&vis=1&psz=300x24%7C300x274%7C300x24&msz=300x24%7C300x274%7C300x24&fws=0%2C512%2C512&ohw=0%2C0%2C0&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tuRJQV3aL0wM5iAvTk_u1w1&ga_vid=2107839299.1674080737&ga_sid=1674080738&ga_hid=303086061&ga_fc=true&a3p=EhkKDGxpdmVyYW1wLmNvbRIAGLiy87fcMEgA

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebe3fa346cca3affecc85947d105b4c9f67f5ecbd9a7bf6d3319aa86407b0986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17742
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 288ms
267ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 Jan 2023 22:25:38 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 18ms
18ms Image
image/gif 2.18.37.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fwww.mlive.com%2F-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CY%24%3D!!taxWi~GGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-1cc31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-Y5zyVCAZgVLOGg%3D%3D&sc=1&os=1-gw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1674080737186&de=584090078202&rx=637731665736&cu=1674080737186&m=1410&ar=67fa5e2a4e8-clean&iw=60394b0&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11766&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A3075%3A3075%3A0%3A3115&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=201243&na=111650393&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.37.133 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 Jan 2023 22:25:38 GMT

GET
H2 200 cs Show response
advancelocal.blueconic.net/DG/DEFAULT/ 66 B
856 B 101ms
100ms Script
text/javascript 52.44.162.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://advancelocal.blueconic.net/DG/DEFAULT/cs?bcsessionid=5bbf8ade-d825-43e7-b29e-2dbac590e831&&callback=bc_json666

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.162.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-162-166.compute-1.amazonaws.com

Software

- /

Resource Hash

7d3072dabec7ea9545ff157bf53b0d80776c7a50eb9f1fdd4d01f56f6192ed93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 86
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 664 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/ 7 KB
4 KB 483ms
483ms XHR
application/json 52.84.106.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://h312.mlive.com/DG/DEFAULT/rest/rpc/664?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=5bbf8ade-d825-43e7-b29e-2dbac590e831&bctempid=&overruleReferrer=&time=2023-01-18T22%3A25%3A38%2B00%3A00&ts=1674080738943

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.106.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-106-104.bud50.r.cloudfront.net

Software

- /

Resource Hash

1907f0e1b743e9dd4c076f02a5c49551542cece568079dfa3ca172a25228dc5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d84412fe91532b74b0fb5833b7857e00.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: BUD50-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 3251
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: vIz6qQHm7iy74f4-1mrAPB3O7EVioysQazj7ympzTfgdtOQzHWlBDw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 predict Show response
h312.mlive.com/rest/custom/frontend/listener_realtime_model/ 2 B
896 B 350ms
349ms XHR
application/json 52.84.106.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://h312.mlive.com/rest/custom/frontend/listener_realtime_model/predict?itemId=93193c90-1299-460a-add2-602384af02fc&profileId=5bbf8ade-d825-43e7-b29e-2dbac590e831

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/plugin/plugin/334187333a7bc057ede431a7d2154a57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.106.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-106-104.bud50.r.cloudfront.net

Software

- /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
via: 1.1 d84412fe91532b74b0fb5833b7857e00.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: BUD50-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 2
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private, no-cache="Set-Cookie"
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: HiVx5VWoPqJO4cQORQv2pOYRLjnqa6dwLlluYdOIIcn_PxK2x-VYGg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 664 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/ 365 B
1 KB 478ms
478ms XHR
application/json 52.84.106.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.106.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-106-104.bud50.r.cloudfront.net

Software

- /

Resource Hash

b594baf900e9d89801ce1965465962b92fc4bbbd9de8c7c08f4914b17e48c975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d84412fe91532b74b0fb5833b7857e00.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: BUD50-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 174
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: w0WLW93rFd9gKzaIWFzEMkI1gHPuPVdKizCE4JpaMaSZif19vziMjA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 664 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/ 183 B
1 KB 489ms
488ms XHR
application/json 52.84.106.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.106.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-106-104.bud50.r.cloudfront.net

Software

- /

Resource Hash

b596bd647365fe7b8a70422d6b26449374fc6263b1e36e56c86cec3d1a5abc3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d84412fe91532b74b0fb5833b7857e00.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: BUD50-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 164
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: TnrnHXDRy5dyl51_Lmq_atAjkDJekEyWlDziAs02e_nPpruSIVy7Gg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=303086061&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Blueconic&ea=segments&_u=aDDAAEABAAQCACgFK~&jid=&gjid=&cid=2107839299.1674080737&tid=UA-16643585-16&_gid=11235872.1674080738&gtm=2wg1a1TLXFLCR&cd1=undefined&cd2=1---&cd3=undefined&cd6=&cd11=&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd46=homepage-beta&cd47=desktop&cd50=Blueconic%20-%20event%20call&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=&cd62=undefined&cd63=&cd64=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-b&cd61=2107839299.1674080737&cd76=a0002%2Ca0022&cd77=undefined&cd78=undefined&cd79=undefined&cd80=undefined&cd85=undefined&cd89=undefined&cd96=1&cm1=undefined&cm2=undefined&cm3=undefined&cm4=undefined&z=1626339283

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 18:07:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15487
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 664 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/ 183 B
1 KB 485ms
485ms XHR
application/json 52.84.106.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.106.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-106-104.bud50.r.cloudfront.net

Software

- /

Resource Hash

ef66742f465224476fb73172c14280bde14dd70167ebf52072f4326c3d9255de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d84412fe91532b74b0fb5833b7857e00.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: BUD50-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 164
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: uJQsEJDtNjsDjlX2HaekRjVWLzccBSuUSpyO_wFeGg0JCCISk-2UOQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 664 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/ 8 KB
5 KB 568ms
568ms XHR
application/json 52.84.106.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.106.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-106-104.bud50.r.cloudfront.net

Software

- /

Resource Hash

d9bb5e5e0c322a09ecd4d69908d0526e00b2d1799907ad0866be96c9fc1cf6ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d84412fe91532b74b0fb5833b7857e00.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: BUD50-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 3806
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: cAyRjNVhPpuBpbK40TEGs5X5FiNA3hUs0-sEh5j-UJAHQiFTzy4bcA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C89B 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 22:04:04 GMT
expires: Thu, 18 Jan 2024 22:04:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 006E 783 B
999 B 118ms
47ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

20a5cc8ec3cccb746991e32788443f106d069e2f240c25f8ef47835ffeb5ac9b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-seamvCwxOOM8RCYSq6jnsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-seamvCwxOOM8RCYSq6jnsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 22:25:39 GMT
expires: Wed, 18 Jan 2023 22:25:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
901 B 38ms
6ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 18 Jan 2023 22:25:39 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 21421
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 437
x-served-by: cache-fra-eddf8230037-FRA, cache-hhn-etou8220090-HHN
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 71ms
14ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 11:21:16 GMT
content-encoding: gzip
age: 126263
x-guploader-uploadid: ADPycdtpNS0lUU7iAFwsIBA2z2pILnbUcYzFVL02hY7Wbn_BITeULIVBPVieN21BSd9Bg5cpE5tn12FtrP7G3W-ger6cW7WoCxv5
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Wed, 17 Jan 2024 11:21:16 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 15ms
14ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc871e89201aa44e7380e81e7f7846c4164e5a5d3374ba722a90e518ad48feae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:58 GMT
server: cloudflare
x-amz-request-id: D30YKERYGEYTCEVH
age: 3334
etag: W/"854d94282c6b6d99cd8ba33bb311e621"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 78babf6afa952c37-FRA
x-amz-id-2: b05WHg6Ej2zUEn1g7gg9ZDBjq6LpHFNKGn11ijfp9cvl6Q8FwQMygs0hE1MrNtOqYCBk++wCvLE=

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 32 KB
10 KB 8ms
7ms Script
text/javascript 18.66.97.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ea737ac05e8ee5e490220d97b820834c18cd7c6f1da7d85007a51a5c64425df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 01:26:05 GMT
content-encoding: gzip
via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:08:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 75614
x-amz-server-side-encryption: AES256
etag: W/"87ee016ad429d1c83712b8d81ccb3c59"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: wExxRz0nCK4dcIxXgUvbXwSjpe2_Sy1jzz2KUMS--ZEAAKc04Nsq1A==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 96ms
23ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

5acb6bfb13d8aa6e8433b58c8ee60164ca1946736ef8236e346adf5e240f6247

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 10 Jan 2023 22:25:06 GMT
server: nginx
etag: W/"63bde5c2-9c1f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Jan 2023 22:25:39 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 61ms
7ms Script
text/javascript 2600:9000:211e:2200:a:e047:752:5701
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2200:a:e047:752:5701 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 00:57:48 GMT
Via: 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
Last-Modified: Thu, 22 Dec 2022 00:57:19 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C2
Age: 77271
ETag: "aded621b17723f487b3c9d0e43cf2f94"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1859
X-Amz-Cf-Id: vtRjSmNlcbGpdO7GfbCOutSfXxQczFkErnj6sTdR5PTZzmyTYf6sgA==

GET
H2 200 container.html Show response
eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BADF 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 22:25:37 GMT
expires: Thu, 18 Jan 2024 22:25:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1EE2 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 22:25:37 GMT
expires: Thu, 18 Jan 2024 22:25:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C558 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 22:25:37 GMT
expires: Thu, 18 Jan 2024 22:25:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6DFC 624 B
285 B 78ms
47ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXxyJsm_A2GDi-G2DHpcfC6yOTqCbgRAMNSMalAp7DkHdARImS_0e-nA4NCumbcZXDsZjrrmKypQOndUQwX1BOlG5z408FaCa2jD_CjXRjO7Z4fnPd1hLAu5ENb8T7h3CVJ1hR7UwDOLIeElVIrIColyyztWOdY0JLTd_Qy8WnQrDWx0L2XjuYzLmjjlUMF7KlQujVA

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 22:25:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BADF 76 KB
27 KB 88ms
87ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27384
x-xss-protection: 0
server: cafe
etag: 10506132538256102613
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 22:25:39 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BADF 42 B
63 B 44ms
41ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cpfdwlb4YbmDhzLZektoiC8FLQNML97Pno-YVxGDWVwF3Phzn56SzJqAzYrdo6bX1fihKFCnIG2Bzi2oWAGkNR9ip7krxj4000JCl0cdjq3RDcfFo

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BADF 0
20 B 43ms
41ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7630397633000690732&x=1&ct=76

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame BADF 3 KB
1 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/window_focus_fy2021.js

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:03:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 22:03:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame BADF 18 KB
7 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:29:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 18:29:42 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BADF 0
0 46ms
44ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRuxBSqtr5bm1fvBk9NP-oMd1Ovw86S0W9yKv7jJWcRemuv_28onGw49LT6HaXlSsmUc0XPZPxVsiba3djRdHR1cAXIpA
Requested by: Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BADF 157 KB
49 KB 61ms
32ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 Jan 2023 22:25:39 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 360A 624 B
285 B 74ms
48ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWg38x6Ko1JnAp1vS9fwteD5-B40nD6NziJcSC2Amlv--E59igNh7xUFaPKTSwq1024Fi5MIlDl8-wxz0NwyEZcMKgy4F1ISMAigB6AhW58Eq8RVHAo0aosiWzS5mWfUJQD5PkS72sB2aOt6fijZkc4Bzbe7exkYUNF0wXNmI8ihydNGX27oxUHo_oi51a4lSGs6KQN

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 22:25:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1EE2 76 KB
27 KB 163ms
162ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27384
x-xss-protection: 0
server: cafe
etag: 10506132538256102613
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 22:25:39 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1EE2 42 B
63 B 43ms
40ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BAmgCXabxFCscUCpKwv0ZhaCmb7gGFWM4JN1Jn2yMQST0l0YgR1L0UjNReqoqNQpcb8IZAcA6m1vnzGgnLr-qak-fBeTUVNZfandn0uPr-QIQR5gM

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1EE2 0
20 B 45ms
42ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=18153928119243838940&x=1&ct=76

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame 1EE2 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/window_focus_fy2021.js

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:03:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 22:03:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame 1EE2 18 KB
7 KB 14ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:29:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 18:29:42 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1EE2 0
0 51ms
42ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQirUmyUE1X9T1KvRvkHdzBmRn6SB_fwwn-RQmf336CKxDzzViq5lljQ94m68cs4BBuvLuskqB1O2TjuCT9FOwP6n2O2g
Requested by: Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1EE2 157 KB
48 KB 67ms
43ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 Jan 2023 22:25:39 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8CD6 624 B
670 B 67ms
46ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNUu0Qs5wQTWeYvaVQ-45yONzdnvABF7UFOg2C5ilsTxZLrD2az2BWm3mCDs3eR0U0xqRcDV5Z-gfD4SEzRQcIYo5LALgU915eXt8kof6oopQE2HRDruXnm7ae6XWq2adIUU8RXcqmY5XZ_4pjlRjt_w-klh9nz0m3mP-rSXuvuIsttI5cW5F8X5q65YX81qNmLKT7Ow

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 22:25:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C558 76 KB
27 KB 161ms
156ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27384
x-xss-protection: 0
server: cafe
etag: 10506132538256102613
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 22:25:39 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C558 42 B
63 B 47ms
42ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C-Z7FTXjaD1lNuO1-EoJGvzGVnMyyoWRmMYfPIyk0SIqkdMbrMf8DtObm9sTKPrYg4lenzkKM-doxpsiymIKAt6bxj1BTJGk7a1NKN055YRbAuq2w

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C558 0
20 B 45ms
40ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8346305942867685689&x=1&ct=76

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame C558 3 KB
1 KB 14ms
10ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/window_focus_fy2021.js

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:03:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 22:03:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame C558 18 KB
7 KB 15ms
10ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:29:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 18:29:42 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C558 0
0 48ms
44ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRhpst4ZipJ3i0qWVxpyYskWESkOViHvstyA5PWzO9rAr_3Zm3bgJdRFf1IpAWuHE9Ha3R5TrS4w7STWAtIlPmQVk5w2w
Requested by: Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C558 157 KB
48 KB 69ms
49ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 Jan 2023 22:25:39 GMT

GET
H3 200 OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js Show response
pagead2.googlesyndication.com/bg/ Frame C89B 36 KB
16 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 06:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16095
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 06:49:35 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
333 B 39ms
31ms XHR
application/json 52.48.35.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.35.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-35-78.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 7815c987b41ae45f1c838d8c4ddbfe98bc309600e009df121bbfbda6e24b044f

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache
x-server: 10.45.17.165
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
322 B 29ms
10ms XHR
text/plain 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mlive.com
date: Wed, 18 Jan 2023 22:25:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1

85 B
203 B

134ms
134ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 4d71d5a1870ba193b101c7433e5d1cbc6174ad7590a6a62b4ba07dc1e69126f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-RZkrnTvwPNHHlcqIZaxlodpfWY0"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Wed, 18 Jan 2023 22:25:39 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.mlive.com
location: /esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D14D 15 KB
6 KB 155ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.mlive.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 22:25:38 GMT
server: Kestrel
server-processing-duration-in-ticks: 1035217
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8CD6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEExt7SCjJSN1_fnzEBkUc90&google_cver=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEExt7SCjJSN1_fnzEBkUc90&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNUu0Qs5wQTWeYvaVQ-45yONzdnvABF7UFOg2C5ilsTxZLrD2az2BWm3mCDs3eR0U0xqRcDV5Z-gfD4SEzRQcIYo5LALgU915eXt8kof6oopQE2HRDruXnm7ae6XWq2adIUU8RXcqmY5XZ_4pjlRjt_w-klh9nz0m3mP-rSXuvuIsttI5cW5F8X5q65YX81qNmLKT7Ow
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 22:25:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEExt7SCjJSN1_fnzEBkUc90&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8CD6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8hx4zBG2KKnNtQWAo9KDgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEExt7SCjJSN1_fnzEBkUc90&google_cver=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEExt7SCjJSN1_fnzEBkUc90&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNUu0Qs5wQTWeYvaVQ-45yONzdnvABF7UFOg2C5ilsTxZLrD2az2BWm3mCDs3eR0U0xqRcDV5Z-gfD4SEzRQcIYo5LALgU915eXt8kof6oopQE2HRDruXnm7ae6XWq2adIUU8RXcqmY5XZ_4pjlRjt_w-klh9nz0m3mP-rSXuvuIsttI5cW5F8X5q65YX81qNmLKT7Ow
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 22:25:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEExt7SCjJSN1_fnzEBkUc90&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 8CD6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBbMsRy9J3q_i_kYpAnP66M&google_cver=1

43 B
1 KB

8ms
7ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBbMsRy9J3q_i_kYpAnP66M&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNUu0Qs5wQTWeYvaVQ-45yONzdnvABF7UFOg2C5ilsTxZLrD2az2BWm3mCDs3eR0U0xqRcDV5Z-gfD4SEzRQcIYo5LALgU915eXt8kof6oopQE2HRDruXnm7ae6XWq2adIUU8RXcqmY5XZ_4pjlRjt_w-klh9nz0m3mP-rSXuvuIsttI5cW5F8X5q65YX81qNmLKT7Ow

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 22:25:39 GMT
AN-X-Request-Uuid: 5bb9b4db-684b-4b0b-8e53-72bf68c2c6e8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBbMsRy9J3q_i_kYpAnP66M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8CD6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYwOTA3MzUxMzUxOTU4MDE5NQ%3D%3D

170 B
232 B

46ms
46ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYwOTA3MzUxMzUxOTU4MDE5NQ%3D%3D

Requested by

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 18 Jan 2023 22:25:39 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c21f30c8-5033-4b43-8f16-c6790d5ff7a2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYwOTA3MzUxMzUxOTU4MDE5NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 006E 0
0 41ms
41ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023011001&jk=4198559088215165&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6DFC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEExt7SCjJSN1_fnzEBkUc90&google_cver=1

43 B
632 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEExt7SCjJSN1_fnzEBkUc90&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXxyJsm_A2GDi-G2DHpcfC6yOTqCbgRAMNSMalAp7DkHdARImS_0e-nA4NCumbcZXDsZjrrmKypQOndUQwX1BOlG5z408FaCa2jD_CjXRjO7Z4fnPd1hLAu5ENb8T7h3CVJ1hR7UwDOLIeElVIrIColyyztWOdY0JLTd_Qy8WnQrDWx0L2XjuYzLmjjlUMF7KlQujVA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 22:25:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEExt7SCjJSN1_fnzEBkUc90&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6DFC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8hx4zBG2KKnNtQWAo9KDgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEExt7SCjJSN1_fnzEBkUc90&google_cver=1

43 B
632 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEExt7SCjJSN1_fnzEBkUc90&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXxyJsm_A2GDi-G2DHpcfC6yOTqCbgRAMNSMalAp7DkHdARImS_0e-nA4NCumbcZXDsZjrrmKypQOndUQwX1BOlG5z408FaCa2jD_CjXRjO7Z4fnPd1hLAu5ENb8T7h3CVJ1hR7UwDOLIeElVIrIColyyztWOdY0JLTd_Qy8WnQrDWx0L2XjuYzLmjjlUMF7KlQujVA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 22:25:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEExt7SCjJSN1_fnzEBkUc90&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 6DFC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBbMsRy9J3q_i_kYpAnP66M&google_cver=1

43 B
1 KB

7ms
7ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBbMsRy9J3q_i_kYpAnP66M&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXxyJsm_A2GDi-G2DHpcfC6yOTqCbgRAMNSMalAp7DkHdARImS_0e-nA4NCumbcZXDsZjrrmKypQOndUQwX1BOlG5z408FaCa2jD_CjXRjO7Z4fnPd1hLAu5ENb8T7h3CVJ1hR7UwDOLIeElVIrIColyyztWOdY0JLTd_Qy8WnQrDWx0L2XjuYzLmjjlUMF7KlQujVA

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 22:25:39 GMT
AN-X-Request-Uuid: 35ae8507-035e-462d-bf0f-a552bbc2c89e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBbMsRy9J3q_i_kYpAnP66M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6DFC
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYwOTA3MzUxMzUxOTU4MDE5NQ%3D%3D

170 B
232 B

46ms
45ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYwOTA3MzUxMzUxOTU4MDE5NQ%3D%3D

Requested by

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 18 Jan 2023 22:25:39 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f47ce944-e5ac-4b27-806a-01b4310f414a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYwOTA3MzUxMzUxOTU4MDE5NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 360A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEExt7SCjJSN1_fnzEBkUc90&google_cver=1

43 B
632 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEExt7SCjJSN1_fnzEBkUc90&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWg38x6Ko1JnAp1vS9fwteD5-B40nD6NziJcSC2Amlv--E59igNh7xUFaPKTSwq1024Fi5MIlDl8-wxz0NwyEZcMKgy4F1ISMAigB6AhW58Eq8RVHAo0aosiWzS5mWfUJQD5PkS72sB2aOt6fijZkc4Bzbe7exkYUNF0wXNmI8ihydNGX27oxUHo_oi51a4lSGs6KQN
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 22:25:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEExt7SCjJSN1_fnzEBkUc90&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 360A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8hx4zBG2KKnNtQWAo9KDgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEExt7SCjJSN1_fnzEBkUc90&google_cver=1

43 B
632 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEExt7SCjJSN1_fnzEBkUc90&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWg38x6Ko1JnAp1vS9fwteD5-B40nD6NziJcSC2Amlv--E59igNh7xUFaPKTSwq1024Fi5MIlDl8-wxz0NwyEZcMKgy4F1ISMAigB6AhW58Eq8RVHAo0aosiWzS5mWfUJQD5PkS72sB2aOt6fijZkc4Bzbe7exkYUNF0wXNmI8ihydNGX27oxUHo_oi51a4lSGs6KQN
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 22:25:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEExt7SCjJSN1_fnzEBkUc90&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 360A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBbMsRy9J3q_i_kYpAnP66M&google_cver=1

43 B
1 KB

9ms
9ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBbMsRy9J3q_i_kYpAnP66M&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWg38x6Ko1JnAp1vS9fwteD5-B40nD6NziJcSC2Amlv--E59igNh7xUFaPKTSwq1024Fi5MIlDl8-wxz0NwyEZcMKgy4F1ISMAigB6AhW58Eq8RVHAo0aosiWzS5mWfUJQD5PkS72sB2aOt6fijZkc4Bzbe7exkYUNF0wXNmI8ihydNGX27oxUHo_oi51a4lSGs6KQN

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 22:25:39 GMT
AN-X-Request-Uuid: d2b3a39b-a06f-43ed-a7ff-84b3b706e746
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBbMsRy9J3q_i_kYpAnP66M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 360A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzczNTg2NjQ4OTk4NDA0Mzc0Mg%3D%3D

170 B
243 B

48ms
46ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzczNTg2NjQ4OTk4NDA0Mzc0Mg%3D%3D

