urlscan.io logo urlscan.io
SecurityTrails logo

www.mlive.com Open in urlscan Pro
2a02:26f0:64::210:6ae3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://account-coinbase.org/
Effective URL: https://www.mlive.com/
Submission: On March 23 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 115 IPs in 11 countries across 84 domains to perform 397 HTTP transactions. The main IP is 2a02:26f0:64::210:6ae3, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.mlive.com. The Cisco Umbrella rank of the primary domain is 45145.
TLS certificate: Issued by R3 on March 20th 2023. Valid for: 3 months.
This is the only time www.mlive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 64.226.93.157 14061 (DIGITALOC...)
1 1 99.83.138.34 16509 (AMAZON-02)
34 2a02:26f0:64:... 20940 (AKAMAI-ASN1)
10 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:1901:0:3... 15169 (GOOGLE)
1 13.32.121.95 16509 (AMAZON-02)
1 18.66.122.48 16509 (AMAZON-02)
1 2a02:26f0:280... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:440... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
4 104.126.125.209 16625 (AKAMAI-AS)
3 108.138.1.25 16509 (AMAZON-02)
3 18.66.97.9 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
6 35.71.130.31 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 2.18.232.7 16625 (AKAMAI-AS)
13 52.222.236.26 16509 (AMAZON-02)
6 23.35.237.151 16625 (AKAMAI-AS)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.32.99.37 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 52.222.250.8 16509 (AMAZON-02)
1 23.35.237.64 16625 (AKAMAI-AS)
2 13.32.99.21 16509 (AMAZON-02)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 146.75.116.157 54113 (FASTLY)
1 108.138.15.119 16509 (AMAZON-02)
1 2 107.178.250.234 396982 (GOOGLE-CL...)
3 52.9.70.182 16509 (AMAZON-02)
3 52.53.40.23 16509 (AMAZON-02)
1 2a02:26f0:280... 20940 (AKAMAI-ASN1)
1 23.46.116.133 16625 (AKAMAI-AS)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 107.23.34.105 14618 (AMAZON-AES)
2 2001:4860:480... 15169 (GOOGLE)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 34.232.54.150 14618 (AMAZON-AES)
2 50.16.113.20 14618 (AMAZON-AES)
1 13.32.106.197 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 3 104.111.217.42 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.32.99.35 16509 (AMAZON-02)
1 18.66.100.58 16509 (AMAZON-02)
1 104.244.42.69 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 52.213.132.73 16509 (AMAZON-02)
1 204.237.133.116 3257 (GTT-BACKB...)
1 104.18.25.185 13335 (CLOUDFLAR...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 2600:9000:20e... 16509 (AMAZON-02)
3 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
7 52.19.1.205 16509 (AMAZON-02)
2 141.95.98.65 16276 (OVH)
7 34.205.216.79 14618 (AMAZON-AES)
1 52.27.163.48 16509 (AMAZON-02)
6 2a03:2880:f11... 32934 (FACEBOOK)
4 162.19.138.120 16276 (OVH)
1 44.210.156.48 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.80.245.107 16625 (AKAMAI-AS)
7 2a00:1450:400... 15169 (GOOGLE)
40 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 2600:9000:225... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 15.197.193.217 16509 (AMAZON-02)
15 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 35.186.255.72 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
17 40 142.250.186.34 15169 (GOOGLE)
9 22 185.80.39.216 27381 (CASALE-MEDIA)
6 9 185.89.210.46 29990 (ASN-APPNEX)
1 74.119.118.149 19750 (AS-CRITEO)
6 142.250.184.226 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 52.57.246.107 16509 (AMAZON-02)
2 2600:1f1c:a99... 16509 (AMAZON-02)
1 1 35.190.0.66 15169 (GOOGLE)
3 3 213.155.156.166 1299 (TWELVE99 ...)
1 69.166.1.10 27630 (AS-XFERNET)
2 3 13.248.245.213 16509 (AMAZON-02)
1 1 124.146.215.52 2514 (INFOSPHER...)
1 2 51.75.86.98 16276 (OVH)
1 35.244.159.8 15169 (GOOGLE)
13 151.101.194.133 54113 (FASTLY)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 185.29.134.248 30419 (MEDIAMATH...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 3 151.101.130.49 54113 (FASTLY)
7 9 69.173.144.165 26667 (RUBICONPR...)
2 2 2600:9000:211... 16509 (AMAZON-02)
2 2 35.212.133.238 15169 (GOOGLE)
2 3 2a05:d018:d29... 16509 (AMAZON-02)
2 3 104.36.113.112 62713 (AS-PUBMATIC)
3 3 184.72.23.213 16509 (AMAZON-02)
3 151.101.130.133 54113 (FASTLY)
1 143.204.89.57 16509 (AMAZON-02)
1 2600:1901:0:8... 15169 (GOOGLE)
1 34.120.155.137 396982 (GOOGLE-CL...)
2 23.35.236.201 16625 (AKAMAI-AS)
1 2.18.235.93 16625 (AKAMAI-AS)
2 104.18.11.47 13335 (CLOUDFLAR...)
2 3 52.94.223.167 ()
3 6 52.46.155.104 ()
1 1 185.89.210.82 ()
1 1 35.214.153.92 ()
1 1 193.0.160.130 ()
1 1 2a02:fa8:8806... ()
1 1 34.96.71.22 ()
5 5 54.148.91.225 ()
1 1 74.214.196.131 ()
1 1 185.86.138.152 ()
1 2603:c020:400... ()
1 54.204.159.80 ()
2 204.237.133.120 ()
1 34.91.62.186 ()
1 1 46.228.164.11 ()
1 104.36.113.107 ()
2 204.237.133.121 ()
397 115
1    64.226.93.157 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
account-coinbase.org
1    99.83.138.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: a135022da78f12244.awsglobalaccelerator.com
mlive.com
34    2a02:26f0:64::210:6ae3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.mlive.com
10    2606:4700::6813:bc61 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
2    2600:1901:0:328a::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
satisfycork.com
1    13.32.121.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-95.fra60.r.cloudfront.net
cdn.sophi.io
1    18.66.122.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-48.fra60.r.cloudfront.net
apps.sophi.io
1    2a02:26f0:280:19f::11a6 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700:4400::6812:2b9e (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
6    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
4    104.126.125.209 (Haarlem, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-125-209.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
ads.rubiconproject.com
eus.rubiconproject.com
3    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
3    18.66.97.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-9.fra56.r.cloudfront.net
tags.crwdcntrl.net
3    2a00:1450:4001:830::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
6    35.71.130.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8fd921d2017b5f79.awsglobalaccelerator.com
ecollector-us-east.sophi.io
1    2600:9000:223f:3c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
13    52.222.236.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-26.fra56.r.cloudfront.net
h312.mlive.com
6    23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
10    2606:4700::6811:b8b1 (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
api-v3.tinypass.com
1    13.32.99.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-37.fra60.r.cloudfront.net
ats-wrapper.privacymanager.io
3    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
news.google.com
ampcid.google.de
9    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    52.222.250.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-8.fra60.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1    23.35.237.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-64.deploy.static.akamaitechnologies.com
s.ntv.io
2    13.32.99.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-21.fra60.r.cloudfront.net
sb.scorecardresearch.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a02:26f0:3500:16::215:1490 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net
js.adsrvr.org
2    107.178.250.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
3    52.9.70.182 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-70-182.us-west-1.compute.amazonaws.com
privacy.crwdcntrl.net
id.crwdcntrl.net
sync.crwdcntrl.net
3    52.53.40.23 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-53-40-23.us-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    2a02:26f0:280:29b::11a6 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
1    23.46.116.133 (Stockholm, Sweden)

ASN16625 (AKAMAI-AS, US)
PTR: a23-46-116-133.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    107.23.34.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-34-105.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2600:1f18:730:b150:ed48:47a2:4aed:c72c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    34.232.54.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-54-150.compute-1.amazonaws.com
rp4.liadm.com
2    50.16.113.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-113-20.compute-1.amazonaws.com
advancelocal.blueconic.net
1    13.32.106.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-106-197.fra60.r.cloudfront.net
aax.amazon-adsystem.com
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
3    104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com
at.teads.tv
sync.teads.tv
1    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
2    13.32.99.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-35.fra60.r.cloudfront.net
geo.privacymanager.io
1    18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net
cdn.parsely.com
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    52.213.132.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-132-73.eu-west-1.compute.amazonaws.com
exchange.postrelease.com
1    204.237.133.116 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
hbopenbid.pubmatic.com
1    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    2600:9000:20eb:e800:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
7    52.19.1.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-1-205.eu-west-1.compute.amazonaws.com
jadserve.postrelease.com
2    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
lb.eu-1-id5-sync.com
7    34.205.216.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-216-79.compute-1.amazonaws.com
www.i.matheranalytics.com
1    52.27.163.48 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-27-163-48.us-west-2.compute.amazonaws.com
p1.parsely.com
6    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
1    44.210.156.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-156-48.compute-1.amazonaws.com
idx.liadm.com
2    2a00:1450:400c:c0d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    104.80.245.107 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-80-245-107.deploy.static.akamaitechnologies.com
ead.mlive.com
7    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
40    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2600:9000:2250:3800:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
15    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
1    35.186.255.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.255.186.35.bc.googleusercontent.com
app.matheranalytics.com
1    2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
40    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
22    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
9    185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    74.119.118.149 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
6    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
googleads4.g.doubleclick.net
3    2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    52.57.246.107 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-246-107.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
2    2600:1f1c:a99:832c:cd3f:57:d0bc:dbb2 (San Jose, United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
3    213.155.156.166 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com
d5p.de17a.com
1    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    124.146.215.52 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
13    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
static.advance.net
10    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
3    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
9    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    2600:9000:211e:3c00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    35.212.133.238 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 238.133.212.35.bc.googleusercontent.com
x.bidswitch.net
3    2a05:d018:d29:3602:63ca:667c:7caf:5a80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    104.36.113.112 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    184.72.23.213 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-184-72-23-213.us-west-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
fonts.advance.net
1    143.204.89.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-57.fra50.r.cloudfront.net
check.analytics.rlcdn.com
1    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
2    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
2    104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
3    52.94.223.167 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
6    52.46.155.104 (None, )

ASN- ()
s.amazon-adsystem.com
1    185.89.210.82 (None, )

ASN- ()
secure.adnxs.com
1    35.214.153.92 (None, )

ASN- ()
csync.loopme.me
1    193.0.160.130 (None, )

ASN- ()
p.rfihub.com
1    2a02:fa8:8806:16::1370 (None, )

ASN- ()
casale-match.dotomi.com
1    34.96.71.22 (None, )

ASN- ()
s.company-target.com
5    54.148.91.225 (None, )

ASN- ()
match.prod.bidr.io
1    74.214.196.131 (None, )

ASN- ()
bh.contextweb.com
1    185.86.138.152 (None, )

ASN- ()
rtb-csync.smartadserver.com
1    2603:c020:400d:3000:bf17:cd18:9a23:846c (None, )

ASN- ()
sync.technoratimedia.com
1    54.204.159.80 (None, )

ASN- ()
thrtle.com
2    204.237.133.120 (None, )

ASN- ()
image2.pubmatic.com
1    34.91.62.186 (None, )

ASN- ()
um.simpli.fi
1    46.228.164.11 (None, )

ASN- ()
ad.turn.com
1    104.36.113.107 (None, )

ASN- ()
simage2.pubmatic.com
2    204.237.133.121 (None, )