Requested by

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 18 Jan 2023 22:25:39 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 3e352742-bfd4-49fc-87c0-b0e99f3b8acb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzczNTg2NjQ4OTk4NDA0Mzc0Mg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BADF 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9972402449705&version=m202209210101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BADF 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9972402449705&version=m202209210101&ct=76&x=1&cor=7630397633000691000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BADF 92 KB
37 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DnYFOeMPCIGmOKHRQDdJJb9gET_mw2-Ma-4MmlDTpR3a0FBswVB_CW6sLZjGVBr7EzLAYE5gzvWPeHJZtQNNpvR0QeFXq8n9lOGUe6Xij0ZY917MZyYhdOiSS_0O7bBcQgTYuEM5EgKBwXpoe5tHs9LnW-vFNNxRoaH3-ahMtmTsHr9Nc&dbm_d=AKAmf-COSBTsST5bijqBvU6eDN6yAyoQa1O2007UP1pcflqiB_N4rvsLKOCm2DMgfI4_Mnxw-wSmVoPvlFGy4Pri9KDs3V6WZDcaQQ94Xc7cpGJ8TI78O-uSPPT3ceI1jXyCTagjfffNMXeL5yx7mAHCEwHr7FGGxNNGDhcQH5V3VP8r8pEdMItZuHDjktDeHAQZ-MjzfleL4_3M9BeONir_Bs76OQ8ew141G7SetZnYn_O4ZTdrBLLEuPRfZq-Krhp26we3U_OPUZvHEwanNtz011Te0tkGpPXoZxJLCrvuQNs4ex7M-FuNtDjEHLn4HAmvVRJSFA1tS7sgeEb02RzwL-eGf3k6DXh2SLzLLToDf5SWo3nGi0139wXCyAVxeHudds_rhoBmG4hiHI4Bah5QVJSQrsk0Zomcu_ihQrxF077a3CyvoMTRTUBqBffhouDPrBdZcO-iZntOB0Q0RIPAHrUQVevVrxDCCj3tA0diLxAj4wtAzkRM2CfkKpK6fee7iYgY8GFSr7P8pd3_dZmOcURweJ9YP7_Bu4_XiEe2m7yWIad8eLl9uW0Xt6hKP8s54tQgR73ahFcT6sqp1yxQl2fxcwL0beoY_KUUo-2PnvU3nFQT7E3vsYjfgH3Td2CuT0EL9A5fC90c0WGk4s7HJfTuCS7VvYZ7e4arqWZlk-3ASxyPKli8q68I0UVZf7k931pCGCps-VznOPSrTIAuuweAGPpZJFulIp6QhJVoxkWJrkNIXMOOjF0KlBvZFDoLYrIFZ2sBQa1rcyb794M1kvldyZWLgfPsOzLnbzcnmKAH1NHQYTJoICIs89ROr8bHKgU9m94WA_YZFiUY18HZKWrst3pgzkqAEaD9mEXARKsQ4yUzno1bL3ZlVPcSuTC_eVRxYXQ-SnOHXRv0Qh-P8TmTvSkpGCJJGF--SoXFiD9J8DptImQerl3o1pKD2DCrc_i_gsUVJYF-VQ0XQx5E2E1TqlHhDBYebEFB8oyQkai7kajoFcRtYLAWfuRQasMX7mW4WMCsNIoiSSaDiip22e3Mqw3F_THe2yvZ48w81mynVaouppqnwitP1bLStQnNwFR_p894mXf9EU_BEOmvBsSrARohwr6S7eBBZLHXbC6AoKVBVxLxlGL2QUEYbDhrh8i7B534QTngTdEIabgNMDQq8E5BVsveTzpKrG0U2JhvVZYo7ysL47OgHOHsGsOp8FV9_bvhA2RWbh7uTxXjekQW-f_gdSgzdws34F5mZibaRZjKhzEWtSSooOoJ4oyLUV0JThNvu7O4RpB_cXYBVXmGGI2CK57PVN7SjNXn6vZRaExSsHeh74JFzwEMh8QAKpqzWdFYAZuoEkgsYGGhxcUFSXbs6N4pASR4BQ4C6L_Sl7dNukOptOba5L0u65a3Cvpe5gml6Z7G1-Lb0xIeAk42iW-WS4GlGUrW-82JkFtWAGxuZ876PQXRUaeT1ponUjTYSz6H9IR4aQADow9v5ESllikoj92mxbqddtgfXrAK5BImFyWnyHjyCRu2EK8yqsE4kJN10fsRXt94XKFIZgMKThlPhD2iy1twLjHNO3U9iU_O0CiHlra_NTI2zhKy1raYSjPSXpKavTmpn7bu7xhFlnY8qv-3p2s91YN7DdUn3S5vNp1tRzY7Xl5zUONKjcDtk8K-p6gLp_04CSP9jZpikirAqkI5SYAZ7b4tfy5EchbgO0X7iZr19sdfhFlUQ2RVV9V10nYx6lQ5Mqt2Yfp2ZO3BdO91Ney1vDREQOrIOWOFF6Pi6kbTj8q1NlG0rK3xnYVr1HcXpkIsQmcEyXjvdEPzGSEUZoRgx5QlNV64Le9H1i70fMUpwfm9dily5-jVnZLk3IQz8jRnfpOnuNNrKWyzLjSUiaKuUlQ8tUtzc67zTuso16L_mbTXOwpAq-90CFqbhsfubhu0wC03t321aI4s66oXXbSj-wXFGmWosAPke1t5yOH6jEx-TS4FRlQhPXKVLM-DRSlCkqzGqKZetpeiHh2mzn8aZCfJdsrqF9NwI8EWmx3iZuOAV7STrx-MN1N6kVYbl4yTFvcmX6ZQWsT1sCVCvogjdnKT5B4yFNkNXwJ6N906_AK5vctmix8g4w-_Eg2LNBw95JUxFosABywwHmyQy0VTxgFkcn99DhYaWCF1mAWy6MEVq2Q8Gu1rmIhKbC6RPaVCsO4EvMNaIi1umj414Ew6epJ8-dw5PdEhqa_OPJIRtEidApQdm-i7klOO4xQH3lAUudKoMpXuxiDO2yOZEAXwKnxKHpjvvhP4zFtIOxT1SHtLTU0R0df2hUpDn7k4eeZHc5UFxjcmxwq8A5rY_565O_FxxrM2Mt6jxWbGlXfzbgI-Lg95l2lfX26F0oBlPXeeb6oQh9GweLT4KbGhW7RzZU5I2q302DeafUi6F4IwHKG8bz-9l6m6yKXyOAJD47zK4V11uXxwZcobAep9G_xpeI1b0ZrTozBqWk2FxQrYoNHwpzSVIeNHVP6Gpq9vyStRE4bPPui76_rAJWD9rjJtzIcycVEbWF0Qt3OpvNp28bgD3Ptjd7NkJPPzX_-fivvaeqD3Ei-_XtYWxQmxqZ-VQlprbwY7tJSC7a3aCLwPrvMsnhr_7Gl2Un5iWl4Y4HdfPR61veL5S8Ms3ADbIRkaEAxnVDbDGlbqqzrGZXvj0fRox7wTW_G7J1N5V3jynTuGIu_ounmZvktXD7DzIvY1DdDtQpXh2RqL4vvvFZ6iV8HkuEJYB6wo8yC2cPVfstfSYpX_1mFdN6HXQ63Inm1xgTcO6A_3oWkzSXpDtMAqp7IUYjZDhK8Chr0kmGwPvtC6UKT6iFPSGt-6UO1xUXdPOit1C4osKB-UFZPL-XhzbWpPN_fy702Uh-UGUeQKIQMtWeDhdXcQe8Fgtasqwsi4M2jG_6R5ZGy6MyaHcaNzwnYVmIu2HelDZET6M52YlMf_7YKlVetrSarN9sG3DnP-_TPON-zxCQSFeXGnW6VQZxs0bH1t8SHlrvCz7G37e9bpA4XhULEd4bExlCK0XjjXnMY5yBOxOhSomVrsqLJLIEWwzKMz2OIBRTGO7b_DDuk8rAyV80VrHxDX5BF8NRGAfaepyCftCNl2WsJs3DZlcJyEATgjuHV4XwZpcscfZ6LxSSMj1ocuQlbUi4FH579643O2nlchLin9Q4gMvgMzhi-kRPs4gd0PbqNt09M1romXcZgpbylm8lPc0Q&cid=CAQSOwDq26N99bh-r5n4rJhSH_oNei9r7UwVBHCooSBW0KFhI-Be-dxm-2-3JFNZTLhka9UsYhXNBsMR1ykbGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=7630397633000691000&adk=2857193498&idt=94&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4855f24082c03099d19efa90d09356822fc7ce186a4da57e76e145be6668098e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37266
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1EE2 0
20 B 44ms
43ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4299314920184&version=m202209210101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1EE2 0
20 B 43ms
43ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4299314920184&version=m202209210101&ct=76&x=1&cor=18153928119243840000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1EE2 92 KB
37 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8OGnUFkt6dS_16-CxfnaaTdc_6l3Z03EfwGcoiXNaaISOKrYRro17n-8OSzjiAOiKm0GFS3lbH4yGLPFTUoq9zpXsJM87P-C1t3Qqr9VsbLx6NxdUO5chrLlG-7kMeRh-EsAdo68FRt4gtGNpXISMNfL-1ZgyW1GmDqDp2VivXpBrZBE&dbm_d=AKAmf-AVa41vjtO6gCe6S9RiZEpVUTT6Gckongrmw3G8FFEl21gZmkJSHKqJQQvFj6znoyiwcIDvxA8X4v7pBANfivvdCPkSV4sVnxjRnxsn-WMI-zmzzo2Pt-NgfcLqQme-BsyfCQRUCC964_qJoLzC-Q5JXWazWJA97-_ZQbLqqNMheuENabtRPLjcpBkkHrTF0Bi34xgUbg7GaZxbHbrBI5Y9exQbwN7LMkz6PhtsXt169pB40gIEd2sfA_Wbt3CzCGbA1P9_J0RBWTWJbM4ysYQJRMghTYNreSERLZV6T1nB-702l_FNaUfc0Ocf2MVcRxMZj1_Jc1eBRaZ23zJNGbu_z-vrrtdaT2yF5a0FcTUtTmefdOEsT-IHIF9I6HIzR8ErUQFHx8Ne2LZP45BY4ZVRzVQipgrUVaIhJjsipkKsfxdm08Aa-5wdt1B7Vu99POVmQvq8IQBQkWK3QMf5xc2Kd1buDECeZKXH-UTwx2UzyZME_eMrJYoEZ4WsVKjwq8VSKP9xflAewtdIctqL_0m4l1KS0FjCuIYMATl3QXnf37c2DVfp1yAjXSMJoiT0LBSeFFDJPDdcbt2jsT_Rv_OcDkOEywb2z70R9dHP80zD0T6XVcKMBAXcSoKO8rhllX-n_RQo6jLQIGxTAPDSZskMFWmuUorVXFF2IkU_ZtDNslFtEmC4Thfq5zEIjAw3M-mq0_0VXHWnuzzXjMVLTGVK2r3iu3X22XGTtrbRRWEjuKm8iQUi6axVN0KzdhVa27SMssjbmaO1EqhmXrz1J0WSvC5K52dqrzo6hjugRfkl8sx4Z0awS400pqK3i_Z6EphKVGa6Y4Spq8J-YbTn5hsL0QWu1RvVm_6h9gez0dXU6sE7PcXwvoGB7LcIF4_Ks-ZT7Oaj_XdLdOgjQ2Sbt0_4RtNTx85-u-6Rjo6GIrCfeuk7PEaxQeRI9pSuTgK-vs0dGC6AuoLTIMhLIUXAH1Xf8_fd3Zem8okCIMfgfvaw8uZy7vmIPgXze1ZAwc5FMgE-p-CkA5C-dN2QPMjqJrkWh4UiF6lNrebiNMbW1X0DbMKeqDyiU3JzBFGL0y31SS1OmqlYVYdYSLN_tj_3i8fk4sjGAOXnrpsM0CeysyBRJkO4cr1PSV4hcNDBzjUkon4iFz8tjc1pCr-TE0mIOLBiJaP5VAiMJZe-iAr0KSpSCRYRl1Y8QgvOAEo_iua8T9r-c-LVkCfGMFGmmA2h9bLCF46D88da1SHzBH4jDQ6Sl2ugFevWEQ81BAWMT0QtXcA4A05dYYIt9QP9rLFx0ocoXKAB67ryXlT4jdd9LMLGiP1nmRQr3W8jeR8tDKQkbN_zTPrhoCUnxZ75IB7eWYDNAjeGMOnZwGKLoE_dTdZ-H2Dj5R44Nmvo6AfaNZr7Q-FOJB1d79-37L-dKXgqdAODDWMVFZHOmDxzgKvi5uzRDnWouZ31OQgLgycL1yYqPMUt6K3htOwYQIWiskJs8Gd9TdMgkHF5ZGI2QSJWxJrv6FkgCHe3joEtP-XQSQ7KgdEgl3LLJEsST7rCPsbYVTpnhfvHHPQ8PBhY5xzWs8VY9gpMG9y5mXSDljRH9qxuumrBWVLPQ0uDnGQ_JIeYmA0ZoJO4fo1R6DRXq3wNnd9Dcw9NryDbFqHsgJdHDaE_-mTleScW0F8FLhFdVzW76wG9KQ74bXl26XlvEytTcV1y1JWG7VztV0C7FEttSz7FzkbftixH30-U9AEqn5ALCKgAYvB0G7bPP0Q3akOXsRHFammzLEvcSuqEvlMvP4lk_4fpLwCV53Zp-lVR4x0vWPFPYG5OP67WxJEQ4we6X8Rhe-Gm0NGIge9UkSYHzz8sIxQ70qIf1khTwT6v7JO4AqmTQ5zr_J3pbwnMiqQRafixylQTVXQYPbXE0J1Rbp_MxEZ32Ov4JlFhBPyLkAxu44lQRiErpft1L97p1_u3IeS2A1e8-lU18jQL6yzto7n66ov2V6SJPFwpPxsYviCn5rP0ku6kV3irxpzUbazTqCIzyPiaDY5PWbSw4973h4QtWrCC2Eqslpf0XsCAXZzrEGNBwyhH3chKV12AuAnOl-kgJ8fCdMA9Mnh__py-_sZ4fc-4NqamF1Q7nmkD-3E7fzdRb4Wd_2XLew8jcgER7QnX2h6897Rj20ApeQ2IsJBYc9rs_aqashfVodAdA__JlqGYiKGAmLfWRl8w7nQoVUfwlZcwRp9HCQzfgUkUri2usr6Jta8ahyVD-xmcs0RlNB2IcIkK0aHEgofbj6OutjxHdO2kg_lbLkGkBWRKDb_4j0L3p9CGZvmMQO27qtsbaBCd1Ko5fhLorsGEZDYiP8nPM8NbBf5MsHusyv4bVGHY5fELND8pbC5Rg0u0e2Y2WVN5dSG2SpR1rrzQ2Ra20ajF1s1XI10ooI81YqffbJLBNxXobdueCwOtuB6_5ekT20rZ3YVQhmb3WBnwB0XzZGXCAKhB5RqX5H6i9V7-vdM2XCE6aufd9a23FOPfvZrulg40i5ftFEvbGRpGYTxyQV6GrYQ_XcwOa8_KlNM3Bz1p8BfmUIaNHnYY48UYubkZ2hImFyeFVTm1xXBIggbSb9_GoyY_Py3PNsoeaEpsnlWeniWOWxzCmvBp3dn78E4SGtG13GTYdqsgP0bqx3GRMFxcKlV0q6Iq9nzupYK0ncCgoPKUsgOGsOOnm8c3JzQYoagGUUUd44nes3OKWVD0RcWXV0S5C2PqZsD-DQ1IuGhFlRS7A6M8xe27uKCSUA3w_uAVwlWQEYQgdvkUrUmG-EH-_lONRcNZHJzsUoMjRKFz3FUpzbA7kRBMxuiXR2zMjJV6Fj7WFyfTAkHjrbAbfwCuTD6TbltmjjA9a9c38ffHpWGqP8WBt6Cxf3wWUDoMuFr0376EnJIkw547JJj2YKqgk_RccUHk58vgjyEhWLZJYBqOahqs7Z_rU0W3matnkurDPeIoYqB0Ry3s4gj4C4bntqygYQb5d33ikl5IBAC8InBDF2YwxzNNSL7G9SCnZi3ioyFkTR9LVp3U2UrlbfitXVhgUyCnJ38k_NmWBCxH1Oy7eLZVF9KhE5l2CCR2Du_MU569Z3L24kWiUEsNmzp4lnozulPBOjPUTKqkYD92WWTExwpdlAcZqPptuH_K6VaNm7b02IKew6l7Y6rmp0AQO7WrAn8_J6H3C0UN8ceeJa2gDTxhGHBHP8kZO1aZ9Ne2aaX42A&cid=CAQSOwDq26N99bh-r5n4rJhSH_oNei9r7UwVBHCooSBW0KFhI-Be-dxm-2-3JFNZTLhka9UsYhXNBsMR1ykbGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=18153928119243840000&adk=2086295851&idt=169&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fc26f6872c9b24ceef9258352706a2e8234bd98564347f62fe80d71c87f66e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37395
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C558 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8670494151296&version=m202209210101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C558 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8670494151296&version=m202209210101&ct=76&x=1&cor=8346305942867685000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C558 92 KB
37 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUYrrjYHe10sQIMYKEp58b8qfvS3n0PpaAREu0ZCw4rxPqsGCLB7qYbqLh6HJGH_prxPiQVs2S6K4ceqfdAUHJc1qLrsayLpd_61k-AcG_5ctDxA56XvTlVErhckAa1qswlecGi_E67nr8ivVTWAs1NbuG0Voic-8WlbIT_YaGTm9OVKw&dbm_d=AKAmf-BqLOIXPdWrPeQ1AoboY9V5hEHNnB1BDIjHSMS9k3yszazrRDWr92MrnIg--Ot26fKP5lPxlwOKO3CeOwh1A10tMVNLDVolqmANdfHL4WNEBiB1B5tzfr8Nns6CtFHbP6llVWkHkzOgRWy5wDnLbxH_BwQmOBzaGaPvYbBnZf-mU3nw_aYk6XS_tA0gYRv4zRTI93Df5kaWsTU8M0D3HxZ8xz5z_hGHM8VFLXYmf2RXID2kYTN6W1I0E2uE6htd0DO25kiHq7AoUkmLrLc7t3Pd7MvWlsyYHMBmSvARSgATJDXWP-ab1sIxvcAekMCDrlMWLktp8uD8TO3rnIh4KyDJXR94x7Ya1CenGab4E2gk043Zk4Wk-s8-z6W3JgOVu-DRxb5_B756XeotvVY9YFePyGggcP-zMUDtswTf-XIfFJbKlNb58CeHsLL542nITGKUeu3TGK7cFnnWCTdzulRdmtvTuVH44Pis4Syxgx8s8JkuaOf5s7Vv2gggw4OB2jEdbxBTaPBfkLnwrghdKaMBUbWT0LZ0rP5feO5MkVRTRXCC5kjMKoYASVrAJ-uVv1Y7rS6-UYFgU4FJEnqI8UJIrHlcFIyL2ciNAykLEHN4YydAMJ_99MSXndB0J22wrujofZNhy8LZW8fCdKFylRgrnpG4dWxX2GqhQe49qORzaqyqrmD2vuVsdfJdcmIj2XX-S2tjI9v2_cZTHp-AqmFZcSFe_dBqA5A4fkDnIjZeHKBfc_wGeGVBo0QECWRWkA9xVgFOodyLDESMVndmx1uUeBjzh7BaQl1raS8IVjA3D9kbrkecRSsgy7XGqjnrha0QBb9g7VA9-7Y06ZbAnagda0mh7ual3HFBt37Mm9F5AUe2bgHwPniFyDUYixS8QNhhE-C0gFYXJMHQ1Fte0oheCycJsBwTtTzWNT37dcNAxWYnJlEqBGxBy4rt5yzGXI-a6mUZfURoWh6Vhu1w7QZ1cqgGirC8OiuHkmhm_G0dN5ThWkxnHUEdYELTDAQDzc1GXlfdqVj-LhBG6CWOF-FQtGlHIPOPioBg6J-vy0giS7PTAieRlRLHL1ENjv7-P6n5AFZP6fNY9TRQogZ6XXeiNYNFiG9BQamoNT7qsmIbDYsfp2eeRHDf1ekhGEZpypgIllYD0LnOSepLklLCYu01SpGX5pSa5GsHowuGf5llJoW2Jab8Lu8jSB9IgPnJ_R46zvjzgvmUAf-Io8cy7pOkxh5Y0__WvXgzOaZuhlF-Bv6xdJ21HlINggqraa62Wawu1rJ8oAsPIdQWtoTWvsmdqdd7lxGnvZrAbKQdsPPBwNr7fUq2IqbjpiJkVAlqyc7uqPsC66kHJhSfpgmWg62lxn8SGvzE-4tnq822M3MWT89lO1KkHy77-LqSVzMUp62NRoT1p2wlzmiLS54E-uOWaVZE3suIYA4O4Y3fjm-Urb88e3uGtF0ogHaMu2wRo-55ApRwMAtzP1AYnpiLxDgjtg3T-RWS08-3F1xL3Hogubco7teyd3IPMe0tK8xIigPEURLiqdiuGvyClAXZkVbF_-Yg6ft8jWnzmcUTfA0KZH9iy6AGdp0ID4l1wJLAYlOWaxQ4oxIiy7nZZf9w4YdNu0cnLtk2hkAQ6UHmSbgtI6hyRlofbu9JE59Xm5RFXeaYCPhiK7ua7m2C44g_00oCgPYl9e_7su_BI_lMyVqaaOWrB64p_6FMonADvJ3jbP0xgAc3K_ZZp_2CcDgLvYlHB8IPvWB4nEArB_WGmKpulkyIsMgHLgGw0Hrx_Ue_am_a0FCpTySv9DIAICyjMvAHWtcpTQs6TXveDc0_Fo4TR_UUIGpv7GdjcURHo5wi8dXZIB5lA6hbEA6li2ckUhuyenRGvTpw0hqf4JwPFwQtRIRY1bS8X-VLbbBuXUufC3pM4QESXm2R3w2uC_881klXzLRNez_ddDn2Gd8Wtzq70JCDrgt_-8tvrPCKqXzYH8FbF0MbloyBgMpaetjtT9RKiCYuYfupNvEZhZMXzpy-acKi65znxHYRoqSeXRFfw7ZO21H1gcYz0jJcgb_lGq_uni9RtJO435HM8y2_hUyxN6oxQh7_GZbBlMe-prAfghrOnTiNalZtU1nhpsv1w3JQofVAjzwJS8beS_W1_RXo5x7S-78H_Hxo7tw8JAVmkuGv6pkkiV2nahAQbV1OX1pM5AZNL96oczMe6SFKPysJV0CABI8rUmaeZHP8uT0pggvxMLOThndIIifsqdUqCz0OO2WiBCkGwIv11zH-GQlTOb_xSBhCF4bh-TX0HPSpFeebQtJpY-MlrtRTUP2giW3kfXMy_jZjiu5944bua8URQbDWkod02bIheBXIOUeJuXhPGcud5Xht0mfuS8NbXc5l21rd682NZYf5U9Z8oWofB6WKUTk2yKF7Qu2bwUVIR0f3Bhj3vbbUYjNseSbDtX5-lCyf8bmrj2qnCfNvwWyCxxH7LCuaTGp2WUBuMw8VWlDvuwQYbOkzTT5kizgqPRD5eBPd9XUoveU4XcYIZE6YlxO6u_LlhmOguGMeyNULRiyJJwsdf5txPrAFJTBwO4pkef7mDX1rDnadP1ayH0fy9AQc1oCdG7TCxfqcNLnTHfY04gLI0P2O-ESKi0G2Mbzm5CZPjtX7fv5fcAutwLxrUSdBIFv5YOEX9zNuwi5BfcBEet-826YQZvFR2XcKyKUNYWX_QKnuV2a-xJ2ztDPn6XlgKIXaWd5iVsM2kKCSmcvTo-6hnhks4jxbj9SwLmJV8hBgwsJHdloI93IWnJxqSbiXM8z3LaxRxIvYYIWIdGbpu21kkMgM7D3eT_vJa0mOXdPecuN75ubtzE5Rsw0XFGDtYNZb8sd4Ltzh2C_nCXWwSGMTYoYyEYCADU6iJpL95LxFLeQd3V_yegShf-RptHmG-joAjZyBEYkcvV1QhPqb6s5klmwZarMT4fuV6DhF2bPF_tUvc0nSmwAFoDq2KwAMyu9e8huRxtiK4gE2qnSytJMDgZhsokluuBQ7Tu8hZSbXJFYsbE6KoUtelEu_o3NNbIE_RMGeWvxYiOnfvdDJ9O_zwZtgzfWU1GhXRK8ONCFkYN2w5YmfRHTz3Z9_zR8AMb0ZzV8Jiid7m2xkbA2j-BCrwpPizQA0_tzS-cx16HHueWfFB6ddgJsSyAhAi_ESzW27irsZZeXcQdZN8X0F6vJtoglDwGIdcEMzS_Vh8cHdDA&cid=CAQSOwDq26N99bh-r5n4rJhSH_oNei9r7UwVBHCooSBW0KFhI-Be-dxm-2-3JFNZTLhka9UsYhXNBsMR1ykbGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=8346305942867685000&adk=3944675600&idt=165&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d95d6051c92b8c75e0355d5f1b096dfafc3d58218e54ca6a1fb2f6aef5ceef9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634100/ Frame BADF 242 KB
73 KB 152ms
29ms Script
application/javascript 34.250.91.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634100/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.91.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-91-224.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7873cd13e0fe3e5e04e45e59777c24ebd0ebea74cc47aed4d853fa33ae90ac04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame BADF 106 KB
38 KB 104ms
22ms Script
text/javascript 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
Origin: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23457
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 19 Jan 2023 15:54:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230117/r20110914/elements/html/ Frame BADF 8 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230117/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DnYFOeMPCIGmOKHRQDdJJb9gET_mw2-Ma-4MmlDTpR3a0FBswVB_CW6sLZjGVBr7EzLAYE5gzvWPeHJZtQNNpvR0QeFXq8n9lOGUe6Xij0ZY917MZyYhdOiSS_0O7bBcQgTYuEM5EgKBwXpoe5tHs9LnW-vFNNxRoaH3-ahMtmTsHr9Nc&dbm_d=AKAmf-COSBTsST5bijqBvU6eDN6yAyoQa1O2007UP1pcflqiB_N4rvsLKOCm2DMgfI4_Mnxw-wSmVoPvlFGy4Pri9KDs3V6WZDcaQQ94Xc7cpGJ8TI78O-uSPPT3ceI1jXyCTagjfffNMXeL5yx7mAHCEwHr7FGGxNNGDhcQH5V3VP8r8pEdMItZuHDjktDeHAQZ-MjzfleL4_3M9BeONir_Bs76OQ8ew141G7SetZnYn_O4ZTdrBLLEuPRfZq-Krhp26we3U_OPUZvHEwanNtz011Te0tkGpPXoZxJLCrvuQNs4ex7M-FuNtDjEHLn4HAmvVRJSFA1tS7sgeEb02RzwL-eGf3k6DXh2SLzLLToDf5SWo3nGi0139wXCyAVxeHudds_rhoBmG4hiHI4Bah5QVJSQrsk0Zomcu_ihQrxF077a3CyvoMTRTUBqBffhouDPrBdZcO-iZntOB0Q0RIPAHrUQVevVrxDCCj3tA0diLxAj4wtAzkRM2CfkKpK6fee7iYgY8GFSr7P8pd3_dZmOcURweJ9YP7_Bu4_XiEe2m7yWIad8eLl9uW0Xt6hKP8s54tQgR73ahFcT6sqp1yxQl2fxcwL0beoY_KUUo-2PnvU3nFQT7E3vsYjfgH3Td2CuT0EL9A5fC90c0WGk4s7HJfTuCS7VvYZ7e4arqWZlk-3ASxyPKli8q68I0UVZf7k931pCGCps-VznOPSrTIAuuweAGPpZJFulIp6QhJVoxkWJrkNIXMOOjF0KlBvZFDoLYrIFZ2sBQa1rcyb794M1kvldyZWLgfPsOzLnbzcnmKAH1NHQYTJoICIs89ROr8bHKgU9m94WA_YZFiUY18HZKWrst3pgzkqAEaD9mEXARKsQ4yUzno1bL3ZlVPcSuTC_eVRxYXQ-SnOHXRv0Qh-P8TmTvSkpGCJJGF--SoXFiD9J8DptImQerl3o1pKD2DCrc_i_gsUVJYF-VQ0XQx5E2E1TqlHhDBYebEFB8oyQkai7kajoFcRtYLAWfuRQasMX7mW4WMCsNIoiSSaDiip22e3Mqw3F_THe2yvZ48w81mynVaouppqnwitP1bLStQnNwFR_p894mXf9EU_BEOmvBsSrARohwr6S7eBBZLHXbC6AoKVBVxLxlGL2QUEYbDhrh8i7B534QTngTdEIabgNMDQq8E5BVsveTzpKrG0U2JhvVZYo7ysL47OgHOHsGsOp8FV9_bvhA2RWbh7uTxXjekQW-f_gdSgzdws34F5mZibaRZjKhzEWtSSooOoJ4oyLUV0JThNvu7O4RpB_cXYBVXmGGI2CK57PVN7SjNXn6vZRaExSsHeh74JFzwEMh8QAKpqzWdFYAZuoEkgsYGGhxcUFSXbs6N4pASR4BQ4C6L_Sl7dNukOptOba5L0u65a3Cvpe5gml6Z7G1-Lb0xIeAk42iW-WS4GlGUrW-82JkFtWAGxuZ876PQXRUaeT1ponUjTYSz6H9IR4aQADow9v5ESllikoj92mxbqddtgfXrAK5BImFyWnyHjyCRu2EK8yqsE4kJN10fsRXt94XKFIZgMKThlPhD2iy1twLjHNO3U9iU_O0CiHlra_NTI2zhKy1raYSjPSXpKavTmpn7bu7xhFlnY8qv-3p2s91YN7DdUn3S5vNp1tRzY7Xl5zUONKjcDtk8K-p6gLp_04CSP9jZpikirAqkI5SYAZ7b4tfy5EchbgO0X7iZr19sdfhFlUQ2RVV9V10nYx6lQ5Mqt2Yfp2ZO3BdO91Ney1vDREQOrIOWOFF6Pi6kbTj8q1NlG0rK3xnYVr1HcXpkIsQmcEyXjvdEPzGSEUZoRgx5QlNV64Le9H1i70fMUpwfm9dily5-jVnZLk3IQz8jRnfpOnuNNrKWyzLjSUiaKuUlQ8tUtzc67zTuso16L_mbTXOwpAq-90CFqbhsfubhu0wC03t321aI4s66oXXbSj-wXFGmWosAPke1t5yOH6jEx-TS4FRlQhPXKVLM-DRSlCkqzGqKZetpeiHh2mzn8aZCfJdsrqF9NwI8EWmx3iZuOAV7STrx-MN1N6kVYbl4yTFvcmX6ZQWsT1sCVCvogjdnKT5B4yFNkNXwJ6N906_AK5vctmix8g4w-_Eg2LNBw95JUxFosABywwHmyQy0VTxgFkcn99DhYaWCF1mAWy6MEVq2Q8Gu1rmIhKbC6RPaVCsO4EvMNaIi1umj414Ew6epJ8-dw5PdEhqa_OPJIRtEidApQdm-i7klOO4xQH3lAUudKoMpXuxiDO2yOZEAXwKnxKHpjvvhP4zFtIOxT1SHtLTU0R0df2hUpDn7k4eeZHc5UFxjcmxwq8A5rY_565O_FxxrM2Mt6jxWbGlXfzbgI-Lg95l2lfX26F0oBlPXeeb6oQh9GweLT4KbGhW7RzZU5I2q302DeafUi6F4IwHKG8bz-9l6m6yKXyOAJD47zK4V11uXxwZcobAep9G_xpeI1b0ZrTozBqWk2FxQrYoNHwpzSVIeNHVP6Gpq9vyStRE4bPPui76_rAJWD9rjJtzIcycVEbWF0Qt3OpvNp28bgD3Ptjd7NkJPPzX_-fivvaeqD3Ei-_XtYWxQmxqZ-VQlprbwY7tJSC7a3aCLwPrvMsnhr_7Gl2Un5iWl4Y4HdfPR61veL5S8Ms3ADbIRkaEAxnVDbDGlbqqzrGZXvj0fRox7wTW_G7J1N5V3jynTuGIu_ounmZvktXD7DzIvY1DdDtQpXh2RqL4vvvFZ6iV8HkuEJYB6wo8yC2cPVfstfSYpX_1mFdN6HXQ63Inm1xgTcO6A_3oWkzSXpDtMAqp7IUYjZDhK8Chr0kmGwPvtC6UKT6iFPSGt-6UO1xUXdPOit1C4osKB-UFZPL-XhzbWpPN_fy702Uh-UGUeQKIQMtWeDhdXcQe8Fgtasqwsi4M2jG_6R5ZGy6MyaHcaNzwnYVmIu2HelDZET6M52YlMf_7YKlVetrSarN9sG3DnP-_TPON-zxCQSFeXGnW6VQZxs0bH1t8SHlrvCz7G37e9bpA4XhULEd4bExlCK0XjjXnMY5yBOxOhSomVrsqLJLIEWwzKMz2OIBRTGO7b_DDuk8rAyV80VrHxDX5BF8NRGAfaepyCftCNl2WsJs3DZlcJyEATgjuHV4XwZpcscfZ6LxSSMj1ocuQlbUi4FH579643O2nlchLin9Q4gMvgMzhi-kRPs4gd0PbqNt09M1romXcZgpbylm8lPc0Q&cid=CAQSOwDq26N99bh-r5n4rJhSH_oNei9r7UwVBHCooSBW0KFhI-Be-dxm-2-3JFNZTLhka9UsYhXNBsMR1ykbGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=7630397633000691000&adk=2857193498&idt=94&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:29:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 18:29:42 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230117/r20110914/ Frame BADF 28 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230117/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff6aaa3f3b8023816a9b164be90fb958c63857e984fea977c3b38d1542566299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:29:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10811
x-xss-protection: 0
server: cafe
etag: 10713822464293745175
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 18:29:42 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BADF 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 18:29:42 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3261 1 KB
643 B 9ms
9ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 33051
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 13:14:48 GMT
etag: 48472445140208031
expires: Thu, 19 Jan 2023 13:14:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BADF 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6bea98bbb4940cd784832507d081a2e3be548e08e217882fcad98e2c70c61f45

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 664 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/ 9 KB
5 KB 479ms
478ms XHR
application/json 52.84.106.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.106.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-106-104.bud50.r.cloudfront.net