ASN- ()
image4.pubmatic.com
simage4.pubmatic.com
Apex Domain
Subdomains		 Transfer
60 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
stats.g.doubleclick.net — Cisco Umbrella Rank: 70
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
cm.g.doubleclick.net — Cisco Umbrella Rank: 206
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 319
288 KB
59 googlesyndication.com
aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 135
319 KB
49 mlive.com
mlive.com — Cisco Umbrella Rank: 40856
www.mlive.com — Cisco Umbrella Rank: 45145
h312.mlive.com — Cisco Umbrella Rank: 88862
ead.mlive.com — Cisco Umbrella Rank: 104392
2 MB
23 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 492
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 535
ssum-sec.casalemedia.com
dsum.casalemedia.com
17 KB
16 advance.net
static.advance.net — Cisco Umbrella Rank: 32779
fonts.advance.net — Cisco Umbrella Rank: 55397
381 KB
16 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3020
ads.rubiconproject.com — Cisco Umbrella Rank: 2336
fastlane.rubiconproject.com — Cisco Umbrella Rank: 482
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 2860
pixel.rubiconproject.com — Cisco Umbrella Rank: 322
eus.rubiconproject.com — Cisco Umbrella Rank: 556
token.rubiconproject.com — Cisco Umbrella Rank: 553
150 KB
13 google.com
accounts.google.com — Cisco Umbrella Rank: 72
news.google.com — Cisco Umbrella Rank: 5710
adservice.google.com — Cisco Umbrella Rank: 68
ampcid.google.com — Cisco Umbrella Rank: 2239
www.google.com — Cisco Umbrella Rank: 2
145 KB
13 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 296
aax.amazon-adsystem.com — Cisco Umbrella Rank: 790
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
67 KB
11 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 472
image6.pubmatic.com — Cisco Umbrella Rank: 731
ads.pubmatic.com — Cisco Umbrella Rank: 475
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
15 KB
11 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25
region1.google-analytics.com — Cisco Umbrella Rank: 2368
40 KB
10 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194
94 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
secure.adnxs.com
11 KB
10 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 10452
www.i.matheranalytics.com — Cisco Umbrella Rank: 10239
app.matheranalytics.com — Cisco Umbrella Rank: 15942
44 KB
10 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 7629
cdn.tinypass.com — Cisco Umbrella Rank: 5130
buy.tinypass.com — Cisco Umbrella Rank: 5492
api-v3.tinypass.com — Cisco Umbrella Rank: 14487
156 KB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 379
245 KB
9 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1180
privacy.crwdcntrl.net — Cisco Umbrella Rank: 36196
bcp.crwdcntrl.net — Cisco Umbrella Rank: 881
id.crwdcntrl.net — Cisco Umbrella Rank: 1547
sync.crwdcntrl.net
43 KB
8 postrelease.com
exchange.postrelease.com — Cisco Umbrella Rank: 6280
jadserve.postrelease.com — Cisco Umbrella Rank: 1083
5 KB
8 sophi.io
cdn.sophi.io — Cisco Umbrella Rank: 20988
apps.sophi.io — Cisco Umbrella Rank: 30617
ecollector-us-east.sophi.io — Cisco Umbrella Rank: 26922
38 KB
6 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 446
ups.analytics.yahoo.com — Cisco Umbrella Rank: 277
3 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
340 B
6 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 924
id5-sync.com — Cisco Umbrella Rank: 414
36 KB
6 moatads.com
z.moatads.com — Cisco Umbrella Rank: 456
px.moatads.com — Cisco Umbrella Rank: 528
87 KB
5 bidr.io
match.prod.bidr.io
3 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 326
www.linkedin.com — Cisco Umbrella Rank: 555
px4.ads.linkedin.com — Cisco Umbrella Rank: 6206
5 KB
5 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1392
insight.adsrvr.org — Cisco Umbrella Rank: 580
match.adsrvr.org — Cisco Umbrella Rank: 330
3 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 8820
ampcid.google.de — Cisco Umbrella Rank: 60779
1 KB
4 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1354
at.teads.tv — Cisco Umbrella Rank: 4570
sync.teads.tv — Cisco Umbrella Rank: 1227
4 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 611
1 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 352
1 KB
3 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4619
919 B
3 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 283
224 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 392
mug.criteo.com — Cisco Umbrella Rank: 2797
7 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 2722
google-bidout-d.openx.net — Cisco Umbrella Rank: 2668
671 B
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 187
146 KB
3 liadm.com
rp.liadm.com — Cisco Umbrella Rank: 1507
rp4.liadm.com — Cisco Umbrella Rank: 7161
idx.liadm.com — Cisco Umbrella Rank: 2493
2 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 147
244 KB
3 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 3687
geo.privacymanager.io — Cisco Umbrella Rank: 1695
51 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 612
cdn.indexww.com
2 KB
2 rlcdn.com
check.analytics.rlcdn.com — Cisco Umbrella Rank: 4172
api.rlcdn.com — Cisco Umbrella Rank: 760
637 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 297
2 KB
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 727
883 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 749
s.tribalfusion.com — Cisco Umbrella Rank: 1837
1 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 766
490 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 660
925 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1077
800 B
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1293
contextual.media.net — Cisco Umbrella Rank: 587
8 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2692
p1.parsely.com — Cisco Umbrella Rank: 2039
21 KB
2 blueconic.net
advancelocal.blueconic.net — Cisco Umbrella Rank: 26972
2 KB
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 682
452 B
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 151
3 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 595
530 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
200 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1221
c.go-mpulse.net — Cisco Umbrella Rank: 631
50 KB
2 satisfycork.com
satisfycork.com — Cisco Umbrella Rank: 28031
22 KB
1 turn.com
ad.turn.com
518 B
1 simpli.fi
um.simpli.fi
610 B
1 thrtle.com
thrtle.com
1 technoratimedia.com
sync.technoratimedia.com
1 smartadserver.com
rtb-csync.smartadserver.com
798 B
1 contextweb.com
bh.contextweb.com
661 B
1 company-target.com
s.company-target.com
419 B
1 dotomi.com
casale-match.dotomi.com
182 B
1 rfihub.com
p.rfihub.com
757 B
1 loopme.me
csync.loopme.me
291 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1325
249 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 470
872 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 978
1 KB
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 856
498 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 5893
554 B
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 4487
3 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 334
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2922
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 3187
2 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 642
13 KB
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 797
367 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 618
722 B
1 t.co
t.co — Cisco Umbrella Rank: 507
376 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1125
17 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 616
15 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 685
5 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3418
154 KB
1 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 575
481 B
1 account-coinbase.org
account-coinbase.org
462 B
397 84
Domain Requested by
40 cm.g.doubleclick.net 17 redirects googleads.g.doubleclick.net
aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
40 pagead2.googlesyndication.com securepubads.g.doubleclick.net
aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
34 www.mlive.com www.mlive.com
19 dsum-sec.casalemedia.com 9 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
15 tpc.googlesyndication.com aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
13 static.advance.net buy.tinypass.com
www.mlive.com
13 h312.mlive.com www.mlive.com
h312.mlive.com
10 cdnjs.cloudflare.com buy.tinypass.com
10 cdn.cookielaw.org www.mlive.com
cdn.cookielaw.org
9 ib.adnxs.com 6 redirects googleads.g.doubleclick.net
9 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.mlive.com
7 buy.tinypass.com cdn.tinypass.com
buy.tinypass.com
7 www.i.matheranalytics.com www.mlive.com
7 jadserve.postrelease.com s.ntv.io
www.mlive.com
6 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
6 googleads4.g.doubleclick.net googleads.g.doubleclick.net
6 googleads.g.doubleclick.net aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
pagead2.googlesyndication.com
6 www.facebook.com www.mlive.com
6 ecollector-us-east.sophi.io cdn.sophi.io
6 securepubads.g.doubleclick.net www.mlive.com
securepubads.g.doubleclick.net
5 match.prod.bidr.io 5 redirects
5 pixel.rubiconproject.com 3 redirects
4 token.rubiconproject.com 4 redirects
4 www.google.com aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 px.moatads.com www.mlive.com
4 id5-sync.com cdn.id5-sync.com
micro.rubiconproject.com
4 aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 aax-eu.amazon-adsystem.com 2 redirects
3 match.adsrvr.org ssum-sec.casalemedia.com
3 fonts.advance.net static.advance.net
3 ups.analytics.yahoo.com 3 redirects
3 image6.pubmatic.com 2 redirects ads.pubmatic.com
3 pr-bh.ybp.yahoo.com 2 redirects
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 eb2.3lift.com 2 redirects
3 d5p.de17a.com 3 redirects
3 s0.2mdn.net aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
googleads.g.doubleclick.net
3 www.googletagservices.com aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
3 px.ads.linkedin.com 2 redirects
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
3 bcp.crwdcntrl.net tags.crwdcntrl.net
3 connect.facebook.net www.mlive.com
connect.facebook.net
3 accounts.google.com www.mlive.com
accounts.google.com
3 tags.crwdcntrl.net www.mlive.com
securepubads.g.doubleclick.net
3 c.amazon-adsystem.com www.mlive.com
c.amazon-adsystem.com
2 image2.pubmatic.com
2 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
2 ads.pubmatic.com micro.rubiconproject.com
2 eus.rubiconproject.com micro.rubiconproject.com
eus.rubiconproject.com
2 x.bidswitch.net 2 redirects
2 sync.teads.tv 1 redirects
2 s.ad.smaato.net 2 redirects
2 onetag-sys.com 1 redirects
2 cms.quantserve.com aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
2 prebid-a.rubiconproject.com micro.rubiconproject.com
2 gum.criteo.com 1 redirects static.criteo.net
2 oajs.openx.net 1 redirects
2 stats.g.doubleclick.net www.google-analytics.com
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
micro.rubiconproject.com
2 geo.privacymanager.io ats-wrapper.privacymanager.io
2 advancelocal.blueconic.net h312.mlive.com
2 region1.google-analytics.com www.googletagmanager.com
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 cdn.id5-sync.com www.mlive.com
securepubads.g.doubleclick.net
2 js.matheranalytics.com 1 redirects www.mlive.com
2 sb.scorecardresearch.com www.mlive.com
2 news.google.com www.googletagmanager.com
news.google.com
2 z.moatads.com www.mlive.com
z.moatads.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 www.googletagmanager.com www.mlive.com
www.googletagmanager.com
2 satisfycork.com www.mlive.com
satisfycork.com
1 simage4.pubmatic.com ads.pubmatic.com
1 image4.pubmatic.com
1 simage2.pubmatic.com
1 ad.turn.com 1 redirects
1 um.simpli.fi
1 thrtle.com
1 sync.crwdcntrl.net
1 sync.technoratimedia.com ads.pubmatic.com
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 p.rfihub.com 1 redirects
1 csync.loopme.me 1 redirects
1 secure.adnxs.com 1 redirects
1 js-sec.indexww.com micro.rubiconproject.com
1 contextual.media.net micro.rubiconproject.com
1 api.rlcdn.com micro.rubiconproject.com
1 id.crwdcntrl.net micro.rubiconproject.com
1 lexicon.33across.com micro.rubiconproject.com
1 check.analytics.rlcdn.com micro.rubiconproject.com
1 api-v3.tinypass.com cdn.tinypass.com
1 s.tribalfusion.com
1 a.tribalfusion.com 1 redirects
1 sync.mathtag.com 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 tg.socdm.com 1 redirects
1 sync.go.sonobi.com aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
1 ads.travelaudience.com 1 redirects
1 mug.criteo.com
1 c2.piano.io cdn.tinypass.com
1 app.matheranalytics.com js.matheranalytics.com
1 insight.adsrvr.org js.adsrvr.org
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 ead.mlive.com www.mlive.com
1 idx.liadm.com micro.rubiconproject.com
1 p1.parsely.com www.mlive.com
1 ampcid.google.de www.google-analytics.com
1 px4.ads.linkedin.com www.mlive.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 fastlane.rubiconproject.com micro.rubiconproject.com
1 htlb.casalemedia.com micro.rubiconproject.com
1 hbopenbid.pubmatic.com micro.rubiconproject.com
1 exchange.postrelease.com micro.rubiconproject.com
1 prebid.media.net micro.rubiconproject.com
1 analytics.twitter.com www.mlive.com
1 t.co www.mlive.com
1 cdn.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 ampcid.google.com www.google-analytics.com
1 at.teads.tv a.teads.tv
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 rp4.liadm.com www.mlive.com
1 rp.liadm.com 1 redirects
1 ads.rubiconproject.com micro.rubiconproject.com
1 cdn.tinypass.com experience.tinypass.com
1 secure.cdn.fastclick.net www.mlive.com
1 c.go-mpulse.net s.go-mpulse.net
1 privacy.crwdcntrl.net tags.crwdcntrl.net
1 js.adsrvr.org www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 s.ntv.io www.mlive.com
1 d1z2jf7jlzjs58.cloudfront.net www.mlive.com
1 ats-wrapper.privacymanager.io www.mlive.com
1 experience.tinypass.com www.mlive.com
1 a.teads.tv www.googletagmanager.com
1 static.adsafeprotected.com www.mlive.com
1 micro.rubiconproject.com www.mlive.com
1 s.go-mpulse.net www.mlive.com
1 apps.sophi.io www.mlive.com
1 cdn.sophi.io www.mlive.com
1 mlive.com 1 redirects
1 account-coinbase.org 1 redirects
397 151
Subject Issuer Validity Valid
advancelocal.web.arc-cdn.net
R3		 2023-03-20 -
2023-06-18		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
satisfycork.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
cdn.sophi.io
Amazon RSA 2048 M02		 2023-02-28 -
2023-11-15		 9 months crt.sh
apps.sophi.io
Amazon RSA 2048 M01		 2023-03-18 -
2024-04-15		 a year crt.sh
akstat.io
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-15 -
2023-04-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-12-13 -
2023-12-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
*.sophi.io
Amazon RSA 2048 M01		 2023-02-20 -
2023-06-09		 4 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-09-04		 6 months crt.sh
teads.tv
R3		 2023-02-21 -
2023-05-22		 3 months crt.sh
h299.reckon.news
Amazon RSA 2048 M01		 2023-03-01 -
2023-07-30		 5 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-12 -
2023-09-12		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-24		 7 months crt.sh
*.news.google.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-24 -
2023-10-26		 a year crt.sh
*.scorecardresearch.com
Amazon RSA 2048 M02		 2023-03-01 -
2024-01-28		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-03-31		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
*.blueconic.net
Amazon RSA 2048 M02		 2023-02-28 -
2023-08-06		 5 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
*.parsely.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-07-04		 4 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M01		 2023-02-09 -
2024-02-16		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-02-24 -
2023-08-06		 5 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
www.i.matheranalytics.com
Amazon RSA 2048 M01		 2023-03-02 -
2024-01-13		 10 months crt.sh
*.id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M01		 2023-02-21 -
2023-10-29		 8 months crt.sh
li.lisecurelink.com
R3		 2023-03-22 -
2023-06-20		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-15		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-02-25 -
2023-05-26		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-01-29 -
2023-04-29		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
app.matheranalytics.com
GTS CA 1D4		 2023-02-14 -
2023-05-15		 3 months crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2022-04-27 -
2023-04-26		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
advancelocal.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-04-25 -
2023-05-27		 a year crt.sh
analytics.rlcdn.com
Amazon RSA 2048 M02		 2023-02-28 -
2023-08-25		 6 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-02-15 -
2023-05-17		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M01		 2023-02-10 -
2023-06-11		 4 months crt.sh
*.thrtle.com
Go Daddy Secure Certificate Authority - G2		 2022-03-22 -
2023-04-23		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh

This page contains 29 frames:

Primary Page: https://www.mlive.com/
Frame ID: 86E692923A140B8FAFB08A6E5EB9DEC9
Requests: 205 HTTP requests in this frame

Frame: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 21101FFD12B119BB45C7FB6C25BF08A3
Requests: 1 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: E64666F494C6835B34DFA79AE93F49E1
Requests: 1 HTTP requests in this frame

Frame: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FDB4DF234C8A8959478E9C80E8A7E1D2
Requests: 20 HTTP requests in this frame

Frame: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A2269D98912E6A9EB402A012872EE100
Requests: 20 HTTP requests in this frame

Frame: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BBE511970D99F11AD9A02CDA56B0FD50
Requests: 20 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=4pdxx2d&ref=https%3A%2F%2Fwww.mlive.com%2F&upid=p5qqvcp&upv=1.1.0
Frame ID: E7B9BF4D400CD2272F84A6DA300C2920
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYv-_X4AEwAQ&v=APEucNW1c_hADCoxUMKHbGzrilxtQAOEbKMj-Nc7d-GscU5ersgKFsZXQKf6QLJvBlD7s43utP1hGua0jXKDLIXVwXuuVsIn4_dUwzBB5YhFyXGklAQg92_9ktwGr8AZ-lxmKYzZanVKLAgY9nGrd_vkB2HLwZTauvTtVJzr39hDPTeeaCYXaYD8cVaXJ-BGK5EdnCbobVNB
Frame ID: FF5202476AA8BEA41895549E46ED6586
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYv-_X4AEwAQ&v=APEucNXYWwoXYazFL1wMCCRFNsU-oeyFd_bEEM3q53-pcyfEtMRgPgZaDSoHnazo46tjEyHePn9OLtDpsX5-Gjs_qJD3UsTIokgWPd_nkOvqQ-CWq3KTzkV9BkdQLbE8S6P42GgjBnfYOITdaEuQM0Uc993KIiHK2Io5x_QnzgIOY_0EhYwMhKJa5yzWA3wDZaBETZWs92fk
Frame ID: 2319F51B8D4358B9DD8AFC79FD57ECFA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYv-_X4AEwAQ&v=APEucNX_QyF6sKjkIhY3wCDuLbw5FQsgAitMwSx4hxeb6ugnwvV3pNI7bTtrdxCTVmxSxnPlp4IO9-uhBD01DB01trYuzizooWJXmd6_UpNarEFDyIGhR059x4KhkUiQfj97CD-SJpwxLcmhuHMkg6EFp33WIz5UAW5YV4p-H-52nicCc0vxVazQTO-1aM4fDtsjVXu5GIp3
Frame ID: 195B7389100F3D182BFA343FBDFC8691
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.mlive.com
Frame ID: D3A854E93918B5CFEFCFC8C679DC7D30
Requests: 2 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Frame ID: 65010A6B01B609C3EB5B1694B48ACD1F
Requests: 29 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BB9BF2B59000DEE7CAC04FA19401CE62
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DBD89BB2667E0AEBECF340B07BA03BBA
Requests: 3 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 38EDEF3E146F1126ED914A58A11345CC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 24D8CCCC472F70E8C0A37EFA60ADF021
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 37898F6951B5D62C477E447AE40AE985
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DB5F97B68B19E9121A78E8DE7D93E1FC
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4D0335E9C6F8613A69CE25D340F9E62D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 46EBB44CD60FA8A212FAE3AE375968A8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CDA19ACCF4E2088A6D4474961481144B
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 24D41E53CD121A732393D3FFE83CCD05
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Frame ID: D1C2D606AF5791EC272C6FCB47EA9C8E
Requests: 14 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 541D40144D69C677A9F31C7A86F37796
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 45252E985896581410CA0A46331226B6
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: D28A59FFA1C8EEC167DECAC061FA96A6
Requests: 10 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 46EBAE758D17BED23D38F0B0C5BC8AAB
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=B5760B92-E6B2-48AF-B3CB-87EE4A2C5614&redir=true&gdpr=0&gdpr_consent=
Frame ID: D9E7E3157776E4227C97B3B2E8E30D75
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AADgJU7IOYgAACDBOzjAng&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D5070361841442596527%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0
Frame ID: 2DD51FF5C61E55C602305E3A7A486A0B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Michigan Local News, Breaking News, Sports & WeatherLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. https://account-coinbase.org/ HTTP 307
    https://mlive.com/ HTTP 301
    https://www.mlive.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