Software

- /

Resource Hash

409e8d1ff27df596a248f4c1bbf99f4e7e48c8b97458954918334546c1ee22ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d84412fe91532b74b0fb5833b7857e00.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: BUD50-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 3990
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: RnKwi0qR0Al2G1inGQ-UhmX4XzvxDG48rG7KhB2X8nA3Pjptlz82lA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634100/ Frame C558 242 KB
73 KB 54ms
29ms Script
application/javascript 34.250.91.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634100/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.91.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-91-224.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 36c8f7e842f91dc28089a54eeac0e1d71b47422a79e84f0bad932cb75ff7ee5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame C558 106 KB
37 KB 34ms
33ms Script
text/javascript 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
Origin: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23457
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 19 Jan 2023 15:54:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230117/r20110914/elements/html/ Frame C558 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230117/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUYrrjYHe10sQIMYKEp58b8qfvS3n0PpaAREu0ZCw4rxPqsGCLB7qYbqLh6HJGH_prxPiQVs2S6K4ceqfdAUHJc1qLrsayLpd_61k-AcG_5ctDxA56XvTlVErhckAa1qswlecGi_E67nr8ivVTWAs1NbuG0Voic-8WlbIT_YaGTm9OVKw&dbm_d=AKAmf-BqLOIXPdWrPeQ1AoboY9V5hEHNnB1BDIjHSMS9k3yszazrRDWr92MrnIg--Ot26fKP5lPxlwOKO3CeOwh1A10tMVNLDVolqmANdfHL4WNEBiB1B5tzfr8Nns6CtFHbP6llVWkHkzOgRWy5wDnLbxH_BwQmOBzaGaPvYbBnZf-mU3nw_aYk6XS_tA0gYRv4zRTI93Df5kaWsTU8M0D3HxZ8xz5z_hGHM8VFLXYmf2RXID2kYTN6W1I0E2uE6htd0DO25kiHq7AoUkmLrLc7t3Pd7MvWlsyYHMBmSvARSgATJDXWP-ab1sIxvcAekMCDrlMWLktp8uD8TO3rnIh4KyDJXR94x7Ya1CenGab4E2gk043Zk4Wk-s8-z6W3JgOVu-DRxb5_B756XeotvVY9YFePyGggcP-zMUDtswTf-XIfFJbKlNb58CeHsLL542nITGKUeu3TGK7cFnnWCTdzulRdmtvTuVH44Pis4Syxgx8s8JkuaOf5s7Vv2gggw4OB2jEdbxBTaPBfkLnwrghdKaMBUbWT0LZ0rP5feO5MkVRTRXCC5kjMKoYASVrAJ-uVv1Y7rS6-UYFgU4FJEnqI8UJIrHlcFIyL2ciNAykLEHN4YydAMJ_99MSXndB0J22wrujofZNhy8LZW8fCdKFylRgrnpG4dWxX2GqhQe49qORzaqyqrmD2vuVsdfJdcmIj2XX-S2tjI9v2_cZTHp-AqmFZcSFe_dBqA5A4fkDnIjZeHKBfc_wGeGVBo0QECWRWkA9xVgFOodyLDESMVndmx1uUeBjzh7BaQl1raS8IVjA3D9kbrkecRSsgy7XGqjnrha0QBb9g7VA9-7Y06ZbAnagda0mh7ual3HFBt37Mm9F5AUe2bgHwPniFyDUYixS8QNhhE-C0gFYXJMHQ1Fte0oheCycJsBwTtTzWNT37dcNAxWYnJlEqBGxBy4rt5yzGXI-a6mUZfURoWh6Vhu1w7QZ1cqgGirC8OiuHkmhm_G0dN5ThWkxnHUEdYELTDAQDzc1GXlfdqVj-LhBG6CWOF-FQtGlHIPOPioBg6J-vy0giS7PTAieRlRLHL1ENjv7-P6n5AFZP6fNY9TRQogZ6XXeiNYNFiG9BQamoNT7qsmIbDYsfp2eeRHDf1ekhGEZpypgIllYD0LnOSepLklLCYu01SpGX5pSa5GsHowuGf5llJoW2Jab8Lu8jSB9IgPnJ_R46zvjzgvmUAf-Io8cy7pOkxh5Y0__WvXgzOaZuhlF-Bv6xdJ21HlINggqraa62Wawu1rJ8oAsPIdQWtoTWvsmdqdd7lxGnvZrAbKQdsPPBwNr7fUq2IqbjpiJkVAlqyc7uqPsC66kHJhSfpgmWg62lxn8SGvzE-4tnq822M3MWT89lO1KkHy77-LqSVzMUp62NRoT1p2wlzmiLS54E-uOWaVZE3suIYA4O4Y3fjm-Urb88e3uGtF0ogHaMu2wRo-55ApRwMAtzP1AYnpiLxDgjtg3T-RWS08-3F1xL3Hogubco7teyd3IPMe0tK8xIigPEURLiqdiuGvyClAXZkVbF_-Yg6ft8jWnzmcUTfA0KZH9iy6AGdp0ID4l1wJLAYlOWaxQ4oxIiy7nZZf9w4YdNu0cnLtk2hkAQ6UHmSbgtI6hyRlofbu9JE59Xm5RFXeaYCPhiK7ua7m2C44g_00oCgPYl9e_7su_BI_lMyVqaaOWrB64p_6FMonADvJ3jbP0xgAc3K_ZZp_2CcDgLvYlHB8IPvWB4nEArB_WGmKpulkyIsMgHLgGw0Hrx_Ue_am_a0FCpTySv9DIAICyjMvAHWtcpTQs6TXveDc0_Fo4TR_UUIGpv7GdjcURHo5wi8dXZIB5lA6hbEA6li2ckUhuyenRGvTpw0hqf4JwPFwQtRIRY1bS8X-VLbbBuXUufC3pM4QESXm2R3w2uC_881klXzLRNez_ddDn2Gd8Wtzq70JCDrgt_-8tvrPCKqXzYH8FbF0MbloyBgMpaetjtT9RKiCYuYfupNvEZhZMXzpy-acKi65znxHYRoqSeXRFfw7ZO21H1gcYz0jJcgb_lGq_uni9RtJO435HM8y2_hUyxN6oxQh7_GZbBlMe-prAfghrOnTiNalZtU1nhpsv1w3JQofVAjzwJS8beS_W1_RXo5x7S-78H_Hxo7tw8JAVmkuGv6pkkiV2nahAQbV1OX1pM5AZNL96oczMe6SFKPysJV0CABI8rUmaeZHP8uT0pggvxMLOThndIIifsqdUqCz0OO2WiBCkGwIv11zH-GQlTOb_xSBhCF4bh-TX0HPSpFeebQtJpY-MlrtRTUP2giW3kfXMy_jZjiu5944bua8URQbDWkod02bIheBXIOUeJuXhPGcud5Xht0mfuS8NbXc5l21rd682NZYf5U9Z8oWofB6WKUTk2yKF7Qu2bwUVIR0f3Bhj3vbbUYjNseSbDtX5-lCyf8bmrj2qnCfNvwWyCxxH7LCuaTGp2WUBuMw8VWlDvuwQYbOkzTT5kizgqPRD5eBPd9XUoveU4XcYIZE6YlxO6u_LlhmOguGMeyNULRiyJJwsdf5txPrAFJTBwO4pkef7mDX1rDnadP1ayH0fy9AQc1oCdG7TCxfqcNLnTHfY04gLI0P2O-ESKi0G2Mbzm5CZPjtX7fv5fcAutwLxrUSdBIFv5YOEX9zNuwi5BfcBEet-826YQZvFR2XcKyKUNYWX_QKnuV2a-xJ2ztDPn6XlgKIXaWd5iVsM2kKCSmcvTo-6hnhks4jxbj9SwLmJV8hBgwsJHdloI93IWnJxqSbiXM8z3LaxRxIvYYIWIdGbpu21kkMgM7D3eT_vJa0mOXdPecuN75ubtzE5Rsw0XFGDtYNZb8sd4Ltzh2C_nCXWwSGMTYoYyEYCADU6iJpL95LxFLeQd3V_yegShf-RptHmG-joAjZyBEYkcvV1QhPqb6s5klmwZarMT4fuV6DhF2bPF_tUvc0nSmwAFoDq2KwAMyu9e8huRxtiK4gE2qnSytJMDgZhsokluuBQ7Tu8hZSbXJFYsbE6KoUtelEu_o3NNbIE_RMGeWvxYiOnfvdDJ9O_zwZtgzfWU1GhXRK8ONCFkYN2w5YmfRHTz3Z9_zR8AMb0ZzV8Jiid7m2xkbA2j-BCrwpPizQA0_tzS-cx16HHueWfFB6ddgJsSyAhAi_ESzW27irsZZeXcQdZN8X0F6vJtoglDwGIdcEMzS_Vh8cHdDA&cid=CAQSOwDq26N99bh-r5n4rJhSH_oNei9r7UwVBHCooSBW0KFhI-Be-dxm-2-3JFNZTLhka9UsYhXNBsMR1ykbGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=8346305942867685000&adk=3944675600&idt=165&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:29:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 18:29:42 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230117/r20110914/ Frame C558 28 KB
11 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230117/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff6aaa3f3b8023816a9b164be90fb958c63857e984fea977c3b38d1542566299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:29:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10811
x-xss-protection: 0
server: cafe
etag: 10713822464293745175
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 18:29:42 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634100/ Frame 1EE2 242 KB
73 KB 68ms
54ms Script
application/javascript 34.250.91.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634100/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.91.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-91-224.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b70c5d01b9fca95bd3c4bd5af92e166d1a561b274338bb71899a3fb3dd28b97e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 1EE2 106 KB
37 KB 39ms
37ms Script
text/javascript 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
Origin: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23457
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 19 Jan 2023 15:54:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230117/r20110914/elements/html/ Frame 1EE2 8 KB
3 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230117/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8OGnUFkt6dS_16-CxfnaaTdc_6l3Z03EfwGcoiXNaaISOKrYRro17n-8OSzjiAOiKm0GFS3lbH4yGLPFTUoq9zpXsJM87P-C1t3Qqr9VsbLx6NxdUO5chrLlG-7kMeRh-EsAdo68FRt4gtGNpXISMNfL-1ZgyW1GmDqDp2VivXpBrZBE&dbm_d=AKAmf-AVa41vjtO6gCe6S9RiZEpVUTT6Gckongrmw3G8FFEl21gZmkJSHKqJQQvFj6znoyiwcIDvxA8X4v7pBANfivvdCPkSV4sVnxjRnxsn-WMI-zmzzo2Pt-NgfcLqQme-BsyfCQRUCC964_qJoLzC-Q5JXWazWJA97-_ZQbLqqNMheuENabtRPLjcpBkkHrTF0Bi34xgUbg7GaZxbHbrBI5Y9exQbwN7LMkz6PhtsXt169pB40gIEd2sfA_Wbt3CzCGbA1P9_J0RBWTWJbM4ysYQJRMghTYNreSERLZV6T1nB-702l_FNaUfc0Ocf2MVcRxMZj1_Jc1eBRaZ23zJNGbu_z-vrrtdaT2yF5a0FcTUtTmefdOEsT-IHIF9I6HIzR8ErUQFHx8Ne2LZP45BY4ZVRzVQipgrUVaIhJjsipkKsfxdm08Aa-5wdt1B7Vu99POVmQvq8IQBQkWK3QMf5xc2Kd1buDECeZKXH-UTwx2UzyZME_eMrJYoEZ4WsVKjwq8VSKP9xflAewtdIctqL_0m4l1KS0FjCuIYMATl3QXnf37c2DVfp1yAjXSMJoiT0LBSeFFDJPDdcbt2jsT_Rv_OcDkOEywb2z70R9dHP80zD0T6XVcKMBAXcSoKO8rhllX-n_RQo6jLQIGxTAPDSZskMFWmuUorVXFF2IkU_ZtDNslFtEmC4Thfq5zEIjAw3M-mq0_0VXHWnuzzXjMVLTGVK2r3iu3X22XGTtrbRRWEjuKm8iQUi6axVN0KzdhVa27SMssjbmaO1EqhmXrz1J0WSvC5K52dqrzo6hjugRfkl8sx4Z0awS400pqK3i_Z6EphKVGa6Y4Spq8J-YbTn5hsL0QWu1RvVm_6h9gez0dXU6sE7PcXwvoGB7LcIF4_Ks-ZT7Oaj_XdLdOgjQ2Sbt0_4RtNTx85-u-6Rjo6GIrCfeuk7PEaxQeRI9pSuTgK-vs0dGC6AuoLTIMhLIUXAH1Xf8_fd3Zem8okCIMfgfvaw8uZy7vmIPgXze1ZAwc5FMgE-p-CkA5C-dN2QPMjqJrkWh4UiF6lNrebiNMbW1X0DbMKeqDyiU3JzBFGL0y31SS1OmqlYVYdYSLN_tj_3i8fk4sjGAOXnrpsM0CeysyBRJkO4cr1PSV4hcNDBzjUkon4iFz8tjc1pCr-TE0mIOLBiJaP5VAiMJZe-iAr0KSpSCRYRl1Y8QgvOAEo_iua8T9r-c-LVkCfGMFGmmA2h9bLCF46D88da1SHzBH4jDQ6Sl2ugFevWEQ81BAWMT0QtXcA4A05dYYIt9QP9rLFx0ocoXKAB67ryXlT4jdd9LMLGiP1nmRQr3W8jeR8tDKQkbN_zTPrhoCUnxZ75IB7eWYDNAjeGMOnZwGKLoE_dTdZ-H2Dj5R44Nmvo6AfaNZr7Q-FOJB1d79-37L-dKXgqdAODDWMVFZHOmDxzgKvi5uzRDnWouZ31OQgLgycL1yYqPMUt6K3htOwYQIWiskJs8Gd9TdMgkHF5ZGI2QSJWxJrv6FkgCHe3joEtP-XQSQ7KgdEgl3LLJEsST7rCPsbYVTpnhfvHHPQ8PBhY5xzWs8VY9gpMG9y5mXSDljRH9qxuumrBWVLPQ0uDnGQ_JIeYmA0ZoJO4fo1R6DRXq3wNnd9Dcw9NryDbFqHsgJdHDaE_-mTleScW0F8FLhFdVzW76wG9KQ74bXl26XlvEytTcV1y1JWG7VztV0C7FEttSz7FzkbftixH30-U9AEqn5ALCKgAYvB0G7bPP0Q3akOXsRHFammzLEvcSuqEvlMvP4lk_4fpLwCV53Zp-lVR4x0vWPFPYG5OP67WxJEQ4we6X8Rhe-Gm0NGIge9UkSYHzz8sIxQ70qIf1khTwT6v7JO4AqmTQ5zr_J3pbwnMiqQRafixylQTVXQYPbXE0J1Rbp_MxEZ32Ov4JlFhBPyLkAxu44lQRiErpft1L97p1_u3IeS2A1e8-lU18jQL6yzto7n66ov2V6SJPFwpPxsYviCn5rP0ku6kV3irxpzUbazTqCIzyPiaDY5PWbSw4973h4QtWrCC2Eqslpf0XsCAXZzrEGNBwyhH3chKV12AuAnOl-kgJ8fCdMA9Mnh__py-_sZ4fc-4NqamF1Q7nmkD-3E7fzdRb4Wd_2XLew8jcgER7QnX2h6897Rj20ApeQ2IsJBYc9rs_aqashfVodAdA__JlqGYiKGAmLfWRl8w7nQoVUfwlZcwRp9HCQzfgUkUri2usr6Jta8ahyVD-xmcs0RlNB2IcIkK0aHEgofbj6OutjxHdO2kg_lbLkGkBWRKDb_4j0L3p9CGZvmMQO27qtsbaBCd1Ko5fhLorsGEZDYiP8nPM8NbBf5MsHusyv4bVGHY5fELND8pbC5Rg0u0e2Y2WVN5dSG2SpR1rrzQ2Ra20ajF1s1XI10ooI81YqffbJLBNxXobdueCwOtuB6_5ekT20rZ3YVQhmb3WBnwB0XzZGXCAKhB5RqX5H6i9V7-vdM2XCE6aufd9a23FOPfvZrulg40i5ftFEvbGRpGYTxyQV6GrYQ_XcwOa8_KlNM3Bz1p8BfmUIaNHnYY48UYubkZ2hImFyeFVTm1xXBIggbSb9_GoyY_Py3PNsoeaEpsnlWeniWOWxzCmvBp3dn78E4SGtG13GTYdqsgP0bqx3GRMFxcKlV0q6Iq9nzupYK0ncCgoPKUsgOGsOOnm8c3JzQYoagGUUUd44nes3OKWVD0RcWXV0S5C2PqZsD-DQ1IuGhFlRS7A6M8xe27uKCSUA3w_uAVwlWQEYQgdvkUrUmG-EH-_lONRcNZHJzsUoMjRKFz3FUpzbA7kRBMxuiXR2zMjJV6Fj7WFyfTAkHjrbAbfwCuTD6TbltmjjA9a9c38ffHpWGqP8WBt6Cxf3wWUDoMuFr0376EnJIkw547JJj2YKqgk_RccUHk58vgjyEhWLZJYBqOahqs7Z_rU0W3matnkurDPeIoYqB0Ry3s4gj4C4bntqygYQb5d33ikl5IBAC8InBDF2YwxzNNSL7G9SCnZi3ioyFkTR9LVp3U2UrlbfitXVhgUyCnJ38k_NmWBCxH1Oy7eLZVF9KhE5l2CCR2Du_MU569Z3L24kWiUEsNmzp4lnozulPBOjPUTKqkYD92WWTExwpdlAcZqPptuH_K6VaNm7b02IKew6l7Y6rmp0AQO7WrAn8_J6H3C0UN8ceeJa2gDTxhGHBHP8kZO1aZ9Ne2aaX42A&cid=CAQSOwDq26N99bh-r5n4rJhSH_oNei9r7UwVBHCooSBW0KFhI-Be-dxm-2-3JFNZTLhka9UsYhXNBsMR1ykbGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=18153928119243840000&adk=2086295851&idt=169&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:29:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 18:29:42 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230117/r20110914/ Frame 1EE2 28 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230117/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff6aaa3f3b8023816a9b164be90fb958c63857e984fea977c3b38d1542566299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:29:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10811
x-xss-protection: 0
server: cafe
etag: 10713822464293745175
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 18:29:42 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame D14D
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=mlive.com&sn=ChromeSyncframe&so=0&topUrl=www.mlive.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=N2FmKXwvQ2F5MWxuT2J2MVVtdm13YUNvTzNOWTVZQUg4MkRSb3hDQkNIZStNM25RNFlZbnk4d0VLRDhNZ3F1RzBlQlNOYWpReWQyL3ppczBDL0pVMkJocGtNdnBvNWZyRkw1T2JBQ0hPb05pUHpwT3QyWFp6d2h1UStZaH...

425 B
648 B

298ms
18ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=N2FmKXwvQ2F5MWxuT2J2MVVtdm13YUNvTzNOWTVZQUg4MkRSb3hDQkNIZStNM25RNFlZbnk4d0VLRDhNZ3F1RzBlQlNOYWpReWQyL3ppczBDL0pVMkJocGtNdnBvNWZyRkw1T2JBQ0hPb05pUHpwT3QyWFp6d2h1UStZaHYwTTBlS0RGaC9MTlhhQkhxYnBYaXl6SE1UTmdSaEF0QThEMDNWYSsrVGgvay9zYWpQSE5YWVFZQ3I2dTl6alZpbTJzZ0FwYkdMU3BIei8zb0RYWWVTeUUySWdSa0lrM2p2RnBCRGl5TWNoMkVzZFlkaUtYeDFmVVFodWtVRElROHIzREVxQjFWM0h6SG1XbkRlNi80eWZ6MkpVNHRJQT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5996efdfb1cae3e828846e3a0a74a9b9a1b8d26a9c2f174a8198ab605eb77ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2202888
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=N2FmKXwvQ2F5MWxuT2J2MVVtdm13YUNvTzNOWTVZQUg4MkRSb3hDQkNIZStNM25RNFlZbnk4d0VLRDhNZ3F1RzBlQlNOYWpReWQyL3ppczBDL0pVMkJocGtNdnBvNWZyRkw1T2JBQ0hPb05pUHpwT3QyWFp6d2h1UStZaHYwTTBlS0RGaC9MTlhhQkhxYnBYaXl6SE1UTmdSaEF0QThEMDNWYSsrVGgvay9zYWpQSE5YWVFZQ3I2dTl6alZpbTJzZ0FwYkdMU3BIei8zb0RYWWVTeUUySWdSa0lrM2p2RnBCRGl5TWNoMkVzZFlkaUtYeDFmVVFodWtVRElROHIzREVxQjFWM0h6SG1XbkRlNi80eWZ6MkpVNHRJQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 498820
content-length: 0
expires: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B972 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14157
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 18:29:42 GMT
expires: Thu, 18 Jan 2024 18:29:42 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 3261 35 B
464 B 38ms
9ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIxhe7ZXlV4sfls45rWfvCc&google_cver=1&google_push=AavPq0PEnjo5GIDlWivFAGBI7eVNBW-T2jcOLyfwDdHv5SFTjdjwdKge2LjM_r9x11JVeRuD6ZwZ1nskTbSKdFz2ytgFgTKA1mWF

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3261
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJScrRWcM-b7siEXH7UxLAg&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJScrRWcM-b7siEXH7UxLAg&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UWxWQTVqeHMxUGlnU2Y1&google_gid=CAESEJScrRWcM-b7siEXH7UxLAg&google_cver=1&google_push=AavPq0PCv6P3JjSx9z0eZXSnjrWv2sR4sI_YeQCg6N6qrY2...

170 B
188 B

45ms
45ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UWxWQTVqeHMxUGlnU2Y1&google_gid=CAESEJScrRWcM-b7siEXH7UxLAg&google_cver=1&google_push=AavPq0PCv6P3JjSx9z0eZXSnjrWv2sR4sI_YeQCg6N6qrY2lGAkxkFwFZqy9FhHGscwh4Wo8eFBPKolhtf9IIxCkxJDMqR9SBGQ

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 22:25:38 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0616fc39f147daae8@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UWxWQTVqeHMxUGlnU2Y1&google_gid=CAESEJScrRWcM-b7siEXH7UxLAg&google_cver=1&google_push=AavPq0PCv6P3JjSx9z0eZXSnjrWv2sR4sI_YeQCg6N6qrY2lGAkxkFwFZqy9FhHGscwh4Wo8eFBPKolhtf9IIxCkxJDMqR9SBGQ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3261
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESED0x9lRGr72hsyB80PF0tK8&google_push=AavPq0PxGc8AzkSnQhZ-j1w5I1DuqUQF_YvLEi7TSUtPCN6i857hc5dO41...

170 B
188 B

46ms
45ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESED0x9lRGr72hsyB80PF0tK8&google_push=AavPq0PxGc8AzkSnQhZ-j1w5I1DuqUQF_YvLEi7TSUtPCN6i857hc5dO41yefk8xwQY24Fcaw3Hz3a1rrtfRDKWAccJXtyULCrA

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220062-HHN
pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1674080739.478224,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESED0x9lRGr72hsyB80PF0tK8&google_push=AavPq0PxGc8AzkSnQhZ-j1w5I1DuqUQF_YvLEi7TSUtPCN6i857hc5dO41yefk8xwQY24Fcaw3Hz3a1rrtfRDKWAccJXtyULCrA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 3261 70 B
264 B 64ms
29ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECn9PNUaWuvD8QL0f13K9Xk&google_cver=1&google_push=AavPq0MCcQIVlAaHtlYqGM6iMqxX_9MB-nglvXvp9JUADNwKD8U9TpxQUtaG97yLGxzL7rvYISnp3CHEtX_W_AsEPqbjlyUDc2-5
Requested by: Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3261
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEG5aEkrFFlEQVl0TgpFkPyU&google_cver=1&google_push=AavPq0O-rKf_sYfKI6CLDFX_FmJJ2-VWOZtTnxQlMKrkn-U0uzfRgtbNlPeJaPuhj2EZPbAX74Avmu3gqGxA2XDOb8Udchn...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEG5aEkrFFlEQVl0TgpFkPyU&google_cver=1&google_push=AavPq0O-rKf_sYfKI6CLDFX_FmJJ2-VWOZtTnxQlMKrkn-U0uzfRgtbNlPeJaPuhj2EZPbAX74Avmu3gqGxA2XDOb8Udc...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0O-rKf_sYfKI6CLDFX_FmJJ2-VWOZtTnxQlMKrkn-U0uzfRgtbNlPeJaPuhj2EZPbAX74Avmu3gqGxA2XDOb8UdchnerA3n

170 B
188 B

47ms
47ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0O-rKf_sYfKI6CLDFX_FmJJ2-VWOZtTnxQlMKrkn-U0uzfRgtbNlPeJaPuhj2EZPbAX74Avmu3gqGxA2XDOb8UdchnerA3n

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0O-rKf_sYfKI6CLDFX_FmJJ2-VWOZtTnxQlMKrkn-U0uzfRgtbNlPeJaPuhj2EZPbAX74Avmu3gqGxA2XDOb8UdchnerA3n
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3261
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECCOLJzwMZGZ8lqUqLijPuM&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECCOLJzwMZGZ8lqUqLijPuM&google_hm=Y8hx4zBG2KKnNtQWAo9KDgAADRMAAAIB&google_nid=index&google_push=AavPq0PQMJ1K70w9lg0D8XpsOpi0VskjuxdMt...

170 B
188 B

45ms
45ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECCOLJzwMZGZ8lqUqLijPuM&google_hm=Y8hx4zBG2KKnNtQWAo9KDgAADRMAAAIB&google_nid=index&google_push=AavPq0PQMJ1K70w9lg0D8XpsOpi0VskjuxdMtEEeBvaI5ijyX3tu1jK76kKF-K08ZcI6EaGVdsVEBg3MKIB8q250jZrCAAmEfUCm

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrVPw%2Ffv%2FUVlu7qWcvF2WryqOk8LEZS8e2X4puK3aYEb8hh82B8couY5h5EdiaaW14uHY1qsSdc3j4Dnd0PWGdxtT98kKOBINWGvk2PgdvGNaXeJ%2BkvmwLiua9V0QNv7b7fIrNacYjKqmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECCOLJzwMZGZ8lqUqLijPuM&google_hm=Y8hx4zBG2KKnNtQWAo9KDgAADRMAAAIB&google_nid=index&google_push=AavPq0PQMJ1K70w9lg0D8XpsOpi0VskjuxdMtEEeBvaI5ijyX3tu1jK76kKF-K08ZcI6EaGVdsVEBg3MKIB8q250jZrCAAmEfUCm
cache-control: no-cache
cf-ray: 78babf6d8d569000-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET pub
cs.chocolateplatform.com/ Frame 3261 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3261 0
12 B 47ms
43ms Image
text/html 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KDKi_97edH2_ZfKzc5jFLvMu3uucWbCKH_3-JGyQ7Bpyi12YwVZNjXbAAMBNtO1T-aRvcf

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10079595500193011461/ Frame 9797 138 KB
22 KB 80ms
26ms Document
text/html 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10079595500193011461/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f69cda4d346d1361e182ca51dfc0be0b484b548a8afd33fc4939dc63ff671f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 476401
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22835
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 10:05:38 GMT
expires: Sat, 13 Jan 2024 10:05:38 GMT
last-modified: Tue, 29 Nov 2022 11:19:19 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BADF 0
0 150ms
68ms Fetch
image/gif 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv6gRibuZTo8x2B5Gik29f_ZjVbiu5X5Gjt-5aDMdI3dVy3VKCUvUDcbVz8YXUjoIZWdoa8OWzsYTP1T2L4m_wDcT8Ud1HSmF3JOktdGeJXtcP-QXSGSpt2DOdDmygZK1GJheN4H4nDtoOiMHJ-k20vKg5MSTToj9C6x95CI0O224kg0T02xgd3glPb7UBlf23wqSWls8rOuB8uRoAsI0HiJDnrlUPOsuCCsubEHoJEH-ejDW0ipwbLOriHBrk9d9Blj8-grF8uTpuVzau11i7y9JSFipw_1hX18-yx0H3zrKuHgc6EXq8-749zdq-c6Vez0s69981YrUZJzAI5Nl4ntLGrP2OXlYLZFgD4MqD83RoSFT7CCSfjJVAIO2thNEH7CedcMT_jO08FJP6_56OURsCUWsW1tA0RKuxxc2aAsnnhXivQKvb4yBk-UD6Cgme-UW8RVl2USUKJLSlbZnaFwrU-DZrgMiyo4AOVeHjPFoHhgTPC9NDvPjEYuxwVR8nYPLilCUxWV31MOlvulhCgG-kL2WPq5RnxngvUQ0JR666TCOFqEHNNMHHu2JD5sUdyhlpiCb7akgzkynQUZvZvtSiiZhxy3q5gO3IBX6u4r2VKYjmhxsn2F9YLgv9EYhhOADCmzP1pP3AAdXT50596OTgA5svIa4RJWtsx_xpVsqq7ToNd6TuKqy8kAR5pX5gPzhptC5DBKaMNNCC7kUlgbxRdFB_5TKOCCJInxhMUx7tDutRwIESB5SRqymcZMF1cH549fwjfgfSZ3w5z2nAXfkqB-lynl9ASrFOGpgpKHXABLJt1ftjpB47MtqiE_D_y-P4sr8FdPsm0Enf8JuJ-qbVzRlK6EkN8fLOrPc2W9mQ7mDKxv69Mp6X_8kA7G_mR01p_IuI8954R7-jItGne8sKaOE6wYY0fa9v1qmvCScLoRSqtvy2W75YmbwksdtnxaQglWDZoNkdQWLCCtk93pe2pvobMrj94B9G1TiEYTJ1Kb_y9owmP5jXQuzuckMAWYzY2buOyqHrzX7J6Dc03SUZQ2cVqSV9wjMF-LeCoK9XYLM6nN9-hx-tB3uYuyz8HvuXlcEVW7vZgPzI8bX6bBZfo7uFxHpiKxIMRjttYopbmbHKGnXk4_AI8ly06JnidAzsum4gQWqAG66FzqvpuooXNS23c4lV_d1N-jMu-cHUXg6NENeYq4L1ZJlGOrFPWJfWaZELdb6TeKby50AS8PaOQl2fHxBtHRA&sai=AMfl-YSmrM1P2mRIRo1iIQ2_0AXLGRYgXJWA-3IZE8-UOxVmYM_BYNccozvYd0pWlrgUr2YveJQxZpuKw7RGpG4Y7YzQYf8HCfTSjEPkm6MRkjn9lK3nd4TgEGjiUOJ8b_pCQxZGTPfhEbTgHEqL9d7eLv2591muwc8h0k1fPvt86EM71CXERpuj84M1n5pSVw8xsolsVRMjzC5pEgXLgouTF0OlZKhowDlsSNrICb0kXeOAswNYAIviP7iqrWWNqBv6zbCLn23ajpc&sig=Cg0ArKJSzG3SZoCCdFYuEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=142&cbvp=1&cstd=139&cisv=r20230117.99573&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 18 Jan 2023 22:25:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 18 Jan 2023 22:25:39 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C558 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 18:29:42 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EE01 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 33051
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 13:14:48 GMT
etag: 48472445140208031
expires: Thu, 19 Jan 2023 13:14:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C558 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a868b538443fddb9c21898c8edc3905f2cc111d4e2d6ede4948b56fc465f26f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1EE2 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 18:29:42 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9E67 1 KB
643 B 7ms
7ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 33051
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 13:14:48 GMT
etag: 48472445140208031
expires: Thu, 19 Jan 2023 13:14:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1EE2 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35b2b5f91212273685dad15c8278697e1cf59dfee8c847a5b94f5f72654942c9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10079595500193011461/ Frame 1122 138 KB
22 KB 26ms
25ms Document
text/html 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10079595500193011461/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f69cda4d346d1361e182ca51dfc0be0b484b548a8afd33fc4939dc63ff671f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 476401
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22835
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 10:05:38 GMT
expires: Sat, 13 Jan 2024 10:05:38 GMT
last-modified: Tue, 29 Nov 2022 11:19:19 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C558 0
0 67ms
67ms Fetch
image/gif 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvL7-F-83gvdTofwZFqnElhTcv8xNkQOypnFhL580izJBd_wFKcIhLryESb-4ctDv20-pv_CCSWdo3UlC5GaEvgkMOVR0-rOcK2TF1Ss-Zhy-5wEgfYFE0x9wtAakTX9fF3RgZS938MURxd7UyntPuX0tvpibh7aF_GZ900X_8YrW-EaBUrKDIjWc1dXGmD-mmQ6RBq61OAAlfIvQtYDgNKRPCJWWWFB7z_MDgY4Q81h32gykL-9AHwt8SexvJ-yCfKysuBOsHrRfAfPx5apZ3Xp340WxOm3Ku0R5J4d6g4h_SRFd8Vb9m7ios-EiCdAeBLctdhO_xoBUfgtm2k81pLbnZQ3QkjiDrlePTgQaXcNNHBGlWdleg4P7V0FMinNkQVQCzF5oJOwZy0oBWCRVsw4H4oEg12nlW-blgt3qVf0Kp5SnRwOabd6Jjv5ro-ljGFZeepjxxIARsZoNNGsOOsGwnnyV8JHApox23bqDUTSZANgx5UXr8k68fCvmyL7hbvw-47DeiCdBgrxiAXMGTUJ1LHTA-wjWnlJo98YHnt8a--A9hspse0tiMZqhxXONbENS5z8pB72DTAMT0JayhaqjokwvmF_J3GMQB6wsiekn_Rfowd1p5tPXyK7aDDbvrZmycZJ_Eg3lu1MR91Orl3iubjq5k6R2TWtv4mjuOlbjRApVpRZpbMQLsBVmnwmZVjGMukXyWRTQGXfrPCmS9oVCjV9rWfBWaHky38qxmf1povFWEQk7t9_KK9yBGNy3FuOkcT7MperC9KEm9eOO0VP9bZeYCuRDIWBJUL7SHZmXJP22JZZlg8yAssw2JZYQxjEgLtU32oh1asFbVEHMmtR4WAMNO3bazDbU9a07YxS7C9hQ_gcqebKM4IxKRwkFzV4sdlPQFCNx27-RsDnlDer7yt6D2oM96tmSTtsPNjjzLNS3rV4XFDlWGCDzP6ctgnMFI1R2n20UkV9h-haHcZcg8jR8PXQ3lDKiEVTLyNs_m6BQ2IbHyUgPm_5kprPFte-56hE-P276vLwsDd8A3uwDsHzkC8RtyWtTI5WZ421UeX0pSET-cZ_6CGC8XYTvrenu--D54UjduCQHa-eLWF193wkOs-FL2IDrSsi4htS5lA8JT3-ykBXmBiz9XQ_HZ_zaw06UPxSlVPsMfL0cpgkUedDXd1tumoDx25apI_9gKS2xThSX1YvtI2nOIPKeEvGp93iEBNCEQbYVMMcIPR4UPcQsjSguddhB1BUHc&sai=AMfl-YQK6LjLC88H1dtxqq6q5sTgqGCrbISgpc9CYk3gtaSMfqffrE2ki7XrDG2M-aIZ5qBTNf_TAXswLpqD7JX2Efmh5D5bALoKyIpmh1EKuDfhqcBs7wSnE5MKxrRHNKBKjb5S2G_i53r4SW_7GXz_7YQKvCvTpqzdgy3uQigco4w9DoQxT5Cah47LXaiZ4NoplEMdbuemviNVtGtM9vaKkfaHyYoFWLNeRU3soteKj6XfkiQ82rMj--VxH-cNjo3bFI8ZT3xxVSY&sig=Cg0ArKJSzLFnz0CeAsXKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=146&cbvp=1&cstd=144&cisv=r20230117.69858&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 18 Jan 2023 22:25:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 18 Jan 2023 22:25:39 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10079595500193011461/ Frame AA3A 138 KB
22 KB 26ms
25ms Document
text/html 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10079595500193011461/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f69cda4d346d1361e182ca51dfc0be0b484b548a8afd33fc4939dc63ff671f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 476401
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22835
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 10:05:38 GMT
expires: Sat, 13 Jan 2024 10:05:38 GMT
last-modified: Tue, 29 Nov 2022 11:19:19 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1EE2 0
0 67ms
66ms Fetch
image/gif 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvcmTmsgQ0z3II6KyxjW2OgOgvSqXNKiOeOApRkge8e4cp9lEkTTHvy_0HdUL8vSnmFta6K6jgajHs1HHyUssgsS4FXtzZPDtrFgJzwJUn1uHLiD4z5XKA1LjAbBrEy2LecOWm8suC4Z6CxBpsPojnX3-UY-_L196bpVv8_zJjFjdaSPMNKb6j8l5QoB7mZLN463iLceEnFxWtyiq1E0lQ3HKzmgxjovsMW3NYXdu3mC8Efr0wGfbY0AsPKymcn__dZo_rlfk1GzDblTSJP-u9ejazPCyL7mj6IWVYfvmyK2qyXmtDWR17-ucWwxvvMxHDaYYJ7XcxiRhr1H2QVEDLWICGEN08xjtZkq6Bpw2k5WLzU5d0ZVg61jL9YonAA9M2O6Q3lDPePWb91HCsmZmzjsTVd_3WZwv1NUMUG7T42E40PkbkIjgHExBeWSKFSCAviELyl6V__pht2JfFNgM7QGJQaHyEW8nujS3-A6Y2dk2h8JY7S21JA6V4ygPY3RbWSND_Go4EKGYQQ0V4nLZabCc58Qu1HyLYkoh4IHqvVkjFYzxA-USgmHWpOlA3jwMw12VGdOAzeLbB2k5-jGapQxNXnWjouk78oVhD5ej1pCWAcG1ZBothEgfKobqJP1RT8CI3djvmsY9xlJNkGUSXJ-3VW5sal1sfuoQzxzcOYvsv6N77zNl4kYoetfabyJ0oqVQp20zxNz27wuf7E8IUOAzSU3aqZ-_sl8QZZM_GoO-fXxboQpR20Y_7JjbRGKCxpnExdwtA0XeMDxLle0AFDx9_AP0v68vsBDCQOLDeP7rvteusNaYiH1u7Apl0HvPeGypePip14QX2j-AB1zdyL3G4zpWnbjUpxtJotlc01nc2t3YrYWuA0hvf82bnqKXltXqfAJ_0qqX80cGdGugrxPglmgV6m0wSvinhFXT3XvL937S1JwgQz0ROpSlVWXRwkchNvornHdcd5KOElTKFep7igdJviyuvTGCM9GWTWhHMRRJnYHNNSuCrwoE6E7A8o2x1oLnvMg7kRT1CMZCtdVyI4iS0DoU5UEz0dGkLx1_zAI9508vTx9aV97oE5a_yhK3jS2fDtqvtmHU83AUEHGj6WHu8gO54tR0gmOYX2-k30BNxlogI_yH_gh0Oz5Rzr00eMpZn4jfpMouirHqX5TFVE8OkHPpTlSekwwNQansyZa6nsB-VauDahbYqigvbVWub4Kt3MsC5L3o_5X_n43JVW4IzwssXahCtvlw8&sai=AMfl-YT_Quo9QGESIINszOPOiEc3vK0MbR46LvTr4-t-3LjpQNPzxxNNSb3i7uVCF9CQ6VISgoBRxAYI2TCRp0KFzSlA4kc_sBlFXSkJGMmmDPHioh7FVvToMEhibwhF4_iy4be4QtUMmj_53y0zSLbid7mwCvdv_wVYFBU3_UjtVjbvaI_zVQW6Swf_tDi2E4xjKm9ZtE4ppD7o45FV8IVxbuLkJAvUKGvzGIk6cKeZd4AAlSpRHxitgs-597uV3zeiVvMDiJrZf4E&sig=Cg0ArKJSzGRIKpC1Y7Q4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=145&cbvp=1&cstd=143&cisv=r20230117.18424&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 18 Jan 2023 22:25:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 18 Jan 2023 22:25:39 GMT

GET
H3 200 OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js Show response
pagead2.googlesyndication.com/bg/ Frame B972 36 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 06:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16095
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 06:49:35 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 9797 29 KB
10 KB 26ms
26ms Script
text/javascript 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 10:42:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42208
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 19 Jan 2023 10:42:11 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D2BC 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14157
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 18:29:42 GMT
expires: Thu, 18 Jan 2024 18:29:42 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 event Show response
prebid-a.rubiconproject.com/ 0
125 B 8ms
7ms XHR
text/plain 18.193.126.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.126.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-126-69.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 18 Jan 2023 22:25:39 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 53ms
7ms Preflight 18.193.126.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.126.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-126-69.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.mlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Wed, 18 Jan 2023 22:25:39 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE01
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIxhe7ZXlV4sfls45rWfvCc&google_cver=1&google_push=AavPq0P8FicxYj1fla6YoxO0fauh12jI7kbLN8afuZdrxaMqQtF8uoh8c-...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0P8FicxYj1fla6YoxO0fauh12jI7kbLN8afuZdrxaMqQtF8uoh8c-fbUrFJh8uYUHeLKyhoL5-YoMwateZXBO9DHvOrn4c&google_hm=3AMySqyK32g_9...

170 B
188 B

47ms
46ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0P8FicxYj1fla6YoxO0fauh12jI7kbLN8afuZdrxaMqQtF8uoh8c-fbUrFJh8uYUHeLKyhoL5-YoMwateZXBO9DHvOrn4c&google_hm=3AMySqyK32g_9s5HETgq4Q

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0P8FicxYj1fla6YoxO0fauh12jI7kbLN8afuZdrxaMqQtF8uoh8c-fbUrFJh8uYUHeLKyhoL5-YoMwateZXBO9DHvOrn4c&google_hm=3AMySqyK32g_9s5HETgq4Q
pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE01
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJScrRWcM-b7siEXH7UxLAg&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UWxWQTVqeHMxUGlnU2Y1&google_gid=CAESEJScrRWcM-b7siEXH7UxLAg&google_cver=1&google_push=AavPq0PxQqo5bEwSEpD6uK2aC86_-7i9XVZdm3Ri_0ZnEkl...