397
Requests

86 %
HTTPS

35 %
IPv6

84
Domains

151
Subdomains

115
IPs

11
Countries

4997 kB
Transfer

13744 kB
Size

101
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://account-coinbase.org/ HTTP 307
    https://mlive.com/ HTTP 301
    https://www.mlive.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1620 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
Request Chain 81
  • https://rp.liadm.com/j?dtstmp=1679606790277&se=e30&duid=94c49eadf2ac--01gw85ve42v4y2ezdf61fttkgz&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1679606790277&se=e30&duid=94c49eadf2ac--01gw85ve42v4y2ezdf61fttkgz&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid&i6=MmEwMTo0YTA6MTMzODo5Mjo6MTI%3D&n3pc=true
Request Chain 110
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1679606790516&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3252378%26time%3D1679606790516%26url%3Dhttps%253A%252F%252Fwww.mlive.com%252F%26tm%3Dgtmv2%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1679606790516&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1679606790516&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQIsol_wKyyfmgAAAYcQXb2p_N2VSWxTpyGobeGD19guOYjtA8-Qxw5Y_AglDrhzCJbg0X6F
Request Chain 202
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1&C=1
Request Chain 208
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZBzECOjops6SJwUPtNnhjwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1
Request Chain 209
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEptq9vXuYxPXEP7xIjFG5Q&google_cver=1
Request Chain 210
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIwMzA0MzI5ODE4Mzk2NDI3NQ%3D%3D
Request Chain 211
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1&C=1
Request Chain 212
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZBzECEH7BZJjAiMied.4YAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1&google_hm=2
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEptq9vXuYxPXEP7xIjFG5Q&google_cver=1
Request Chain 214
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgxMTAzNDQ0OTMzNTYyNDgzMQ%3D%3D
Request Chain 215
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1&C=1
Request Chain 216
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZBzECEH7BZJjAiMied.4YAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1&google_hm=2
Request Chain 217
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEptq9vXuYxPXEP7xIjFG5Q&google_cver=1
Request Chain 218
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2MzQzODQ2NjU2MTkzMzU3
Request Chain 222
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=mlive.com&sn=ChromeSyncframe&so=0&topUrl=www.mlive.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=QLv3rnx4T2FrZEgraERSY2F1YVhVQUNOaFNYQUZlNCt1NnAwNTVLQUJ3UHRmblljQVRxdko2QXZtYmNCUzV2U2EwdGVSVXIrNk1makxVNXBXY2hKQjl5WEtscUdlL2szRXl3YzF6TFBpYjZtV2J1MlZuSm9ZWFBEdlZTMDY2M3lYcFVVUVo5ZHQxUFFSNlRzMHM1WDNrQndlTUZWSnV3OENsTGF3V0Q0LzF2QWlYK1FJc25mZmxMSWNaRFljb3BvWjBUMVZhcFpmK2J1cHZwWEZZcmFxaWpUUnZ1aWR1YjFkenk0ZzNZeHRCVTYwOTVrUFBNTy9CTlZrR05ZQzNlWUx6SWt3R3J5SWlGNW43b0dnYk9ybGsrbmtwQT09fA&cppv=2
Request Chain 243
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEIdyw2KNARyuNElzlHStJlw&google_cver=1&google_push=Aa02lx_6bkr3i_u9K5Q4Xu4j2vfTAm1f1Ta7WMt2SGTQlohwUPT6wfH2Uq65SjUDEjGe6AlMlu-yFb9UzOAd0FIQvSlzUTfSWfhSng HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Cg1qgGJ2R9yaOrVnoqu_dg2&google_push=Aa02lx_6bkr3i_u9K5Q4Xu4j2vfTAm1f1Ta7WMt2SGTQlohwUPT6wfH2Uq65SjUDEjGe6AlMlu-yFb9UzOAd0FIQvSlzUTfSWfhSng
Request Chain 244
  • https://d5p.de17a.com/cookies/google?google_gid=CAESECKJpHLi2upyTno22_38gj0&google_cver=1&google_push=Aa02lx_VW92L6kvnUZgnTfue3DU6DeSbIyvWfkgZl4mliwc2gu1flo_ocfOsgPaeJCKM5-oPCeWxsL_Jf_6pKcROxDizW1W_Rq9Gkg HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESECKJpHLi2upyTno22_38gj0&google_cver=1&google_push=Aa02lx_VW92L6kvnUZgnTfue3DU6DeSbIyvWfkgZl4mliwc2gu1flo_ocfOsgPaeJCKM5-oPCeWxsL_Jf_6pKcROxDizW1W_Rq9Gkg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_VW92L6kvnUZgnTfue3DU6DeSbIyvWfkgZl4mliwc2gu1flo_ocfOsgPaeJCKM5-oPCeWxsL_Jf_6pKcROxDizW1W_Rq9Gkg
Request Chain 246
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELezTa-YrpP8v8KQA-L1cXc&google_cver=1&google_push=Aa02lx_jr3mv3Pa0bRWOTnNbjV9AxLYcsYAbzQpfNuNMV9xlerVN7aI9CmzBZNOVn9npn3BlVGH_ZljxgcZXNx5dGeD6YYen8WrpQg HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx_jr3mv3Pa0bRWOTnNbjV9AxLYcsYAbzQpfNuNMV9xlerVN7aI9CmzBZNOVn9npn3BlVGH_ZljxgcZXNx5dGeD6YYen8WrpQg&google_gid=CAESELezTa-YrpP8v8KQA-L1cXc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzg4OTI4MDE0MDQxNTk5OTA5NDk1OA%3D%3D&google_push=Aa02lx_jr3mv3Pa0bRWOTnNbjV9AxLYcsYAbzQpfNuNMV9xlerVN7aI9CmzBZNOVn9npn3BlVGH_ZljxgcZXNx5dGeD6YYen8WrpQg
Request Chain 247
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESENuLT0x7OMCtl0pb_u-jSM0&google_cver=1&google_push=Aa02lx_FSljrsQ-JMEme5MFL77EKLAdTeDpLQftXbz2YHAAPhIo9vmZbRYMiyPZwEZgk8f3CjU5vconb8Hjg_qNdfS7wguA8lsi5zw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx_FSljrsQ-JMEme5MFL77EKLAdTeDpLQftXbz2YHAAPhIo9vmZbRYMiyPZwEZgk8f3CjU5vconb8Hjg_qNdfS7wguA8lsi5zw&google_hm=WkJ6RUNjQ284WGdBQUhVdUNSb0FBQUFB
Request Chain 248
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEO6QEd4WFb3jz_HlzV1ejEo&google_cver=1&google_push=Aa02lx_Pg0uStGP8_Eh9IHb9ml5Zr2sHhgXqn8yo45zWNuIIFBYzMXcU5wbPZL7tM9Ayu1HNi46vGSj6_RLOEjcPP50te_9L1elOy6U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_Pg0uStGP8_Eh9IHb9ml5Zr2sHhgXqn8yo45zWNuIIFBYzMXcU5wbPZL7tM9Ayu1HNi46vGSj6_RLOEjcPP50te_9L1elOy6U HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 293
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECmwjxjyEtmylkXLwgCY5Mw&google_cver=1&google_push=Aer7DvL8S4aqS0Asq5AMej99z6gL2TeKOO711WAZj6VCSpKuy2lPTucXCyNszsZXYg8ItAdfQ1-XQEFig2ecMKEB4jvacHKMYhk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvL8S4aqS0Asq5AMej99z6gL2TeKOO711WAZj6VCSpKuy2lPTucXCyNszsZXYg8ItAdfQ1-XQEFig2ecMKEB4jvacHKMYhk
Request Chain 294
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEAX4tsyUQYMpwQSK9qnKrZo&google_cver=1&google_push=Aer7DvJo15QKh3kZYzfEb3qOxMp0fzjKQeBH3m5CuOjIspVmTPPb438DQCwfU8jX01QpY0vmIo8YoysNzEj7ICRA8-N7oMEU7L_Oxg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJo15QKh3kZYzfEb3qOxMp0fzjKQeBH3m5CuOjIspVmTPPb438DQCwfU8jX01QpY0vmIo8YoysNzEj7ICRA8-N7oMEU7L_Oxg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAX4tsyUQYMpwQSK9qnKrZo&google_cver=1&google_push=Aer7DvJo15QKh3kZYzfEb3qOxMp0fzjKQeBH3m5CuOjIspVmTPPb438DQCwfU8jX01QpY0vmIo8YoysNzEj7ICRA8-N7oMEU7L_Oxg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJo15QKh3kZYzfEb3qOxMp0fzjKQeBH3m5CuOjIspVmTPPb438DQCwfU8jX01QpY0vmIo8YoysNzEj7ICRA8-N7oMEU7L_Oxg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 295
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEC158ttJ04duZ8lmDgmn2oA&google_cver=1&google_push=Aer7DvI7THN_9AI4XM5kAUPJrbpjv2eko_u5hkyjyVJS-dgElecwJPRBPYatpJwkOVUwGjW2Gyo2_alBjXJdDBex6rikePy0LYZR2w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEC158ttJ04duZ8lmDgmn2oA&google_push=Aer7DvI7THN_9AI4XM5kAUPJrbpjv2eko_u5hkyjyVJS-dgElecwJPRBPYatpJwkOVUwGjW2Gyo2_alBjXJdDBex6rikePy0LYZR2w
Request Chain 296
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGyyUpbBRcDwtTYnKLDLNPs&google_cver=1&google_push=Aer7DvLyIYx_U7j0un_wGjp04yxq8MeGQomlHHWZUzjFPOs1J-6G1APsAKPeTwS6qBy7Soth6-Pfb-tDpmgSAEUU1NhsfA9fR8WONQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZMTUlNQlktMVUtTEtNTg==&google_push=Aer7DvLyIYx_U7j0un_wGjp04yxq8MeGQomlHHWZUzjFPOs1J-6G1APsAKPeTwS6qBy7Soth6-Pfb-tDpmgSAEUU1NhsfA9fR8WONQ
Request Chain 297
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIigY7czLWlN_uaLub0FQIQ&google_cver=1&google_push=Aer7DvI7X9OKXowsnvlFnatmG5z_dQ3d52oPGIBKKcvvMpYOi7-X0DN0DFYAkL1mwv70ry9CtTIdG6zl92Ayc3embuLDOhMx3OepXQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aer7DvI7X9OKXowsnvlFnatmG5z_dQ3d52oPGIBKKcvvMpYOi7-X0DN0DFYAkL1mwv70ry9CtTIdG6zl92Ayc3embuLDOhMx3OepXQ
Request Chain 298
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFli_eyz8yC2PQlI7E27tHA&google_cver=1&google_push=Aer7DvIqKWxJ4-bGVY1fzM4orQsF8vz95hTOMhlooMCZxn9SsL9ZUCtpeA_spX8mTgtQ1Q8NkfHdvMFVdlyjVQTPPqBnmVGRam9kW7I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvIqKWxJ4-bGVY1fzM4orQsF8vz95hTOMhlooMCZxn9SsL9ZUCtpeA_spX8mTgtQ1Q8NkfHdvMFVdlyjVQTPPqBnmVGRam9kW7I HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 299
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESED6EHIXimiLYUgSj9gShxoU&google_cver=1&google_push=Aer7DvIuhYWbks5ZJjnnG7-rVGgkA6WnX4u-tjqVmF5nzfNOfTqMEW_2V-PGlpsi4wLWw9-BhUJ3wik-Vje9waRWz3jDd14376N1rXk HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESED6EHIXimiLYUgSj9gShxoU&google_cver=1&google_push=Aer7DvIuhYWbks5ZJjnnG7-rVGgkA6WnX4u-tjqVmF5nzfNOfTqMEW_2V-PGlpsi4wLWw9-BhUJ3wik-Vje9waRWz3jDd14376N1rXk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=8851d4e7-f5fe-40b9-ac68-88558d2a6ced&%%GOOGLE_PUSH_PAIR%%
Request Chain 307
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEC158ttJ04duZ8lmDgmn2oA&google_cver=1&google_push=Aer7DvLrNNHcKTpkFaFAoNMIGzWIdqkyaY5ZoExNAVwU337Q9YWUGrN-ZvIeCvXpcJ396QbSvRb0fnMWvV7CaWSsgZWXYSiJyqU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEC158ttJ04duZ8lmDgmn2oA&google_push=Aer7DvLrNNHcKTpkFaFAoNMIGzWIdqkyaY5ZoExNAVwU337Q9YWUGrN-ZvIeCvXpcJ396QbSvRb0fnMWvV7CaWSsgZWXYSiJyqU
Request Chain 308
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHUmMo8MOAnlQ_pcinU4o9A&google_cver=1&google_push=Aer7DvL1EXwTlKshXOEJqe9Cjp_teprn0h_JzO-xncZeS5-xH8QYnWCkctMUXFTGRpCdjQnBAvereIREpalZohQGLaTi0hsRpVs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvL1EXwTlKshXOEJqe9Cjp_teprn0h_JzO-xncZeS5-xH8QYnWCkctMUXFTGRpCdjQnBAvereIREpalZohQGLaTi0hsRpVs&google_hm=eS1qWjdsbVNkRTJwR1pwanNpMFA3dngudnhkRWZYR3lsan5B
Request Chain 309
  • https://d5p.de17a.com/cookies/google?google_gid=CAESECKJpHLi2upyTno22_38gj0&google_cver=1&google_push=Aer7DvLoQmrBuVnb8JrwuEpxmawIgwtzWw4oVeNoWnL3y0S67Amwmlyr9RpOHFavebVEcTd8Jj8kMdpAJ61zOmtnbHnFP1jiSA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvLoQmrBuVnb8JrwuEpxmawIgwtzWw4oVeNoWnL3y0S67Amwmlyr9RpOHFavebVEcTd8Jj8kMdpAJ61zOmtnbHnFP1jiSA
Request Chain 310
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFwFaSFyx3J6CBWeYOcyl8w&google_cver=1&google_push=Aer7DvKH1lBfPLPCKnFm8IMeszhOe6Tk0NZqNAOIqoEcNlnRK8LAH-jpyLfJtHRNVGiB0VTOWmUWoRQn0aDn3IsvBbZOsdxvRog HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFwFaSFyx3J6CBWeYOcyl8w&google_cver=1&google_push=Aer7DvKH1lBfPLPCKnFm8IMeszhOe6Tk0NZqNAOIqoEcNlnRK8LAH-jpyLfJtHRNVGiB0VTOWmUWoRQn0aDn3IsvBbZOsdxvRog&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tXYLkuaySK-zy4fuSixWFA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvKH1lBfPLPCKnFm8IMeszhOe6Tk0NZqNAOIqoEcNlnRK8LAH-jpyLfJtHRNVGiB0VTOWmUWoRQn0aDn3IsvBbZOsdxvRog
Request Chain 311
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIigY7czLWlN_uaLub0FQIQ&google_cver=1&google_push=Aer7DvKe4EP8RXp2IVEHCyCxxIP1xs_VCBN-MOOfEU4fui7omQGwfpvt_WlVnwzqP6vEXmWim3wc97Vcn8pHy-xWsuVYe7Reu2I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aer7DvKe4EP8RXp2IVEHCyCxxIP1xs_VCBN-MOOfEU4fui7omQGwfpvt_WlVnwzqP6vEXmWim3wc97Vcn8pHy-xWsuVYe7Reu2I
Request Chain 312
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDm_BLMRjZ0OtbOWpgJ7tzs&google_cver=1&google_push=Aer7DvJhE5waaeSla7iO8qZx2rS4FZ3gDWGF8ZU82oN8E5PxfPaj6Wm6jClOxVlmwJ7Gmy8BgiKy6K4_x305overJ6w5rGejdA1d HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDm_BLMRjZ0OtbOWpgJ7tzs&google_cver=1&google_push=Aer7DvJhE5waaeSla7iO8qZx2rS4FZ3gDWGF8ZU82oN8E5PxfPaj6Wm6jClOxVlmwJ7Gmy8BgiKy6K4_x305overJ6w5rGejdA1d&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1NeXV2NXpaRTJ1RUdOLlZDT0dOVlNjVWxJSXFVbUtOZ35B&google_push=Aer7DvJhE5waaeSla7iO8qZx2rS4FZ3gDWGF8ZU82oN8E5PxfPaj6Wm6jClOxVlmwJ7Gmy8BgiKy6K4_x305overJ6w5rGejdA1d
Request Chain 362
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/tY1mVoXD3PooOYgIlZHSIsn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xDuw2jdE2oKeMm3Gka1trHeS0bn_K0ir6giq7Q--~A
Request Chain 363
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1--- HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=t1mNNubOQrOQYv9hfIZrNQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=t1mNNubOQrOQYv9hfIZrNQ
Request Chain 364
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZMTUlNQlktMVUtTEtNTg==&us_privacy=1---
Request Chain 365
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xBOEhgr0TaSM5d0gtu60bQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xBOEhgr0TaSM5d0gtu60bQ
Request Chain 366
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LFLMIMBY-1U-LKMN&us_privacy=1---
Request Chain 367
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELX5cg7ySN1Xfc5bfEWbsIg&google_cver=1
Request Chain 368
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2NhMzc0YTk5N2IzZDFjNDg0MjhhZTMyZDU0Y2QxOGI1ZThlMzA5Yw&us_privacy=1---
Request Chain 373
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZBzECOjops6SJwUPtNnhkAAABGwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEF26cOdXt5-OPofZxc7Yktk&google_cver=1
Request Chain 374
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBzECOjops6SJwUPtNnhkAAABGwAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBzECOjops6SJwUPtNnhkAAABGwAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 375
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=466343846656193357
Request Chain 376
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f3d841e7-a84b-4032-86f5-f244376716e6&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 377
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433827013077559
Request Chain 378
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1679693197
Request Chain 379
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1695504397&external_user_id=909f6f5b-ec05-4bd0-ac89-1f01ee4cf18c
Request Chain 383
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEZ0pVN0lPWWdBQUNEQk96akFuZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADgJU7IOYgAACDBOzjAng&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADgJU7IOYgAACDBOzjAng&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADgJU7IOYgAACDBOzjAng&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5070361841442596527&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AADgJU7IOYgAACDBOzjAng&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D5070361841442596527%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0
Request Chain 384
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tXYLkuaySK-zy4fuSixWFA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 388
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjU3NjBCOTItRTZCMi00OEFGLUIzQ0ItODdFRTRBMkM1NjE0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 389
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDcBr_ay7MA1slmT_G_JfIk&google_cver=1
Request Chain 391
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4542866167504511299&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 394
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B5760B92-E6B2-48AF-B3CB-87EE4A2C5614&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-P74ZsR1E2uXvjBtH009RMsz0SWXaI20-~A&gdpr=0

397 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.mlive.com/
Redirect Chain
  • https://account-coinbase.org/
  • https://mlive.com/
  • https://www.mlive.com/
413 KB
77 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
0807a758f43830290ac9f1dbd9c76c0880c5cbe5b62f3ee64a47d7530f184bf3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

akamai-true-ttl
-1
cache-control
private, max-age=60
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Thu, 23 Mar 2023 21:26:29 GMT
etag
W/"66043-+EZXmVDB5pLcBwK6KPn7beI76hY"
expires
Thu, 23 Mar 2023 21:27:29 GMT
last-modified
Thu, 23 Mar 2023 21:26:29 GMT
referrer-policy
no-referrer-when-downgrade
server
openresty
server-timing
cdn-cache; desc=REVALIDATE edge; dur=195 origin; dur=548 ak_p; desc="466557_34630367_18653329_74196_4405_38_0";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 75993 0 pmb=mRUM,2
x-arc-pb-request-id
6ad49fe6-573b-4c53-933d-72a1f0ac1d7b
x-arc-request-id
0.df6a1002.1679606788.11ca091
x-edgeconnect-cache-status
1
x-edgeconnect-midmile-rtt
0
x-edgeconnect-origin-mex-latency
548

Redirect headers

content-length
134
content-type
text/html
date
Thu, 23 Mar 2023 21:26:28 GMT
location
https://www.mlive.com:443/
server
awselb/2.0
default.css
www.mlive.com/pf/dist/components/output-types/ 		45 B
681 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/components/output-types/default.css?d=1020
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
bba5cf4bf97f335423ef8083a04d8810370b013c18a623e2aec413075ef82ddc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Thu, 23 Mar 2023 21:26:29 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Z3EV7YRFEKP8C1VQ
x-amz-server-side-encryption
AES256
x-arc-request-id
0.df6a1002.1679606789.11ca0b8
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466557_34630367_18653368_42_3948_39_0";dur=1
content-length
57
x-amz-id-2
x0CqR0JYreA+ZRFaMRVL7lw3jP+wJSpV/qoHSzzNwioa1CfIM4UisWx193hZOjNjPqZ9rlsFzqY7wQwneKt6DieOMidHir1uAQfoeIBNbHA=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 15:50:20 GMT
server
openresty
etag
"534bb0614e61e484cae7d5dc8ecc424c"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Mar 2024 21:26:29 GMT
default.css
www.mlive.com/pf/dist/components/combinations/ 		395 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1020
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
2e70339b7bba71423618af4fd76e2801b70afc7bb30ad616acecec4b5d58d68a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Thu, 23 Mar 2023 21:26:29 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
1HN1XVGDXHAW3J5W
x-amz-server-side-encryption
AES256
x-arc-request-id
0.df6a1002.1679606789.11ca0b9
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466557_34630367_18653369_1023_3224_39_0";dur=1
content-length
61916
x-amz-id-2
/2kIjqCZNk06H+zG1YBULB+b1OLoR+kLy3fqHXdoWJtkmawRI0ifWR6Z7WTMbfM4vuJM3jQeF1U=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 15:50:20 GMT
server
openresty
etag
W/"742a36d0abeafafd55ac837347114a66"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
expires
Fri, 22 Mar 2024 21:26:29 GMT
style.css
www.mlive.com/pf/resources/dist/mlive/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=1020
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
7e72d8281c6f47d755df0fa72bdefc93d98a2c17375fb9e446b14dba8717bac0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Thu, 23 Mar 2023 21:26:29 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
S3EMFZPEGPFKSNWG
x-amz-server-side-encryption
AES256
x-arc-request-id
0.df6a1002.1679606789.11ca0ba
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466557_34630367_18653370_1014_3274_39_0";dur=1
content-length
493
x-amz-id-2
ELBQqHuZL4zOZ208Q35Hi45aipR1CRdXUPNZt62lm4tiLSMCRH3TdI/cIXSSFFn3bLdUkULPUw8=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 15:50:19 GMT
server
openresty
etag
W/"36733c7cc5678fcf1a9c3a2ae85be66d"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Fri, 22 Mar 2024 21:26:29 GMT
react.js
www.mlive.com/pf/dist/engine/ 		344 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/engine/react.js?d=1020
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
51612bfdf5ad0758f3526d87fdf15b4562ab85a15f6c1728f92559feeffa3890
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Thu, 23 Mar 2023 21:26:29 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Z3EG90SBEHP1M2ZA
x-amz-server-side-encryption
AES256
x-arc-request-id
0.df6a1002.1679606789.11ca0c5
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466557_34630367_18653381_30_3300_40_0";dur=1
content-length
103501
x-amz-id-2
A1CUWeMjhBv70qRxH0tr0zMu0HywnrrKVMkAVSUVltEOY1o8W2lb3R99q2DyQ8cuH+AwKlgtGJ9B8CP4GWWyxg==
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 15:50:20 GMT
server
openresty
etag
W/"06fd62d26038457974480d0b167c4944"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Fri, 22 Mar 2024 21:26:29 GMT
default.js
www.mlive.com/pf/dist/components/combinations/ 		2 MB
456 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/components/combinations/default.js?d=1020
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
eee6038e23a5c7f74f21c296a12b973b78f8031937762b3ab88100f0876e8c1e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Thu, 23 Mar 2023 21:26:29 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Z3EP0V1GEGY4RSD6
x-amz-server-side-encryption
AES256
x-arc-request-id
0.df6a1002.1679606789.11ca0c6
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466557_34630367_18653382_50_3295_40_0";dur=1
content-length
465303
x-amz-id-2
fLvCQXS6fhdmnJNMZkorw+Hn6sCspf6gimUycQpQPZLqEtHScN0bB1zpexvFt5RduWAo9zEmN1U=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 15:50:20 GMT
server
openresty
etag
W/"9a9eb796084d24b57061224a3e7764e8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Fri, 22 Mar 2024 21:26:29 GMT
166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff
www.mlive.com/pf/resources/fonts/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff?d=1020
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
6fa8b9c20d5c4f5711f76f4f4adafafc90e8f89bac2c7b3dfc2c7e63abb55d21
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Thu, 23 Mar 2023 21:26:29 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
1HNF70MJ6AHECQ0Y
x-amz-server-side-encryption
AES256
x-arc-request-id
0.df6a1002.1679606789.11ca0bb
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466557_34630367_18653371_1024_3172_39_0";dur=1
content-length
54391
x-amz-id-2
qc9GtCpqLlJRAijwhrB6h++9z5vbrpxjtSemOsjDMQEfapnIahRdaGkWJxB6i1qEnlbycnUYjZQ=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 15:50:19 GMT
server
openresty
etag
W/"63c3700153fd19bac6ac63c816251c03"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Fri, 22 Mar 2024 21:26:29 GMT
448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff
www.mlive.com/pf/resources/fonts/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff?d=1020
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
c942cb01ca7d8956086518f0315ac0be0374cb0f0a38ffe67a52bc4ae7ff5f6f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Thu, 23 Mar 2023 21:26:29 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Z3EJR60JNTY9GZ6M
x-amz-server-side-encryption
AES256
x-arc-request-id
0.df6a1002.1679606789.11ca0bc
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466557_34630367_18653372_1025_3165_39_0";dur=1
content-length
53376
x-amz-id-2
Kw132Eltv4L6aYo/xLWZzJaY1Z8tzDO+/P338rGZE1bwP8WjKvBpQOrPwQv0ui/RNlFyJgBx9Ck=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 15:50:19 GMT
server
openresty
etag
W/"00b8650c0e6992c5c9ced8f621e43ffd"
x-edgeconnect-cache-status
1
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Fri, 22 Mar 2024 21:26:29 GMT
a408f907-3ee4-4578-a3d1-4134558cb82a-3.woff
www.mlive.com/pf/resources/fonts/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/a408f907-3ee4-4578-a3d1-4134558cb82a-3.woff?d=1020
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
c25ce818c3c2ab4992bc0b61a60d1822f239a638af59ad63ed2fe2028e3037f8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Thu, 23 Mar 2023 21:26:29 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Z3ETSMM8ETRV73FT
x-amz-server-side-encryption
AES256
x-arc-request-id
0.df6a1002.1679606789.11ca0bd
server-timing
cdn-cache; desc=HIT, edge; dur=35, ak_p; desc="466557_34630367_18653373_4789_2909_40_0";dur=1
content-length
53862
x-amz-id-2
dVMfugZpuhOdmAUF8F9odyJZP+gZbscXZdbX4Y0oXZB8kUo5JJXOG09utH5PDAif3nJX6KO2eXw=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 15:50:19 GMT
server
openresty
etag
W/"527a99c70868c89d6be3cc11a8feb999"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Fri, 22 Mar 2024 21:26:29 GMT
farnhamheadline-medium.woff
www.mlive.com/pf/resources/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/farnhamheadline-medium.woff?d=1020
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Thu, 23 Mar 2023 21:26:29 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
1HNCZQ62A8Z6QRNQ
x-amz-server-side-encryption
AES256
x-arc-request-id
0.df6a1002.1679606789.11ca0be
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466557_34630367_18653374_1022_3180_39_0";dur=1
content-length
36831
x-amz-id-2
uT3qb5Jov0Ci+hey3lIV/h63BlRyUlroDrVow9D6ipAQhqTAZLdOgNB56fOaN/NR+91mMxpprIHcC1sho6M3Sw==
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 15:50:19 GMT
server
openresty
etag
W/"05b85684cbf3bc11490297c50cfd67c3"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Fri, 22 Mar 2024 21:26:29 GMT
farnhamheadline-semi-bold.woff
www.mlive.com/pf/resources/fonts/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/farnhamheadline-semi-bold.woff?d=1020
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Thu, 23 Mar 2023 21:26:29 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Z3ETZY72Y5QSS38R
x-amz-server-side-encryption
AES256
x-arc-request-id
0.df6a1002.1679606789.11ca0bf
server-timing
cdn-cache; desc=HIT, edge; dur=38, ak_p; desc="466557_34630367_18653375_4761_3108_40_0";dur=1
content-length
37066
x-amz-id-2
IoIA4AAecvGSiQ6jX7dleAgeb80syPXV5KRqUnUmMkvyYD0UYqSAIMrq6KzUOXlko2LQbvoSBLw=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 15:50:19 GMT
server
openresty
etag
W/"c9a8222fbabe6b700baacd21dd7a1f61"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Fri, 22 Mar 2024 21:26:29 GMT
WVYC4WZM3FF4LNK7NT2BZKNVW4.JPG
www.mlive.com/resizer/XJFK9GjhXFCucs8i83DWoJM1qRI=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/XJFK9GjhXFCucs8i83DWoJM1qRI=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/WVYC4WZM3FF4LNK7NT2BZKNVW4.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
91d2e76fdb4c9c5e73d02953252128726f4f544e8f2b89a06ab141b333106c4e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Thu, 23 Mar 2023 21:26:29 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 15:43:02 GMT
server
Akamai Image Manager
x-serial
1318
x-check-cacheable
YES
etag
"dc8bb032b95d4bfaa954a5a27d54dc6bb90bd61b"
x-arc-request-id
0.df6a1002.1679606789.11ca0c7
content-type
image/avif
cache-control
private, no-transform, max-age=31515329
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466557_34630367_18653383_36_4381_40_0";dur=1
content-length
22106
expires
Fri, 22 Mar 2024 15:41:58 GMT
iabCcpaIntegrationScript-noGAM.js
cdn.cookielaw.org/opt-out/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Mar 2023 21:26:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ZkLmnzyu8aoAQNwZHm6Yqw==
age
62224
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
92965cfc-901e-0118-2ce1-5ab326000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7ac9c0c45abe37e8-FRA
logo_main.svg
www.mlive.com/pf/resources/images/mlive/logos/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/logo_main.svg?d=1020
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
f4ece8f2f5242967e98c6718f283e961576d68b4b7be96124eca22f554dcb275
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Thu, 23 Mar 2023 21:26:29 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
1HNC24M5WGY5CMHN
x-amz-server-side-encryption
AES256
x-arc-request-id
0.df6a1002.1679606789.11ca0c8
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466557_34630367_18653384_15_3517_40_0";dur=1
content-length
660
x-amz-id-2
14OlMJTO+cIdfh2Ld8HRKbOAz8xk+vuYWIel58t312I1dMC2eBzhudPtlnP2iRdnV7q35dViAqY=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 15:50:20 GMT
server
openresty
etag
W/"351c57e1a77c618772f5966a7f2094ee"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Fri, 22 Mar 2024 21:26:29 GMT
logo_main_sm.svg
www.mlive.com/pf/resources/images/mlive/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/logo_main_sm.svg?d=1020
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a39cd6a9413784646378ab9490f6a80ea1c2eaf4870c1022f44e4e64380c7cda
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Thu, 23 Mar 2023 21:26:29 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
1HN0K4498RDVKP1H
x-amz-server-side-encryption
AES256
x-arc-request-id
0.df6a1002.1679606789.11ca0c9
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466557_34630367_18653385_65_3223_40_0";dur=1
content-length
902
x-amz-id-2
lS5/5OzFcYl0Tot2Lxda13Ru1DMP+zMt5/L+d3hKaeK9TtFEY7CLCzwQCFfFp0T61Iz0JUt/fuY=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 15:50:20 GMT
server
openresty
etag
W/"cb98cda61d359616349bbc2a92540ddb"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Fri, 22 Mar 2024 21:26:29 GMT
social-monochrome.svg
www.mlive.com/pf/resources/images/mlive/logos/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/social-monochrome.svg?d=1020
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
4eb67b42d6abea96d75df507d23f0421da85d5658322720fded36c94cce45d7b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Thu, 23 Mar 2023 21:26:29 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
0WX7MD3BA9JX90X4
x-amz-server-side-encryption
AES256
x-arc-request-id
0.df6a1002.1679606789.11ca0ca
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466557_34630367_18653386_80_3098_40_0";dur=1
content-length
603
x-amz-id-2
mOC2jKwx2wEj7EpYRLHC80HCGprqW9B1xxslZqDvUx/WpiII0RfsE5Sllf824yRaJu3Fk13TaTM=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 15:50:20 GMT
server
openresty
etag
W/"7819fa78e2e7770bb40587187d83cb87"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Fri, 22 Mar 2024 21:26:29 GMT
logo_footer.png
www.mlive.com/pf/resources/images/mlive/logos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/logo_footer.png?d=1020
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Server /
Resource Hash
714ae045ee63393cd0d777be10cfcaa462a5759d509d278122564545dbb875cc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
86400, 1800, 1800
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Thu, 23 Mar 2023 21:26:29 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 15:50:20 GMT
server
Akamai Image Server
etag
W/"be8042e858f0c6b5cd87834c8aafe76d"
x-arc-request-id
0.df6a1002.1679606789.11ca0cb
content-type
image/png
access-control-allow-origin
*
cache-control
public, private, max-age=1753
server-timing
cdn-cache; desc=HIT, edge; dur=50, ak_p; desc="466557_34630367_18653387_5068_3709_39_0";dur=1
x-akamai-note
original-image
content-length
2878
expires
Thu, 23 Mar 2023 21:55:42 GMT
AdvanceLocal_horizontal.svg
www.mlive.com/pf/resources/images/common/logos/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/logos/AdvanceLocal_horizontal.svg?d=1020
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
702c805fec65a8cc8c6c40aed34123b021e5ed6107cc6dfdebc4b0fc2e229887
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Thu, 23 Mar 2023 21:26:29 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
S3EZ42R45M6A0YYC
x-amz-server-side-encryption
AES256
x-arc-request-id
0.df6a1002.1679606789.11ca0cc
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466557_34630367_18653388_82_3065_40_0";dur=1
content-length
3554
x-amz-id-2
rqDVfig7RrPExUTmI7sYUKUAN0L3GtqfDkvNQ3qGHTwMNazJ2emgyJssuFjZfrEjvtOAVN14h2Y=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 15:50:19 GMT
server
openresty
etag
W/"3770993da506fb6d4bbccfcdcc3a4800"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Fri, 22 Mar 2024 21:26:29 GMT
ad-choices-arrow.png
www.mlive.com/pf/resources/images/common/logos/ 		190 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/logos/ad-choices-arrow.png?d=1020
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
9ead871d27f3a0d803f4d6139feb2f2694d3a26c54fd6734f789a06aad0f5303
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Thu, 23 Mar 2023 21:26:29 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 16:06:00 GMT
server
Akamai Image Manager
etag
W/"c6e75cc6be8dcb2f2d1ab36209f3c3b7"
x-arc-request-id
0.df6a1002.1679606789.11ca0cd
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31516854
server-timing
cdn-cache; desc=HIT, edge; dur=26, ak_p; desc="466557_34630367_18653389_2633_4125_38_0";dur=1
content-length
190
expires
Fri, 22 Mar 2024 16:07:23 GMT
v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
satisfycork.com/ 		60 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
f43cb128e145441d0808dc63537b007b6689277088e89dd56a6f25e566587ea1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Thu, 23 Mar 2023 21:26:29 GMT
x-datacenter
gce-europe-west1
etag
"a59e0d50d6b0288a06b62a74e69afc0e3919efdea8deb7c4237f252246e0b861"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-test-s3rt
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
814291840
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sophi.min.js
cdn.sophi.io/advancelocal/ 		102 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sophi.io/advancelocal/sophi.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-95.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b9afeb90db17ffa772a8bbc38f8ae37524ac4c0660dfc228f528cfe36a38d53d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 01:24:07 GMT
x-amz-version-id
.qZXsiAWjTa0yWFLcXE5U.grm2eEgIL7
content-encoding
br
last-modified
Mon, 27 Feb 2023 17:38:35 GMT
server
AmazonS3
via
1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
etag
W/"0915af152c652f927c398faa26e9904b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
72143
x-amz-cf-id
Kflwyfsqu-4OIFz4C80Ga0aKfiYu9yHgKsn9j0mJNFhafFqtIQiGlQ==
al-mlive.segments.min.js
apps.sophi.io/latest/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.sophi.io/latest/al-mlive.segments.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-48.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0709e11f34bb1e47193a170bc8baf94732a32a867443b29be840c550cc03981d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
5x.gfjtiZoE7IFt5eELjKuStLmrI5ZXL
content-encoding
gzip
via
1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
date
Thu, 23 Mar 2023 21:26:22 GMT
last-modified
Thu, 09 Feb 2023 19:54:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
10
x-amz-server-side-encryption
AES256
etag
W/"25a09f4745cf7bc62917c4a8bea2a575"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=0
x-amz-cf-id
y0tRSkBLgALpR_hF5HpRopuTH3uUarzuGhaa9l_tf-nrkH3RVMKh2g==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e85a649094d881201f7a886c94cd19e72196c761da5017c9269b03b35ca9c5c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Mar 2023 21:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
XP5ufGIMVAznk1F+pqtwzg==
age
62274
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
8618
x-ms-lease-status
unlocked
last-modified
Wed, 22 Mar 2023 19:31:24 GMT
server
cloudflare
etag
0x8DB2B0C05E72DC5
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6605a4f9-f01e-0061-4c04-5d9c39000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7ac9c0c45ac037e8-FRA
SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:280:19f::11a6 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:29 GMT
content-encoding
br
last-modified
Fri, 24 Feb 2023 20:00:47 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
gtm.js
www.googletagmanager.com/ 		440 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e37d5d48bbe9f2dc54b2cd523e781dfb9e1772c858b759ace0132b4b5a35e1ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125546
x-xss-protection
0
last-modified
Thu, 23 Mar 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 23 Mar 2023 21:26:29 GMT
chevron-white.svg
www.mlive.com/pf/resources/images/common/arrows/ 		864 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/arrows/chevron-white.svg?d=1020
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Thu, 23 Mar 2023 21:26:29 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
WFFZ9ZJAND6VJ7F6
x-amz-server-side-encryption
AES256
x-arc-request-id
0.df6a1002.1679606789.11ca0d1
server-timing
cdn-cache; desc=HIT, edge; dur=9, ak_p; desc="466557_34630367_18653393_898_3574_40_0";dur=1
content-length
486
x-amz-id-2
8PA7IBOMD8rLaoCHuczR+fIifZ3VMTU+l39vsKWkRQ7ghXlUZQ7O/EJZeRtpVi3d8Nl0fdt/G0V6tGBy16aP7Q==
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 15:50:19 GMT
server
openresty
etag
W/"691552a6377a1dfc9eeae87d6aeb8931"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Fri, 22 Mar 2024 21:26:29 GMT
podcast.svg
www.mlive.com/pf/resources/images/mlive/promo/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/promo/podcast.svg?d=1020
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=1020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
b396ae4c9dc4cec9c79931da5c8993ffb15d5d6ed98a14fc00bb4d159c7dd739
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=1020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Thu, 23 Mar 2023 21:26:29 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
49073XMSYB011S27
x-amz-server-side-encryption
AES256
x-arc-request-id
0.df6a1002.1679606789.11ca0d2
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=116, ak_p; desc="466557_34630367_18653394_1427_3614_38_0";dur=1
content-length
2589
x-amz-id-2
DjNmnaqrW41P512jBtUrdC3ctGZHs2+UWrgYLLYuWhzcEJh6ugDlzeD9PQMA5AM/ep14dUVmmIM=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 15:50:20 GMT
server
openresty
etag
W/"562343e31998148153bc8be55796e6e1"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Fri, 22 Mar 2024 21:26:29 GMT
chevron-black-right.svg
www.mlive.com/pf/resources/images/common/arrows/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/arrows/chevron-black-right.svg?d=1020
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
276ca8da7dd05a55c760ead2eec9d5c74629897d0b5b3e5190d4fc9bd38ea7fc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Thu, 23 Mar 2023 21:26:29 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
0640JVDM41E2MXCG
x-amz-server-side-encryption
AES256
x-arc-request-id
0.df6a1002.1679606789.11ca0d3
server-timing
cdn-cache; desc=HIT, edge; dur=6, ak_p; desc="466557_34630367_18653395_637_3558_40_0";dur=1
content-length
746
x-amz-id-2
5EM4Y+SxmFEp7j8vpofvYUqJy4xoh0Dz29y4MStTjn6kmLkKwv/618mbpZmAJHPzoWdwcggDbg0=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 15:50:19 GMT
server
openresty
etag
W/"4347be806f2c6a630a5407afb75ab920"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Fri, 22 Mar 2024 21:26:29 GMT
D7PYXKGDGFDQTDPASBZDXQXQ6I.png
www.mlive.com/resizer/31XgHFKJC0GTUFO5YtDdJF7rBpI=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/31XgHFKJC0GTUFO5YtDdJF7rBpI=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/D7PYXKGDGFDQTDPASBZDXQXQ6I.png
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
6ea05156b4f23e5f75165721227c870e6981157d9420ba99965935795af95c7c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Thu, 23 Mar 2023 21:26:29 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 13:09:01 GMT
server
Akamai Image Manager
etag
"f3ed2f2b18baa4a1b4f887bf1f77915886a6b764"
x-arc-request-id
0.df6a1002.1679606789.11ca0d5
content-type
image/avif
cache-control
private, no-transform, max-age=31506072
server-timing
cdn-cache; desc=HIT, edge; dur=25, ak_p; desc="466557_34630367_18653397_2482_4638_39_0";dur=1
content-length
14508
expires
Fri, 22 Mar 2024 13:07:41 GMT
N4ELLYI6QNDWZDGOYVK7PMB4RY.jpg
www.mlive.com/resizer/8KmCKqKG6X4A7xw1GNJx5vTXn-Q=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/8KmCKqKG6X4A7xw1GNJx5vTXn-Q=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/N4ELLYI6QNDWZDGOYVK7PMB4RY.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
5f91a3e4dc93998a6bc7b47acd940aee4c6c5761d190130806ae8f2ac9396970
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Thu, 23 Mar 2023 21:26:30 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 19:30:40 GMT
server
Akamai Image Manager
x-serial
1369
x-check-cacheable
YES
etag
"fbcb67e637afb231553606959a12449e1f8e0b61"
x-arc-request-id
0.df6a1002.1679606789.11ca0d6
content-type
image/avif
cache-control
private, no-transform, max-age=31529067
server-timing
cdn-cache; desc=MISS, edge; dur=282, origin; dur=81, ak_p; desc="466557_34630367_18653398_36173_5576_42_0";dur=1
content-length
38723
expires
Fri, 22 Mar 2024 19:30:57 GMT
5H2DBB6DVRFX3OO2PM5BJQ7KEM.JPG
www.mlive.com/resizer/KbiAWIBY98dL-Ncl5pkMnBxrdJY=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/KbiAWIBY98dL-Ncl5pkMnBxrdJY=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/5H2DBB6DVRFX3OO2PM5BJQ7KEM.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
a1dda5c077ade9fbff07f4bfd2b7eaa7bf9c85828c33e5a46656ffcf2a3cd45c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Thu, 23 Mar 2023 21:26:30 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 20:40:10 GMT
server
Akamai Image Manager
etag
"6925b1412b27fef49a505c9d7f467d9ec9782fb0"
x-arc-request-id
0.df6a1002.1679606789.11ca0d7
content-type
image/avif
cache-control
private, no-transform, max-age=31533230
server-timing
cdn-cache; desc=HIT, edge; dur=451, ak_p; desc="466557_34630367_18653399_45011_5568_38_0";dur=1
content-length
62270
expires
Fri, 22 Mar 2024 20:40:20 GMT
KKZ66FIMAZF3VDUTO3YDZFQSII.png
www.mlive.com/resizer/hG1F1liQ5Rw1WWdgomaG8cwCKQI=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/hG1F1liQ5Rw1WWdgomaG8cwCKQI=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/KKZ66FIMAZF3VDUTO3YDZFQSII.png
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
cbedc76bbc0f835c5231af76f1693d61b7fa63eef006571f78a50112fa1377f5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Thu, 23 Mar 2023 21:26:29 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 12:07:29 GMT
server
Akamai Image Manager
x-serial
1492
x-check-cacheable
YES
etag
"d5eebc9fd3686bdee22e7b521feb4d5af38a07ba"
x-arc-request-id
0.df6a1002.1679606789.11ca0d8
content-type
image/avif
cache-control
private, no-transform, max-age=31502429
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=383, ak_p; desc="466557_34630367_18653400_4343_5523_39_0";dur=1
content-length
83906
expires
Fri, 22 Mar 2024 12:06:58 GMT
3DSAVDDOCRHMDA67URR3UMQE2Q.JPG
www.mlive.com/resizer/-4lmcMSgY_YDCf3pkhWKKBj37nI=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/-4lmcMSgY_YDCf3pkhWKKBj37nI=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/3DSAVDDOCRHMDA67URR3UMQE2Q.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
83dd5e2ec7f010521cf38d41dcbb088e058b981d7bb6d561ef8bf3ef858d677b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Thu, 23 Mar 2023 21:26:29 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 18:25:59 GMT
server
Akamai Image Manager
etag
"a8e59827c956fda8967226f195f7010717542d8d"
x-arc-request-id
0.df6a1002.1679606789.11ca0d9
content-type
image/avif
cache-control
private, no-transform, max-age=31525255
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466557_34630367_18653401_69_5491_39_0";dur=1
content-length
31696
expires
Fri, 22 Mar 2024 18:27:24 GMT
FNNLOKEQRRHSVMA5H7G4GIVGPE.JPG
www.mlive.com/resizer/OmBomQUbmKBqg1zKtwTy0dmiyy0=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/OmBomQUbmKBqg1zKtwTy0dmiyy0=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/FNNLOKEQRRHSVMA5H7G4GIVGPE.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
49418e46007d8e183329e53717b17e2db899ea108ed356acbaa8da230f537348
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Thu, 23 Mar 2023 21:26:29 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 00:43:07 GMT
server
Akamai Image Manager
etag
"c36370b584c40ad29e50341c283012302a49afbb"
x-arc-request-id
0.df6a1002.1679606789.11ca0da
content-type
image/avif
cache-control
private, no-transform, max-age=31461345
server-timing
cdn-cache; desc=HIT, edge; dur=28, ak_p; desc="466557_34630367_18653402_2790_5518_39_0";dur=1
content-length
23637
expires
Fri, 22 Mar 2024 00:42:14 GMT
NDJBVD4MWZG6LJAID5KF6Y4444.jpg
www.mlive.com/resizer/rFj6b6v7wiF-cWrtLEO_mP6a5Gk=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/rFj6b6v7wiF-cWrtLEO_mP6a5Gk=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/NDJBVD4MWZG6LJAID5KF6Y4444.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
d491994075b0726b776ad474b7d6a68b6e854b38efd8a554dbcc62a5df1a6a9d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Thu, 23 Mar 2023 21:26:29 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 19:32:16 GMT
server
Akamai Image Manager
etag
"05d2df5bfacad5358faa6d797b873b25930a7285"
x-arc-request-id
0.df6a1002.1679606789.11ca0db
content-type
image/avif
cache-control
private, no-transform, max-age=31529189
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466557_34630367_18653403_67_5495_39_0";dur=1
content-length
20398
expires
Fri, 22 Mar 2024 19:32:58 GMT
J2EHK66POBFUHMIAOLSIQYZZSU.jpg
www.mlive.com/resizer/ipeOjTUqtmwsAWR5GM87O5_RtJI=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/ipeOjTUqtmwsAWR5GM87O5_RtJI=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/J2EHK66POBFUHMIAOLSIQYZZSU.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
4e493b45e090df2042742be7bcc013b285766279434c2f9b50116a902b4da1fb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Thu, 23 Mar 2023 21:26:29 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 14:00:58 GMT
server
Akamai Image Manager
x-serial
975
x-check-cacheable
YES
etag
"b8c2f383150024f6a6c49bacbf9ea02241e5746b"
x-arc-request-id
0.df6a1002.1679606789.11ca0dc
content-type
image/avif
cache-control
private, no-transform, max-age=31509314
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=57, ak_p; desc="466557_34630367_18653404_2027_5449_39_0";dur=1
content-length
32091
expires
Fri, 22 Mar 2024 14:01:43 GMT
AUIJTUZ5TBHIRA3GYBYKNE2F24.png
www.mlive.com/resizer/lmwGIhhsE5lU1kc53JFDvh4pIZM=/600x337/filters:focal(1369x797:1379x787)/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/lmwGIhhsE5lU1kc53JFDvh4pIZM=/600x337/filters:focal(1369x797:1379x787)/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/AUIJTUZ5TBHIRA3GYBYKNE2F24.png
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
287d71946cf81db282fd4a1baa9981420a38eddedbd6d533b469e7a391e433e0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Thu, 23 Mar 2023 21:26:30 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 19:48:11 GMT
server
Akamai Image Manager
etag
"80f8887142dff102e6addd66764b0e250de8e989"
x-arc-request-id
0.df6a1002.1679606789.11ca0dd
content-type
image/avif
cache-control
private, no-transform, max-age=31530124
server-timing
cdn-cache; desc=HIT, edge; dur=363, ak_p; desc="466557_34630367_18653405_36754_4915_42_0";dur=1
content-length
41580
expires
Fri, 22 Mar 2024 19:48:34 GMT
KXP3675JZRBFFGACUPZKCSC7II.png
www.mlive.com/resizer/gBzyfxXXWJcVUE8yaXr1-yxj7No=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/gBzyfxXXWJcVUE8yaXr1-yxj7No=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/KXP3675JZRBFFGACUPZKCSC7II.png
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
45b23afa6982e54cb7528f39f1f9b511ef0190bc63ffcc2584bafe72342c0931
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Thu, 23 Mar 2023 21:26:29 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 13:27:06 GMT
server
Akamai Image Manager
etag
"beadc4dffe6731cd1d81f7e8535da8d50aee2fc9"
x-arc-request-id
0.df6a1002.1679606789.11ca0de
content-type
image/avif
cache-control
private, no-transform, max-age=31507250
server-timing
cdn-cache; desc=HIT, edge; dur=6, ak_p; desc="466557_34630367_18653406_620_5422_39_0";dur=1
content-length
37253
expires
Fri, 22 Mar 2024 13:27:19 GMT
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		68 B
235 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0af719f3a3c9eed767bcf7e1b8b179655c9b0c1fd6157618d704f11a1cdcdfc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
7ac9c0c59b8f2bd1-FRA
vary
Accept-Encoding
content-type
text/javascript
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d5525eadfae3dd40c52331434aab0b4e809fe3b9ea8d1f3bd24a15d4191555f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27487
x-xss-protection
0
server
sffe
etag
"1520 / 893 of 1000 / last-modified: 1679603501"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Mar 2023 21:26:30 GMT
10071.js
micro.rubiconproject.com/prebid/dynamic/ 		443 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/10071.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.125.209 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-125-209.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5c5d60d67a21f90e5a8c7d6cade2332d13283442a89f0c2b771386a7245f6e4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:30 GMT
content-encoding
gzip
last-modified
Thu, 23 Mar 2023 08:40:55 GMT
server
Apache
vary
accept-encoding, referer
edge-cache-tag
prod-prebid-10071_MI_Desktop_Mobile.js
content-type
text/javascript
cache-control
public, must-revalidate, max-age=14400
content-length
131403
expires
Fri, 24 Mar 2023 09:16:05 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		224 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73a147ae450a66402be107fd6f6d46d12f5df31fb22ea4dddc9bcc42c06de09e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:21:14 GMT
content-encoding
gzip
via
1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront), 1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 19:29:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
317
x-amz-server-side-encryption
AES256
etag
W/"9bc5c23889e7664ec16504ac1d3adeb5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
VGe9IEoTXvTdbt5AeThHMROrTL8T1PcVD-ATsr9N2CIXY5vX8edMyA==
lt.min.js
tags.crwdcntrl.net/lt/c/963/ 		56 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-9.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5368918706a26d1fe5acb19bb4d139fd4dba0d5f330e16eb039d1986f3bf29a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 22:50:28 GMT
content-encoding
gzip
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 20:28:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
81363
etag
W/"67c654dab9f54b593157047a3e33716d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
ODiG_Iee5VM3BmLlbCHasznBwubxH-kQrdVrpmbOPSBSfx6ekuOzYw==
client
accounts.google.com/gsi/ 		194 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
27c73614e9064e8026ed1f3761bf58abbe252efc21e5de4eb91a1178778c09c1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BVennka61SaBzFYowa8WPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:30 GMT
content-security-policy
script-src 'report-sample' 'nonce-BVennka61SaBzFYowa8WPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Thu, 23 Mar 2023 21:26:30 GMT
icon-menu-outline.svg
www.mlive.com/pf/resources/images/common/icons/ 		523 B
913 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/icons/icon-menu-outline.svg?d=1020
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
3f5684bf5aa4a6eb5c9015394c8739dff39377a73adf72c30ba511d0ab5b50f3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1020
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Thu, 23 Mar 2023 21:26:30 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
1XV3HM4V0TFBMB1P
x-amz-server-side-encryption
AES256
x-arc-request-id
0.df6a1002.1679606790.11ca0eb
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466557_34630367_18653419_46_3463_44_0";dur=1
content-length
278
x-amz-id-2
+yRyrgxbrtIFMXOeq9F+tWe4cdLHeE6u8i1Ng/q1zW12aZL9bc+BVsUC/aO9X/QL4YvTukFbYP0=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 15:50:19 GMT
server
openresty
etag
W/"ef41b0e325b0902f9a8781e21cc20457"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
image/svg+xml
access-control-allow-origin
*, *
cache-control
public, max-age=31536000
expires
Fri, 22 Mar 2024 21:26:30 GMT
user-white.svg
www.mlive.com/pf/resources/images/common/icons/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/icons/user-white.svg?d=1020
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Thu, 23 Mar 2023 21:26:30 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
W75JAYH2SM1PEQP0
x-amz-server-side-encryption
AES256
x-arc-request-id
0.df6a1002.1679606790.11ca0ec
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466557_34630367_18653420_49_3429_44_0";dur=1
content-length
2508
x-amz-id-2
WkHr75R1J0UTGKln0Pn0j657WeDHU/iuHI9M+ZwNNyDN29mj38AVPCId/6oiJ8MwIKN2Nd2QmyI=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Mar 2023 15:50:19 GMT
server
openresty
etag
W/"fdc13d9553130cf8463df06e8ba5682d"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Fri, 22 Mar 2024 21:26:30 GMT
92a6747a-ce11-46a4-93d3-d5b3bd38e0ac.json
cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
115821cf1798bdfd189a89b3d6e7b6758170b76b513dc491af97fee3bada6f2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Mar 2023 21:26:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
iO0YdKATiZu4DaV6ode9MQ==
age
61972
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1553
x-ms-lease-status
unlocked
last-modified
Tue, 07 Mar 2023 14:41:12 GMT
server
cloudflare
etag
0x8DB1F19FFC465F1
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8c0e5bd5-b01e-0029-57e1-5aaea4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7ac9c0c66bf78ff4-FRA
expires
Fri, 24 Mar 2023 21:26:30 GMT
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.130.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.mlive.com
access-control-max-age
600
content-length
0
date
Thu, 23 Mar 2023 21:26:30 GMT
server
nginx
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/advancelocal/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.130.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.mlive.com
date
Thu, 23 Mar 2023 21:26:30 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adunitid=eprpqj&adnum=377292
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:3c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Jun 2022 14:52:58 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
23438012
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
insNmlh9Guu8cKe-_nPJLWlwI1Eb_1SZ7gQL7xA3Px20dEyIMorJGQ==
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date
Thu, 23 Mar 2023 21:26:30 GMT
content-encoding
br
last-modified
Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id
6PX7G9BXZ1EJ8Q4H
etag
"6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3391
x-amz-id-2
mn+sdmW1kRLqXoGcKjiUOnURKtt8S7jop2YTJNIsjYf9vysp6bNqxt2aL5b1GjUmGsC39PaWn24=
script.js
h312.mlive.com/ 		148 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/script.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
4f588e766e32d6bc7a1ddc91e00a9a56cf8e4d48b0902fbbcf733c9b507ebc41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:16:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
age
575
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
45995
x-xss-protection
1; mode=block
last-modified
Thu, 23 Mar 2023 21:16:19 GMT
server
-
etag
2e3186b89d4f9bcb8de80d6aa3d030f3
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=600
x-robots-tag
noindex, nofollow
x-amz-cf-id
PFvzij5KuMDh6D8bN6bdoG5GETosxpbH3Jtzv3_vvk7PNQziU2sY1w==
expires
Thu, 23 Mar 2023 21:26:55 GMT
moatheader.js
z.moatads.com/advanceddigitalheader640552616592/ 		240 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
962808d38f02dc6af6a7a9646f3cb038656e582ff6d21e71973a00672debc3a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:30 GMT
content-encoding
gzip
last-modified
Wed, 15 Mar 2023 16:00:25 GMT
server
AmazonS3
x-amz-request-id
YX6EMBG4N4MFKY9T
etag
"3d671f66bdd0fb6828d33c219fde91ca"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31284
accept-ranges
bytes
content-length
85323
x-amz-id-2
J/RRa2Lr/BjQ7xfmaW/DVxSt99D/vZph/4VBHbvki7y1SdXoJKdFpHLtkGiVbIU+Y+BuP+vWRbM=
load
experience.tinypass.com/xbuilder/experience/ 		338 B
510 B 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=8Gu2Z8RCvZ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
date
Thu, 23 Mar 2023 21:26:30 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Mar 2023 20:30:16 GMT
server
cloudflare
age
3374
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
cf-ray
7ac9c0c6dab09273-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
st3vl3ta6n
expires
Thu, 23 Mar 2023 21:56:30 GMT
ats.js
ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ 		153 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ats.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-37.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5a42867b2e0e170a68f5f522e404e5dc68555951c89be838c1d1baa02167885