170 B
188 B

47ms
46ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UWxWQTVqeHMxUGlnU2Y1&google_gid=CAESEJScrRWcM-b7siEXH7UxLAg&google_cver=1&google_push=AavPq0PxQqo5bEwSEpD6uK2aC86_-7i9XVZdm3Ri_0ZnEkln_6oMz2_YGRhJ8urpyQPEhZyTWme_YubfTErLsS5M3GnOfBbVZtc

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 22:25:39 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0ba18284f907c56bd@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UWxWQTVqeHMxUGlnU2Y1&google_gid=CAESEJScrRWcM-b7siEXH7UxLAg&google_cver=1&google_push=AavPq0PxQqo5bEwSEpD6uK2aC86_-7i9XVZdm3Ri_0ZnEkln_6oMz2_YGRhJ8urpyQPEhZyTWme_YubfTErLsS5M3GnOfBbVZtc
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE01
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENB7yyFTdQWx0seCWMBPhfs&google_cver=1&google_push=AavPq0OkWTm8KsmzIGaPjUZ1G7p-GWZHxP4DCCQ9A4JK8zXW8lf6iln5pNDL_K__FRDPI6ENbv0qcQwL-Zx...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0OkWTm8KsmzIGaPjUZ1G7p-GWZHxP4DCCQ9A4JK8zXW8lf6iln5pNDL_K__FRDPI6ENbv0qcQwL-ZxyjbVy9MCbIwGxK9x9&google_hm=71K3ZNHZQlqxOrXAPIQB04Y

170 B
188 B

47ms
46ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0OkWTm8KsmzIGaPjUZ1G7p-GWZHxP4DCCQ9A4JK8zXW8lf6iln5pNDL_K__FRDPI6ENbv0qcQwL-ZxyjbVy9MCbIwGxK9x9&google_hm=71K3ZNHZQlqxOrXAPIQB04Y

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:38 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0OkWTm8KsmzIGaPjUZ1G7p-GWZHxP4DCCQ9A4JK8zXW8lf6iln5pNDL_K__FRDPI6ENbv0qcQwL-ZxyjbVy9MCbIwGxK9x9&google_hm=71K3ZNHZQlqxOrXAPIQB04Y
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE01
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELgXhVNOlVP8cOY-z8EVWTE&google_cver=1&google_push=AavPq0O0L7Wel0ieK32-2EEKlAL4Vq06brj-5PgMn4R8tC9Rsnt_lpMGkTpyxhoDPqsKTmkHnP83ILCMH_zG95G0dD2W...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELgXhVNOlVP8cOY-z8EVWTE&google_cver=1&google_push=AavPq0O0L7Wel0ieK32-2EEKlAL4Vq06brj-5PgMn4R8tC9Rsnt_lpMGkTpyxhoDPqsKTmkHnP83ILCMH_zG95...
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://x.bidswitch.net/sync?dsp_id=59&user_id=ecd8777d-5bb7-4e7e-8b31-5282aec5f4e9&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0O0L7Wel0ieK32-2EEKlAL4Vq06brj-5PgMn4R8tC9Rsnt_lpMGkTpyxhoDPqsKTmkHnP83ILCMH_zG95G0dD2WYoRTgncw&google_hm=NSfxKjNZSNCPjAYOhzm8Jg==

170 B
188 B

45ms
44ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0O0L7Wel0ieK32-2EEKlAL4Vq06brj-5PgMn4R8tC9Rsnt_lpMGkTpyxhoDPqsKTmkHnP83ILCMH_zG95G0dD2WYoRTgncw&google_hm=NSfxKjNZSNCPjAYOhzm8Jg==

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0O0L7Wel0ieK32-2EEKlAL4Vq06brj-5PgMn4R8tC9Rsnt_lpMGkTpyxhoDPqsKTmkHnP83ILCMH_zG95G0dD2WYoRTgncw&google_hm=NSfxKjNZSNCPjAYOhzm8Jg==
date: Wed, 18 Jan 2023 22:25:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE01
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEG5aEkrFFlEQVl0TgpFkPyU&google_cver=1&google_push=AavPq0OjNxS_gsDWwCP2ckgOPUSe23ZG8G_WZePPrYduWIAk59ZitZxOgU-BeNoBEWtxFgkKMvX4P1Qp3yuWU6w64AVPhc5...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0OjNxS_gsDWwCP2ckgOPUSe23ZG8G_WZePPrYduWIAk59ZitZxOgU-BeNoBEWtxFgkKMvX4P1Qp3yuWU6w64AVPhc5BMB_6

170 B
188 B

44ms
44ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0OjNxS_gsDWwCP2ckgOPUSe23ZG8G_WZePPrYduWIAk59ZitZxOgU-BeNoBEWtxFgkKMvX4P1Qp3yuWU6w64AVPhc5BMB_6

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0OjNxS_gsDWwCP2ckgOPUSe23ZG8G_WZePPrYduWIAk59ZitZxOgU-BeNoBEWtxFgkKMvX4P1Qp3yuWU6w64AVPhc5BMB_6
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE01
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEOaN0i2iyBFhTLiVElThC-4&google_cver=1&google_push=AavPq0N-WGkDOOBm_pwNsMIhWJdwCRABkEDhaz1F484nSbY8Guo5GIP21RJsIJftU23EkIao-79yecXHQljO...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0N-WGkDOOBm_pwNsMIhWJdwCRABkEDhaz1F484nSbY8Guo5GIP21RJsIJftU23EkIao-79yecXHQljOKLLscdlyDHf1w9U

170 B
188 B

45ms
45ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0N-WGkDOOBm_pwNsMIhWJdwCRABkEDhaz1F484nSbY8Guo5GIP21RJsIJftU23EkIao-79yecXHQljOKLLscdlyDHf1w9U

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0N-WGkDOOBm_pwNsMIhWJdwCRABkEDhaz1F484nSbY8Guo5GIP21RJsIJftU23EkIao-79yecXHQljOKLLscdlyDHf1w9U
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 um
cs.emxdgt.com/ Frame EE01 0
55 B 65ms
7ms Image
text/html 3.75.3.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEB11yfHs55XvICmAkoPWXV4&google_cver=1&google_push=AavPq0OBH_64NyUrTiNQfFhOv8FFZyyvbaMCXzISwfGNFSf9r6sXwswwvm_YuedCUeJg2CBSLiMYQG4eBF7Qf7wcXOFXVGJJY0ae
Requested by: Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.75.3.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-3-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
content-length: 0
content-type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EE01 0
12 B 45ms
42ms Image
text/html 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IqDI9h8gK0dcBOE7S5Bh29anTS_v9-g9FhQjr4LWf7f1bi-gOoHomCjSg9IDh_OJTzUGTKrw

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 1122 29 KB
10 KB 27ms
27ms Script
text/javascript 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 10:42:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42208
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 19 Jan 2023 10:42:11 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2798 22 KB
8 KB 9ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14157
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 18:29:42 GMT
expires: Thu, 18 Jan 2024 18:29:42 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9E67
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIxhe7ZXlV4sfls45rWfvCc&google_cver=1&google_push=AavPq0OZA3l25ZQ3ZA42GOt9q8kgBBiz_h9CY7ODvUI5l-thZ518n7vPXh...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0OZA3l25ZQ3ZA42GOt9q8kgBBiz_h9CY7ODvUI5l-thZ518n7vPXhudcZsDGnuYiUeoPuLgI85VNuHp_VB3-8ymbHKw0lzd&google_hm=3AMySqyK32g_...

170 B
188 B

46ms
46ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0OZA3l25ZQ3ZA42GOt9q8kgBBiz_h9CY7ODvUI5l-thZ518n7vPXhudcZsDGnuYiUeoPuLgI85VNuHp_VB3-8ymbHKw0lzd&google_hm=3AMySqyK32g_9s5HETgq4Q

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0OZA3l25ZQ3ZA42GOt9q8kgBBiz_h9CY7ODvUI5l-thZ518n7vPXhudcZsDGnuYiUeoPuLgI85VNuHp_VB3-8ymbHKw0lzd&google_hm=3AMySqyK32g_9s5HETgq4Q
pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 9E67 0
104 B 113ms
23ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJjeTGLfXgVs2l_oUIGwrp8&google_cver=1&google_push=AavPq0M2CV3IXyPe932f1WyG_l7wBpsPjyw6e97jSy0klOJKMNJOXVgD3O_ENHQdqdFjsQNjeXp1DRl-DU23aIJpAoPZw653CvPvRg
Requested by: Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9E67
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJScrRWcM-b7siEXH7UxLAg&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UWxWQTVqeHMxUGlnU2Y1&google_gid=CAESEJScrRWcM-b7siEXH7UxLAg&google_cver=1&google_push=AavPq0Op1S4BcZXaSrZls_4TdzCS11Y_XGdQUZFwvpZE5gL...

170 B
188 B

49ms
49ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UWxWQTVqeHMxUGlnU2Y1&google_gid=CAESEJScrRWcM-b7siEXH7UxLAg&google_cver=1&google_push=AavPq0Op1S4BcZXaSrZls_4TdzCS11Y_XGdQUZFwvpZE5gLRUwbZxK7CW181w0CbdujLNa0u32vxkzsEK-PiBXtrc_CrJ8Sao_8rEQ

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 22:25:38 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0616fc39f147daae8@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UWxWQTVqeHMxUGlnU2Y1&google_gid=CAESEJScrRWcM-b7siEXH7UxLAg&google_cver=1&google_push=AavPq0Op1S4BcZXaSrZls_4TdzCS11Y_XGdQUZFwvpZE5gLRUwbZxK7CW181w0CbdujLNa0u32vxkzsEK-PiBXtrc_CrJ8Sao_8rEQ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 9E67
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGOTHcWq9gNed_NtBc0NvQA&google_cver=1&google_push=AavPq0O0YW4J0lc5gUEUgEviFmaONHk0cAf7XPmoVPG8XcTpQT5NLLlZrIpU2mEDb8DhESOihaai6KMVqVG_sALtwG5fOoR4qgmmS...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGOTHcWq9gNed_NtBc0NvQA&google_cver=1&google_push=AavPq0O0YW4J0lc5gUEUgEviFmaONHk0cAf7XPmoVPG8XcTpQT5NLLlZrIpU2mEDb8DhESOihaai6KMVqVG_sALtwG5fOoR4qgm...

43 B
435 B

195ms
181ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGOTHcWq9gNed_NtBc0NvQA&google_cver=1&google_push=AavPq0O0YW4J0lc5gUEUgEviFmaONHk0cAf7XPmoVPG8XcTpQT5NLLlZrIpU2mEDb8DhESOihaai6KMVqVG_sALtwG5fOoR4qgmmSQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0O0YW4J0lc5gUEUgEviFmaONHk0cAf7XPmoVPG8XcTpQT5NLLlZrIpU2mEDb8DhESOihaai6KMVqVG_sALtwG5fOoR4qgmmSQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:40 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 78babf700d06698b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 175
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGOTHcWq9gNed_NtBc0NvQA&google_cver=1&google_push=AavPq0O0YW4J0lc5gUEUgEviFmaONHk0cAf7XPmoVPG8XcTpQT5NLLlZrIpU2mEDb8DhESOihaai6KMVqVG_sALtwG5fOoR4qgmmSQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0O0YW4J0lc5gUEUgEviFmaONHk0cAf7XPmoVPG8XcTpQT5NLLlZrIpU2mEDb8DhESOihaai6KMVqVG_sALtwG5fOoR4qgmmSQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 78babf6e9b3e698b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9E67
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECCOLJzwMZGZ8lqUqLijPuM&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECCOLJzwMZGZ8lqUqLijPuM&google_hm=Y8hx4zBG2KKnNtQWAo9KDgAADRMAAAIB&google_nid=index&google_push=AavPq0NZmLbeKyBAntFAl_Z8cQ9Dzfb7Szvpi...

170 B
188 B

46ms
46ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECCOLJzwMZGZ8lqUqLijPuM&google_hm=Y8hx4zBG2KKnNtQWAo9KDgAADRMAAAIB&google_nid=index&google_push=AavPq0NZmLbeKyBAntFAl_Z8cQ9Dzfb7SzvpisRL3r9dKBmGhfUf_NxW8k3Savhx6UQ8ChaVGGK34fr2rrs5nMsLzVjO3NKSDmx0oQ

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C23Ev41rgd97wVU54Rs0xeWz%2FxUQ1Kg6IkSRJdPVjQnruZLlsqFmEFcOAvn3jo5uOGHEcC3P85bDtfQbzcAiON42pmf1ErHbWjarGgeBvbdxKmwbtYZ9%2BKTpve0SxIdzjTIeUpHinto99Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECCOLJzwMZGZ8lqUqLijPuM&google_hm=Y8hx4zBG2KKnNtQWAo9KDgAADRMAAAIB&google_nid=index&google_push=AavPq0NZmLbeKyBAntFAl_Z8cQ9Dzfb7SzvpisRL3r9dKBmGhfUf_NxW8k3Savhx6UQ8ChaVGGK34fr2rrs5nMsLzVjO3NKSDmx0oQ
cache-control: no-cache
cf-ray: 78babf6e6e739000-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9E67
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEOaN0i2iyBFhTLiVElThC-4&google_cver=1&google_push=AavPq0PsryMNtAJY98wZptyUTfvGP15kdQvPa2VzACphxmu-1XVzY072RnOumX5C-aeC8pv3VPQMFKisN38P...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0PsryMNtAJY98wZptyUTfvGP15kdQvPa2VzACphxmu-1XVzY072RnOumX5C-aeC8pv3VPQMFKisN38PneFRZ3itNGCzQiB0Jw

170 B
188 B

46ms
46ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0PsryMNtAJY98wZptyUTfvGP15kdQvPa2VzACphxmu-1XVzY072RnOumX5C-aeC8pv3VPQMFKisN38PneFRZ3itNGCzQiB0Jw

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0PsryMNtAJY98wZptyUTfvGP15kdQvPa2VzACphxmu-1XVzY072RnOumX5C-aeC8pv3VPQMFKisN38PneFRZ3itNGCzQiB0Jw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 9E67
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOaN0i2iyBFhTLiVElThC-4&google_cver=1&google_push=AavPq0PddUr3zB3djigArtBrx0lP_SnnoX7MLygcPptskVZiLJJdmBKw90MQuSuykTH0c9ZdfJLELiA-7eg...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0PddUr3zB3djigArtBrx0lP_SnnoX7MLygcPptskVZiLJJdmBKw90MQuSuykTH0c9ZdfJLELiA-7eg5VbcCAssgfk81tjr4Z_c
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

8ms
7ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9E67 0
12 B 45ms
43ms Image
text/html 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LzQ1vst_TeSRqHDJyTYOZcqVQnDF2UN72rpB2arlS-oteyRkfx8BljX8UJIM4jyN4YGVd0UA

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame BADF
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_43HIY-...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

8ms
7ms

Script
application/javascript

2600:9000:214f:8000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:214f:8000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 19:44:46 GMT
x-amz-version-id: zY2JBCN4YW7W9FILnhc6dvLmbr8sZib9
content-encoding: gzip
via: 1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 9654
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 18 Jan 2023 19:44:35 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: JXP5mjrm3LAwrvxApGh38K2n_PRVyFW7yrVYV4lnskq29DNYmDa-ew==

Redirect headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: nginx
x-server-name: app13.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 427E 91 KB
23 KB 8ms
8ms Script
application/javascript 2600:9000:214f:8000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 10306163
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 0fw4n1IPkPn5MBNKHVSKyhMKhTuSMY92Ixp4y3Zrfq8L44GPjNH3vA==

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame C558
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_43HIY5...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

8ms
7ms

Script
application/javascript

2600:9000:214f:8000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:214f:8000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 19:44:46 GMT
x-amz-version-id: zY2JBCN4YW7W9FILnhc6dvLmbr8sZib9
content-encoding: gzip
via: 1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 9654
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 18 Jan 2023 19:44:35 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: FTOCATi1zoeOrkVKhJ-_4UDi0tsLklZgyYqzhgZC2DqmUDFNtmvXpw==

Redirect headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: nginx
x-server-name: app11.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 0EF3 91 KB
23 KB 8ms
8ms Script
application/javascript 2600:9000:214f:8000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 10306163
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: XMtMZ0PLDe3uyZgLF_SX58VlXMgPSoqGToDpDTcyxoc4Q6_ka43bAA==

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 1EE2
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_43HIY9...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

7ms
7ms

Script
application/javascript

2600:9000:214f:8000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:214f:8000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 19:44:46 GMT
x-amz-version-id: zY2JBCN4YW7W9FILnhc6dvLmbr8sZib9
content-encoding: gzip
via: 1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 9654
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 18 Jan 2023 19:44:35 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: elUwVdVXCZFrs0926nXZLUe900UJXygNRfW05DR1vwWT9zM5O1n_YQ==

Redirect headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
server: nginx
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 0A60 91 KB
23 KB 9ms
8ms Script
application/javascript 2600:9000:214f:8000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 10306163
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Erk68N6aFYLy-n3UHGpA4Sa24b_nuMnI3xPxXuUvTlJPYoZvC66PpQ==

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame AA3A 29 KB
10 KB 26ms
26ms Script
text/javascript 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 10:42:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42208
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 19 Jan 2023 10:42:11 GMT

POST
H2 200 getuserdbdata Show response
app.matheranalytics.com/u/ 54 B
206 B 230ms
175ms XHR
text/plain 35.186.255.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://app.matheranalytics.com/u/getuserdbdata
Requested by: Host: js.matheranalytics.com
URL: https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1615
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.255.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.255.186.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 44026785039df91c14b8c331292992e1fd71a23acdd5cb09c40d12d1c8e8aaac

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 18 Jan 2023 22:25:39 GMT
via: 1.1 google
content-type: text/plain
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by: 1-gc-use1-tc8t0116

POST
H2 200 execute Show response
c2.piano.io/xbuilder/experience/ 9 KB
3 KB 162ms
131ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=8Gu2Z8RCvZ

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e87477f288453878389958cb7ccf07309b0380f913273c080cc8dfa74fdecda

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: trih7zj9it
pragma: no-cache
server: cloudflare
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.mlive.com
access-control-expose-headers: Composer-Request-Control-Policy
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 78babf6f982c6910-FRA

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 5361 0
176 B 108ms
35ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 18 Jan 2023 22:25:39 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BADF 43 B
215 B 718ms
341ms Image
image/gif 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3ae26068-e45b-baff-b3d3-74af00ed02e6&tv=%7Bc:1GRI4Q,pingTime:-3,time:188,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:26%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:188,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B181~0%5D,as:%5B180~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:ttkIb1e+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.990511-61634100%7C181%7C182%7C183%7C184%7C191%7C192%7C193%7C194%7C1a1%7C1a2%7C1a3%7C1a4%7C1b,idMap:18*,rmeas:1,rend:0,renddet:na,siq:28%7D&br=c
Requested by: Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:40 GMT
server: nginx
x-server-name: dt21.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BADF 43 B
215 B 547ms
174ms Image
image/gif 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3ae26068-e45b-baff-b3d3-74af00ed02e6&tv=%7Bc:1GRI4S,pingTime:-6,time:190,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:190,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B183~0%5D,as:%5B182~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:ttkIb1e+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.990511-61634100%7C181%7C182%7C183%7C184%7C191%7C192%7C193%7C194%7C1a1%7C1a2%7C1a3%7C1a4%7C1b,idMap:18*,rmeas:1,rend:0,renddet:na,siq:28%7D&tpiLookup=ao:www.mlive.com*&br=c
Requested by: Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:40 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C558 43 B
215 B 533ms
171ms Image
image/gif 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1c06a3da-e4e5-86f1-a7e1-608e2ceb09b6&tv=%7Bc:1GRI56,pingTime:-3,time:153,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:153,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B147~0%5D,as:%5B146~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:ttkIb1e+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18.990511-61634100%7C181%7C182%7C183%7C184%7C185%7C191%7C192%7C193%7C194%7C1a*.990511-61634100%7C1a1%7C1a2%7C1a3%7C1a4%7C1b,idMap:1a*,rmeas:1,rend:0,renddet:na,siq:20%7D&br=c
Requested by: Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:40 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C558 43 B
215 B 700ms
341ms Image
image/gif 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1c06a3da-e4e5-86f1-a7e1-608e2ceb09b6&tv=%7Bc:1GRI57,pingTime:-6,time:154,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:154,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B148~0%5D,as:%5B147~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:ttkIb1e+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18.990511-61634100%7C181%7C182%7C183%7C184%7C185%7C191%7C192%7C193%7C194%7C1a*.990511-61634100%7C1a1%7C1a2%7C1a3%7C1a4%7C1b,idMap:1a*,rmeas:1,rend:0,renddet:na,siq:20%7D&tpiLookup=ao:www.mlive.com*&br=c
Requested by: Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:40 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1EE2 43 B
215 B 693ms
339ms Image
image/gif 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=fa8a1f38-f8cb-8236-5e99-4aa3661324be&tv=%7Bc:1GRI5d,pingTime:-3,time:118,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:118,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B112~0%5D,as:%5B112~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:ttkIb1e+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18.990511-61634100%7C181%7C182%7C183%7C184%7C185%7C19*.990511-61634100%7C191%7C192%7C193%7C194%7C1a.990511-61634100%7C1a1%7C1a2%7C1a3%7C1a4%7C1a5%7C1b,idMap:19*,rmeas:1,rend:0,renddet:DIV,siq:19%7D&br=c
Requested by: Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:40 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1EE2 43 B
215 B 693ms
342ms Image
image/gif 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=fa8a1f38-f8cb-8236-5e99-4aa3661324be&tv=%7Bc:1GRI5f,pingTime:-6,time:120,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:120,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B114~0%5D,as:%5B114~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:ttkIb1e+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18.990511-61634100%7C181%7C182%7C183%7C184%7C185%7C19*.990511-61634100%7C191%7C192%7C193%7C194%7C1a.990511-61634100%7C1a1%7C1a2%7C1a3%7C1a4%7C1a5%7C1b,idMap:19*,rmeas:1,rend:0,renddet:DIV,siq:19%7D&tpiLookup=ao:www.mlive.com*&br=c
Requested by: Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:40 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BADF 43 B
216 B 490ms
171ms Image
image/gif 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3ae26068-e45b-baff-b3d3-74af00ed02e6&tv=%7Bc:1GRI5N,pingTime:-2,time:247,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:545,beZ:546,mfA:548,cmA:550,inA:550,inZ:555,prA:555,prZ:565,si:572,poA:573,poZ:596,cmZ:596,mfZ:596,loA:734,loZ:737,ltA:791,ltZ:791%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:true,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:26%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:247,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B240~0%5D,as:%5B239~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:ttkIb1e+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.990511-61634100%7C181%7C182%7C183%7C184%7C19.990511-61634100%7C191%7C192%7C193%7C194%7C1a.990511-61634100%7C1a1%7C1a2%7C1a3%7C1a4%7C1b,idMap:18*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:28,sinceFw:217,readyFired:true%7D&br=c
Requested by: Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:40 GMT
server: nginx
x-server-name: dt22.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C558 43 B
215 B 488ms
172ms Image
image/gif 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1c06a3da-e4e5-86f1-a7e1-608e2ceb09b6&tv=%7Bc:1GRI5P,pingTime:-2,time:198,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:589,beZ:590,mfA:591,cmA:593,inA:593,inZ:597,prA:598,prZ:603,si:608,poA:609,poZ:629,cmZ:629,mfZ:629,loA:742,loZ:744,ltA:787,ltZ:787%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:true,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:199,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B193~0%5D,as:%5B192~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:ttkIb1e+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18.990511-61634100%7C181%7C182%7C183%7C184%7C185%7C19.990511-61634100%7C191%7C192%7C193%7C194%7C1a*.990511-61634100%7C1a1%7C1a2%7C1a3%7C1a4%7C1b,idMap:1a*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:20,sinceFw:177,readyFired:true%7D&br=c
Requested by: Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:40 GMT
server: nginx
x-server-name: dt23.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1EE2 43 B
215 B 652ms
340ms Image
image/gif 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=fa8a1f38-f8cb-8236-5e99-4aa3661324be&tv=%7Bc:1GRI5T,pingTime:-2,time:160,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:634,beZ:635,mfA:637,cmA:638,inA:638,inZ:642,prA:642,prZ:647,si:652,poA:653,poZ:672,cmZ:672,mfZ:672,loA:753,loZ:756,ltA:794,ltZ:794%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:true,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:161,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B155~0%5D,as:%5B155~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:ttkIb1e+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18.990511-61634100%7C181%7C182%7C183%7C184%7C185%7C19*.990511-61634100%7C191%7C192%7C193%7C194%7C1a.990511-61634100%7C1a1%7C1a2%7C1a3%7C1a4%7C1a5%7C1b,idMap:19*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:DIV,siq:19,sinceFw:141,readyFired:true%7D&br=c
Requested by: Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:40 GMT
server: nginx
x-server-name: dt24.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js Show response
pagead2.googlesyndication.com/bg/ Frame D2BC 36 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 06:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16095
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 06:49:35 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BADF 0
0 58ms
57ms Fetch
image/gif 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv6gRibuZTo8x2B5Gik29f_ZjVbiu5X5Gjt-5aDMdI3dVy3VKCUvUDcbVz8YXUjoIZWdoa8OWzsYTP1T2L4m_wDcT8Ud1HSmF3JOktdGeJXtcP-QXSGSpt2DOdDmygZK1GJheN4H4nDtoOiMHJ-k20vKg5MSTToj9C6x95CI0O224kg0T02xgd3glPb7UBlf23wqSWls8rOuB8uRoAsI0HiJDnrlUPOsuCCsubEHoJEH-ejDW0ipwbLOriHBrk9d9Blj8-grF8uTpuVzau11i7y9JSFipw_1hX18-yx0H3zrKuHgc6EXq8-749zdq-c6Vez0s69981YrUZJzAI5Nl4ntLGrP2OXlYLZFgD4MqD83RoSFT7CCSfjJVAIO2thNEH7CedcMT_jO08FJP6_56OURsCUWsW1tA0RKuxxc2aAsnnhXivQKvb4yBk-UD6Cgme-UW8RVl2USUKJLSlbZnaFwrU-DZrgMiyo4AOVeHjPFoHhgTPC9NDvPjEYuxwVR8nYPLilCUxWV31MOlvulhCgG-kL2WPq5RnxngvUQ0JR666TCOFqEHNNMHHu2JD5sUdyhlpiCb7akgzkynQUZvZvtSiiZhxy3q5gO3IBX6u4r2VKYjmhxsn2F9YLgv9EYhhOADCmzP1pP3AAdXT50596OTgA5svIa4RJWtsx_xpVsqq7ToNd6TuKqy8kAR5pX5gPzhptC5DBKaMNNCC7kUlgbxRdFB_5TKOCCJInxhMUx7tDutRwIESB5SRqymcZMF1cH549fwjfgfSZ3w5z2nAXfkqB-lynl9ASrFOGpgpKHXABLJt1ftjpB47MtqiE_D_y-P4sr8FdPsm0Enf8JuJ-qbVzRlK6EkN8fLOrPc2W9mQ7mDKxv69Mp6X_8kA7G_mR01p_IuI8954R7-jItGne8sKaOE6wYY0fa9v1qmvCScLoRSqtvy2W75YmbwksdtnxaQglWDZoNkdQWLCCtk93pe2pvobMrj94B9G1TiEYTJ1Kb_y9owmP5jXQuzuckMAWYzY2buOyqHrzX7J6Dc03SUZQ2cVqSV9wjMF-LeCoK9XYLM6nN9-hx-tB3uYuyz8HvuXlcEVW7vZgPzI8bX6bBZfo7uFxHpiKxIMRjttYopbmbHKGnXk4_AI8ly06JnidAzsum4gQWqAG66FzqvpuooXNS23c4lV_d1N-jMu-cHUXg6NENeYq4L1ZJlGOrFPWJfWaZELdb6TeKby50AS8PaOQl2fHxBtHRA&sai=AMfl-YSmrM1P2mRIRo1iIQ2_0AXLGRYgXJWA-3IZE8-UOxVmYM_BYNccozvYd0pWlrgUr2YveJQxZpuKw7RGpG4Y7YzQYf8HCfTSjEPkm6MRkjn9lK3nd4TgEGjiUOJ8b_pCQxZGTPfhEbTgHEqL9d7eLv2591muwc8h0k1fPvt86EM71CXERpuj84M1n5pSVw8xsolsVRMjzC5pEgXLgouTF0OlZKhowDlsSNrICb0kXeOAswNYAIviP7iqrWWNqBv6zbCLn23ajpc&sig=Cg0ArKJSzG3SZoCCdFYuEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=598&vt=11&dtpt=456&dett=3&cstd=139&cisv=r20230117.99573&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 18 Jan 2023 22:25:39 GMT

GET
H3 200 OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js Show response
pagead2.googlesyndication.com/bg/ Frame 2798 36 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 06:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16095
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 06:49:35 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C558 0
0 59ms
59ms Fetch
image/gif 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvL7-F-83gvdTofwZFqnElhTcv8xNkQOypnFhL580izJBd_wFKcIhLryESb-4ctDv20-pv_CCSWdo3UlC5GaEvgkMOVR0-rOcK2TF1Ss-Zhy-5wEgfYFE0x9wtAakTX9fF3RgZS938MURxd7UyntPuX0tvpibh7aF_GZ900X_8YrW-EaBUrKDIjWc1dXGmD-mmQ6RBq61OAAlfIvQtYDgNKRPCJWWWFB7z_MDgY4Q81h32gykL-9AHwt8SexvJ-yCfKysuBOsHrRfAfPx5apZ3Xp340WxOm3Ku0R5J4d6g4h_SRFd8Vb9m7ios-EiCdAeBLctdhO_xoBUfgtm2k81pLbnZQ3QkjiDrlePTgQaXcNNHBGlWdleg4P7V0FMinNkQVQCzF5oJOwZy0oBWCRVsw4H4oEg12nlW-blgt3qVf0Kp5SnRwOabd6Jjv5ro-ljGFZeepjxxIARsZoNNGsOOsGwnnyV8JHApox23bqDUTSZANgx5UXr8k68fCvmyL7hbvw-47DeiCdBgrxiAXMGTUJ1LHTA-wjWnlJo98YHnt8a--A9hspse0tiMZqhxXONbENS5z8pB72DTAMT0JayhaqjokwvmF_J3GMQB6wsiekn_Rfowd1p5tPXyK7aDDbvrZmycZJ_Eg3lu1MR91Orl3iubjq5k6R2TWtv4mjuOlbjRApVpRZpbMQLsBVmnwmZVjGMukXyWRTQGXfrPCmS9oVCjV9rWfBWaHky38qxmf1povFWEQk7t9_KK9yBGNy3FuOkcT7MperC9KEm9eOO0VP9bZeYCuRDIWBJUL7SHZmXJP22JZZlg8yAssw2JZYQxjEgLtU32oh1asFbVEHMmtR4WAMNO3bazDbU9a07YxS7C9hQ_gcqebKM4IxKRwkFzV4sdlPQFCNx27-RsDnlDer7yt6D2oM96tmSTtsPNjjzLNS3rV4XFDlWGCDzP6ctgnMFI1R2n20UkV9h-haHcZcg8jR8PXQ3lDKiEVTLyNs_m6BQ2IbHyUgPm_5kprPFte-56hE-P276vLwsDd8A3uwDsHzkC8RtyWtTI5WZ421UeX0pSET-cZ_6CGC8XYTvrenu--D54UjduCQHa-eLWF193wkOs-FL2IDrSsi4htS5lA8JT3-ykBXmBiz9XQ_HZ_zaw06UPxSlVPsMfL0cpgkUedDXd1tumoDx25apI_9gKS2xThSX1YvtI2nOIPKeEvGp93iEBNCEQbYVMMcIPR4UPcQsjSguddhB1BUHc&sai=AMfl-YQK6LjLC88H1dtxqq6q5sTgqGCrbISgpc9CYk3gtaSMfqffrE2ki7XrDG2M-aIZ5qBTNf_TAXswLpqD7JX2Efmh5D5bALoKyIpmh1EKuDfhqcBs7wSnE5MKxrRHNKBKjb5S2G_i53r4SW_7GXz_7YQKvCvTpqzdgy3uQigco4w9DoQxT5Cah47LXaiZ4NoplEMdbuemviNVtGtM9vaKkfaHyYoFWLNeRU3soteKj6XfkiQ82rMj--VxH-cNjo3bFI8ZT3xxVSY&sig=Cg0ArKJSzLFnz0CeAsXKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=508&vt=11&dtpt=362&dett=3&cstd=144&cisv=r20230117.69858&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 18 Jan 2023 22:25:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
45ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023011001&jk=4198559088215165&bg=!cnGlcTXNAAYDMoyoIzI7ACkAdvg8WgnRyE3e7agFHB56Qscs4y6Ff9jrauo7GishxH-zJbTtgLTgpwIAAACJUgAAAAJoAQcKAOw5jdWiU1ZbsGZebElDdTMMOLVuMhhOA_y9zZi2-0ijWDDV0K5APfOaEpMql_tZ6SCJEPvTkBCdtssZ_q9ZcE-A7VjmMlBe8255NX95LBsl6bl-bihlVyILDb5cRtFLq6wiLcFp1vuNhX3rrG85OR14okclT9fI7JBfRzaIbej0ymdfF3Ajx6yxDzyC3u0Ey4cD2vEacY2o5OLtAzsCrOsDjeIjabJ1ZMLKmZTZBpkOcL8gBtPV6T2yhzrcQe6UHDx_KsSjLRbayRMJvphL7CRsjkvYjfl40l3EEFB1TFbPTbA5OpUOERMPAeM-nZkCqsVaGjIrMzmPbNbYhX2kAMo1wJi-0Ylg0jfvyedzZszo2P7OoHRD-H5dg4PGUezzX7tQVw-4nYubf3DIQyr5J5OXRmxB_a4iO7t6vzaBu__imNs5ii9B1Er-zJRLYqm7YwFxYFyC-Ms0CrhNRwC8zl0_s3xcNctvcuZ9KG-SQu_HmOmhH1rhAQIUPcvYNl9YWcS-_rzX-AvckKXt4AUIMGQKpWAdmp3p1AKsol1_ZnyPje5ZdZ8KKP7WWINmE7E4LIYjXkJCyrgTG1dk4pP84MR6brDUN2D58xc0iQ1X3_Eh-O7_9EumaRJx_AKfgwicN3G89OrgteA-4klOLLkI_vXvMa07sjaoALqA9TLk7pL89ijQFDrQ66QRNikSpAdSQfdwsCLoLsyiQ0fLeYHOwkzZf8SthiRG7_wJnO-bAVB0r6vKEK-vMuKuo-uNPodP1kOSa4KVfnlIA80_BRDSw5s6mO_bNW2wVivfnlV_e1vOgprS40z_9kxCKTzsnNt00-6Hsu8gJuxEP1MAKcTrGyEfIyqLWhDSOiCmM3QuGNlepf9DyVr1CKaPUZq9YJbqvwEwG_Hrlf-ExUC5IRbBi6V9WTeFDwx8Bizr27oCghc7xnDOGB-AnjaYzWmeGJSRgLs4Do7KP-izcl2K6zG1DPZb5XoP7bK78Ud8rC2gDs6tn38Eepc8HHL2iE-AP2eHlGLRBGzAObok9UJJAuH6vzxIjd50QK2S6Maw6_1_MJFeLc-NF-OCantrsRDqL5ifJKwWm9jgcrqNVwLyWwTuXMn-iLIEJnEzfG-L4NQV_GfyalCIfVCSQiflQTHul16mTBZi6dNkoLIGJAkZysyTWf0vk0O5WAduaVGs8cftOr-l75FDOw_3fZjfb_0zjNdhs4UaDYTxr3Ynrhg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1EE2 0
0 59ms
58ms Fetch
image/gif 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvcmTmsgQ0z3II6KyxjW2OgOgvSqXNKiOeOApRkge8e4cp9lEkTTHvy_0HdUL8vSnmFta6K6jgajHs1HHyUssgsS4FXtzZPDtrFgJzwJUn1uHLiD4z5XKA1LjAbBrEy2LecOWm8suC4Z6CxBpsPojnX3-UY-_L196bpVv8_zJjFjdaSPMNKb6j8l5QoB7mZLN463iLceEnFxWtyiq1E0lQ3HKzmgxjovsMW3NYXdu3mC8Efr0wGfbY0AsPKymcn__dZo_rlfk1GzDblTSJP-u9ejazPCyL7mj6IWVYfvmyK2qyXmtDWR17-ucWwxvvMxHDaYYJ7XcxiRhr1H2QVEDLWICGEN08xjtZkq6Bpw2k5WLzU5d0ZVg61jL9YonAA9M2O6Q3lDPePWb91HCsmZmzjsTVd_3WZwv1NUMUG7T42E40PkbkIjgHExBeWSKFSCAviELyl6V__pht2JfFNgM7QGJQaHyEW8nujS3-A6Y2dk2h8JY7S21JA6V4ygPY3RbWSND_Go4EKGYQQ0V4nLZabCc58Qu1HyLYkoh4IHqvVkjFYzxA-USgmHWpOlA3jwMw12VGdOAzeLbB2k5-jGapQxNXnWjouk78oVhD5ej1pCWAcG1ZBothEgfKobqJP1RT8CI3djvmsY9xlJNkGUSXJ-3VW5sal1sfuoQzxzcOYvsv6N77zNl4kYoetfabyJ0oqVQp20zxNz27wuf7E8IUOAzSU3aqZ-_sl8QZZM_GoO-fXxboQpR20Y_7JjbRGKCxpnExdwtA0XeMDxLle0AFDx9_AP0v68vsBDCQOLDeP7rvteusNaYiH1u7Apl0HvPeGypePip14QX2j-AB1zdyL3G4zpWnbjUpxtJotlc01nc2t3YrYWuA0hvf82bnqKXltXqfAJ_0qqX80cGdGugrxPglmgV6m0wSvinhFXT3XvL937S1JwgQz0ROpSlVWXRwkchNvornHdcd5KOElTKFep7igdJviyuvTGCM9GWTWhHMRRJnYHNNSuCrwoE6E7A8o2x1oLnvMg7kRT1CMZCtdVyI4iS0DoU5UEz0dGkLx1_zAI9508vTx9aV97oE5a_yhK3jS2fDtqvtmHU83AUEHGj6WHu8gO54tR0gmOYX2-k30BNxlogI_yH_gh0Oz5Rzr00eMpZn4jfpMouirHqX5TFVE8OkHPpTlSekwwNQansyZa6nsB-VauDahbYqigvbVWub4Kt3MsC5L3o_5X_n43JVW4IzwssXahCtvlw8&sai=AMfl-YT_Quo9QGESIINszOPOiEc3vK0MbR46LvTr4-t-3LjpQNPzxxNNSb3i7uVCF9CQ6VISgoBRxAYI2TCRp0KFzSlA4kc_sBlFXSkJGMmmDPHioh7FVvToMEhibwhF4_iy4be4QtUMmj_53y0zSLbid7mwCvdv_wVYFBU3_UjtVjbvaI_zVQW6Swf_tDi2E4xjKm9ZtE4ppD7o45FV8IVxbuLkJAvUKGvzGIk6cKeZd4AAlSpRHxitgs-597uV3zeiVvMDiJrZf4E&sig=Cg0ArKJSzGRIKpC1Y7Q4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=515&vt=11&dtpt=370&dett=3&cstd=143&cisv=r20230117.18424&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 18 Jan 2023 22:25:39 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1EE2 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=pvtw&eid=43HIY9TsENXL7_UPu4WDMA&p=ias&bl=0&twt=521&st=329

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 588 B
778 B 169ms
137ms XHR
application/json 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=8Gu2Z8RCvZ

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

908e7761e5bebcb46a9aeb4d8955c2d61cdb01a69e7af7b44025c0385f9b4981

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 18 Jan 2023 22:25:40 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: MsycporUWBA
pragma: no-cache
wn: prod-dash-10-0-138-26
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
server-time: 0.004
cache-control: no-cache, no-store, must-revalidate
cf-ray: 78babf70ce849bb0-FRA
expires: 0

GET
H2 200 cacheableShow Show response
buy.tinypass.com/checkout/template/ Frame 308A 16 KB
4 KB 137ms
127ms Document
text/html 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b85cb91be6ce9cc33c9c80f1c5f145e48d19cde6323a7507a8e1d7699112f9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=900
cf-cache-status: MISS
cf-ray: 78babf70a8672bc6-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Wed, 18 Jan 2023 22:25:40 GMT
expires: Wed, 18 Jan 2023 22:40:40 GMT
last-modified: Wed, 18 Jan 2023 22:25:40 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
server: cloudflare
server-time: 0.001
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-116-62
x-forwarded-https: on
x-request-id: MsycporO1kc
x-xss-protection: 0

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 101ms
100ms Image
image/gif 3.217.241.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&metered=1%7C7&metername=Support%20Meter&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=f58c349f-77b4-4cf2-b9f7-00049f5ceec7&pid=4b7bbd1a-87c5-40c3-98c0-069ec739c130&dtm=1674080739936&qnm=_matherq&visible=1&tabid=352e4151-74be-4fc7-9be3-5204e7e4b557&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x11766&tofa=1674080737&vid=1&lvidt=1674080737&duid=7a9e080fcbe1b501&fp=1279215348&cid=ma63527&mrk=484602605&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJkaXNwbGF5IiwiYWN0aW9uIjoidGVtcGxhdGUiLCJkYXRhIjp7IjAiOnsidGVtcGxhdGVJZCI6Ik9UQzE3WDMyQkpDSSIsImRpc3BsYXlNb2RlIjoiaW5saW5lIiwiZXhwZXJpZW5jZUFjdGlvbklkIjoic2hvd1RlbXBsYXRlMU9EU0xBR1pYN1dYNzEiLCJleHBlcmllbmNlSWQiOiJFWEtFVTdZWDNaQUwiLCJvZmZlcklkIjoiZmFrZU9mZmVySWQiLCJzaG93Q2xvc2VCdXR0b24iOiIwIn19LCJ2ZW5kb3IiOiJwaWFubyIsInR5cGUiOiJ1bmtub3duIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMjEwNzgzOTI5OSIsInJlZlRpbWUiOiIxNjc0MDgwNzM5OTM2In1dfQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.241.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-241-65.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Wed, 18 Jan 2023 22:25:39 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 cta_deals.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 9797 5 KB
2 KB 26ms
26ms Image
image/svg+xml 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4722971/cta_deals.svg

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da933ef53458927e254187e40711b33abc36dafd95218f913db426cf3e676e20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:18:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 409
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1864
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 07:45:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Jan 2023 22:33:50 GMT

GET
H3 200 flextarif.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 9797 4 KB
1 KB 28ms
27ms Image
image/svg+xml 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4722971/flextarif.svg

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc694511bff51871e9dc5ece4e9504015ad4810b9c78ab8b686a0f774d00eb7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1328
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 07:45:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Jan 2023 22:40:38 GMT

GET
H3 200 300x250_40_prozent.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 9797 10 KB
3 KB 29ms
28ms Image
image/svg+xml 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4722971/300x250_40_prozent.svg

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

598a26c3e45c18d7c30ed10d4dcec143cc96f3b86873dd7956f3b928addb4808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 736
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2911
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 09:31:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Jan 2023 22:28:23 GMT

GET
H3 200 300x250_head_2.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 9797 3 KB
1 KB 29ms
28ms Image
image/svg+xml 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4722971/300x250_head_2.svg

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ffd0d7eda36b8e9cca9c1a9e78d196dde0c1e1804e1bd58072f7449d521c3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 736
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1326
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 09:31:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Jan 2023 22:28:23 GMT

GET
H3 200 300x250_head_1.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 9797 5 KB
2 KB 30ms
29ms Image
image/svg+xml 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4722971/300x250_head_1.svg

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

505f3bfd3582a6fd8bf79ffc45ca2fbcd03ea35c54d42c7405fe757cb85e9549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 736
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2030
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 09:31:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Jan 2023 22:28:23 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 9797 6 KB
2 KB 29ms
29ms Image
image/svg+xml 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Jan 2023 22:32:02 GMT

GET
H3 200 300x250_kv_fb.jpg
s0.2mdn.net/creatives/assets/4691997/ Frame 9797 39 KB
39 KB 62ms
61ms Image
image/jpeg 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4691997/300x250_kv_fb.jpg

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfcfb8f7e492ecfc971cf8c903349eb9f5deaf66fe3ad2fabcb3fc95d38d32f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39677
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 07:04:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Jan 2023 22:40:39 GMT

GET
H3 200 cta_deals.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 1122 5 KB
2 KB 27ms
26ms Image
image/svg+xml 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4722971/cta_deals.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da933ef53458927e254187e40711b33abc36dafd95218f913db426cf3e676e20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:18:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 409
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1864
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 07:45:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Jan 2023 22:33:50 GMT

GET
H3 200 flextarif.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 1122 4 KB
1 KB 28ms
26ms Image
image/svg+xml 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4722971/flextarif.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc694511bff51871e9dc5ece4e9504015ad4810b9c78ab8b686a0f774d00eb7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1328
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 07:45:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Jan 2023 22:40:38 GMT

GET
H3 200 300x250_40_prozent.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 1122 10 KB
3 KB 30ms
29ms Image
image/svg+xml 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4722971/300x250_40_prozent.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

598a26c3e45c18d7c30ed10d4dcec143cc96f3b86873dd7956f3b928addb4808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 736
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2911
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 09:31:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Jan 2023 22:28:23 GMT

GET
H3 200 300x250_head_2.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 1122 3 KB
1 KB 36ms
34ms Image
image/svg+xml 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4722971/300x250_head_2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ffd0d7eda36b8e9cca9c1a9e78d196dde0c1e1804e1bd58072f7449d521c3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 736
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1326
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 09:31:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Jan 2023 22:28:23 GMT

GET
H3 200 300x250_head_1.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 1122 5 KB
2 KB 37ms
36ms Image
image/svg+xml 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4722971/300x250_head_1.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

505f3bfd3582a6fd8bf79ffc45ca2fbcd03ea35c54d42c7405fe757cb85e9549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 736
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2030
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 09:31:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Jan 2023 22:28:23 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 1122 6 KB
2 KB 38ms
37ms Image
image/svg+xml 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Jan 2023 22:32:02 GMT

GET
H3 200 300x250_kv_fb.jpg
s0.2mdn.net/creatives/assets/4691997/ Frame 1122 39 KB
39 KB 43ms
42ms Image
image/jpeg 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4691997/300x250_kv_fb.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfcfb8f7e492ecfc971cf8c903349eb9f5deaf66fe3ad2fabcb3fc95d38d32f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39677
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 07:04:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Jan 2023 22:40:39 GMT

GET
H3 200 cta_deals.svg
s0.2mdn.net/creatives/assets/4722971/ Frame AA3A 5 KB
2 KB 50ms
49ms Image
image/svg+xml 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4722971/cta_deals.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da933ef53458927e254187e40711b33abc36dafd95218f913db426cf3e676e20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:18:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 410
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1864
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 07:45:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Jan 2023 22:33:50 GMT

GET
H3 200 flextarif.svg
s0.2mdn.net/creatives/assets/4722971/ Frame AA3A 4 KB
1 KB 29ms
27ms Image
image/svg+xml 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4722971/flextarif.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc694511bff51871e9dc5ece4e9504015ad4810b9c78ab8b686a0f774d00eb7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1328
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 07:45:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Jan 2023 22:40:38 GMT

GET
H3 200 300x250_40_prozent.svg
s0.2mdn.net/creatives/assets/4722971/ Frame AA3A 10 KB
3 KB 29ms
28ms Image
image/svg+xml 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4722971/300x250_40_prozent.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

598a26c3e45c18d7c30ed10d4dcec143cc96f3b86873dd7956f3b928addb4808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2911
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 09:31:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Jan 2023 22:28:23 GMT

GET
H3 200 300x250_head_2.svg
s0.2mdn.net/creatives/assets/4722971/ Frame AA3A 3 KB
1 KB 30ms
29ms Image
image/svg+xml 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4722971/300x250_head_2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ffd0d7eda36b8e9cca9c1a9e78d196dde0c1e1804e1bd58072f7449d521c3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1326
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 09:31:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Jan 2023 22:28:23 GMT

GET
H3 200 300x250_head_1.svg
s0.2mdn.net/creatives/assets/4722971/ Frame AA3A 5 KB
2 KB 31ms
29ms Image
image/svg+xml 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4722971/300x250_head_1.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

505f3bfd3582a6fd8bf79ffc45ca2fbcd03ea35c54d42c7405fe757cb85e9549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2030
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 09:31:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Jan 2023 22:28:23 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame AA3A 6 KB
2 KB 50ms
49ms Image
image/svg+xml 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Jan 2023 22:32:02 GMT

GET
H3 200 300x250_kv_fb.jpg
s0.2mdn.net/creatives/assets/4691997/ Frame AA3A 39 KB
39 KB 32ms
31ms Image
image/jpeg 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4691997/300x250_kv_fb.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfcfb8f7e492ecfc971cf8c903349eb9f5deaf66fe3ad2fabcb3fc95d38d32f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:39 GMT
x-content-type-options: nosniff
age: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39677
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 07:04:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Jan 2023 22:40:39 GMT

GET
H2 200 template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 308A 27 KB
5 KB 25ms
22ms Stylesheet
text/css 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d82b3b69ed27853344397a159429cced7fa5019fa56412c0a3d627471ef709ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:40 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 5525
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 Jan 2023 02:55:44 GMT
wn: prod-dash-10-0-112-134
server: cloudflare
etag: W/"27358-1673837744000"
vary: accept-encoding
content-type: text/css
server-time: 0.001
cache-control: public, max-age=7200
cf-ray: 78babf71b9bc2bc6-FRA
expires: Thu, 19 Jan 2023 00:25:40 GMT

GET
H2 200 piano-frame.css
static.advance.net/static/common/css/ Frame 308A 126 KB
20 KB 69ms
8ms Stylesheet
text/css 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.advance.net/static/common/css/piano-frame.css
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 500b543a7d8fbc7c282c427675f740aa7ec827cf69575c0f2ad4a37b64504e1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Wed, 18 Jan 2023 22:25:40 GMT
x-shield-cache-expires: 10
x-amz-request-id: G1WX32EX1EZG8FEM
age: 376
x-cache: HIT, HIT
content-length: 20439
x-served-by: cache-iad-kiad7000169-IAD, cache-hhn-etou8220061-HHN
last-modified: Wed, 18 Jan 2023 18:39:25 GMT
x-timer: S1674080740.171715,VS0,VE1
etag: "385953d0b0c9b76a67a5dcd23fcd29f3"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=600
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 308A 95 KB
30 KB 34ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5980274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30360
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-17b8b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFqebORU4OeXRA16s80iagu7KuyoNlOAzMnMqc173CkrVTeYlCX0PQTDMM4pKl%2Fr05CZx6ofJ7VeTJy4kExFSyC46bbYNPs12LyjwLr%2BcjNfLxEW%2BG0bGbYytnlyvO%2BbJH9QqajnwXqKyYnWOC2uty07"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 78babf71c8529219-FRA
expires: Mon, 08 Jan 2024 22:25:40 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 308A 10 KB
4 KB 41ms
22ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 237270
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3550
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-2748"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CtkjEWqV%2F7jiMhJZi29zez4uLfVpgofce2j%2Ff2p0ycrwHHAX9HsXAbpxOVvF9xdkwLK3Y92Ct8QIHpIe8fbThLofVYiooY%2F1CsgvfsjOqDoe2%2FRshN0dW2lWyL7UWV%2FQ4RQCVQ0bzCiGaFunwxB3D7VP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 78babf71c8539219-FRA
expires: Mon, 08 Jan 2024 22:25:40 GMT

GET
H2 200 angular.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 308A 104 KB
35 KB 43ms
23ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 237270
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35086
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-1a191"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7UaVmJ71fbUyGVOkDIOmSSb2KNBWPd5NeSyJRP8LhK1rtikeXtj%2BwVI5iRybdn6Q9gO1xrFqc7NPGxmtkeHUTCIM6MIyXUd%2FcW8sjV5GNpLd8Y6NnLvIepdyafULGWQI9PtkUvxGH6IgX5ZmDUH1R2O"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 78babf71c8549219-FRA
expires: Mon, 08 Jan 2024 22:25:40 GMT

GET
H2 200 angular-animate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 308A 11 KB
4 KB 39ms
19ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5672878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3978
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-2bd5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cnyNYxo%2Fu2LgigZ7qMjjIJ97bfZ2lGrU39wwy44d5OZ2o47HMvXi3NDcNOJNrv1a4RpGZ1PgMFbQ9PaxNdwXt%2FK0x0GfnDZLrowYDjEogW33dhWX5eul9PgRWXOgxUGuqI1%2BuWBIukokBBbKJL6uixns"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 78babf71c8559219-FRA
expires: Mon, 08 Jan 2024 22:25:40 GMT

GET
H2 200 angular-cookies.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 308A 825 B
754 B 41ms
21ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 237270
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 434
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-339"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKkyUkW8jS%2FvmKmZt%2B%2FsCwrtlJpcodLzIvS93H8dqwFhT9dUIDQcft%2FPAAvhXje4HBG1GFuEoqNJa8m2JPiDtdtQMGmcLuOqjIAXJYybmsprHsH5LEgvcLvn2rkWkD9IBUARSvjuSkDNYX%2BantGVGaqe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 78babf71c8569219-FRA
expires: Mon, 08 Jan 2024 22:25:40 GMT

GET
H2 200 angular-sanitize.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 308A 4 KB
3 KB 32ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4390962
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2171
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-11cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJZ51YorOL%2FA6%2BpExzq7mQmkq7r4%2F1R5yLcWMTxx7tP9U8O7EOoyNuxlmhwCtw4OdfUwCAae3xavqvFKPBbkh7CmjaViW2nsHOWGQthpOP0yA%2BPduElAP4unSOM9ggtPdRzyfaFC7s7Rr0j3bv5Pz5a6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 78babf71c8579219-FRA
expires: Mon, 08 Jan 2024 22:25:40 GMT

GET
H2 200 tmhDynamicLocale.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 308A 3 KB
1 KB 40ms
20ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2424355
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 953
last-modified: Mon, 04 May 2020 16:04:43 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d1b-ad6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqbsLDvikPGtoT2S9%2BOjHwXno%2BZ67Ea%2BVWRqhpNCL9PVQZdVmibywtqcWRcdCdKGMGeJzsjvJ1xX%2B%2Fd6CIm0NpN1JJjj4BhFI3zf8PMgL5nDthfOZ5DYL7Bp%2BYGp3SQCQronsHmAVqzi9bIl2Yh8Mrxk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 78babf71c8589219-FRA
expires: Mon, 08 Jan 2024 22:25:40 GMT

GET
H2 200 angular-ui-utils.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 308A 23 KB
8 KB 43ms
24ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 192116
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7490
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-5b33"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLtolGJzrMQbjRHxHJBhyDQRd9s%2F%2B0FRHoz6zNT5dqbir%2FGr90Q1%2B6CmL%2BTgcaEEQUDIyh%2B0ZQT2Jpq1OE%2FBsDUIDnOQjr1B2T5LPFupWcaUrtiMEghPxTVZAgUmh6RrEkrh9%2FMudTRJ%2BTAmmlY%2Bo6ub"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 78babf71c85a9219-FRA
expires: Mon, 08 Jan 2024 22:25:40 GMT

GET
H2 200 angular-ui-ieshiv.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 308A 2 KB
2 KB 41ms
22ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4157976
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 910
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-93c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csKqPxWNVGTa6u3JG91QkA0DOA8LcUtt8z9k8UUHrPR4NyyUP0mJdm5pNhCx%2FWe0Eb6oF2E7PVc6DL1YYnBouAajkGxbfcbhPjRiRvoYpSF8Aj%2BzR%2BsEZRebEmpiwPYaYW%2FA9t02%2BpXU%2FqVTTZMlJu0U"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 78babf71d85f9219-FRA
expires: Mon, 08 Jan 2024 22:25:40 GMT

GET
H2 200 angular-ui-router.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 308A 20 KB
7 KB 42ms
23ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3642378
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6934
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-4f8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIluWj0RRMeqQEKSdRukwLIG7RJtMqDa633vsahD3AhUrfUluDpC12KJYy5BKVWphh37H5SE5tD3Gu8XwxO1t00yztBQ2th4SlFofmoS6dq8lMAMPQ1Wv8aVNZbSMC2WUxQpcrkiwkCZOHa4aIR57EnR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 78babf71d8639219-FRA
expires: Mon, 08 Jan 2024 22:25:40 GMT

GET
H2 200 H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA Show response
buy.tinypass.com/_sam/ Frame 308A 115 KB
36 KB 30ms
28ms Script
text/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=15.92.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8a6de8cacbe0dc41611e088f54c1a0094c5e53d95f5f5a97ebc144a68d5cb2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:40 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1904
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 Jan 2023 19:36:30 GMT
wn: prod-dash-10-0-89-120
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
server-time: 0.001
cache-control: public, max-age=602896
x-optimized-by: _sam
cf-ray: 78babf71b9bd2bc6-FRA
expires: Wed, 25 Jan 2023 21:53:56 GMT

GET
H2 200 logo-mlive-inverse.svg
static.advance.net/static/common/img/paywall/lmg/ Frame 308A 2 KB
1002 B 13ms
12ms Image
image/svg+xml 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.advance.net/static/common/img/paywall/lmg/logo-mlive-inverse.svg
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0b034efa03c6fb4de3e3952eaf0958b18847e6c1e2e8fd647759c97105004f19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Wed, 18 Jan 2023 22:25:40 GMT
x-shield-cache-expires: 10
x-amz-request-id: 6SMQKXHGRF73FS45
age: 6295
x-cache: HIT, HIT
content-length: 879
x-served-by: cache-iad-kcgs7200032-IAD, cache-hhn-etou8220061-HHN
last-modified: Mon, 27 Jan 2020 14:39:52 GMT
x-timer: S1674080740.213839,VS0,VE6
etag: "eddae84ef46240dace31d24e6e3f4dae"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding

GET
H2 200 logo-mlive.svg
static.advance.net/static/common/img/paywall/lmg/ Frame 308A 2 KB
1 KB 11ms
10ms Image
image/svg+xml 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.advance.net/static/common/img/paywall/lmg/logo-mlive.svg
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0b034efa03c6fb4de3e3952eaf0958b18847e6c1e2e8fd647759c97105004f19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Wed, 18 Jan 2023 22:25:40 GMT
x-shield-cache-expires: 10
x-amz-request-id: RFF2689233EN06N4
age: 4754
x-cache: HIT, HIT
content-length: 879
x-served-by: cache-iad-kcgs7200092-IAD, cache-hhn-etou8220061-HHN
last-modified: Mon, 27 Jan 2020 14:39:52 GMT
x-timer: S1674080740.214013,VS0,VE4
etag: "eddae84ef46240dace31d24e6e3f4dae"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding

GET
H2 200 cannabisinsider-nj.svg
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 308A 19 KB
14 KB 12ms
9ms Image
image/svg+xml 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.advance.net/static/common/img/piano/dynamic-offer/logos/cannabisinsider-nj.svg
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6066054d8669e8ca3c9a1ca53af6b3e80dba9361b59f023c82d7b55542b36fb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Wed, 18 Jan 2023 22:25:40 GMT
x-shield-cache-expires: 10
x-amz-request-id: C4C7KQGBT53DCRHT
age: 17858
x-cache: HIT, HIT
content-length: 14248
x-served-by: cache-iad-kiad7000030-IAD, cache-hhn-etou8220061-HHN
last-modified: Thu, 03 Mar 2022 17:31:43 GMT
x-timer: S1674080740.241453,VS0,VE1
etag: "aefa848511ed2323f5f7292cad413d91"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=36000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding

GET
H2 200 cannabisinsider-newyorkupstate.svg
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 308A 16 KB
4 KB 13ms
11ms Image
image/svg+xml 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.advance.net/static/common/img/piano/dynamic-offer/logos/cannabisinsider-newyorkupstate.svg
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3b2ce9e63a7f14001e6af32ad0d3b19b045b916cf8073180d25688e4b3f49e40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Wed, 18 Jan 2023 22:25:40 GMT
x-shield-cache-expires: 10
x-amz-request-id: HVVZ3YTN1X3VZX4Q
age: 2787
x-cache: HIT, HIT
content-length: 3492
x-served-by: cache-iad-kcgs7200121-IAD, cache-hhn-etou8220061-HHN
last-modified: Mon, 07 Mar 2022 18:18:54 GMT
x-timer: S1674080740.242064,VS0,VE1
etag: "67c5456929bc3d85c2333fc91a450c71"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=36000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding

GET
H2 200 syracuse-cny.svg
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 308A 64 KB
48 KB 13ms
11ms Image
image/svg+xml 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.advance.net/static/common/img/piano/dynamic-offer/logos/syracuse-cny.svg
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 924e4b297681729162fa238a756db89acf5a1dc0cd23c1204c9a4e4407493822

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Wed, 18 Jan 2023 22:25:40 GMT
x-shield-cache-expires: 10
x-amz-request-id: PJF3HH7RRFT978DJ
age: 26968
x-cache: HIT, HIT
content-length: 48413
x-served-by: cache-iad-kiad7000094-IAD, cache-hhn-etou8220061-HHN
last-modified: Tue, 04 Jan 2022 20:10:53 GMT
x-timer: S1674080740.242037,VS0,VE2
etag: "30947d9aefcf59c3095181bf0123a29f"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=36000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding

GET
H2 200 al-thelede.svg
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 308A 6 KB
2 KB 18ms
15ms Image
image/svg+xml 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.advance.net/static/common/img/piano/dynamic-offer/logos/al-thelede.svg
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 30e382a9546c4b436b0568f463e7c3274696c3c59f7aa871af91a33a967f05c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Wed, 18 Jan 2023 22:25:40 GMT
x-shield-cache-expires: 10
x-amz-request-id: E2WYWTP7RASCSZQQ
age: 33072
x-cache: HIT, HIT
content-length: 2079
x-served-by: cache-iad-kjyo7100029-IAD, cache-hhn-etou8220061-HHN
last-modified: Tue, 24 May 2022 18:14:31 GMT
x-timer: S1674080740.243376,VS0,VE1
etag: "1527b5427a70175541ef142224302fa8"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=36000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding

GET
H2 200 logo-lede_bhm-al.png
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 308A 44 KB
44 KB 24ms
22ms Image
image/png 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.advance.net/static/common/img/piano/dynamic-offer/logos/logo-lede_bhm-al.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 70c0b487552a9a2ea102ed22ae505177c567320390f5136bcef5dd56d48d4f02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 18 Jan 2023 22:25:40 GMT
x-shield-cache-expires: 10
x-amz-request-id: 98X7GVMEB7JC8KZ1
age: 27413
x-cache: HIT, HIT
content-length: 44631
x-served-by: cache-iad-kiad7000053-IAD, cache-hhn-etou8220061-HHN
last-modified: Fri, 20 May 2022 13:44:08 GMT
x-timer: S1674080740.243806,VS0,VE1
etag: "a683a2407cd20aa2076aed1087f11b61"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=36000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 logo-lede_hsv-al.png
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 308A 42 KB
42 KB 12ms
10ms Image
image/png 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.advance.net/static/common/img/piano/dynamic-offer/logos/logo-lede_hsv-al.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9c1a3cf6c5fae33a0a2b627a9785b585148970346adbbcc204a4519d05f9a089

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 18 Jan 2023 22:25:40 GMT
x-shield-cache-expires: 10
x-amz-request-id: BQ87HVF8QAF2D6GJ
age: 16232
x-cache: HIT, HIT
content-length: 42755
x-served-by: cache-iad-kjyo7100080-IAD, cache-hhn-etou8220061-HHN
last-modified: Fri, 20 May 2022 13:44:08 GMT
x-timer: S1674080740.243708,VS0,VE0
etag: "1dc34579a74c449327a76697d00bb180"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=36000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 logo-lede_mob-al.png
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 308A 42 KB
42 KB 12ms
10ms Image
image/png 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.advance.net/static/common/img/piano/dynamic-offer/logos/logo-lede_mob-al.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d2b28582d25b3aa38daf12c501c7abc9297ae74d035ee343941f0938adec0524