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
PlcFqz3xUr4JxGnMAKISQFK82C1yeEbP
content-encoding
gzip
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
date
Thu, 23 Mar 2023 20:35:00 GMT
last-modified
Mon, 27 Feb 2023 08:26:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
3091
x-amz-server-side-encryption
AES256
etag
W/"5183ab4e2e471137dc24bdce42891db3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
A0DSaKgUB5l5Fm9ZIYwMG9tZQ4bMzLZF8YNw87YZa3tKdcyP9BKkyQ==
swg.js
news.google.com/swg/js/v1/ 		197 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
264b1a65f1c30de9e496ed9f2bea3f3cb3461b26c78284c1ab04a741044ae9ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:02:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1440
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58571
x-xss-protection
0
last-modified
Wed, 22 Mar 2023 21:59:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Mar 2023 21:52:30 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Mar 2023 20:05:11 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4879
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 23 Mar 2023 22:05:11 GMT
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-8.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
public
Date
Thu, 23 Mar 2023 19:45:41 GMT
Via
1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
X-Amz-Cf-Pop
FRA60-P3
Age
6049
ETag
"5eb31be4-3a2"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Connection
keep-alive
Content-Length
930
X-Amz-Cf-Id
-2WdAKlHm60SQoo29gtcHCZKW0vwnQKAmyXe2TcBypVJ9ZMj8vXE1g==
Expires
Fri, 24 Mar 2023 19:45:41 GMT
load.js
s.ntv.io/serve/ 		545 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-64.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
551b59c1d6b77f6a3557ffd18e6a3ae079cb21d21edcae2e4114044557cef638