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 18 Jan 2023 22:25:40 GMT
x-shield-cache-expires: 10
x-amz-request-id: 110SKMHS3XHE9WK9
age: 31466
x-cache: HIT, HIT
content-length: 42953
x-served-by: cache-iad-kiad7000082-IAD, cache-hhn-etou8220061-HHN
last-modified: Fri, 20 May 2022 13:44:08 GMT
x-timer: S1674080740.243133,VS0,VE1
etag: "563af4d5a587fe270e3c6e43be6f32ec"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=36000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 penn-truecrime.png
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 308A 7 KB
7 KB 24ms
22ms Image
image/png 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.advance.net/static/common/img/piano/dynamic-offer/logos/penn-truecrime.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d86ce55edee7f570d7fc315f84814e3b1171edef20e3778e10066727092638b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 18 Jan 2023 22:25:40 GMT
x-shield-cache-expires: 10
x-amz-request-id: T2S6DFE6JPGE1A2R
age: 26234
x-cache: HIT, HIT
content-length: 7289
x-served-by: cache-iad-kcgs7200048-IAD, cache-hhn-etou8220061-HHN
last-modified: Tue, 05 Jul 2022 18:14:11 GMT
x-timer: S1674080740.243133,VS0,VE2
etag: "b3623ac64851022e99375a518b7bb87c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=36000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 close-icon-black.svg
static.advance.net/static/common/img/piano/ Frame 308A 1 KB
783 B 17ms
16ms Image
image/svg+xml 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.advance.net/static/common/img/piano/close-icon-black.svg
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: eef57151e6646e4f59ca6a1d749631ee2f89bf4d1b736fb4620b784cedbe0de6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Wed, 18 Jan 2023 22:25:40 GMT
x-shield-cache-expires: 10
x-amz-request-id: T78YRJ1YW3G6MG0F
age: 3926
x-cache: HIT, HIT
content-length: 610
x-served-by: cache-iad-kjyo7100168-IAD, cache-hhn-etou8220061-HHN
last-modified: Mon, 27 Jan 2020 14:39:52 GMT
x-timer: S1674080740.243106,VS0,VE1
etag: "35ec888ec074218ee36fea53d51653a8"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 101ms
100ms Image
image/gif 3.217.241.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&metered=1%7C7&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=061c130c-9527-44d3-bc96-6f52a22a831b&pid=4b7bbd1a-87c5-40c3-98c0-069ec739c130&dtm=1674080739938&qnm=_matherq&visible=1&tabid=352e4151-74be-4fc7-9be3-5204e7e4b557&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x11766&tofa=1674080737&vid=1&lvidt=1674080737&duid=7a9e080fcbe1b501&fp=1279215348&cid=ma63527&mrk=484602605&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJkaXNwbGF5IiwiYWN0aW9uIjoidGVtcGxhdGUiLCJkYXRhIjp7IjAiOnsidGVtcGxhdGVJZCI6Ik9UQzE3WDMyQkpDSSIsImRpc3BsYXlNb2RlIjoiaW5saW5lIiwiZXhwZXJpZW5jZUFjdGlvbklkIjoic2hvd1RlbXBsYXRlMU9EU0xBR1pYN1dYNzEiLCJleHBlcmllbmNlSWQiOiJFWEtFVTdZWDNaQUwiLCJvZmZlcklkIjoiZmFrZU9mZmVySWQiLCJzaG93Q2xvc2VCdXR0b24iOiIwIn19LCJ2ZW5kb3IiOiJwaWFubyIsInR5cGUiOiJ1bmtub3duIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMjEwNzgzOTI5OSIsInJlZlRpbWUiOiIxNjc0MDgwNzM5OTM4In1dfQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.241.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-241-65.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Wed, 18 Jan 2023 22:25:40 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B972 0
20 B 46ms
45ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-swV43HIY-GoDaay-gaUlZNQAAAAADgB4AQC&bg=!lJell9PNAAYDMoyoIzI7ACkAdvg8Wv31MQMxTjFBYmUUYH_02c4L3wXhXNKNplns2Wb1Wb4yHHx8MwIAAAEoUgAAAAJoAQcKADbiovoZkFxJvJRqy07fqLJttMZx6mJhn9O38muTg2esXLkiWAetw2sahUb6AnUQMfchlr9MUduZAvTIzOWK30k8lbN7vfuYC_KFHKcj6Gp34aj70GZv6xDgmgA2BuzIqVSl1AUbAyaplJYhRlhLXUxxCvj8G-JUB89VbmM0lfYcaIIbRfWuMtO0TegsLOPe1jMaVBxr48pmqW_4C6LMBNYRXs6wYGFGs5JS1npa86sW9lx0AjpoWded5k8lPt34D3QSeq8TLCctePTcXfcEePKZCgK-dl1Hpq2ckr2Nqor0SYJ__aCHXKwIN5D25x1cBp1W8L1cMB77L7LMlxnBsDx01iBB1PczBoh_dltDNc90eTMA8BUMZjTEgsedYlN8lYhoNFR6hiHSLYAV1iETrFGPZ1Wp0VnfraD4d_kkbFLLJ5nf9j4GVixEijaJrl70OSkpZk93l0CFzFjyn5PIZK0BePTNETgCx3uDS_RolBWeWKbjic-t0Mq0zpoxIeSH8n8FO4CvSBH0s84SxK9_ONTjQduge_Orvi5OzZICtsslDrZyDpS77OZT_GE511dQx01DBUO-jU0BQFCYfADmRATi4Cf2cBuA-SyuuG_E0dFhmmB66bni0MKF1M6hBcn6WKOlACR8WAbZ-6mB79lusTzKbQ2Rpflme2g1SRtGlH1EvUIZ9olghr_IRPliw-fWJ3RhDuXIaOcP0mTu7zdwJ9ktECPXXwk0TXFMRJvUXvQZyqIXpI9IxueYKH_vLUDjYn3E1l0ZUq85kyak68hS61Nr18oSnHLEGgTuN1W9EyxO0aFl9IuwBmRlas_thTBuuRwpiB6nxfo7uOpqvFWh74-djPyEcXP-jZdpgrD-O0HY3tnvZYU4xrHXzuYdH0tjKuJfM-C704fu4EEtvxzn-ZYMrsoPPTAAITSsL0iUE77aCmXL43pyxOg0FoTaS2NsqaQT9IrkQpeFWjq7lN1FxH0RKmaS6R6MnaLaByl5mtkYIp_lVMDD9EvzlhTjA6eQHBjOPr0Kwx2zKPN0KlLV5Ce9S9iy3jnmt25hO6n4a3j2FJbtoXRXl2qCm-cQAB4

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BADF 43 B
215 B 295ms
295ms Image
image/gif 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3ae26068-e45b-baff-b3d3-74af00ed02e6&tv=%7Bc:1GRIbF,pingTime:-10,time:611,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA5LjAuNTQxNC43NCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1674080740186%7C%7Cfb8a1d51b93d5332cd709108190ff99c%7C%7C8e7a3195fc7d943b14e55b6c8e00d314%7C%7Cb992b9943ad09c21993f3497222095fa%7C%7C75e7c75daa45437ebf8fe88e396d50c2%7C%7Cced25915c4924d8186fbae31d3905bf4%7C%7C0e3de0d5678b3c46ac9800296146810e%7C%7C5a02603dcd001af3bf348f00f1a41263%7C%7C1663701684,im:%7Bpci:%7Btdr:279%7D%7D,env:%7Bccd:%7Bversion:1,uspString:1---%7D%7D%7D
Requested by: Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:40 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C558 43 B
215 B 273ms
273ms Image
image/gif 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1c06a3da-e4e5-86f1-a7e1-608e2ceb09b6&tv=%7Bc:1GRIc3,time:584,type:e,im:%7Bpci:%7Btdr:239%7D%7D,env:%7Bccd:%7Bversion:1,uspString:1---%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:584,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B578~0%5D,as:%5B577~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:ttkIb1e+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18.990511-61634100%7C181%7C182%7C183%7C184%7C185%7C19.990511-61634100%7C191%7C192%7C193%7C194%7C1a*.990511-61634100%7C1a1%7C1a2%7C1a3%7C1a4%7C1b,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:20,sis:263%7D&br=c
Requested by: Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:40 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1EE2 43 B
215 B 273ms
273ms Image
image/gif 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=fa8a1f38-f8cb-8236-5e99-4aa3661324be&tv=%7Bc:1GRIc4,time:543,type:e,env:%7Bccd:%7Bversion:1,uspString:1---%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:543,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B537~0%5D,as:%5B537~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:ttkIb1e+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18.990511-61634100%7C181%7C182%7C183%7C184%7C185%7C19*.990511-61634100%7C191%7C192%7C193%7C194%7C1a.990511-61634100%7C1a1%7C1a2%7C1a3%7C1a4%7C1a5%7C1b,idMap:19*,rmeas:1,rend:0,renddet:DIV,siq:19,sis:230%7D&br=c
Requested by: Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:40 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 101ms
100ms Image
image/gif 3.217.241.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ud&error=uid%2Fmuid%2Fduid%20not%20found&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=c067a586-b974-4d5b-9f88-25dbb9eff26c&pid=4b7bbd1a-87c5-40c3-98c0-069ec739c130&dtm=1674080739995&qnm=_matherq&visible=1&tabid=352e4151-74be-4fc7-9be3-5204e7e4b557&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x11766&tofa=1674080737&vid=1&lvidt=1674080737&duid=7a9e080fcbe1b501&fp=1279215348&cid=ma63527&mrk=484602605&cx=eyJ1c2VyREIiOnsic2VnbWVudHMiOltdLCJtZXRlckRhdGEiOnsibWV0ZXJUaHJlc2hvbGQiOiIwIiwicmVzZXRNZXRlciI6IjAifSwicGFnZVZpZXdzIjoiMiIsInVzZXJEQkZldGNoIjoiMSIsImVyciI6InVpZC9tdWlkL2R1aWQgbm90IGZvdW5kIiwibmV4dFVwZGF0ZSI6IjE4MDAwMDAiLCJuZXh0VXBkYXRlVFMiOiIxNjc0MDgyNTM5NzI3In19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.241.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-241-65.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Wed, 18 Jan 2023 22:25:40 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 piano-frame.js Show response
static.advance.net/static/common/js/ Frame 308A 32 KB
11 KB 10ms
10ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.advance.net/static/common/js/piano-frame.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2b968d910bbef836f267a12299e32649d9f2ed87f59ecefceb3d9a4900ec590f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Wed, 18 Jan 2023 22:25:40 GMT
x-shield-cache-expires: 10
x-amz-request-id: BBF1W2EPZX4EHVQ3
age: 419
x-cache: HIT, HIT
content-length: 10969
x-served-by: cache-iad-kcgs7200148-IAD, cache-hhn-etou8220061-HHN
last-modified: Mon, 11 Jul 2022 14:51:02 GMT
x-timer: S1674080740.294124,VS0,VE1
etag: "6b72a322454afa161f35111151436495"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BADF 42 B
64 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsspJE9l-LZiSaQGzidN_9E0mdg1DTLwOKU1MUcLKovX7zs58lHmgAB4W8S9pDz71QdNr5oEqRwsKMOIF3HiiIS0R1qsmXvoIT_TnsJMPUpDD7-HisZ3fKul2BDbRu_f4XpzPVdnLw&sai=AMfl-YQQU3kO1hL8GQuKBiBN02sd0HYkc8XydanUUcFBG_MYf2PI7ZkV4liXXCD9QY-T_qV9gUz2G5f2dGXlHZJrcxLvx-FhiPt9E7CPciAeHi5fdw0s8dDIDRnQltA5LA&sig=Cg0ArKJSzGjnYLaekO5fEAE&cid=CAQSOwDq26N99bh-r5n4rJhSH_oNei9r7UwVBHCooSBW0KFhI-Be-dxm-2-3JFNZTLhka9UsYhXNBsMR1ykbGAEgEw&id=lidar2&mcvt=1024&p=155,1135,405,1435&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1117919376&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674080739031&rpt=293&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D2BC 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BAMId43HIY5OdEZf03gPxt4_QBgAAAAA4AeAEAg&bg=!iYqlis7NAAYDMoyoIzI7ACkAdvg8Wld-T1CyvOBccVR1Fr5qASnebkbNTTG835D8acAZVCyP29SQnQIAAAFnUgAAAANoAQcKAB1sRsaQ7VsaEOOIoVtDKU63vYkSp6yrEdRP44x5RJkC3lFJlxpHwTl7IxAhNPuBUyb6KoQsXoA-x5rGfkuIjY4DLPnwUZIAe-oMFdoxN4zME2VtV7NhsDmBvr0qdGMcBS_RQfgOpDtZqQYJ9HXP74nMbutxfisnDhadm5ZcWH9WCci2odaKIrC4Dc-eN74oXX42G_HxxtxkLfVPluGsS4UE64QeYSEvpLC8K7vGy9cROzyiM0FOlqbHsyHjUeL-Kzf6T3WkDliEHCze0L0LrLXVLwy0uxh7_Vcg-JtUFtfvQ4IucRjVvm0nIcDJ93L_oX3jowBf5o6xBXcaHh4pJ7Tf4Z04nlUzOM_mTuKJXOIvTCOVI1i_iLDRFiUx_kN_qV2Q93lrIniHiHuqeDpGnFEf1RU-zE1zBo1spwfGdcjeLjC9X1RJoQX6_ocLTFWEWZ4IQlePTMrIg9RY-RSUcpUFA-3wLivAVgRlKBmvCe800XM2ZrlJeM1ypROzuWKNm6vWFuH_XlnE0Z5R8-9XQlSK4MnjTQxqOH_xOHFlr2ITeIs0IwAmGO4WHgPmgKEHqv3OpG8JWE-jjB1i5rJX4XG4SzY7O9_KdjZcCr7UlhCy2fXNiymAygk-TJyM0wlstSIRHfrs5AY5aMORR4k007OhaGrqWfDcrdyDFyIRwbhjbiv80g8NKlZ1ZvzFTSO0wKP_y8jWOK-IG3RvVBoMl_HP0pZGnP452MkI0a1lAQNX1R4MtxDgqFWrhBa414dhd9OTXkYRiHVj8eTj_OdvYpUBPS31Es2fNG-_m1d4LBSak5_Cd7MHBpquwv_9uzIkpqdNKKggF3FC9iNzrm367AIpRMoqmb_RtnIcsgitZSRn5WBkheEsxD9LCWjay1_AMgV7GrJ7tT2eVKuZkkfUojKddHN1Ys-g38jJy-yQndOGImmz3LV0fb9gZKnLbLp6fq9B8-CO18efHFpQtEpQyOhlmtAd_E-21Vsx6QX_pvYMS68J99Bw2iBXe1CIvjed

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2798 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=ByZ_f43HIY9TsENXL7_UPu4WDMAAAAAA4AeAEAg&bg=!5Oel56PNAAYDMoyoIzI7ACkAdvg8WmX83Q3JlvlY2Shhw8F3XnzcV2bSCWH7sAUISioLwtXWXyYw0AIAAAFhUgAAAANoAQeZAvNciDnNsFEMguP6wNh3NnfE2eALZgDGBQpbS3hb-sTYNkDBD-sOzoTXKmrCd7yda0OoH4o6BhhY94dsRvrpH4YBMqncnrPYHnCFJriyElUF566OHf5kdmmbU70YQ6W4AwS-xZUyNRIxaANeYSYmGLobNsep9Gic84hANODqwVCFz4h62mH__4Usz2u-Hzhunq6oBr4x_lEy_SpI1pLtZzR5UbsBy2rPcJbzJHMvnu1TwsYc7ZU0svn2qNd2b2Z3OXP2r_VkrnJEXE-k9CNxtRnM13jF1-1TgDj8ClHc-OEr-ykBfkHoAzxcgQuP5oHR0vjFzieHTB3Q45aLgMdwTqrJ24_-ti7fjtgLO4NoqII35JjEoQ0DppP2yML0aRWzgl7NvzmyWG5Op6Qi876RjK4m2LKXt3MD3nGnNLII5OQX4Fz3_NkTYpA17wni95X0-XixI2O5zWbEjRUa-LQ3crmZE6Od3XEVr67ff6y7eUj6-rPriwY3LvXSEA-JrlLXmeb41OeUhSebM7-YPM94LYqwe82kdNWpy4XIjgiS576GELz6Q2Mdttoen9jE5qRyBEuWZjKQra9rXsB08Wkj8ayHAd_IarUI2BznekpoYsLNmoGLPn-Ac_3iVYXh0rpZUMgHa4Jd3jjEnBg3PCwU2iz0X-Fbwu956CacObvyuu3F5VuoOHd0PYea30bOZ__6sTahnTaWYKW2jFB4WV4tjJ2AVoFCpYtioPv6CujdPgJawY2ZOaT3uegTKWPiVYq_JD8B2lA_YrfVcyv36qO1eH96K3XtuS3qM6F9xIS4gQNpGoIdONPR6D9yw4QeNMMSgwtE7yZRRCVEtr0ADdTUwiVBks2WieA98yVY1dJCmc_DKGCFyC_EJwnfa8fmgpm1K6j8A3b9rZ8dELSNCzi9t6LRNhRyMDEUQ2kt5sHrNnQEyR-8YRP_xgtKNjOcuVqI5rMHVw1AipuFV_IarkdW8efYZVLDTOqs-MqHLx_kYQ4Ce3Kw0w

Requested by

Host: eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
URL: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logAutoMicroConversion Show response
api-v3.tinypass.com/api/v3/conversion/ 49 B
474 B 166ms
151ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-v3.tinypass.com/api/v3/conversion/logAutoMicroConversion?tracking_id=%7Bkpdx%7DAAABEFcMXtfw_wIKCjhHdTJaOFJDdloSEGxkMjhnNDNud3oxbWhpbnAaDEVYS0VVN1lYM1pBTCIlMTgwODZpZzBiby0wMDAwMzFlNnZqaDBiNGlkYnFoaGYwYzBwYyoac2hvd1RlbXBsYXRlMU9EU0xBR1pYN1dYNzEwAToMT1RDMTdYMzJCSkNJQg1PVFZZUUVMSkxMVlFPUkt2LTIwMjMtMDEtMTgtMjItMjUtMzctNDg2LTJJcDlLV2VqTUFyVWpia2EtODY1ZjVkYjkyNjI1NGM0YmUzZTY3YWQ2OTlmN2UyYTRaJDJhMDI6NmVhMDpjNzFiOjA6MTAxMjo3MTI3OjIzMmY6NGJhNGIDZHdjaOOGp54GcA54BA&event_type=EXTERNAL_EVENT&event_group_id=config&custom_params=%7B%22config%22%3A%22%7B%5C%22type%5C%22%3A%5C%22bottomfixed%5C%22%2C%5C%22version%5C%22%3A%5C%22cta%5C%22%2C%5C%22placement%5C%22%3A%5C%22bottom-fixed%5C%22%2C%5C%22newsletterId%5C%22%3A%5C%22%5C%22%2C%5C%22closable%5C%22%3A%5C%22true%5C%22%7D%22%7D&callback=jsonp8484

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e573901d08998556b42b23712c4bb3be67d6b06ac12adf109186c550494732

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:40 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 78babf738c042bc6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: c8e9a855c8a3f3b19e6af33154616dd1
expires: 0

OPTIONS
H2 200 tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame 0
0 97ms
97ms Preflight 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.mlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.mlive.com
access-control-max-age: 600
content-length: 0
date: Wed, 18 Jan 2023 22:25:40 GMT
server: nginx

POST
H2 200 tp2 Show response
collector2.sophi.io/com.snowplowanalytics.snowplow/ 2 B
221 B 97ms
97ms XHR
text/plain 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.mlive.com
date: Wed, 18 Jan 2023 22:25:40 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=303086061&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=onboarding&ea=bottomfixed_shown&el=type%3A%20%22bottomfixed%22%7C%7Cvariant%3A%20%22OTVYQELJLLVQO%22%7C%7Cexperience%3A%20%22EXKEU7YX3ZAL%22%7C%7Cclosable%3A%20%22true%22%7C%7Cversion%3A%20%22cta%22%7C%7CmeterName%3A%20%22Support%20Meter%22%7C%7CtotalViews%3A%201%7C%7CmaxViews%3A%207&ev=0&_u=aDDAAEABAAQCACgFK~&jid=&gjid=&cid=2107839299.1674080737&tid=UA-16643585-16&_gid=11235872.1674080738&gtm=2wg1a1TLXFLCR&cd1=undefined&cd2=1---&cd3=undefined&cd6=&cd11=&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd46=homepage-beta&cd47=desktop&cd50=GA%20-%20event%20call&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=&cd62=undefined&cd63=&cd64=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-b&cd61=2107839299.1674080737&cd98=meterName%3A%20%22Support%20Meter%22%7C%7CtotalViews%3A%201%7C%7CmaxViews%3A%207&z=106422800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 18:07:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15489
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=303086061&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=nonblocking&ea=bottomfixed_shown&el=var%3A%22OTVYQELJLLVQO%22%7Cexp%3A%22EXKEU7YX3ZAL%22%7Cver%3A%22cta%22%7Cmet%3A%22Support%20Meter%22%7Ctot%3A%221%22%7Cmax%3A%227%22%7Cterm%3A%22%22&ev=0&_u=aDDAAEABAAQCACgFK~&jid=&gjid=&cid=2107839299.1674080737&tid=UA-16643585-16&_gid=11235872.1674080738&gtm=2wg1a1TLXFLCR&cd1=undefined&cd2=1---&cd3=undefined&cd6=&cd11=&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd46=homepage-beta&cd47=desktop&cd50=GA%20-%20event%20call&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=&cd62=undefined&cd63=&cd64=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-b&cd61=2107839299.1674080737&cd98=meterName%3A%20%22Support%20Meter%22%7C%7CtotalViews%3A%201%7C%7CmaxViews%3A%207&z=1203273513

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 18:07:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15489
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 100ms
100ms Image
image/gif 3.217.241.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&metered=1%7C7&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=8eadb35a-c636-4ab8-b86b-80d9d78ab952&pid=4b7bbd1a-87c5-40c3-98c0-069ec739c130&dtm=1674080740436&qnm=_matherq&visible=1&tabid=352e4151-74be-4fc7-9be3-5204e7e4b557&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x1200&tofa=1674080737&vid=1&lvidt=1674080737&duid=7a9e080fcbe1b501&fp=1279215348&cid=ma63527&mrk=484602605&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJjdXN0b21fZXZlbnQiLCJhY3Rpb24iOiJjb25maWciLCJkYXRhIjp7ImV2ZW50TmFtZSI6ImNvbmZpZyIsInBhcmFtcyI6eyJjb25maWciOiJ7XCJ0eXBlXCI6XCJib3R0b21maXhlZFwiLFwidmVyc2lvblwiOlwiY3RhXCIsXCJwbGFjZW1lbnRcIjpcImJvdHRvbS1maXhlZFwiLFwibmV3c2xldHRlcklkXCI6XCJcIixcImNsb3NhYmxlXCI6XCJ0cnVlXCJ9In19LCJ2ZW5kb3IiOiJwaWFubyIsInR5cGUiOiJ1bmtub3duIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMjEwNzgzOTI5OSIsInJlZlRpbWUiOiIxNjc0MDgwNzQwNDM2In1dfQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.241.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-241-65.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Wed, 18 Jan 2023 22:25:40 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 farnhamheadline-semi-bold.woff
fonts.advance.net/fonts/v1/farnham-headline-semi-bold/ Frame 308A 36 KB
36 KB 56ms
9ms Font
application/font-woff 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.advance.net/fonts/v1/farnham-headline-semi-bold/farnhamheadline-semi-bold.woff
Requested by: Host: static.advance.net
URL: https://static.advance.net/static/common/css/piano-frame.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142

Request headers

Referer: https://static.advance.net/
Origin: https://buy.tinypass.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 18 Jan 2023 22:25:40 GMT
x-shield-cache-expires: 10
x-amz-request-id: F85W7SD4WBRMGH3Z
age: 61829
x-cache: HIT, HIT
content-length: 37160
x-served-by: cache-iad-kiad7000038-IAD, cache-hhn-etou8220099-HHN
last-modified: Wed, 19 Sep 2018 19:27:30 GMT
x-timer: S1674080740.492652,VS0,VE1
etag: "c9a8222fbabe6b700baacd21dd7a1f61"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/font-woff
access-control-allow-origin: *
cache-control: s-maxage-ignore=86400, no-store

GET
H2 200 166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff
fonts.advance.net/fonts/v1/benton-sans-regular/ Frame 308A 54 KB
54 KB 55ms
8ms Font
application/font-woff 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.advance.net/fonts/v1/benton-sans-regular/166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff
Requested by: Host: static.advance.net
URL: https://static.advance.net/static/common/css/piano-frame.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6fa8b9c20d5c4f5711f76f4f4adafafc90e8f89bac2c7b3dfc2c7e63abb55d21

Request headers

Referer: https://static.advance.net/
Origin: https://buy.tinypass.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 18 Jan 2023 22:25:40 GMT
x-shield-cache-expires: 10
x-amz-request-id: 40RWT8RYZJPH6SEJ
age: 47
x-cache: HIT, HIT
content-length: 55125
x-served-by: cache-iad-kjyo7100118-IAD, cache-hhn-etou8220099-HHN
last-modified: Tue, 16 Jul 2019 16:35:54 GMT
x-timer: S1674080740.492639,VS0,VE1
etag: "63c3700153fd19bac6ac63c816251c03"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/font-woff
access-control-allow-origin: *
cache-control: maxage=600

GET
H2 200 448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff
fonts.advance.net/fonts/v1/benton-sans-medium/ Frame 308A 53 KB
53 KB 55ms
9ms Font
application/font-woff 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.advance.net/fonts/v1/benton-sans-medium/448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff
Requested by: Host: static.advance.net
URL: https://static.advance.net/static/common/css/piano-frame.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c942cb01ca7d8956086518f0315ac0be0374cb0f0a38ffe67a52bc4ae7ff5f6f

Request headers

Referer: https://static.advance.net/
Origin: https://buy.tinypass.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 18 Jan 2023 22:25:40 GMT
x-shield-cache-expires: 10
x-amz-request-id: BYA2ZV620EMY3GNC
age: 1250470
x-cache: HIT, HIT
content-length: 54040
x-served-by: cache-iad-kcgs7200033-IAD, cache-hhn-etou8220099-HHN
last-modified: Mon, 10 Jun 2019 14:09:26 GMT
x-timer: S1674080740.492632,VS0,VE1
etag: "00b8650c0e6992c5c9ced8f621e43ffd"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/font-woff
access-control-allow-origin: *
cache-control: s-maxage-ignore=2629800, no-store

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1EE2 42 B
64 B 51ms
51ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNh56o2WF7iU1cBm8YFU-1jDEIXG6fDAOdCjuT0V4lZUHqNqCB3HpBjZPIf_WuPXQI2-sRt8_9byWnVr6r33uCXUA0UF3JJYFEf3Hp56FaUsaVtsg7rnKkGz2Ni4Gp9fDo1JCv8w&sai=AMfl-YQtm0CkY2ale5VeRD3Y3bCMbaD_KxLYyTXRNaa5rWYyLcJebVon2EeWk8asJ3cYh6oX5pRLl4n6s1xT8CFcITyYU6Do6XNMhQakZmE-9sFXRO-CpVaSGpfXb-YTqA&sig=Cg0ArKJSzFceMdLqq64LEAE&cid=CAQSOwDq26N99bh-r5n4rJhSH_oNei9r7UwVBHCooSBW0KFhI-Be-dxm-2-3JFNZTLhka9UsYhXNBsMR1ykbGAEgEw&id=lidar2&mcvt=1000&p=827,165,1077,465&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1117919391&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674080739035&rpt=451&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C558 42 B
64 B 49ms
49ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOUPYhQuIkTuz_hHXndidxV0dvM7LNzCQ0-A8g-mc7Z429xzLSkaVZ8nHG5F-VGFFmxm6Cl8XaGN751VGUS5JfoqFzBDk0f6D-Yuud8mWUTqTnDK1NslglUUpLXRFqSFEoKJuG1A&sai=AMfl-YTYHZPIiiJl5bftvnosQpS8KBMsqaakiMwWN82_S08euHCSvB0kKgKfgCp1dW2eJl5bIBpmd8hOEwYD90njTVHo8albBmqfpTnXmjheFclZEtu0I2LVE28Hd3ewow&sig=Cg0ArKJSzDlPY4THo5tYEAE&cid=CAQSOwDq26N99bh-r5n4rJhSH_oNei9r7UwVBHCooSBW0KFhI-Be-dxm-2-3JFNZTLhka9UsYhXNBsMR1ykbGAEgEw&id=lidar2&mcvt=1002&p=821,1135,1071,1435&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3501067380&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674080739039&rpt=423&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 100ms
100ms Image
image/gif 3.217.241.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&metered=1%7C7&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=84bf04d2-bcd7-452c-aa25-37c023e8680e&pid=4b7bbd1a-87c5-40c3-98c0-069ec739c130&dtm=1674080740438&qnm=_matherq&visible=1&tabid=352e4151-74be-4fc7-9be3-5204e7e4b557&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x1200&tofa=1674080737&vid=1&lvidt=1674080737&duid=7a9e080fcbe1b501&fp=1279215348&cid=ma63527&mrk=484602605&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJjdXN0b21fZXZlbnQiLCJhY3Rpb24iOiJjb25maWciLCJkYXRhIjp7ImV2ZW50TmFtZSI6ImNvbmZpZyIsInBhcmFtcyI6eyJjb25maWciOiJ7XCJ0eXBlXCI6XCJib3R0b21maXhlZFwiLFwidmVyc2lvblwiOlwiY3RhXCIsXCJwbGFjZW1lbnRcIjpcImJvdHRvbS1maXhlZFwiLFwibmV3c2xldHRlcklkXCI6XCJcIixcImNsb3NhYmxlXCI6XCJ0cnVlXCJ9In19LCJ2ZW5kb3IiOiJwaWFubyIsInR5cGUiOiJ1bmtub3duIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMjEwNzgzOTI5OSIsInJlZlRpbWUiOiIxNjc0MDgwNzQwNDM4In1dfQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.241.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-241-65.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Wed, 18 Jan 2023 22:25:40 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 115 Show response
check.analytics.rlcdn.com/check/ 25 B
385 B 130ms
68ms XHR
application/json 99.86.240.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://check.analytics.rlcdn.com/check/115
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-48.vie50.r.cloudfront.net
Software: /
Resource Hash: 8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 18 Jan 2023 22:25:40 GMT
via: 1.1 ef3fdf4c8ab8a4babeb402e6d03ee7c2.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amzn-trace-id: Root=1-63c871e4-6f3f7b275d8259cd53ba3e7a
x-amzn-requestid: dd45c37e-4deb-4ca1-a195-d5eb06bbaa0a
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: e9a7xGNrjoEF1NQ=
content-length: 25
x-amz-cf-id: Sbd80iR5wC17HtOoTF-1lEEI4xKqr9Sv46xZ8rgQkd7JO_Di5huuXA==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C558 43 B
215 B 172ms
171ms Image
image/gif 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1c06a3da-e4e5-86f1-a7e1-608e2ceb09b6&tv=%7Bc:1GRIiT,pingTime:-10,time:1009,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA5LjAuNTQxNC43NCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1674080740186%7C%7Cfb8a1d51b93d5332cd709108190ff99c%7C%7C8e7a3195fc7d943b14e55b6c8e00d314%7C%7Cb992b9943ad09c21993f3497222095fa%7C%7C75e7c75daa45437ebf8fe88e396d50c2%7C%7Cced25915c4924d8186fbae31d3905bf4%7C%7C0e3de0d5678b3c46ac9800296146810e%7C%7C5a02603dcd001af3bf348f00f1a41263%7C%7C1663701684,sca:%7Bspg:3ae26068-e45b-baff-b3d3-74af00ed02e6%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:40 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1EE2 43 B
215 B 172ms
171ms Image
image/gif 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=fa8a1f38-f8cb-8236-5e99-4aa3661324be&tv=%7Bc:1GRIjM,pingTime:-10,time:1021,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA5LjAuNTQxNC43NCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1674080740186%7C%7Cfb8a1d51b93d5332cd709108190ff99c%7C%7C8e7a3195fc7d943b14e55b6c8e00d314%7C%7Cb992b9943ad09c21993f3497222095fa%7C%7C75e7c75daa45437ebf8fe88e396d50c2%7C%7Cced25915c4924d8186fbae31d3905bf4%7C%7C0e3de0d5678b3c46ac9800296146810e%7C%7C5a02603dcd001af3bf348f00f1a41263%7C%7C1663701684,im:%7Bpci:%7Btdr:1006%7D%7D,sca:%7Bspg:3ae26068-e45b-baff-b3d3-74af00ed02e6%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:40 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BADF 43 B
215 B 172ms
171ms Image
image/gif 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3ae26068-e45b-baff-b3d3-74af00ed02e6&tv=%7Bc:1GRIm3,pingTime:0,time:1255,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:26%7D,%7Bpiv:100,vs:i,r:,t:1253%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:2,o:1253,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1247~0,1~100%5D,as:%5B1247~300.250%5D%7D%7D,%7Bsl:i,t:1253,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1247~0,1~100%5D,as:%5B1247~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:301,fm:ttkIb1e+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.990511-61634100%7C181%7C182%7C183%7C184%7C19.990511-61634100%7C191%7C192%7C193%7C194%7C1a.990511-61634100%7C1a1%7C1a2%7C1a3%7C1a4%7C1b,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:28,sis:314%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:40 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C558 43 B
215 B 172ms
172ms Image
image/gif 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1c06a3da-e4e5-86f1-a7e1-608e2ceb09b6&tv=%7Bc:1GRIm9,pingTime:0,time:1210,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:19%7D,%7Bpiv:100,vs:i,r:,t:1208%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:2,o:1208,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1203~0,1~100%5D,as:%5B1203~300.250%5D%7D%7D,%7Bsl:i,t:1208,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1203~0,1~100%5D,as:%5B1203~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:179,fm:ttkIb1e+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18.990511-61634100%7C181%7C182%7C183%7C184%7C185%7C19.990511-61634100%7C191%7C192%7C193%7C194%7C1a*.990511-61634100%7C1a1%7C1a2%7C1a3%7C1a4%7C1b,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:20,sis:263%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:40 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1EE2 43 B
215 B 173ms
172ms Image
image/gif 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=fa8a1f38-f8cb-8236-5e99-4aa3661324be&tv=%7Bc:1GRImr,pingTime:0,time:1186,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:18%7D,%7Bpiv:100,vs:i,r:,t:1185%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1,o:1185,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1179~0,1~100%5D,as:%5B1180~300.250%5D%7D%7D,%7Bsl:i,t:1185,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1179~0,1~100%5D,as:%5B1180~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:279,fm:ttkIb1e+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18.990511-61634100%7C181%7C182%7C183%7C184%7C185%7C19*.990511-61634100%7C191%7C192%7C193%7C194%7C1a.990511-61634100%7C1a1%7C1a2%7C1a3%7C1a4%7C1a5%7C1b,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:19,sis:230%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:40 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BADF 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9972402449705&version=m202209210101&ct=76&x=1&cor=7630397633000691000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C558 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8670494151296&version=m202209210101&ct=76&x=1&cor=8346305942867685000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1EE2 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4299314920184&version=m202209210101&ct=76&x=1&cor=18153928119243840000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BADF 43 B
215 B 173ms
171ms Image
image/gif 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3ae26068-e45b-baff-b3d3-74af00ed02e6&tv=%7Bc:1GRICe,pingTime:1,time:2258,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:26%7D,%7Bpiv:100,vs:i,r:,t:1253%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1005,o:1253,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1247~0,3~100%5D,as:%5B1249~300.250%5D%7D%7D,%7Bsl:i,t:1253,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:182,fm:ttkIb1e+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.990511-61634100%7C181%7C182%7C183%7C184%7C19.990511-61634100%7C191%7C192%7C193%7C194%7C1a.990511-61634100%7C1a1%7C1a2%7C1a3%7C1a4%7C1b,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:28,sis:314%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:41 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BADF 43 B
215 B 173ms
171ms Image
image/gif 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3ae26068-e45b-baff-b3d3-74af00ed02e6&tv=%7Bc:1GRICf,pingTime:1,time:2259,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:26%7D,%7Bpiv:100,vs:i,r:,t:1253%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1007,o:1253,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1247~0,3~100%5D,as:%5B1249~300.250%5D%7D%7D,%7Bsl:i,t:1253,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~100%5D,as:%5B1003~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:182,fm:ttkIb1e+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.990511-61634100%7C181%7C182%7C183%7C184%7C19.990511-61634100%7C191%7C192%7C193%7C194%7C1a.990511-61634100%7C1a1%7C1a2%7C1a3%7C1a4%7C1b,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:28,sis:314,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:41 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C558 43 B
215 B 173ms
171ms Image
image/gif 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1c06a3da-e4e5-86f1-a7e1-608e2ceb09b6&tv=%7Bc:1GRICk,pingTime:1,time:2213,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:19%7D,%7Bpiv:100,vs:i,r:,t:1208%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1005,o:1208,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1203~0,2~100%5D,as:%5B1204~300.250%5D%7D%7D,%7Bsl:i,t:1208,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:179,fm:ttkIb1e+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18.990511-61634100%7C181%7C182%7C183%7C184%7C185%7C19.990511-61634100%7C191%7C192%7C193%7C194%7C1a*.990511-61634100%7C1a1%7C1a2%7C1a3%7C1a4%7C1b,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:20,sis:263%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:41 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C558 43 B
215 B 173ms
171ms Image
image/gif 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1c06a3da-e4e5-86f1-a7e1-608e2ceb09b6&tv=%7Bc:1GRICm,pingTime:1,time:2215,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:19%7D,%7Bpiv:100,vs:i,r:,t:1208%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1007,o:1208,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1203~0,2~100%5D,as:%5B1204~300.250%5D%7D%7D,%7Bsl:i,t:1208,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1005~100%5D,as:%5B1005~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:179,fm:ttkIb1e+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18.990511-61634100%7C181%7C182%7C183%7C184%7C185%7C19.990511-61634100%7C191%7C192%7C193%7C194%7C1a*.990511-61634100%7C1a1%7C1a2%7C1a3%7C1a4%7C1b,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:20,sis:263,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:41 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1EE2 43 B
215 B 172ms
171ms Image
image/gif 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=fa8a1f38-f8cb-8236-5e99-4aa3661324be&tv=%7Bc:1GRICB,pingTime:1,time:2188,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:18%7D,%7Bpiv:100,vs:i,r:,t:1185%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1003,o:1185,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1179~0,2~100%5D,as:%5B1181~300.250%5D%7D%7D,%7Bsl:i,t:1185,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:180,fm:ttkIb1e+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18.990511-61634100%7C181%7C182%7C183%7C184%7C185%7C19*.990511-61634100%7C191%7C192%7C193%7C194%7C1a.990511-61634100%7C1a1%7C1a2%7C1a3%7C1a4%7C1a5%7C1b,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:19,sis:230%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:41 GMT
server: nginx
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1EE2 43 B
215 B 172ms
172ms Image
image/gif 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=fa8a1f38-f8cb-8236-5e99-4aa3661324be&tv=%7Bc:1GRICC,pingTime:1,time:2189,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:18%7D,%7Bpiv:100,vs:i,r:,t:1185%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1004,o:1185,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1179~0,2~100%5D,as:%5B1181~300.250%5D%7D%7D,%7Bsl:i,t:1185,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~100%5D,as:%5B1003~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:180,fm:ttkIb1e+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18.990511-61634100%7C181%7C182%7C183%7C184%7C185%7C19*.990511-61634100%7C191%7C192%7C193%7C194%7C1a.990511-61634100%7C1a1%7C1a2%7C1a3%7C1a4%7C1a5%7C1b,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:19,sis:230,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c6f3:ce76:8a68:d5d2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:41 GMT
server: nginx
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GG8B674XK4&gtm=2oe1a1&_p=303086061&cid=2107839299.1674080737&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&dl=https%3A%2F%2Fwww.mlive.com%2F&sid=1674080737&sct=1&seg=0&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GG8B674XK4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
249 B 584ms
356ms XHR
application/json 2600:1901:0:8344::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0014000001PAW0LAAX&gdpr=0
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 18 Jan 2023 22:25:43 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.mlive.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 135 B
542 B 8ms
8ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

989e7134f8b722c049f5553bf85347c9052fe40f7c35915f7d18a348ed4de84b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mlive.com
date: Wed, 18 Jan 2023 22:25:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
315 B 138ms
34ms XHR
application/json 52.50.45.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.45.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-45-218.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:43 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache
x-server: 10.45.15.1
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 0
252 B 122ms
33ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=115
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 18 Jan 2023 22:25:43 GMT
via: 1.1 google
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.mlive.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 1E78 3 KB
2 KB 59ms
14ms Document
text/html 104.18.36.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 66
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 78babf87fda79b46-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 18 Jan 2023 22:25:43 GMT
expires: Thu, 19 Jan 2023 02:25:43 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 8451 21 KB
8 KB 158ms
39ms Document
text/html 92.123.38.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-38-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

65224f82a789c90ac4b72e571112208b101ca7fa2528d4156cfb80c7c8ab4cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=147767
content-encoding: gzip
content-length: 7833
content-type: text/html; charset=UTF-8
date: Wed, 18 Jan 2023 22:25:43 GMT
expires: Fri, 20 Jan 2023 15:28:30 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 3AFE 16 KB
6 KB 108ms
19ms Document
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=62588
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Wed, 18 Jan 2023 22:25:43 GMT
expires: Thu, 19 Jan 2023 15:48:51 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 usync.html Show response
eus.rubiconproject.com/ Frame F8E1 281 B
410 B 71ms
18ms Document
text/html 23.64.52.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-64-52-128.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Wed, 18 Jan 2023 22:25:43 GMT
etag: "403b9-119-5ec73a0a33d00"
last-modified: Wed, 02 Nov 2022 02:30:44 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
400 B 8ms
7ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

60d8c2de44fdec50dc9b21f4603fdf952522b1ac7f94a30b8d7286b7e4814c82

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mlive.com
date: Wed, 18 Jan 2023 22:25:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H/1.1 200 392.json Show response
id5-sync.com/g/v2/ 216 B
623 B 8ms
8ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/392.json

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

4217898dd03b14a442bd73e2c0449364c4270556d86b0da5ac116a1beb2edbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mlive.com
date: Wed, 18 Jan 2023 22:25:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame B76A 2 KB
1 KB 34ms
34ms Document
text/html 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5f20e63dca68837f50231ca2ebd650f9d5e4daf07f4033e58da240db0d1a8ac

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 78babf882d5c2bc9-FRA
content-encoding: br
content-type: text/html
date: Wed, 18 Jan 2023 22:25:43 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ejQS3G%2BACv1HqJTBqslG9VWfF36vJiQpVdDVmkNYth1ApDxnA0DgrB%2BkRrOzUIlnJer0DX5FECoYq7R7CeYOx5QQDiyrD2kd1Eyg%2BzCY1StbPbUMVcXHcKfHMUSkFLTvs4%2FxCjOLhHQKDA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame F8E1 34 KB
10 KB 19ms
19ms Script
text/html 23.64.52.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-64-52-128.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 2d7e24e6cf26fc1d68eac700d512e9bfccf954d9a960eff562746da248674139

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:43 GMT
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 09:52:03 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=41049
content-length: 10036
expires: Thu, 19 Jan 2023 09:49:52 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame B76A
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8hx4zBG2KKnNtQWAo9KDgAADRMAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8hx4zBG2KKnNtQWAo9KDgAADRMAAAIB&dcc=t

43 B
855 B

128ms
128ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8hx4zBG2KKnNtQWAo9KDgAADRMAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 22:25:44 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EMKSVSF97JZ72Y3Z38E0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 22:25:44 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: A2SM6ZY953TPQADPM0KT
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8hx4zBG2KKnNtQWAo9KDgAADRMAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame B76A 70 B
264 B 30ms
29ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 18 Jan 2023 22:25:43 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame B76A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y8hx4zBG2KKnNtQWAo9KDgAADRMAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECCOLJzwMZGZ8lqUqLijPuM&google_cver=1

43 B
758 B

33ms
32ms

Image
image/gif

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECCOLJzwMZGZ8lqUqLijPuM&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7zXWhoKrp5kdTaDLi%2FlRxCW3rdpnm%2FX5SQ2q2smipUNsyAbKglLnkP7elvOuUEnV%2Fp%2BVi2hQBCKKq97XfvNY5jNVhF%2BTjxyvURFF2ECpTAJxvTN5YaozAWH3XqG6GK%2FuLvGGXUlFZH7g%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 78babf88ce412bc9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECCOLJzwMZGZ8lqUqLijPuM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Y8hx4zBG2KKnNtQWAo9KDgAADRMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B76A 43 B
604 B 114ms
34ms Image
image/gif 2a05:d018:d29:3605:dde3:6cb:7910:6ee0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y8hx4zBG2KKnNtQWAo9KDgAADRMAAAIB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:dde3:6cb:7910:6ee0 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:43 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B76A
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=QlVA5jxs1PigSf5

43 B
632 B

22ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=QlVA5jxs1PigSf5
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 22:25:43 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 22:25:43 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0ba18284f907c56bd@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=QlVA5jxs1PigSf5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum.casalemedia.com/ Frame B76A
Redirect Chain

https://x.bidswitch.net/sync?ssp=index
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=index
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=251eda27-3be5-4e1d-91fe-0b5818e2443a&ssp=index
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=3527f12a-3359-48d0-8f8c-060e8739bc26&gdpr=&gdpr_consent=&us_privacy=

43 B
783 B

123ms
37ms

Image
image/gif

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=3527f12a-3359-48d0-8f8c-060e8739bc26&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0eHs%2FHIaS%2BXmVGWU4UbxYyI5ihm5qsFnDjxkjs5NnIMLJqtOEhpj3R0KErZ%2F3djE5CbWSh4WoEIPoS9FRu6dPGs8kFGcHS2EeTKUfMYBAlScHuWsxw7Z8rJuxiiM%2Fh%2BYrKkfgjNC"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 78babf8a7c462be9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: //dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=3527f12a-3359-48d0-8f8c-060e8739bc26&gdpr=&gdpr_consent=&us_privacy=
date: Wed, 18 Jan 2023 22:25:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B76A
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHJYk7HkOQAAB-ihj6a0g&expiration=1675290343

43 B
632 B

11ms
11ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHJYk7HkOQAAB-ihj6a0g&expiration=1675290343
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 22:25:43 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHJYk7HkOQAAB-ihj6a0g&expiration=1675290343
Date: Wed, 18 Jan 2023 22:25:43 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2 200 tp_out
d.adroll.com/cm/index/ Frame B76A 42 B
181 B 238ms
36ms Image
image/gif 2a05:d018:cc3:fe04:6cee:426e:7a2:b82d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:6cee:426e:7a2:b82d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:43 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.22.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame B76A 43 B
353 B 64ms
14ms Image
image/gif 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y8hx4zBG2KKnNtQWAo9KDgAA%263347
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:43 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 63928
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78babf88cfb6bb49-FRA
content-length: 43
expires: Thu, 19 Jan 2023 22:25:43 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 3AFE 2 KB
3 KB 82ms
14ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=25190390&p=159879&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 473db99a42827c5869794f704bf5ce3d8478f596b89061bb68c7a9d80b1b2bee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 18 Jan 2023 22:25:41 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame F8E1 70 B
264 B 31ms
29ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 18 Jan 2023 22:25:43 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F8E1
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQyOEc0UE0tTS1LRExD&us_privacy=1---

170 B
188 B

46ms
45ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQyOEc0UE0tTS1LRExD&us_privacy=1---

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQyOEc0UE0tTS1LRExD&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame F8E1
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/3IRQAlt1I1pyAQBlDVwdAw?csrc=&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-crP.QABE2oLM27hhVNYUJZtVMHrmsuoZKc04rQ--~A

0
239 B

8ms
8ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-crP.QABE2oLM27hhVNYUJZtVMHrmsuoZKc04rQ--~A
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 18 Jan 2023 22:25:43 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-crP.QABE2oLM27hhVNYUJZtVMHrmsuoZKc04rQ--~A
content-length: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame F8E1
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ri-4RRg2T5yU7CFKzC4McA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ri-4RRg2T5yU7CFKzC4McA

43 B
479 B

42ms
41ms

Image
image/gif

67.220.226.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ri-4RRg2T5yU7CFKzC4McA

Protocol

HTTP/1.1

Server

67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 22:25:44 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: DDSFC440TG31XCJ56KHR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ri-4RRg2T5yU7CFKzC4McA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F8E1
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjYxODZjMWE2ZTQxNDNlZjdhYmMxYTk5ZWIwZDVhOTU2ZDBkYmNkOQ&us_privacy=1---

170 B
188 B

45ms
45ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjYxODZjMWE2ZTQxNDNlZjdhYmMxYTk5ZWIwZDVhOTU2ZDBkYmNkOQ&us_privacy=1---

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjYxODZjMWE2ZTQxNDNlZjdhYmMxYTk5ZWIwZDVhOTU2ZDBkYmNkOQ&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame F8E1
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LD28G4PM-M-KDLC&us_privacy=1---

0
142 B

113ms
113ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LD28G4PM-M-KDLC&us_privacy=1---
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:43 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 5E113A735DD14B2999EF5A7E8997FD69 Ref B: FRAEDGE2013 Ref C: 2023-01-18T22:25:43Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXykUwRtc0kxXEZRPsObQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LD28G4PM-M-KDLC&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F8E1
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0aDqKPlfTgmxky1AhJOIqA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0aDqKPlfTgmxky1AhJOIqA

43 B
479 B

104ms
104ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0aDqKPlfTgmxky1AhJOIqA

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 22:25:44 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WYPJJTW1K5ENSRTFXW5C
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0aDqKPlfTgmxky1AhJOIqA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame F8E1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGdaEp1W0NpnCesbXifamw0&google_cver=1

0
239 B

34ms
8ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGdaEp1W0NpnCesbXifamw0&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGdaEp1W0NpnCesbXifamw0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 2BDA
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=39470485-8964-43FE-8E04-32CB960666CC&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=39470485-8964-43FE-8E04-32CB960666CC&gdpr=0&gdpr_consent=

35 B
476 B

23ms
21ms

Document
image/gif

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=39470485-8964-43FE-8E04-32CB960666CC&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Wed, 18 Jan 2023 22:25:43 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Wed, 18 Jan 2023 22:25:43 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=39470485-8964-43FE-8E04-32CB960666CC&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1A74
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:683b63c8-71e9-4e00-808d-f22db6f0bc46&gdpr=0&gdpr_consent=

42 B
405 B

55ms
15ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:683b63c8-71e9-4e00-808d-f22db6f0bc46&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 18 Jan 2023 22:25:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Wed, 18 Jan 2023 22:25:43 GMT
Expires: Wed, 18 Jan 2023 22:25:42 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 277 3f0ad7a master zrh-pixel-x31 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:683b63c8-71e9-4e00-808d-f22db6f0bc46&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame BA77
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6662396952591420754

42 B
424 B

84ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6662396952591420754
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 18 Jan 2023 22:25:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6662396952591420754
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame BBFA
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
245 B

93ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 18 Jan 2023 22:25:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 22:25:43 GMT
expires: Wed, 18 Jan 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1708358
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame EA24
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eAGMBnkDig1jBI0LeFPCDS1T2l1jC9hcfwHWA2uj

42 B
337 B

102ms
21ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eAGMBnkDig1jBI0LeFPCDS1T2l1jC9hcfwHWA2uj
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 18 Jan 2023 22:25:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Wed, 18 Jan 2023 22:25:43 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eAGMBnkDig1jBI0LeFPCDS1T2l1jC9hcfwHWA2uj
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame A5C1
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=39470485-8964-43FE-8E04-32CB960666CC&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=39470485-8964-43FE-8E04-32CB960666CC&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

186ms
186ms

Document
image/gif

67.220.226.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=39470485-8964-43FE-8E04-32CB960666CC&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 18 Jan 2023 22:25:44 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: EN4552JQNNP5130PVMRM

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Wed, 18 Jan 2023 22:25:44 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=39470485-8964-43FE-8E04-32CB960666CC&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 6Y4EPVM6XT5G22QT0PCD

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3AFE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OUcEhYlkQ_6OBDLLlgZmzA%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

19ms
18ms

Image
text/html

2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol: H2
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:43 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=62588
accept-ranges: bytes
content-length: 5554
expires: Thu, 19 Jan 2023 15:48:51 GMT

Redirect headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 3AFE
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=39470485-8964-43FE-8E04-32CB960666CC&gdpr=0&gdpr_consent=
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=6e30dbd31b40fa02f60216327679e1cb&gdpr=0
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

70 B
264 B

30ms
29ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol: H2
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 18 Jan 2023 22:25:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length: 0

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame 3AFE
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=39470485-8964-43FE-8E04-32CB960666CC&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=39470485-8964-43FE-8E04-32CB960666CC&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=39470485-8964-43FE-8E04-32CB960666CC&addseg=19,36,42

0
0

83ms
19ms

Image
application/json

185.64.190.87
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=39470485-8964-43FE-8E04-32CB960666CC&addseg=19,36,42
Protocol: H2
Server: 185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

date: Wed, 18 Jan 2023 22:25:43 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=39470485-8964-43FE-8E04-32CB960666CC&addseg=19,36,42
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 3AFE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mzk0NzA0ODUtODk2NC00M0ZFLThFMDQtMzJDQjk2MDY2NkND&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

64ms
20ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 18 Jan 2023 22:25:43 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 3AFE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHaKD2oxrt9K5kpvI6aXzKw&google_cver=1

42 B
298 B

64ms
21ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHaKD2oxrt9K5kpvI6aXzKw&google_cver=1
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 18 Jan 2023 22:25:43 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHaKD2oxrt9K5kpvI6aXzKw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 3AFE 43 B
612 B 115ms
28ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 22:25:43 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 17 Jan 2023 22:25:43 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 3AFE
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5566974250836404484

42 B
219 B

49ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5566974250836404484
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 18 Jan 2023 22:25:42 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5566974250836404484
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 3AFE 70 B
264 B 31ms
29ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 18 Jan 2023 22:25:43 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 35ms
34ms Image
image/gif 2.18.37.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CY%24%3D!!taxWi~GGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-1cc31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-Y5zyVCAZgVLOGg%3D%3D&sc=1&os=1-gw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&fl=1&j=&xc=0&xb=0&xa=0&md=0&mc=0&lb=11766&ld=0&lc=0&la=0&cw=1600&cx=1200&sh=11766&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1674080737186&de=584090078202&rx=637731665736&cu=1674080737186&m=6806&ar=67fa5e2a4e8-clean&iw=60394b0&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A3075%3A3075%3A5070%3A3115&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5194&cd=0&ah=5194&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=201243&na=20839509&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.37.133 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Jan 2023 22:25:44 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 Jan 2023 22:25:44 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cs.chocolateplatform.com
URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEFyqq3uAsuAR2qHY_aKZRq0&google_cver=1&google_push=AavPq0OKipKLFKBeCFT4An9xzkaqWNEDatPBctKZ1rH3uKnwySJsr6giQBHpLMH5QTQdkP0Bm16FFDHxdJtsmyucWLOwLy1YlMA

Verdicts & Comments Add Verdict or Comment

625 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

128 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
h312.mlive.com/DG/DEFAULT	1970-01-20 18:37:20	Name: BCSessionID Value: 5bbf8ade-d825-43e7-b29e-2dbac590e831
advancelocal.blueconic.net/DG/DEFAULT	1970-01-20 17:46:56	Name: BCSessionID Value: 5bbf8ade-d825-43e7-b29e-2dbac590e831
www.verifyacc0unt.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: c6364a425e36a8f0c3c1deb28819e630
.mlive.com/	1970-01-20 11:10:56	Name: _gcl_au Value: 1.1.371277054.1674080737
.mlive.com/	1970-01-20 09:01:22	Name: sophiTagses.073a Value: *
.mlive.com/	1970-01-20 18:37:20	Name: _sp_duid Value: 96b860fc-2608-46ba-8585-d369d00e7a43
.mlive.com/	1970-01-20 09:44:32	Name: utag_vnum Value: 1676672737041&vn=1
.mlive.com/	1970-01-20 09:01:22	Name: utag_invisit Value: true
.mlive.com/	1970-01-20 09:01:22	Name: utag_dslv_s Value: Less than 1 day
www.mlive.com/	1970-01-20 17:46:56	Name: last_visit_bc Value: 1674080737197
.mlive.com/	1970-01-20 09:01:20	Name: lotame_domain_check Value: mlive.com
www.mlive.com/	1970-01-20 09:44:32	Name: _pbjs_userid_consent_data Value: 3524755945110770
.mlive.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .mlive.com
.mlive.com/	1970-01-20 18:37:20	Name: _lc2_fpi Value: 94c49eadf2ac--01gq3fsp0f0dtsjw30wh60wpvt
.mlive.com/	1970-01-20 09:44:32	Name: pbjs_pubcommonID Value: bdf46d5a-2aec-4386-88b0-d846aef35357
.mlive.com/	1970-01-20 15:30:08	Name: _cc_id Value: da625c236b05c9613dba996e807fa04a
.mlive.com/	1970-01-20 09:01:22	Name: _ml_ses Value: *
www.mlive.com/	1970-01-20 09:02:47	Name: _lr_geo_location_state Value: HE
www.mlive.com/	1970-01-20 09:02:47	Name: _lr_geo_location Value: DE
.mlive.com/	1970-01-20 18:37:20	Name: _awl Value: 2.1674080737.5-2d48fd7b78cc1ffc3794f59051e677c3-6763652d6575726f70652d7765737431-0
.mlive.com/	1970-01-20 09:01:22	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.mlive.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1674080737529%2C%22slts%22:0}
.mlive.com/	1970-01-20 18:30:44	Name: _parsely_visitor Value: {%22id%22:%22pid=237bd86b823889b203761f5456d8c4fb%22%2C%22session_count%22:1%2C%22last_session_ts%22:1674080737529}
www.mlive.com/	1970-01-20 09:11:25	Name: authsource_origin Value: false
.linkedin.com/	1970-01-20 09:44:32	Name: UserMatchHistory Value: AQIdABzhyvmB4wAAAYXG_Njf1cFl_mKR84cgzBpQx5-G8IeYSHcumQmjAeZPtAO5QtCTrRCaPJLAHQ
.linkedin.com/	1970-01-20 09:44:32	Name: AnalyticsSyncHistory Value: AQJqI7osRetWAQAAAYXG_NjfDAHPy4yvME25ASg-3DZosTsmPkW8eCNFO159HffeCmU1StBgV_ID-3SiLWuLRw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:46:56	Name: bcookie Value: "v=2&92b3cf0f-30bd-4c52-83dc-e85422ddea16"
.linkedin.com/	1970-01-20 09:02:47	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2471:u=1:x=1:i=1674080737:t=1674167137:v=2:sig=AQHt5KndHK5wxFA7Tn5cYYca72xNZL1h"
www.mlive.com/	1970-01-20 09:02:47	Name: ln_or Value: eyIzMjUyMzc4IjoiZCJ9
www.mlive.com/	1970-01-20 17:46:56	Name: usprivacy Value: 1---
.t.co/	1970-01-20 18:37:20	Name: muc_ads Value: 25d7616e-e1a7-4c4b-954c-4c9ee22dbea3
.mlive.com/	1970-01-20 18:22:56	Name: __gads Value: ID=327f61d1e2eb0e92:T=1674080737:S=ALNI_MYKiRl3-lt3A8HhORjMgsHybe-1HA
.mlive.com/	1970-01-20 18:22:56	Name: __gpi Value: UID=00000ba4d1c01c20:T=1674080737:RT=1674080737:S=ALNI_MbzO31gmIiNsv_chjoWnVtHUdRZOA
.mlive.com/	1970-01-20 09:01:24	Name: AMP_TOKEN Value: %24NOT_FOUND
.mlive.com/	1970-01-20 18:37:20	Name: _ga Value: GA1.2.2107839299.1674080737
.mlive.com/	1970-01-20 09:02:47	Name: _gid Value: GA1.2.11235872.1674080738
.mlive.com/	1970-01-20 09:01:20	Name: _gat_UA-16643585-16 Value: 1
.twitter.com/	1970-01-20 18:37:20	Name: guest_id_marketing Value: v1%3A167408073765635881
.twitter.com/	1970-01-20 18:37:20	Name: guest_id_ads Value: v1%3A167408073765635881
.twitter.com/	1970-01-20 18:37:20	Name: personalization_id Value: "v1_8axX5L8IqHV2GsEpHiQWgg=="
.twitter.com/	1970-01-20 18:37:20	Name: guest_id Value: v1%3A167408073765635881
.mlive.com/	1970-01-20 11:10:56	Name: _fbp Value: fb.1.1674080737736.97167446
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 17:46:56	Name: bscookie Value: "v=1&202301182225377656b319-7180-472e-8395-2d5430c8f69cAQF9uBd6iGzvTlEHIE-ql2rtzFqbskkR"
.linkedin.com/	1970-01-20 13:20:32	Name: li_gc Value: MTswOzE2NzQwODA3Mzc7MjswMjGdBHJkUh/06E4Q/3XI34OyAovlSOKSciJfsvCjCd3C6A==
.liadm.com/	1970-01-20 18:37:20	Name: lidid Value: 4dea4bd2-ee74-4bb9-a210-69779cf1b023
.mlive.com/	1970-01-20 17:46:56	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Wed+Jan+18+2023+22%3A25%3A37+GMT%2B0000+(GMT)&version=202210.1.0&hosts=&consentId=85f2ee28-af09-43b8-8b9c-89c1a3c9b9fd&interactionCount=0&landingPath=https%3A%2F%2Fwww.mlive.com%2F&groups=1912%3A1%2CC0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1
.postrelease.com/	1970-01-20 17:46:56	Name: opt_out Value: 1
www.mlive.com/	1969-12-31 23:59:59	Name: ntvSession Value: {"id":1982139,"placementID":773533,"lastInteraction":1674080737785,"sessionStart":1674080737785,"sessionEndDate":1674086400000,"experiment":""}
.doubleclick.net/	1970-01-20 18:22:56	Name: IDE Value: AHWqTUmyWwvtI-ZjHyLoXgqBW7ypDFB3dsRmDtRd-2zGPKTZJ_IxVCnXcMZKtHdGrVI
.mlive.com/	1970-01-20 09:01:24	Name: __li_idex_cache Value: %7B%7D
.www.mlive.com/	1970-01-20 09:11:25	Name: RT Value: "z=1&dm=www.mlive.com&si=5d0ea5bd-277a-4128-a286-076e99e10f9b&ss=ld28g123&sl=1&tt=3wu&rl=1&ld=3ww"
.rubiconproject.com/	1970-01-20 17:46:56	Name: khaos Value: LD28G4PM-M-KDLC
.rubiconproject.com/	1970-01-20 17:46:56	Name: audit Value: 1\|hLZGFuTafB30tHTysKJAU3jc0/aJelRdbjRFtGIHH0taw3idWLlSxIYQBipK6dVz9TNBETKI889ymPvo8pleP2I8HLg48+aBlR/vOG5O9jg=
www.mlive.com/	1969-12-31 23:59:59	Name: BCSessionID Value: 5bbf8ade-d825-43e7-b29e-2dbac590e831
advancelocal.blueconic.net/	1970-01-20 09:11:25	Name: AWSALBCORS Value: zJoSF78HjzPNWpn+GSdwhGZ8L7cNGERcaA0y8k6jYBlOFpAXaL1Sbzn4sberY5mQCD5nVnp91a1vsglw5nxsUsznfsnbfNuLOx375VlNsAvlR8dXI92GL8HWp7P8
.adnxs.com/	1970-01-20 11:10:56	Name: uuid2 Value: 7609073513519580195
.casalemedia.com/	1970-01-20 17:46:56	Name: CMID Value: Y8hx4zBG2KKnNtQWAo9KDgAA
.casalemedia.com/	1970-01-20 11:10:56	Name: CMPS Value: 3347
.casalemedia.com/	1970-01-20 11:10:56	Name: CMPRO Value: 3347
.criteo.com/	1970-01-20 18:22:56	Name: uid Value: dbd32ad0-8070-4bc8-8134-5b165417f3a9
.adnxs.com/	1970-01-20 11:10:56	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?iuz.Dz!]tbPl1M>e)ZlrFUfJ+tGXxo@T(KB>Z8=QzDA5`:K'C29CDaL6^NF5A%l7hi3If)y3KL9D3I?+QPHL_h
.openx.net/	1970-01-20 17:46:56	Name: i Value: 5054d069-6bf7-41af-87c6-27c58979e7d0\|1674080739
.quantserve.com/	1970-01-20 18:31:35	Name: mc Value: 63c871e3-6b56a-3ca5c-97b13
.w55c.net/	1970-01-20 18:31:35	Name: wfivefivec Value: QlVA5jxs1PigSf5
.w55c.net/	1970-01-20 09:44:32	Name: matchgoogle Value: 5
.de17a.com/	1970-01-20 17:39:44	Name: guid Value: 1.6662396952591420754
.everesttech.net/	1970-01-20 17:46:56	Name: everest_g_v2 Value: g_surferid~Y8hx4wAAa4dHJAA_
.ctnsnet.com/	1970-01-20 17:46:56	Name: cid_ef52b764d1d9425ab13ab5c03c8401d3 Value: 1
.ctnsnet.com/	1970-01-20 17:46:56	Name: gid_CAESENB7yyFTdQWx0seCWMBPhfs Value: 1
.bidswitch.net/	1970-01-20 17:46:56	Name: tuuid Value: 3527f12a-3359-48d0-8f8c-060e8739bc26
.bidswitch.net/	1970-01-20 17:46:56	Name: c Value: 1674080739
.bidswitch.net/	1970-01-20 17:46:56	Name: tuuid_lu Value: 1674080739
.mlive.com/	1970-01-20 18:30:08	Name: _pcid Value: %7B%22browserId%22%3A%22ld28g43nbz318xkx%22%7D
h312.mlive.com/	1970-01-20 09:11:25	Name: AWSALB Value: 2Ltr+kENGjMS+O/uIU0HNpDb4xDNQjEsoOgCenkdv7EfdK9ZudGCNIR56O+UqVphLOH0NvvxYf4GtmANLJw/7iZ8WmfEPg5X0UGYLqfuurw8G6dH+ClBbww2bsL9
h312.mlive.com/	1970-01-20 09:11:25	Name: AWSALBCORS Value: 2Ltr+kENGjMS+O/uIU0HNpDb4xDNQjEsoOgCenkdv7EfdK9ZudGCNIR56O+UqVphLOH0NvvxYf4GtmANLJw/7iZ8WmfEPg5X0UGYLqfuurw8G6dH+ClBbww2bsL9
.mlive.com/	1970-01-20 18:22:56	Name: cto_bundle Value: whw6UV9VMWI3NXV5T1VkVVRMS3BybVYlMkJpZnRyRiUyQkNvUGxQMjltWW9SWWgyT2c5NXJrNXM1MVdEeUtpeG9PajN1TUI0cmFSR01nV2lMY0hKcjh0JTJGdDhsTGtVMEl6eFpmU3dGRm01ZGNCQTVvU1pzUzgxM3BUT3k1empLYXlKNjM1cEVGR3NtRHhUMzdXN2ZQYkFSSjZXcDl1WFElM0QlM0Q
.piano.io/	1970-01-20 09:01:22	Name: __cf_bm Value: SEA7lRZD0iOnQaaARciQGUURFPncAHibBGjH1brF4Y4-1674080739-0-AWNyEHFFD3GDWSL+m/kpGylBIRcfRgHWKbU9LJEb0Tk7kbvkbEhO+51TADy50A2Zpx30yZIw9yxiEo/HHsVxqW4=
.mlive.com/	1970-01-20 18:37:20	Name: __tbc Value: %7Bkpex%7DeykKsvfAf-pvGecui2eqI_7SKuTENdbBLOsNqRT3yCWeHqX2PJilglda91ubTy3t
.mlive.com/	1970-01-20 09:44:32	Name: __pat Value: -18000000
.mlive.com/	1970-01-20 09:02:47	Name: __pvi Value: eyJpZCI6InYtMjAyMy0wMS0xOC0yMi0yNS0zNy00ODYtMklwOUtXZWpNQXJVamJrYS04NjVmNWRiOTI2MjU0YzRiZTNlNjdhZDY5OWY3ZTJhNCIsImRvbWFpbiI6Ii5tbGl2ZS5jb20iLCJ0aW1lIjoxNjc0MDgwNzM5OTIwfQ%3D%3D
.mlive.com/	1970-01-20 18:30:08	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAE0RXQF8g
.mlive.com/	1970-01-20 18:37:20	Name: xbc Value: %7Bkpex%7DUDrENdfaH41dQ-zjDWgSosezgJzTv0Ur5egnXmgKlOt9Bi0j2Cl_DYqJWentIbBIOTCTkpzCtx_zterWTL3Mjjn_otJVAIKVWwL-NUZVuPqCMEYL4vRo_NM5ZHYhMK4ZWKh87Mw5mpeNEuPyM-CSImQqV07a8Y6Z6_5cO0TadVoM3vEbspB2bUGjCRu0zxKfZlb22netc0fPHKWgoKY-NHiMOR1vk_mcz_wTVaLIyVaw-dRZpVQsLWFVtZ71Cenn5KGLN7CHPgvFqkBXsCEQlMPqoTHFEj83E2BLHHSXcYLDmBKMHyuR3DE_ipJRdeT0MIJF3wd2Ty1mt6DNAWkMUUilI8sAJU11f35DahWZnxDdWAoCXE3NYGcHXXLIsVNGDhz3b-FBQr448N7Ykg__RrpY__sD729X-ojdkH0aQI24KjDBrPCpuxhZ5bDhWIQD_Ijc8SdLJo4wV8K-R3tZYyWxJxNAsN7PIX1UoJj2geIT2PAfSjq0Jq3AhVFnyQy5Gu5sB7MnxMJt8RQfGO91foCRkOiCTQVyrCFjCr0JEoV_kpcqU43audPHIyO3477MnN9Hj080L2qEFNMzfAW7UxJW1tdjzOJEQEbLwFPMOJwAqOE2BrqYRmN-ojI0Flo9qvzAsvyD9wsVtnPS09K2CHgCgpDOil7GH7TCcBaQGCoq1KG-6McyDGZHHsWjkgzX-NoxP0X91hn1S95xB5ObzAoSj1kEeHUQ1HGlSsBYUpL3plksg5QQ4zP7WL9tIbzcpOxCMq0MYu0Rwm8J3vjTX-D85ucwxSDD-D1k6Y34wihmhw4D9tIsuyThACWrsm0znDLRYWURsAhYTN-cDpZ6ByIme0Gj_Pond0-Gg77dtAYCAEnm5Ww7_4cw5RcWHxpUyt0d7HSeJObKvYynIGouV20jvfL67lZLM19q_CGSxvpgdsR3VW1AuZPYySAZ2Po1v6Ctj_6iO9YLDCiadktDbnvAYFoiLlulWiTqlFKJhJwPTAnYISxHCUaH8zxRz_zpmTvjY25g7ju93Rm9jowjpTED9V-w3P9UFted80wbQs4
.mlive.com/	1970-01-20 18:37:20	Name: _ml_id Value: 7a9e080fcbe1b501.1674080737.1.1674080740.1674080737
.www.mlive.com/	1970-01-20 09:02:47	Name: _pc_sup_support_acq-sup2 Value: 10
ads.avct.cloud/	1970-01-20 17:46:56	Name: uuid Value: ecd8777d-5bb7-4e7e-8b31-5282aec5f4e9
.tribalfusion.com/	1970-01-20 11:10:56	Name: ANON_ID Value: a9nseFs2aF9pAJsbYL7It9POfCFRD5vkHq2tyXjdZcwm0jPYAb40qhFVLL6LLZdQnnViFj2cP1g25SntZdBO72A
.mlive.com/	1969-12-31 23:59:59	Name: utag_vs Value: 8
.mlive.com/	1970-01-20 18:37:20	Name: utag_dslv Value: 1674080740427
.mlive.com/	1970-01-20 18:37:20	Name: sophiTagid.073a Value: 96b860fc-2608-46ba-8585-d369d00e7a43.1737240936946.1.1674080740.1737240936946.aa6686cc-b205-4625-9f04-16850a3826f9
www.mlive.com/	1970-01-20 09:01:21	Name: offer_config Value: %257B%2522type%2522%253A%2522bottomfixed%2522%252C%2522version%2522%253A%2522cta%2522%252C%2522placement%2522%253A%2522bottom-fixed%2522%252C%2522newsletterId%2522%253A%2522%2522%252C%2522closable%2522%253A%2522true%2522%257D
.mlive.com/	1970-01-20 18:37:20	Name: _ga_GG8B674XK4 Value: GS1.1.1674080737.1.0.1674080740.0.0.0
www.mlive.com/	1970-01-20 09:02:47	Name: _lr_sampling_rate Value: 100
www.mlive.com/	1970-01-20 09:02:47	Name: pbjs_li_nonid Value: %7B%7D
www.mlive.com/	1970-01-20 09:01:24	Name: _lr_retry_request Value: true
www.mlive.com/	1970-01-20 09:44:32	Name: _lr_env_src_ats Value: false
.w55c.net/	1970-01-20 09:44:32	Name: matchcasale Value: 5
.ads.pubmatic.com/	1970-01-20 09:02:47	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 17:46:56	Name: KADUSERCOOKIE Value: 39470485-8964-43FE-8E04-32CB960666CC
.pubmatic.com/	1970-01-20 11:10:56	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 09:02:47	Name: pi Value: 159879:2
.pubmatic.com/	1970-01-20 11:10:56	Name: DPSync3 Value: 1675209600%3A197_219_221_201
.pubmatic.com/	1970-01-20 11:10:56	Name: SyncRTB3 Value: 1675296000%3A35%7C1675209600%3A21_13_7_54_161_8_220_56_251
.yahoo.com/	1970-01-20 17:47:18	Name: A3 Value: d=AQABBOdxyGMCEIMnRp7yFbeJp6d-MUIHX1oFEgEBAQHDyWPSYwAAAAAA_eMAAA&S=AQAAAq1RkIx9IRq2j4oxNHrI-nQ
.quantserve.com/	1970-01-20 11:10:56	Name: d Value: EPoBDgGKKIEO-TA
.scoota.co/	1970-01-20 18:37:20	Name: tuuid Value: 251eda27-3be5-4e1d-91fe-0b5818e2443a
.scoota.co/	1970-01-20 18:37:20	Name: c Value: 1674080743
.scoota.co/	1970-01-20 18:37:20	Name: tuuid_lu Value: 1674080743
.fiftyt.com/	1970-01-20 17:46:56	Name: fifid Value: 295f7fa5-badc-48c2-40c3-6d8bc66a4475
.fiftyt.com/	1970-01-20 17:46:56	Name: cs Value: MTY3NDA4MDc0M3xEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fHgJloL_GXkekAcrVsfxMiJuto_wnd9169dLOQbKrluB
.bidr.io/	1970-01-20 18:29:50	Name: bito Value: AAHJYk7HkOQAAB-ihj6a0g
.bidr.io/	1970-01-20 18:29:50	Name: bitoIsSecure Value: ok
.pubmatic.com/	1970-01-20 09:44:32	Name: KRTBCOOKIE_336 Value: 5844-6662396952591420754
.pubmatic.com/	1970-01-20 11:10:56	Name: KRTBCOOKIE_80 Value: 22987-CAESEHaKD2oxrt9K5kpvI6aXzKw&KRTB&16514-CAESEHaKD2oxrt9K5kpvI6aXzKw&KRTB&23025-CAESEHaKD2oxrt9K5kpvI6aXzKw&KRTB&23386-CAESEHaKD2oxrt9K5kpvI6aXzKw
.pubmatic.com/	1970-01-20 11:10:56	Name: KRTBCOOKIE_153 Value: 1923-eAGMBnkDig1jBI0LeFPCDS1T2l1jC9hcfwHWA2uj&KRTB&19420-eAGMBnkDig1jBI0LeFPCDS1T2l1jC9hcfwHWA2uj&KRTB&22979-eAGMBnkDig1jBI0LeFPCDS1T2l1jC9hcfwHWA2uj&KRTB&23403-eAGMBnkDig1jBI0LeFPCDS1T2l1jC9hcfwHWA2uj
.adform.net/	1970-01-20 09:45:59	Name: C Value: 1
.simpli.fi/	1970-01-20 17:48:23	Name: suid Value: 9E46BC165D2A47E9A92DE418F93FDC45
.fiftyt.com/	1970-01-20 09:11:25	Name: fppm Value: 20230118222543
.onaudience.com/	1970-01-20 17:46:56	Name: cookie Value: a999f6b1c597e2ef
.onaudience.com/	1970-01-20 09:02:47	Name: done_redirects161 Value: 1
.mathtag.com/	1970-01-20 18:27:15	Name: uuid Value: 683b63c8-71e9-4e00-808d-f22db6f0bc46
.adform.net/	1970-01-20 10:27:44	Name: uid Value: 5566974250836404484
.pubmatic.com/	1970-01-20 11:10:56	Name: KRTBCOOKIE_27 Value: 16735-uid:683b63c8-71e9-4e00-808d-f22db6f0bc46&KRTB&16736-uid:683b63c8-71e9-4e00-808d-f22db6f0bc46&KRTB&23019-uid:683b63c8-71e9-4e00-808d-f22db6f0bc46&KRTB&23114-uid:683b63c8-71e9-4e00-808d-f22db6f0bc46
.pubmatic.com/	1970-01-20 09:44:32	Name: PugT Value: 1674080742
.pubmatic.com/	1970-01-20 09:44:32	Name: KRTBCOOKIE_391 Value: 22924-5566974250836404484&KRTB&23263-5566974250836404484
.amazon-adsystem.com/	1970-01-20 18:37:20	Name: ad-privacy Value: 0
.onaudience.com/	1970-01-20 09:02:47	Name: done_redirects147 Value: 1
.amazon-adsystem.com/	1970-01-20 15:09:59	Name: ad-id Value: A9xg4AlsuUkktY5YMh3rDNU