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 21:26:30 GMT
Content-Encoding
gzip
x-amz-request-id
G204YWM7AZJQC7GZ
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
+76HCy3Sxo/uWvcVlvZftP/SP4QfwUNWgf4Mthh6FbXNZFZ4hVlZaJmIai2xbmBhBkcCJsUH43E=
Last-Modified
Mon, 13 Mar 2023 17:57:34 GMT
Server
AmazonS3
ETag
"797313c591ade1f6921de63f010ac6a0"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 03:00:25 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
72404
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
m1vDJyWqY_r5XFuOv9XADE_OayastBPh1xBBp8DxWzzDzXqpCo8pnQ==
fbevents.js
connect.facebook.net/en_US/ 		107 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 23 Mar 2023 21:26:30 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27907
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
+jNwEcWwYtH5joCB1J1KP6sax8n+5US/Yyn4Fb2bE49EAYrfL5tH8j1+Ki1uGKLkqiMVQWovyCoXbaraJjm+yw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Jan 2023 17:22:56 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=55532
accept-ranges
bytes
content-length
4777
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:30 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230034-FRA
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-15-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 07:56:03 GMT
Content-Encoding
gzip
Via
1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
Age
48628
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
pGZHrhvmbZkSstWU8jMNs-6Rk0sS9sLf_BNn63RBYTtu6UEkK78mGg==
ml.br.js
js.matheranalytics.com/static/ltm/ma63527/all/15/
Redirect Chain
  • https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1620
  • https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
142 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
107.178.250.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
68b5df8a16ee7bbfd4789f8533b7f9882f9095625a8be1f56e352bc10710484d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:50:18 GMT
content-encoding
br
via
1.1 google
last-modified
Wed, 07 Apr 2021 17:41:03 GMT
server
nginx
age
16572
etag
"8be38a11960c372ea9c4119961294047"
vary
Accept-Encoding
x-cache
HIT Sun, 18 Dec 2022 07:06:40 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42243

Redirect headers

date
Thu, 23 Mar 2023 21:26:30 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
cache-control
public, max-age=269200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
6-gc-europe-west6-8j340995
js
www.googletagmanager.com/gtag/ 		221 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GG8B674XK4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c9be997ecd98b947e767bf7206596af2ced83ef71a897abcb1ed92c7a28d6a9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78923
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Mar 2023 21:26:30 GMT
set
privacy.crwdcntrl.net/consent/ 		301 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://privacy.crwdcntrl.net/consent/set?ct=skip&ca=1&ccd=1&cds=1&cta=1&c=963
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.70.182 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-70-182.us-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
5cb4ccc7f2156ab43bfbc359e85b2c5854db0a5fc5375d83f1835df739933bd4

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:30 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.41.21.43
access-control-allow-credentials
true
content-length
301
expires
0
data
bcp.crwdcntrl.net/6/ 		60 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.53.40.23 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-53-40-23.us-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
28332462eb796fe950a7a2ba6296fedcbf7feb3159bb94609e3c6f1de618ad08

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:30 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.41.29.140
access-control-allow-credentials
true
content-length
60
expires
0
pubads_impl_2023032001.js
securepubads.g.doubleclick.net/gpt/ 		396 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf2086397a5d0d6d9c67e72d0dce0c0e734c9867e3cf6c1dd529b1fd22713393
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 18:56:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9009
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136699
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 08:34:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 22 Mar 2024 18:56:21 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		1 KB
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eaf72a16915b22085727866ce28a4b306711fd041a33ead2c759302c650ef9dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
394
x-xss-protection
0
expires
Thu, 23 Mar 2023 21:26:30 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3178&u=https%3A%2F%2Fwww.mlive.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
cdc09616482b23651a59600f7be19ae57c62086f99faadb86e7da494a585c05a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 19:21:25 GMT
via
1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
7505
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1675
x-amz-cf-id
zdA9P1_-1zxdzkUI-hN72XFDlhuE917RT3GKr1AQ0Ooxf-KYCOLhnQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
V2lSIFfe30G.NOL3Jg0JvcKQw0PMFHNY
content-encoding
gzip
via
1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
date
Wed, 22 Mar 2023 23:17:09 GMT
x-amz-cf-pop
FRA56-P6
age
80703
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 21 Mar 2023 22:59:14 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
ttzHRa9dKSsIVpbjwRLR3IzZYP2JsVsD7zr1zzEBHuCCVk_ZKHX_Bw==
config.json
c.go-mpulse.net/api/ 		51 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ&d=www.mlive.com&t=5598689&v=1.720.0&sl=0&si=3611c467-61c1-4794-8c93-d26a228facb2-rrzsw4&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=468260
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:280:29b::11a6 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
28445ab5a58bac3609ddba4d1200c1797a766b538fd6b0bdb0926fbe386f327c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Mar 2023 21:26:30 GMT
Cache-Control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
51
Content-Type
application/json
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		59 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7ac9c0c7388f3649-FRA
access-control-allow-headers
Content-Type
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.116.133 Stockholm, Sweden, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-116-133.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:30 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Thu, 23 Mar 2023 21:41:30 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-9.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
26840d8e6a3847df23553537b405e9badca0dff237b0854f15d04656dd57e40e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 22:50:07 GMT
content-encoding
gzip
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 22:36:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
81384
etag
W/"4c91450a102f312a8d75826eeee52ef9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
qofeod4TSDNZhbXxnCk1nlQ6hfnTMsGBnnLP8q7zTHYz4koZ7nF7jQ==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 13 Feb 2023 11:21:55 GMT
server
cloudflare
x-amz-request-id
CA8N1VMPA4QHK1FZ
age
2661
etag
W/"7586740695219e27c1483ac351f18884"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7ac9c0c858d5904e-FRA
x-amz-id-2
7zXnQkOSNwiBbcVJRfFHGjJk+T2gZU7gvUijOpxL3h+0fw/LNPzvFf5AvQil+6B1OmZhtMPZocc=
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.34.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-34-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 23 Mar 2023 21:26:30 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.34.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-34-105.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 23 Mar 2023 21:26:30 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
collect
region1.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GG8B674XK4&gtm=45je33m0&_p=1571381025&cid=1032820800.1679606790&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&sid=1679606790&sct=1&seg=0&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&en=page_view&_fv=1&_nsi=1&_ss=1&ep.headline=undefined&ep.author=undefined&ep.entry_id=undefined&ep.page_type=homepage&ep.product=homepage-beta&ep.platform=desktop&ep.page_path=%2F&ep.user_subscription_status=undefined&ep.ab_test_group_user=sub-group-b&ep.search_term=undefined&ep.targeting_codes=undefined&ep.targeting_codes2=undefined&ep.targeting_codes3=undefined&ep.targeting_codes4=undefined&ep.targeting_codes5=undefined&ep.targeting_codes6=undefined&ep.entry_tags=undefined&ep.referring_subdomain=undefined&ep.browser_cookie_region=undefined&epn.monthly_visit_number=1&ep.content_region=undefined&ep.content_topics=undefined&ep.blog_category=undefined&ep.section=Home%20Page&ep.article_date_original=undefined&ep.article_date_updated=undefined&ep.entity_type=undefined&ep.entity_value=undefined&ep.auxiliaries=undefined&ep.gigya_user_id=undefined&ep.usprivacy_cookie=undefined&ep.userid_flag=false
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GG8B674XK4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tinypass.min.js
cdn.tinypass.com/api/ 		365 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=8Gu2Z8RCvZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beb2636884ca091d56f6de9efe61829ed57cf27c3ae87cb1870179c2adecbf4c
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:30 GMT
x-amz-version-id
LqnBc2e_eg4eOl1SVxCdte7mNZ2EKKqu
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
44SHBN80CE95ADX7
age
12846
x-amz-server-side-encryption
AES256
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
StrHNIOFF+mwkKNGMEtpyEQyfir2rtV+7JZaKcAQwLmVFaWUX6+RIk9BQ0bK+QeAjMsLlcDIMk5E+IzYNguU0g==
last-modified
Tue, 21 Mar 2023 09:52:32 GMT
server
cloudflare
etag
W/"abc46ff8bbc06f2ce873a67de4c57381"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
7ac9c0c7ec0e9273-FRA
expires
Fri, 24 Mar 2023 01:26:30 GMT
10071-pbjs-floors.json
ads.rubiconproject.com/floors/ 		56 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/10071-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.125.209 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-125-209.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
031bdcca56a4af695f0aadaeb97d3587348ccb5cb352e016b58417da197a48d0

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Mar 2023 21:26:30 GMT
content-encoding
gzip
last-modified
Thu, 23 Mar 2023 20:40:55 GMT
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
5727
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1679606790277&se=e30&duid=94c49eadf2ac--01gw85ve42v4y2ezdf61fttkgz&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid
  • https://rp4.liadm.com/j?dtstmp=1679606790277&se=e30&duid=94c49eadf2ac--01gw85ve42v4y2ezdf61fttkgz&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid&i6=MmEwMTo0YTA6MTMzODo5Mjo6MTI%3D&n3pc=true
42 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1679606790277&se=e30&duid=94c49eadf2ac--01gw85ve42v4y2ezdf61fttkgz&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid&i6=MmEwMTo0YTA6MTMzODo5Mjo6MTI%3D&n3pc=true
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
34.232.54.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-54-150.compute-1.amazonaws.com
Software
/
Resource Hash
5ce8647c88445649306948bab16764727ad0866a64fc66202b97b88176272628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:31 GMT
x-pixel-event-id
69543c63-bb4c-4a70-b9ea-58dbe59cdfe9
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
vary
Origin
content-type
application/json
request-time
0
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
abbd93432688afce
content-length
42
x-xss-protection
1; mode=block

Redirect headers

date
Thu, 23 Mar 2023 21:26:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
vary
Origin
location
https://rp4.liadm.com/j?dtstmp=1679606790277&se=e30&duid=94c49eadf2ac--01gw85ve42v4y2ezdf61fttkgz&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid&i6=MmEwMTo0YTA6MTMzODo5Mjo6MTI%3D&n3pc=true
access-control-allow-origin
https://www.mlive.com
request-time
0
access-control-allow-credentials
true
trace-id
9f60a8f3fd712c1e
content-length
0
x-xss-protection
1; mode=block
cs
advancelocal.blueconic.net/DG/DEFAULT/ 		16 B
703 B 		Script
General
Check archive.org
Download Go to
Full URL
https://advancelocal.blueconic.net/DG/DEFAULT/cs?&callback=bc_json390
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.113.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-113-20.compute-1.amazonaws.com
Software
- /
Resource Hash
3dd674c3a6f39c394437d74f3d99aa81618bad67991a2344fa62797571a8c297
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		99 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3178&u=https%3A%2F%2Fwww.mlive.com%2F&pid=eXa0TJvxclZW6&cb=0&ws=1600x1200&v=23.320.1710&t=1500&slots=%5B%7B%22sd%22%3A%22ad-small-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22Advance_MI_BTF_DESKTOP%22%7D%2C%7B%22sd%22%3A%22ad-small-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22Advance_MI_BTF_DESKTOP%22%7D%2C%7B%22sd%22%3A%22ad-large-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22Advance_MI_BTF_DESKTOP%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.106.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-106-197.fra60.r.cloudfront.net
Software
Server /
Resource Hash
f2348dedf8d16f84fda26dd4153491d47327a259ea67c80612ac563649de92f5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:30 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
0Z2YDN88VGE6RH1XQFK6
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
99
x-amz-cf-id
7xyw8sknjatxjfSDB1PcvIJQNEveqKwgheX5_qJnsNnVFI-7j-fGfg==
map
bcp.crwdcntrl.net/6/ 		60 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.53.40.23 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-53-40-23.us-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
70f7544cc5e6b23a89b942155932f508d938f5368d3ff866125a1f5492c87eac