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pub.doubleverify.com/signals/pub.json?ctx=20823471&cmp=DV460143&signals=ids,bsc&url=https%3A%2F%2Fwww.mlive.com%2F Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=115 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEFyqq3uAsuAR2qHY_aKZRq0&google_cver=1&google_push=AavPq0OKipKLFKBeCFT4An9xzkaqWNEDatPBctKZ1rH3uKnwySJsr6giQBHpLMH5QTQdkP0Bm16FFDHxdJtsmyucWLOwLy1YlMA Message: Failed to load resource: net::ERR_CONNECTION_CLOSED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
a.tribalfusion.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
accounts.google.com
ads.avct.cloud
ads.pubmatic.com
ads.rubiconproject.com
adservice.google.com
adservice.google.de
advancelocal.blueconic.net
ampcid.google.com
ampcid.google.nl
analytics.twitter.com
api-v3.tinypass.com
api.rlcdn.com
app.matheranalytics.com
apps.sophi.io
at.teads.tv
ats-wrapper.privacymanager.io
aud.pubmatic.com
bcp.crwdcntrl.net
buy.tinypass.com
c.amazon-adsystem.com
c.go-mpulse.net
c1.adform.net
c2.piano.io
cdn.cookielaw.org
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdn.parsely.com
cdn.prod.uidapi.com
cdn.sophi.io
cdn.tinypass.com
cdnjs.cloudflare.com
check.analytics.rlcdn.com
cm.g.doubleclick.net
cms.quantserve.com
collector2.sophi.io
connect.facebook.net
contextual.media.net
cs.chocolateplatform.com
cs.emxdgt.com
d.adroll.com
d1z2jf7jlzjs58.cloudfront.net
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
ead.mlive.com
eea7c8cb64d93e589dd7987058a96f44.safeframe.googlesyndication.com
eus.rubiconproject.com
exchange.postrelease.com
experience.tinypass.com
fastlane.rubiconproject.com
fonts.advance.net
fw.adsafeprotected.com
gcm.ctnsnet.com
geo.privacymanager.io
geolocation.onetrust.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
h312.mlive.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idx.liadm.com
image2.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
jadserve.postrelease.com
js-sec.indexww.com
js.adsrvr.org
js.matheranalytics.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lexicon.33across.com
loada.exelator.com
match.adsrvr.org
match.prod.bidr.io
micro.rubiconproject.com
mlive.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p1.parsely.com
pagead2.googlesyndication.com
pixel.onaudience.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.media.net
privacy.crwdcntrl.net
pub.doubleverify.com
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
r.scoota.co
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
s.amazon-adsystem.com
s.go-mpulse.net
s.ntv.io
s.tribalfusion.com
s0.2mdn.net
satisfycork.com
sb.scorecardresearch.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
snap.licdn.com
ssum-sec.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.advance.net
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
t.co
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
visitor.fiftyt.com
vtrk.doubleverify.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.linkedin.com
www.mlive.com
www.verifyacc0unt.com
x.bidswitch.net
z.moatads.com
cs.chocolateplatform.com
104.18.33.19
104.18.36.94
104.244.42.131
104.244.42.5
104.87.139.186
104.87.141.138
107.178.250.234
108.128.47.128
108.138.4.10
13.107.42.14
13.225.78.86
13.32.110.73
13.32.110.8
13.32.13.117
13.32.27.77
134.209.208.251
142.250.180.226
142.251.208.98
143.204.215.7
146.59.148.16
151.101.194.133
151.101.2.133
151.101.2.49
162.19.138.117
162.19.138.83
172.64.151.162
172.64.154.237
178.250.0.157
178.250.0.163
18.193.126.69
18.198.61.82
18.207.63.238
18.66.100.58
18.66.17.12
18.66.23.210
18.66.97.9
185.29.132.241
185.64.189.110
185.64.189.112
185.64.189.115
185.64.190.80
185.64.190.87
185.80.39.216
199.232.16.157
2.18.36.193
2.18.37.133
2.18.37.49
2001:41d0:701:1000::96f
2001:4860:4802:34::36
213.155.156.164
23.203.125.36
23.64.52.128
2600:1901:0:328a::1
2600:1901:0:8344::
2600:1f13:800:7780:c6f3:ce76:8a68:d5d2
2600:1f18:730:b120:4d89:3f20:fa5:8c17
2600:9000:211e:2200:a:e047:752:5701
2600:9000:214f:8000:8:48e:53c0:93a1
2600:9000:2304:4200:2:53b2:240:93a1
2602:803:c004:200::140
2606:4700:10::6816:3456
2606:4700::6810:9540
2606:4700::6810:f015
2606:4700::6811:180e
2606:4700::6811:b7b1
2606:4700::6811:bab1
2606:4700::6812:19ad
2606:4700::6812:1a55
2606:4700::6812:a6e0
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:21::14
2a00:1450:4001:803::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:828::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400d:803::200e
2a00:1450:400d:807::2004
2a00:1450:400d:80a::200d
2a00:1450:400d:80e::2006
2a00:1450:400d:80e::200e
2a00:1450:4025:401::9b
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:11a:487::11a6
2a02:26f0:11a::217:9a39
2a02:26f0:11a::217:9a4a
2a02:26f0:f700:49c::11a6
2a02:fa8:8806:20::2040
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42::485
2a05:d018:cc3:fe04:6cee:426e:7a2:b82d
2a05:d018:d29:3605:dde3:6cb:7910:6ee0
3.217.241.65
3.75.3.113
34.102.146.192
34.107.148.139
34.120.107.143
34.120.133.55
34.199.56.222
34.250.91.224
34.91.62.186
34.98.64.218
35.186.193.173
35.186.255.72
35.201.96.126
35.71.131.137
37.157.2.234
37.252.173.215
44.195.15.34
51.89.9.253
52.209.54.253
52.223.1.76
52.44.162.166
52.46.155.104
52.48.35.78
52.50.45.218
52.58.228.255
52.84.106.104
54.156.182.228
54.163.174.71
54.194.186.27
54.216.196.145
54.217.17.172
54.78.254.47
63.34.81.234
67.220.226.233
69.173.144.138
69.173.144.139
92.123.36.4
92.123.38.97
99.86.240.48
00b06716521cdf06825e2c3edd34c32c664661fbaee522c0ad506d974f9f0b37
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
0498c715302d23e589e79869729ff60cbe28470fca23928d3a83c6792b6fa07c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06ba300db1ce1eda31c9b51ae06a81186e0ead7f278a60f45e1baead6f81a3d5
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f
0867a7530d60d439855bb961063f655d9e8fca705f398a9c4a2b81063463e61e
087d847ee64707e372f572145600ecbcb13f2dd2382fd8962326f2fed03dd85d
096a0419a3787b284e7105edeebc7cf4915cb9549f3b433258f65483acc24510
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0a1e5d9e26a665a689463fc717c0ec3b95359a2d2d9c14bb1d5bb4ea657ea6e7
0b034efa03c6fb4de3e3952eaf0958b18847e6c1e2e8fd647759c97105004f19
0b3659bb9abcfda0f33e128bb67a8e7f2c5fd0b3114e5e999014566413ea20c7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e3e1e68f6bf1ba6af4fc889618b617434eb019734483ca95221fbe6df780d90
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14705e5223ec29f78cc765eb60e7e1e81ef1de9927670522336c862bd9a3a6ce
14e4901ee2e5c2b93c887cca0a2e3f188379d5ce25edca56836564e10014db76
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
16cd91964ad04e4e025ba3759d356ed471bfeefa5c57632a573b22c2aa3dc779
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1907f0e1b743e9dd4c076f02a5c49551542cece568079dfa3ca172a25228dc5a
19e573901d08998556b42b23712c4bb3be67d6b06ac12adf109186c550494732
1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1cb614c81c491878e5b6256098b31fb4f68b7bbde5e60b21334d085db7e37549
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1f69cda4d346d1361e182ca51dfc0be0b484b548a8afd33fc4939dc63ff671f9
20a5cc8ec3cccb746991e32788443f106d069e2f240c25f8ef47835ffeb5ac9b
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
22afd8288717673f7b21225452c34fb4dfb8c7d15ea0936b4c3cf210470c7123
233965c1ee1e11880cef8e4c6f231d56b0141f33d994e666f64ac5c46e65cfa6
25c3fb46576f9c03a7aa53f9e84261623a1a1d7aef5cc0024641d040a89c02ea
262435fb19ecd29075d2951cf374027710e8a4a931ffff811cd72aba71e30d2c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
26bebac177d0f98a8e8db5c4a9e44e7423b5fac37929bb5e2c98d930e3c6d9d8
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
276ca8da7dd05a55c760ead2eec9d5c74629897d0b5b3e5190d4fc9bd38ea7fc
28445ab5a58bac3609ddba4d1200c1797a766b538fd6b0bdb0926fbe386f327c
2a868b538443fddb9c21898c8edc3905f2cc111d4e2d6ede4948b56fc465f26f
2b968d910bbef836f267a12299e32649d9f2ed87f59ecefceb3d9a4900ec590f
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2d7e24e6cf26fc1d68eac700d512e9bfccf954d9a960eff562746da248674139
2f7bce75f371c49843ee2d1aaf92a4911f5df6d8946d6dae596bbb0cc3a13d35
30e382a9546c4b436b0568f463e7c3274696c3c59f7aa871af91a33a967f05c4
31038db384774b30a90f372136544f5cfd03cb2cfec40cfc8d06697b80c6e638
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3447a2bf760509a1118868e2eeda668f002a58b1cddceb4ad168931cbce1afb2
35b2b5f91212273685dad15c8278697e1cf59dfee8c847a5b94f5f72654942c9
36b72120fc731ea29b1d2cabe92dc59386f9a1d95b25c965d38e63656ba237f8
36bbec4886122176fb7105cd5dd8153d3766a354ee787b4b22f5b2921f9c6cf4
36c8f7e842f91dc28089a54eeac0e1d71b47422a79e84f0bad932cb75ff7ee5b
36ea8d266ccb57796d82e6eb05f11c634302a0bc3623c5e7fa7261a1a69e0d90
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533
3b2ce9e63a7f14001e6af32ad0d3b19b045b916cf8073180d25688e4b3f49e40
3b85cb91be6ce9cc33c9c80f1c5f145e48d19cde6323a7507a8e1d7699112f9e
3d277a90920d78efa3d6e473d67240beb26100591c7b02a34bd444aa78ee5d5c
3fc26f6872c9b24ceef9258352706a2e8234bd98564347f62fe80d71c87f66e2
3fc70270a527227c6493bc5a1c703f4bef2373f857cb7606b711b4d2fa14684a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
409e8d1ff27df596a248f4c1bbf99f4e7e48c8b97458954918334546c1ee22ee
4156d5c9a9325e0864ff6826eb1e40ca9bd1d8b66dbbcd05d0a8167525cec8b7
4217898dd03b14a442bd73e2c0449364c4270556d86b0da5ac116a1beb2edbae
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
43683fc0457ca515c260b46888c8c3f74b77eb99a63d1d06df070f0f85e066d2
44026785039df91c14b8c331292992e1fd71a23acdd5cb09c40d12d1c8e8aaac
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
468abc98211f55c2b8115c01bbe6af4561318edd09fefa83a8e2d990855b196c
473db99a42827c5869794f704bf5ce3d8478f596b89061bb68c7a9d80b1b2bee
4855f24082c03099d19efa90d09356822fc7ce186a4da57e76e145be6668098e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d71d5a1870ba193b101c7433e5d1cbc6174ad7590a6a62b4ba07dc1e69126f0
4e01dd4ead8cd99388fcdef83de1572f169d9ea3f819d3e39899802537c6a05f
4ea737ac05e8ee5e490220d97b820834c18cd7c6f1da7d85007a51a5c64425df
4eb67b42d6abea96d75df507d23f0421da85d5658322720fded36c94cce45d7b
500b543a7d8fbc7c282c427675f740aa7ec827cf69575c0f2ad4a37b64504e1b
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
505f3bfd3582a6fd8bf79ffc45ca2fbcd03ea35c54d42c7405fe757cb85e9549
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
598a26c3e45c18d7c30ed10d4dcec143cc96f3b86873dd7956f3b928addb4808
5996efdfb1cae3e828846e3a0a74a9b9a1b8d26a9c2f174a8198ab605eb77ca1
5acb6bfb13d8aa6e8433b58c8ee60164ca1946736ef8236e346adf5e240f6247
5ce8647c88445649306948bab16764727ad0866a64fc66202b97b88176272628
5db8e0529ca8dfd0abc6a9c20f0ffd84986f4f41f12e4c8e7db6aa70b80b7fe8
5e949e0ba546cccd944b7fc64ebc3f97123638dd1b3af8eec5732cd599c2ed46
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5ffd0d7eda36b8e9cca9c1a9e78d196dde0c1e1804e1bd58072f7449d521c3fe
6066054d8669e8ca3c9a1ca53af6b3e80dba9361b59f023c82d7b55542b36fb0
60d8c2de44fdec50dc9b21f4603fdf952522b1ac7f94a30b8d7286b7e4814c82
60f7130abb4445a6591183982a56a41029d92d234bd3b3aa04bcf57a5ba288cf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
627fa90737b91d1ae1ef9fe5bbd2e6cfa079af3afcf620278b37f157f8be2e2a
62c0a61b98a9573c12f2461083543d1d0699995f9dd0a30f0bc25a55f5e82996
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
65224f82a789c90ac4b72e571112208b101ca7fa2528d4156cfb80c7c8ab4cf9
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
68b5df8a16ee7bbfd4789f8533b7f9882f9095625a8be1f56e352bc10710484d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bea98bbb4940cd784832507d081a2e3be548e08e217882fcad98e2c70c61f45
6e317522922924357c7f726715910de5484ec940bd35f8600751818cb3fbfbf6
6fa8b9c20d5c4f5711f76f4f4adafafc90e8f89bac2c7b3dfc2c7e63abb55d21
70c0b487552a9a2ea102ed22ae505177c567320390f5136bcef5dd56d48d4f02
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0
7492e0dcc99580ede56498598b523290b232b6a5efef1e47946bf6fe2f03c0cd
7815c987b41ae45f1c838d8c4ddbfe98bc309600e009df121bbfbda6e24b044f
7873cd13e0fe3e5e04e45e59777c24ebd0ebea74cc47aed4d853fa33ae90ac04
78e2d1efd1ada3597841230a2e405bd50a490cf7779a529f5ae47b4a7e295818
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7d3072dabec7ea9545ff157bf53b0d80776c7a50eb9f1fdd4d01f56f6192ed93
7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142
816d074bbe462e7d8dffb27367cd00d3dff5184ba7fc4b5ee63c4b0456f2cb6f
818da0a99e5c987d95ab810e69c78fc66712db42e23ef755a391bb841817654a
8262f8563aed6484b40603d1ae22c413ac2cc8ccc246e1be16f006803465ed36
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
87ba38abe8b1e801c913c77ca9f89d8f058b0a2ed431fa3f0c1ad4ec874a9eab
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8b49445f4f8048df18ced0609d3287bc4cd8977b7a5dd972fe13d6ac98bfb710
8cc962bf012bdf8476e37ccbffbdb365c8c366ade8356352396ff090ffc380f5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
908e7761e5bebcb46a9aeb4d8955c2d61cdb01a69e7af7b44025c0385f9b4981
924e4b297681729162fa238a756db89acf5a1dc0cd23c1204c9a4e4407493822
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
985cd7c7d1a829776e8d815d60c9aaae91fa30ec5fc72d9773a532b2b990162e
989e7134f8b722c049f5553bf85347c9052fe40f7c35915f7d18a348ed4de84b
9a6d42551d7f2cb96369a81a765a8e9387a2f6ff966e232821828b784e543d58
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c1a3cf6c5fae33a0a2b627a9785b585148970346adbbcc204a4519d05f9a089
9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053
9e87477f288453878389958cb7ccf07309b0380f913273c080cc8dfa74fdecda
9ead871d27f3a0d803f4d6139feb2f2694d3a26c54fd6734f789a06aad0f5303
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1a74eef6e94e2e8414e313d3dac9c34b11fccf52909e9eb833ce2cf70ced650
a39cd6a9413784646378ab9490f6a80ea1c2eaf4870c1022f44e4e64380c7cda
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
abb22177c1f36f82f451ba3b46fd96e4bc0f5b5ad510b15b4d5ec37fc1e9b7f8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adbee63de992e78fde08ade0b8b1d574115e72457532ec138a410c20ad7a8e0a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b396ae4c9dc4cec9c79931da5c8993ffb15d5d6ed98a14fc00bb4d159c7dd739
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b594baf900e9d89801ce1965465962b92fc4bbbd9de8c7c08f4914b17e48c975
b596bd647365fe7b8a70422d6b26449374fc6263b1e36e56c86cec3d1a5abc3a
b5f20e63dca68837f50231ca2ebd650f9d5e4daf07f4033e58da240db0d1a8ac
b6996d40dab27da6521e0683ed79d6b8965d3049dcd31326fe352b4b7c9071e6
b70c5d01b9fca95bd3c4bd5af92e166d1a561b274338bb71899a3fb3dd28b97e
b732eca42f11e87a582b78d38a41c1f4942bdd83867698a2dc1063458bc46338
b924bd97343b560ecbbcdf08003f8eca672d7ee71680eb7b839b0e142582f1af
b98739daf8d351cc8b8b607b989fcd3bb9fe28c240c25df4f91df043b3736a97
ba08a3d19225206e1f616f14c7d6e4f214002374c7086834026cb977a09748fc
bba5cf4bf97f335423ef8083a04d8810370b013c18a623e2aec413075ef82ddc
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
bdbc9c9149e3f7fe9e6ab1e9065bedba42a1216ca492bf2e875dbba4d7517f85
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bfcfb8f7e492ecfc971cf8c903349eb9f5deaf66fe3ad2fabcb3fc95d38d32f4
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25ce818c3c2ab4992bc0b61a60d1822f239a638af59ad63ed2fe2028e3037f8
c663756abb730778dd2a4ef70138217edd31b19c6c0168805060f2c2ab66f540
c6a2acafca2240ed410b27b91023f58e3a9196bad947f6b0ddd2aebde99cb5c3
c70fab6c27edae5d86abd9e1b56fea9d725433e5b2b36ec752b32001111be1f9
c8a6de8cacbe0dc41611e088f54c1a0094c5e53d95f5f5a97ebc144a68d5cb2e
c942cb01ca7d8956086518f0315ac0be0374cb0f0a38ffe67a52bc4ae7ff5f6f
c9c4a4336440d59029bb303c4bfbd5f824047fd48384ade8ec1f1077c6886838
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cef181b89850405f733232c050e35b633a648eacee98005f2663b481ac3b0db4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d2b28582d25b3aa38daf12c501c7abc9297ae74d035ee343941f0938adec0524
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d362717cb0e1cbb5e977beaccba5b8680654dfe136bdf00131f29d9751c31fa3
d4437d3ca3c647274d2780d93f1a27a6a408e19602ff2e0c14df6e15f3b48a1e
d6b826ecfbe80a7e2c69ac97f8f1e36bfa71a45e5bd3616ec49f45f4f4744f79
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d82b3b69ed27853344397a159429cced7fa5019fa56412c0a3d627471ef709ef
d86ce55edee7f570d7fc315f84814e3b1171edef20e3778e10066727092638b9
d95d6051c92b8c75e0355d5f1b096dfafc3d58218e54ca6a1fb2f6aef5ceef9f
d9bb5e5e0c322a09ecd4d69908d0526e00b2d1799907ad0866be96c9fc1cf6ff
da933ef53458927e254187e40711b33abc36dafd95218f913db426cf3e676e20
dc694511bff51871e9dc5ece4e9504015ad4810b9c78ab8b686a0f774d00eb7a
dcf011ca851691e20980358301bebb1cc51e129372ba77477958f28caf154a2a
e0bc482e5e56597558e97e2fef03ac7090dc92a0f96d20a9f1449653cff4ed51
e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248
e7261fe5ce66c71ad531ce6da47cd76b7b875cea04c6fe7cfe616b0cad05cd3b
e982359ab3f67f3ce5cb19756d143d2d05121c06015da99411cb9ae49ca53dcb
ebe3fa346cca3affecc85947d105b4c9f67f5ecbd9a7bf6d3319aa86407b0986
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
eef57151e6646e4f59ca6a1d749631ee2f89bf4d1b736fb4620b784cedbe0de6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef66742f465224476fb73172c14280bde14dd70167ebf52072f4326c3d9255de
f1ff08a77821527cd6afd93ff04ccd359925fa7dcf3512f3762445685128c1b9
f45b1273e5d1a3fae430a81ccc1af5bf28fd4bbab3bc0a6c3bd6dddbc49f5786
f4ece8f2f5242967e98c6718f283e961576d68b4b7be96124eca22f554dcb275
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f8db4d8837d9917b7d86f1ee4b912c7b2301d7ad5cc055c97577eeda0679048e
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
f9222255c3260687d32abe32d74bb45500265a88b6caf2e2ef5991c533902077
f97354a4659e6fc1cf05e27b59d333c697c1b0fd6fcaaceaa9af1f6886abe0af
fb81dce53b2c3ea780312463c06f0733672fdf725d8da15b135fda5d23b157e3
fbaacd40862bf1ea965f26571bf04a2609f80f3ba82af73ccd0d840bb19db1c2
fc871e89201aa44e7380e81e7f7846c4164e5a5d3374ba722a90e518ad48feae
fed6701b69123d26282661ec301d9564f2b11018abd79b95cea77d47d97aaaa4
ff6aaa3f3b8023816a9b164be90fb958c63857e984fea977c3b38d1542566299

www.mlive.com Open in urlscan Pro 2a02:26f0:11a::217:9a39 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

449 Requests

88 %HTTPS

35 %IPv6

83 Domains

148 Subdomains

121 IPs

12 Countries

5222 kBTransfer

14902 kBSize

128 Cookies

33 Outgoing links

Page URL History

Redirected requests

449 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.mlive.com Open in urlscan Pro
2a02:26f0:11a::217:9a39 Public Scan

Screenshot
Live screenshot

Full Image

449
Requests

88 %
HTTPS

35 %
IPv6

83
Domains

148
Subdomains

121
IPs

12
Countries

5222 kB
Transfer

14902 kB
Size

128
Cookies

449 HTTP transactions
3 data transactions