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:30 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.41.7.46
access-control-allow-credentials
true
content-length
60
expires
0
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=441607153687539&correlator=2542856336687056&eid=44785728&output=ldjh&gdfp_req=1&vrg=2023032001&ptt=17&impl=fifs&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=728x91%7C970x91&ifi=1&adks=2024654923&didk=597696865&sfv=1-0-40&fsbs=1&prev_scp=rg_adslot%3DInFeed_Center_Wide_Adhesion%26rg_atf%3Dtrue%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Center_Wide_Adhesion%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3DMI-desktop-InFeed_Center_Wide_Adhesion%26rg_a9%3DAdvance_MI_ATF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta&eri=1&cust_params=rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop&sc=1&cookie_enabled=1&abxe=1&dt=1679606790389&lmt=1679606789&dlt=1679606789507&idt=808&adxs=0&adys=13038&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.mlive.com%2F&frm=20&vis=1&psz=728x4&msz=728x0&fws=4&ohw=728&ga_vid=1032820800.1679606790&ga_sid=1679606790&ga_hid=1571381025&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6bf10282d8c63c69646c465e64fc74dd3679a548e7bb7a80eaf7e6bce63e937
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
576
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2110 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Mar 2023 21:26:30 GMT
expires
Fri, 22 Mar 2024 21:26:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
fpc
at.teads.tv/ 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_11014&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=8480ba3&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 21:26:30 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://www.mlive.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 23 Mar 2023 21:26:30 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202302.1.0/ 		405 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202302.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e70be2849f7e7f7f27dc4eb168538ef25474e4799e1a4a4d9aee01f57f4c5a3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Mar 2023 21:26:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
+3NcDg7IRUqn5oCiPaN6Hg==
age
62274
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
99858
x-ms-lease-status
unlocked
last-modified
Fri, 10 Mar 2023 03:55:12 GMT
server
cloudflare
etag
0x8DB211B3FF3862E
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fcd3e129-501e-0082-29e1-5a79b6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7ac9c0c8185437e8-FRA
publisher:getClientId
ampcid.google.com/v1/ 		74 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Mar 2023 21:26:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
/
geo.privacymanager.io/ 		30 B
609 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-35.fra60.r.cloudfront.net
Software
/
Resource Hash
55033882e1bc61cac58471a0ce5372606abd57a9663921dbd6f9a4a926c601b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 02:07:14 GMT
via
1.1 474733f16f494ddb794b4f7dfd7de966.cloudfront.net (CloudFront), 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
69556
x-amzn-requestid
60316217-0093-42b0-8926-adeddb26110c
x-amzn-trace-id
Root=1-641bb452-72b99eb416ddb9ef0b5852ef;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
CNkc7FiODoEFbKg=
content-length
30
x-amz-cf-id
be6A8ehU36aF5T_kOQdUXYvojxVL1S2WJcxPFHmpmyOjFJkBBYrucA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ 		30 B
608 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-35.fra60.r.cloudfront.net
Software
/
Resource Hash
55033882e1bc61cac58471a0ce5372606abd57a9663921dbd6f9a4a926c601b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 02:07:14 GMT
via
1.1 474733f16f494ddb794b4f7dfd7de966.cloudfront.net (CloudFront), 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
69556
x-amzn-requestid
60316217-0093-42b0-8926-adeddb26110c
x-amzn-trace-id
Root=1-641bb452-72b99eb416ddb9ef0b5852ef;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
CNkc7FiODoEFbKg=
content-length
30
x-amz-cf-id
8jvSm42xHv_PhniGkL6YGBlvh-vuQF1YP78vmc8quf2nUcZ0KCuxYg==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
style
accounts.google.com/gsi/ 		533 B
585 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-wENcqzDMXypIK22g49cR7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:30 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-wENcqzDMXypIK22g49cR7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Thu, 23 Mar 2023 21:26:30 GMT
status
accounts.google.com/gsi/ 		40 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=339703812340-kido2ms26ssegr4jpn27vo7ro7hgkjme.apps.googleusercontent.com&as=y6SwjmSb1qzZKuqPOJa7zw
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e957602c8de5c0ca4e9995f40a3be256073198e8b128e071be4bde07dd29b14e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-92S0T4b4AoRfYd1F2JRmWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:30 GMT
content-security-policy
script-src 'report-sample' 'nonce-92S0T4b4AoRfYd1F2JRmWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6458
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 19:15:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Mar 2023 21:52:31 GMT
p.js
cdn.parsely.com/keys/mlive.com/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/mlive.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-100-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
36ea8d266ccb57796d82e6eb05f11c634302a0bc3623c5e7fa7261a1a69e0d90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
public
date
Thu, 23 Mar 2023 00:18:52 GMT
content-encoding
gzip
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified
Wed, 29 Jun 2022 14:34:05 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
76398
etag
W/"62bc62dd-df3e"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
7VGnJZ80epujMuUtBnarJItY5XmNG5oGov4hAyZA65wyT5VSpqd-tg==
expires
Fri, 24 Mar 2023 00:13:12 GMT
iframe.html
z.moatads.com/hd09824092/ Frame E646 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=2684
content-length
1374
content-type
text/html
date
Thu, 23 Mar 2023 21:26:30 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
server
AmazonS3
unused62
8096267
x-amz-id-2
bLl72GtpcxM8rSKIodQlKgK0BRPdEbxIV8PPGYh9PcLqpR363i0Z1TjhY7+mRyWYYTxnhPRiG5Y=
x-amz-request-id
A3423FE5772816F0
b
sb.scorecardresearch.com/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6034988&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1679606790473&ns_c=UTF-8&c3=&c4=https%3A%2F%2Fwww.mlive.com%2F&c7=https%3A%2F%2Fwww.mlive.com%2F&c8=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&c9=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-21.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:30 GMT
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
j0DwyLxMJ6TjTzeJ9wVr4ETDL-Z2vnA2fR7vQM2n12dvbJQrUryrTQ==
x-cache
Miss from cloudfront
120978121945017
connect.facebook.net/signals/config/ 		378 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/120978121945017?v=2.9.99&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
446028abfb101cb4495d1330285608754ee8dcdc5a798832da48d2f3b2d5812b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 23 Mar 2023 21:26:30 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110429
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
QSFif0MQ0BHIL9SMLHH+RZ5hPFMcqMTubpAcoahVW5TqD62+IgSJJkH67ZOJMbIWM/fvGqHzW7CQPgvSTRnINg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
adsct
t.co/1/i/ 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=889d1205-f3f0-449a-968b-e4a1b18e5879&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=082e3d00-be8c-4064-b022-551512fbff68&tw_document_href=https%3A%2F%2Fwww.mlive.com%2F&tw_iframe_status=0&txn_id=o8yo8&type=javascript&version=2.3.29
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-response-time
101
date
Thu, 23 Mar 2023 21:26:30 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
31e4442c0d46c4f7
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
eaa61c66c181ab065c8cea775679c9ff53cf4927130fa737bdb6c72bb071d8c9
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=889d1205-f3f0-449a-968b-e4a1b18e5879&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=082e3d00-be8c-4064-b022-551512fbff68&tw_document_href=https%3A%2F%2Fwww.mlive.com%2F&tw_iframe_status=0&txn_id=o8yo8&type=javascript&version=2.3.29
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-response-time
110
date
Thu, 23 Mar 2023 21:26:30 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
8cef56bfe5eff081
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
d2418bf0de1e7ee7b431fa5ea62a19da14faeac9f7deb5fc2c2b5033ab4498d8
content-length
43
v2oylRe6oI55Qaz7EmNT69FdLaMEk6PW3lF5fMAkBgM_FqsEM7YTJ0H9kN-vGL8r_mgpBLlPn
satisfycork.com/ 		206 B
233 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://satisfycork.com/v2oylRe6oI55Qaz7EmNT69FdLaMEk6PW3lF5fMAkBgM_FqsEM7YTJ0H9kN-vGL8r_mgpBLlPn
Requested by
Host: satisfycork.com
URL: https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
5b77178200c4362d6f60afa77c066f5042c88986068531154e7c8bb8a465a46e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Thu, 23 Mar 2023 21:26:30 GMT
via
1.1 google
x-buildnumber
814291840
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
x-hostname
fen-hoothoot-europe-west1-test-s3rt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Thu, 23 Mar 2023 21:26:29 GMT
prebid
prebid.media.net/rtb/ 		338 B
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU211111
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c40598cf630b6555f010b88e055dd2bb9602a2cfb1629f1a22b91a1e5d0dac82

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:31 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 23 Mar 2023 21:26:31 GMT
prebid
exchange.postrelease.com/ 		0
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_ptd=1134022,1134019&ntv_pas=eyIxMTM0MDE5IjpbWzMwMCwyNTBdXSwiMTEzNDAyMiI6W1szMDAsMjUwXV0sImxlbmd0aCI6Mn0=&ntv_ppf=eyJhZC1zbWFsbC0yIjp7ImJhbm5lciI6eyIzMDB4MjUwIjowLjk3LCIqIjowLjk3fSwiKiI6eyIqIjowLjcxLCIzMDB4MjUwIjowLjcxfX0sImFkLXNtYWxsLTEiOnsiYmFubmVyIjp7IjMwMHgyNTAiOjAuODIsIioiOjAuODJ9LCIqIjp7IioiOjAuNzEsIjMwMHgyNTAiOjAuNzF9fSwiYWQtbGFyZ2UtMSI6eyJiYW5uZXIiOnsiMzAweDI1MCI6MC44NSwiKiI6MC44NX0sIioiOnsiKiI6MC43MSwiMzAweDI1MCI6MC43MX19fQ==&ntv_pb_rid=5257bc2e84a888&ntv_ppc=W3siYWRVbml0Q29kZSI6ImFkLXNtYWxsLTIiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXV19fX0seyJhZFVuaXRDb2RlIjoiYWQtc21hbGwtMSIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdXX19fSx7ImFkVW5pdENvZGUiOiJhZC1sYXJnZS0xIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF1dfX19XQ==&ntv_dbr=eyJhZC1zbWFsbC0yIjowLCJhZC1zbWFsbC0xIjowLCJhZC1sYXJnZS0xIjowfQ==&ntv_url=https%3A%2F%2Fwww.mlive.com%2F
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.132.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-132-73.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:31 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Thu, 23 Mar 2023 21:26:29 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=488240
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
710cfa82b549bcce7c2e4e4abe60daae45dbff28276c0d21f97a8db24f35cf09

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qK%2FNlj%2BeK2Xs14MNw6IMn%2Bc8TlX9ymo0Gbk9xGeW3lJebehk6RTT2kAz5Zl%2BYYKlFmCbZXKQHykwDpKtD9bDPZ1XKVr5YuWWfGQ%2FGYNg4%2Bl2ti7PlmebGG67O6WO%2BibXVjYi%2FJ3%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ac9c0cc1a6130e4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		708 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10071&site_id=311380&zone_id=1580874%3B1580870%3B1580874&size_id=15&eid_pubcid.org=50f982dc-f2a4-4426-b89f-26969c379071%5E1&rf=https%3A%2F%2Fwww.mlive.com%2F&tg_i.page=https%3A%2F%2Fwww.mlive.com%2F&tg_i.domain=mlive.com&tg_i.aupname=344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Right%2Crg_platform%3Ddesktop%3B344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Left%2Crg_platform%3Ddesktop%3B344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Right%2Crg_platform%3Ddesktop&tg_i.pbadslot=344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-2%3B344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-1%3B344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-large-1&tk_flint=dmpbjs_v7.40.0&x_source.tid=1926f5aa-4703-43c4-b1cd-76a9287ecf19%3B5b2722a0-ef83-4a81-8595-cc05d2823775%3Bf6246124-62ce-4840-a1fc-0a2c958941d4&l_pb_bid_id=18ba21d1b2f6805%3B192e1a02f52dab1%3B20f30f58ce69833&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.97%3B0.82%3B0.85&rp_maxbids=1&p_gpid=344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-2%3B344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-1%3B344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-large-1&slots=3&rand=0.7355218387058093
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
76a0d48c521910e2a2c3802ca96f5407a8fddda388ed10eae76682a93b533457

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:31 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.mlive.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
token
cdn.linkedin.oribi.io/partner/3252378/domain/mlive.com/ 		36 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/3252378/domain/mlive.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:e800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 20:43:24 GMT
content-encoding
gzip
via
1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
2587
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
R1WKeI69RCBSh9KIJnyVxYfOInmZ41ZzKN-5FRy73dRkNYVU418n7g==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1679606790516&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3252378%26time%3D1679606790516%26url%3Dhttps%253A%252F%252Fwww.mlive.com%252F%26t...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1679606790516&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1679606790516&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQIsol_wKyyfmgAAAYcQXb2p_N2VSWxTpyGobeGD19guOYjtA8-Qxw5...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1679606790516&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQIsol_wKyyfmgAAAYcQXb2p_N2VSWxTpyGobeGD19guOYjtA8-Qxw5Y_AglDrhzCJbg0X6F
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:31 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: C23FA41BBE9644348A80B1CF9832753E Ref B: FRAEDGE1105 Ref C: 2023-03-23T21:26:31Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX3l+4xdV7oSdC7pf0fpQ==

Redirect headers

date
Thu, 23 Mar 2023 21:26:30 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: E0D690BF82294C099328813D5BD1E9AB Ref B: FRAEDGE1219 Ref C: 2023-03-23T21:26:31Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1679606790516&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQIsol_wKyyfmgAAAYcQXb2p_N2VSWxTpyGobeGD19guOYjtA8-Qxw5Y_AglDrhzCJbg0X6F
x-li-proto
http/2
content-length
0
x-li-uuid
AAX3l+4svbWgFVEKRp4FkQ==
en.json
cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/ff2abdb3-041c-409c-8bea-2a017f6e523b/ 		83 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/ff2abdb3-041c-409c-8bea-2a017f6e523b/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202302.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45e9d0c522efc100da6a426d97fabf39aa2f26a465ffb71252ce85ebdfdb575b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Mar 2023 21:26:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
oATHMyw3YSTGD1+wDmjpqg==
age
61971
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
17929
x-ms-lease-status
unlocked
last-modified
Tue, 07 Mar 2023 14:41:18 GMT
server
cloudflare
etag
0x8DB1F1A02E6B8A9
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5dba3193-a01e-0132-2ce1-5ac663000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7ac9c0c93f2e8ff4-FRA
expires
Fri, 24 Mar 2023 21:26:30 GMT
publisher:getClientId
ampcid.google.de/v1/ 		3 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Mar 2023 21:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
t
jadserve.postrelease.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.mlive.com%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.1.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-1-205.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
749df86c9232367e11728d01236bd168d0edc903fa1fd1708e0ee276a9a95f1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:31 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
1432
expires
Mon, 1 Jan 1990 12:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
43716a7ca69ad125cbe2ef6f1068e22ecb6acd089cf48d86debac53e214ecf46
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Thu, 23 Mar 2023 21:26:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sec=Home%20Page&prem=0&ptype=homepage&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=b370ad7e-bd02-4d88-a02c-085f6093bed3&pid=861f216c-a69c-4849-971f-ddac30606012&dtm=1679606790664&qnm=_matherq&visible=1&tabid=b47e6e5b-cc9d-4515-ad41-a18129a33455&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x13034&tofa=1679606791&vid=1&lvidt=1679606791&duid=9a3cd9a3080047bd&fp=2417809956&cid=ma63527&mrk=484602605&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY3OTYwNjc4Nzk1MSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIyNC41bWIiLCJoZWFwVCI6IjI3LjZtYiIsImZzdFBhaW50IjoiMTgxNSIsImZldGNoUyI6IjU5NCIsImRvbWFpblMiOiI1OTUiLCJkb21haW5FIjoiNjM0IiwiY29ublMiOiI2MzQiLCJjb25uRSI6Ijc2NCIsInNzbFMiOiI2NzMiLCJyZXF1UyI6Ijc2NSIsInJlc3BTIjoiMTU1MiIsInJlc3BFIjoiMTcxOCIsImRvbUxvYWQiOiIxNTU2IiwiZG9tSW50ZXIiOiIxNzk1IiwiZG9tTG9hZFMiOiIxOTU3IiwiZG9tTG9hZEUiOiIyMDgxIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMTAzMjgyMDgwMCIsInJlZlRpbWUiOiIxNjc5NjA2NzkwNjYzIn1dLCJ1c2VyRGF0YSI6eyJpc0xvY2FsIjoiMCJ9fQ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.216.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-216-79.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Thu, 23 Mar 2023 21:26:31 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
230823541501762
connect.facebook.net/signals/config/ 		378 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/230823541501762?v=2.9.99&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fdf95627c0ed19d0d47d3c57e441ffb87831c7f471abce0a255d53e721fc5532
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 23 Mar 2023 21:26:30 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110329
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
aYrKiSvPH+Cb53PSei3rGd6/7kI2cEwnn37RjFquRBj6D2Wsvpx1Ok1JjH6ZWsnCtTTkdqGsClp/NRunxwWRXw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
p1.parsely.com/plogger/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1679606790685&plid=43641549&idsite=mlive.com&url=https%3A%2F%2Fwww.mlive.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.mlive.com%2F&sref=&sts=1679606790680&slts=0&title=Michigan+Local+News%2C+Breaking+News%2C+Sports+%26amp%3B+Weather&date=Thu+Mar+23+2023+21%3A26%3A30+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=5847263&u=pid%3Dbf956692093fd8d7360e13f3b6f0e0ca
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.163.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-27-163-48.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 21:26:31 GMT
Cache-Control
no-cache
Last-Modified
Thursday, 23-Mar-2023 21:26:31 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/advancelocal/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.130.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.mlive.com
date
Thu, 23 Mar 2023 21:26:31 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.130.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.mlive.com
access-control-max-age
600
content-length
0
date
Thu, 23 Mar 2023 21:26:30 GMT
server
nginx
otFlat.json
cdn.cookielaw.org/scripttemplates/202302.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202302.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202302.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Mar 2023 21:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
JiPvkoWr8q46ry2my9HtEQ==
age
60388
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3020
x-ms-lease-status
unlocked
last-modified
Fri, 10 Mar 2023 03:55:05 GMT
server
cloudflare
etag
0x8DB211B3B953477
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
b9711e16-901e-009f-2be1-5aa05c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7ac9c0cc1a978ff4-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202302.1.0/assets/ 		62 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202302.1.0/assets/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202302.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cef181b89850405f733232c050e35b633a648eacee98005f2663b481ac3b0db4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Mar 2023 21:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
V5/ea3CdVX7pMOqnWq49VA==
age
61444
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
14749
x-ms-lease-status
unlocked
last-modified
Fri, 10 Mar 2023 03:55:05 GMT
server
cloudflare
etag
0x8DB211B3BF12A5F
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
eea27a51-f01e-0165-71e1-5a2fee000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7ac9c0cc1a9a8ff4-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202302.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202302.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202302.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Mar 2023 21:26:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
XcxlleAcPGO2n5kTZrHH2Q==
age
55221
x-ms-lease-status
unlocked
last-modified
Fri, 10 Mar 2023 03:55:17 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
d1a63104-101e-008e-0ce1-5a9747000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7ac9c0cc1a9b8ff4-FRA
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=120978121945017&ev=PageView&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1679606791042&sw=1600&sh=1200&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679606791042.1249001893&it=1679606790479&coo=false&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 23 Mar 2023 21:26:31 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230823541501762&ev=PageView&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1679606791043&sw=1600&sh=1200&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679606791042.1249001893&it=1679606790479&coo=false&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 23 Mar 2023 21:26:31 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=120978121945017&ev=ViewContent&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1679606791044&cd[article_content_tier]=free&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=undefined&cd[content_type]=homepage&cd[content_category]=Home%20Page&cd[content_name]=undefined&sw=1600&sh=1200&v=2.9.99&r=stable&ec=1&o=30&fbp=fb.1.1679606791042.1249001893&it=1679606790479&coo=false&tm=1&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 23 Mar 2023 21:26:31 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230823541501762&ev=ViewContent&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1679606791044&cd[article_content_tier]=free&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=undefined&cd[content_type]=homepage&cd[content_category]=Home%20Page&cd[content_name]=undefined&sw=1600&sh=1200&v=2.9.99&r=stable&ec=1&o=30&fbp=fb.1.1679606791042.1249001893&it=1679606790479&coo=false&tm=1&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 23 Mar 2023 21:26:31 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
392.json
id5-sync.com/g/v2/ 		216 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/392.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
efbd824834036a6f449bd5b5888cd9b1a9e320a4f2eade558ae5ed9f3e1c8fa0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Thu, 23 Mar 2023 21:26:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
collect
www.google-analytics.com/j/ 		4 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1571381025&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAQCACgFK~&jid=66552046&gjid=308373598&cid=1032820800.1679606790&tid=UA-16643585-16&_gid=923251378.1679606791&_r=1&_slc=1&gtm=45He33m0n81TLXFLCR&cd1=undefined&cd2=undefined&cd3=undefined&cd6=undefined&cd11=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd46=homepage-beta&cd47=desktop&cd50=GA%20pageview%20-%20template%20-%20All%20Pages&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=undefined&cd62=undefined&cd63=undefined&cd66=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-b&cd61=1032820800.1679606790&z=976968249
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
3723
idx.liadm.com/idex/prebid/ 		50 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/3723?duid=94c49eadf2ac--01gw85ve42v4y2ezdf61fttkgz&resolve=nonId
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.156.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-156-48.compute-1.amazonaws.com
Software
/
Resource Hash
fa3e05a276a366bf4c0e6cb89cb380300c161a5aef6cee533f4eb2f0d20de912
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Mar 2023 21:26:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
3
content-type
application/json
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
trace-id
92e730fc76f66243
content-length
50
expires
Fri, 24 Mar 2023 21:26:31 GMT
FormLogo.jpg
cdn.cookielaw.org/logos/57316691-7a35-4427-b868-f6c059de9bc0/9db7a06a-4f0a-4b5b-8abb-9f3aac23afb7/f8bc963b-b2e8-45f7-80d3-988cede5f448/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/57316691-7a35-4427-b868-f6c059de9bc0/9db7a06a-4f0a-4b5b-8abb-9f3aac23afb7/f8bc963b-b2e8-45f7-80d3-988cede5f448/FormLogo.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abb22177c1f36f82f451ba3b46fd96e4bc0f5b5ad510b15b4d5ec37fc1e9b7f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Mar 2023 21:26:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
/VgjLzERih8MeSo4vme4Lw==
age
60581
content-length
90639
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Tue, 15 Dec 2020 19:27:11 GMT
server
cloudflare
etag
0x8D8A12F6B751639
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
841a5cd9-f01e-008f-45e1-5a96ba000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7ac9c0ccaefc37e8-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Mar 2023 21:26:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
62275
x-ms-lease-status
unlocked
last-modified
Thu, 23 Mar 2023 02:37:02 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
31d99558-501e-0127-123d-5d04fa000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7ac9c0ccaefe37e8-FRA
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=8789008&ntv_pl=773533
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.1.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-1-205.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:31 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=4637db35-158c-48b2-8dff-8be27882751b&ntv_fl=MMTdWyeJBcdLcDTtFfyiRBPe8Vq-ba7jHN1vT59Rb8CDsmz0DgKVSKUn13PM5yVKcJersDM7UqqAkY4HqERvc92C2vDP9KCsf_0WkuBTSiiiwSFprpbf6LtBx5Vh9Zscurd6JC-tJp_ZVzWmCD24zT46Av1lQwQNN4bB35c5yat3AiOv90J4ph53_FDf6eFe&ntv_ht=B8QcZAA&ntv_at=303,302&ntv_a=AAAAAAAAAAnc0LA&ord=1679606791132&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.1.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-1-205.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:31 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=b46c6ab8-5e83-47f4-9d11-3a2a007a0457&ntv_fl=wklKktgzCnjHRw7QsGHOxzNhXSYYdxQ6qfiLggX0SK7HV5UnHb3FttoQ1TUkpjfnnCBmKKS8Yalx_olQntbgAxoTCA2JNl46a9CYqSjQdy30Li2PfGaRM-h6AVwwDfVGviHln1dYz7dUwB_sWtHeKrcUuUR5wBbWscUnElQrpnFA9IX2m_ji7_b-r1rv5PIO&ntv_ht=B8QcZAA&ntv_at=303&ntv_a=AAAAAAAAAAUr0QA&ord=1679606791135&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.1.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-1-205.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:31 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=670ef7af-49a8-4611-81f4-e52dd8b32165&ntv_fl=No53AUp_qTJmWJYNLYz3zDH7Dla8D2Bigrcdt2SscM3CpoPlbX4AtwcbgDnVvargK7knCKlTVy2QM0AkhF1kFv4GJ1cUnrGLJ3GE7UlI_Pg3LmDOrb4nDSmzHtzTHC8zVNegJs2n5Fc57Y5cqMyR9hS92hYot648EdDsJGQsKUAMTcjcXVIH7QMEi5JcXAEF&ntv_ht=B8QcZAA&ntv_at=303&ntv_a=AAAAAAAAAAU70QA&ord=1679606791135&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.1.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-1-205.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:31 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=1e50e7e0-6db7-4904-b910-6f366478cbd6&ntv_fl=miNEdYZhkQ016qn5OkGErteWbVfee99L6iQoR7ftguQ5IuBoVvenFFAWxf-JwP8pw2d6o2iw1joZo1F3L6X7h8FLxkMoqltPj_aw_1EVZfL4s-X5O3vY4S2byuV0jTOX0FKO-aT2QJ8pAjo3ppzAk9LUuzEaWNjw8vwjtwfx7vt2pVBjXCI5E1V25jXxqX07&ntv_ht=B8QcZAA&ntv_at=303&ntv_a=AAAAAAAAAAVL0QA&ord=1679606791136&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.1.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-1-205.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:31 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=1097042&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.1.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-1-205.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:31 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-16643585-16&cid=1032820800.1679606790&jid=66552046&gjid=308373598&_gid=923251378.1679606791&_u=aADAAEAAAAQCACgFK~&z=1217454001
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 23 Mar 2023 21:26:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		897 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=441607153687539&correlator=2542856336687056&eid=44785728&output=ldjh&gdfp_req=1&vrg=2023032001&ptt=17&impl=fifs&us_privacy=1---&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=320x50&fluid=height&ifi=2&adks=767953642&didk=2972002619&sfv=1-0-40&fsbs=1&prev_scp=rg_adslot%3DInFeed_Native_C%26rg_atf%3Dfalse%26rg_iab%3Dfalse%26rg_grid%3D1%26rg_counter%3D1%26rg_gpid%3DMI-desktop-InFeed_Native_C%26rg_pagetype%3Dhomepage%26rg_product%3Diabfalse&eri=1&cust_params=rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop%26ccaud%3D&sc=1&cookie=ID%3D4bf440775cab0399%3AT%3D1679606790%3AS%3DALNI_MaNXfNjyx-5_qcy23MsaV-w4KXzrQ&gpic=UID%3D00000bcb205f7c03%3AT%3D1679606790%3ART%3D1679606790%3AS%3DALNI_MYHsXa3Vb99zhx8oBQPorR1BD_Kcg&abxe=1&dt=1679606791155&lmt=1679606789&dlt=1679606789507&idt=808&adxs=517&adys=1269&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.mlive.com%2F&frm=20&vis=1&psz=566x24&msz=566x24&fws=0&ohw=0&psts=AD37Y7uz8T0XjPxIYx7gBlMU_3u7&ga_vid=1032820800.1679606790&ga_sid=1679606790&ga_hid=1571381025&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1cc0cb16bb2de07e18f414cadc480e5d9552b809ddf0c4d56cf84c9e5f385c98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
373
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
baker
ead.mlive.com/ 		19 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ead.mlive.com/baker?dtstmp=1679606791159
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.80.245.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-245-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Expires
Thu, 23 Mar 2023 21:26:31 GMT
Pragma
no-cache
Date
Thu, 23 Mar 2023 21:26:31 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
19
Content-Type
image/gif
389
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		170 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/389?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-03-23T21%3A26%3A31%2B00%3A00&ts=1679606791161
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
168e309ef094c69a2b5ba06b46574668bc7469c340303daccc1ee5772011ef9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Mar 2023 21:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
31426
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
lKcStipwJRGDstaECQtHGBYaLAcB00YG2KaxWRb7WMi17Tge2B2WEg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
c1c906d9163532a7136b6b5dfcd50b4c
h312.mlive.com/plugin/plugin/ 		137 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/plugin/plugin/c1c906d9163532a7136b6b5dfcd50b4c
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
6ff75a6aff02372d9bb7b274357cd9786444781204d3c52a46a2049b6fb3957b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 08:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
age
134538
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
37302
x-xss-protection
1; mode=block
last-modified
Tue, 21 Mar 2023 08:04:13 GMT
server
-
etag
c1c906d9163532a7136b6b5dfcd50b4c
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
-hCt37dIvPZQKzinpFC8quazAe-tg7aiK0xrRcKQFpd8_wFrXmUIyw==
expires
Thu, 21 Mar 2024 08:04:13 GMT
LB-Zone-1
h312.mlive.com/DG/DEFAULT/rest/rpc/389/ 		354 B
1015 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/389/LB-Zone-1?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=12f98449-2e30-419e-8199-1f2d67bc687f&overruleReferrer=&time=2023-03-23T21%3A26%3A31%2B00%3A00&ts=1679606791356
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
fc9cccf45889051164d8e23c559c6da87d314ef6b030e9ef8e72589ce88b8678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Mar 2023 21:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
232
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
Yr1DeKwmRErKu-qUJt9NIrUqYjjGGhCaZoma2to5uKAeNk5wVQ2C4A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
4c00fcdcbc6c455ae00401b201cc63ff
h312.mlive.com/plugin/library/ 		323 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/plugin/library/4c00fcdcbc6c455ae00401b201cc63ff
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
d0f885f308112744715869ebba25cbaef30b8196d652a761a3ca02862b7869da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 08:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
age
134538
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
102680
x-xss-protection
1; mode=block
last-modified
Tue, 21 Mar 2023 08:04:13 GMT
server
-
etag
4c00fcdcbc6c455ae00401b201cc63ff
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
eRVTtBG9CgqdiAscbgQTlm1F6-x9mMR-v4sSBoMf_tUJT6UsmQCYbQ==
expires
Thu, 21 Mar 2024 08:04:13 GMT
LB-Zone-1
h312.mlive.com/DG/DEFAULT/rest/rpc/389/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/389/LB-Zone-1?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=12f98449-2e30-419e-8199-1f2d67bc687f&overruleReferrer=&time=2023-03-23T21%3A26%3A31%2B00%3A00&ts=1679606791421
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
c9b8c6511c46e0b1b7e69ccbb49a84ff701c058a4c5717809fcf84e115c2ae72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Mar 2023 21:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
1290
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
ERvZ5kX5Nn0JsHB7zm0QMto0-4c1MgcJIy3LqpZCMtzEHQ6OvYN5yQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
WGJPDI2JNJF7ZPTJF3FBYU44UQ.jpg
www.mlive.com/resizer/Q7tl5jchjHIJoKNEZHoPP9FiPPM=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/Q7tl5jchjHIJoKNEZHoPP9FiPPM=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/WGJPDI2JNJF7ZPTJF3FBYU44UQ.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6ae3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
ea96e511888d57391156f6ab36eb958918829fc36d8c42dcd0c0d04f2d900f3b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Thu, 23 Mar 2023 21:26:31 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 15 Mar 2023 13:14:47 GMT
server
Akamai Image Manager
etag
"e9817322bc6f148fd0b261446d91007af97a924f"
x-arc-request-id
0.df6a1002.1679606791.11ca111
content-type
image/avif
cache-control
private, no-transform, max-age=30815421
server-timing
cdn-cache; desc=HIT, edge; dur=90, ak_p; desc="466557_34630367_18653457_8987_8144_38_0";dur=1
content-length
28663
expires
Thu, 14 Mar 2024 13:16:52 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		55 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=441607153687539&correlator=2542856336687056&eid=44785728&output=ldjh&gdfp_req=1&vrg=2023032001&ptt=17&impl=fifs&us_privacy=1---&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3&prev_iu_szs=300x250%2C300x250%2C300x250&ifi=3&adks=1117919376%2C1117919391%2C3501067380&didk=2832267644~2832267645~3933728591&sfv=1-0-40&fsbs=1%2C1%2C1&prev_scp=rg_adslot%3DInFeed_Right%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3DMI-desktop-InFeed_Right%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3DMI-desktop-InFeed_Right-2%7Crg_adslot%3DInFeed_Left%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Left%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3DMI-desktop-InFeed_Left%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Left%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3DMI-desktop-InFeed_Left-2%7Crg_adslot%3DInFeed_Right%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D2%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3DMI-desktop-InFeed_Right%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3DMI-desktop-InFeed_Right-2&eri=1&cust_params=rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop%26ccaud%3D&sc=1&cookie=ID%3D4bf440775cab0399%3AT%3D1679606790%3AS%3DALNI_MaNXfNjyx-5_qcy23MsaV-w4KXzrQ&gpic=UID%3D00000bcb205f7c03%3AT%3D1679606790%3ART%3D1679606790%3AS%3DALNI_MYHsXa3Vb99zhx8oBQPorR1BD_Kcg&abxe=1&dt=1679606791506&lmt=1679606789&dlt=1679606789507&idt=808&adxs=1135%2C165%2C1135&adys=155%2C867%2C975&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.mlive.com%2F&frm=20&vis=1&psz=300x24%7C300x274%7C300x24&msz=300x24%7C300x274%7C300x24&fws=0%2C512%2C512&ohw=0%2C0%2C0&psts=AD37Y7uz8T0XjPxIYx7gBlMU_3u7%2CAD37Y7uz8T0XjPxIYx7gBlMU_3u7&ga_vid=1032820800.1679606790&ga_sid=1679606790&ga_hid=1571381025&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a059e4d308c414840b11c5b327a73c1a6c815f31726a4a2876a79678b6d1b2dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18564
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
advancelocal.blueconic.net/DG/DEFAULT/ 		66 B
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://advancelocal.blueconic.net/DG/DEFAULT/cs?bcsessionid=12f98449-2e30-419e-8199-1f2d67bc687f&&callback=bc_json391
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.113.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-113-20.compute-1.amazonaws.com
Software
- /
Resource Hash
fe97df13771d77f604147fa44522de825dca7ad457c852e26992313adf009743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=120978121945017&ev=Microdata&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1679606791545&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22og%3Adescription%22%3A%22Get%20the%20latest%20Michigan%20Local%20News%2C%20Sports%20News%20%26amp%3B%20US%20breaking%20News.%20View%20daily%20MI%20weather%20updates%2C%20watch%20videos%20and%20photos%2C%20join%20the%20discussion%20in%20forums.%20Find%20more%20news%20articles%20and%20stories%20online%20at%20MLive.com%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fmedia.mlive.com%2Fstatic%2Fmlive%2Fstatic%2Fimg%2Flogos%2Flogo_fb.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22og%3Asite_name%22%3A%22mlive%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22headline%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22url%22%3A%22https%3A%2F%2Fwww.mlive.com%22%7D%5D&sw=1600&sh=1200&v=2.9.99&r=stable&ec=2&o=30&fbp=fb.1.1679606791042.1249001893&it=1679606790479&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 23 Mar 2023 21:26:31 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230823541501762&ev=Microdata&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1679606791547&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22og%3Adescription%22%3A%22Get%20the%20latest%20Michigan%20Local%20News%2C%20Sports%20News%20%26amp%3B%20US%20breaking%20News.%20View%20daily%20MI%20weather%20updates%2C%20watch%20videos%20and%20photos%2C%20join%20the%20discussion%20in%20forums.%20Find%20more%20news%20articles%20and%20stories%20online%20at%20MLive.com%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fmedia.mlive.com%2Fstatic%2Fmlive%2Fstatic%2Fimg%2Flogos%2Flogo_fb.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22og%3Asite_name%22%3A%22mlive%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22headline%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22url%22%3A%22https%3A%2F%2Fwww.mlive.com%22%7D%5D&sw=1600&sh=1200&v=2.9.99&r=stable&ec=2&o=30&fbp=fb.1.1679606791042.1249001893&it=1679606790479&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 23 Mar 2023 21:26:31 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
389
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/389?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=12f98449-2e30-419e-8199-1f2d67bc687f&bctempid=&overruleReferrer=&time=2023-03-23T21%3A26%3A31%2B00%3A00&ts=1679606791780
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
c8b29923a00eb3b3d75fd7f2bf1788bfb0ab6bc8b8512d3faffa9a17ff00d13f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
3118
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
F41vwzL14llh_NzRz2r_rjKCBXidlGk1ejqWsQK9To76xz3MURrFCA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
predict
h312.mlive.com/rest/custom/frontend/listener_realtime_model/ 		2 B
901 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/rest/custom/frontend/listener_realtime_model/predict?itemId=93193c90-1299-460a-add2-602384af02fc&profileId=12f98449-2e30-419e-8199-1f2d67bc687f
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/plugin/plugin/c1c906d9163532a7136b6b5dfcd50b4c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
via
1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
2
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, no-cache="Set-Cookie"
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
gjjqDQQA5jGvBpPFv8_qK1x8R9A8CaRnW0mDaV3d-rYSnah5407svg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
389
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		365 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/389?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=12f98449-2e30-419e-8199-1f2d67bc687f&bctempid=&overruleReferrer=&time=2023-03-23T21%3A26%3A31%2B00%3A00&ts=1679606791821
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
acb2ad96340e34e4bf02099959ab5b22446c1c6c60da33d2c6d42ebe25bdec7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
174
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
lq8rMr5QuM2rmwqMF4q-5cKrSY7cQ7wQFc5y2ap1OWGJTkAE_7Z2jg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
389
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		183 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/389?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=12f98449-2e30-419e-8199-1f2d67bc687f&bctempid=&overruleReferrer=&time=2023-03-23T21%3A26%3A31%2B00%3A00&ts=1679606791822
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
2416146ee0b133dc44e1e05ed64fbfa69c3b63d4feae65deb7f3aec7edb6c6c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Mar 2023 21:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
164
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
unHjcCD1aAOBDijCp8HL9b5VyqZ61fIwghj0OiRxh3bgbmuFQY_1yw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1571381025&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Blueconic&ea=segments&_u=aDDAAEABAAQCACgFK~&jid=&gjid=&cid=1032820800.1679606790&tid=UA-16643585-16&_gid=923251378.1679606791&gtm=45He33m0n81TLXFLCR&cd1=undefined&cd2=1---&cd3=undefined&cd6=undefined&cd11=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd46=homepage-beta&cd47=desktop&cd50=Blueconic%20-%20event%20call&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=undefined&cd62=undefined&cd63=undefined&cd64=undefined&cd66=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-b&cd61=1032820800.1679606790&cd76=a0002%2Ca0022&cd77=undefined&cd78=undefined&cd79=undefined&cd80=undefined&cd85=undefined&cd89=undefined&cd96=1&cm1=undefined&cm2=undefined&cm3=undefined&cm4=undefined&z=1304054924
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
12080
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
389
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		183 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/389?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=12f98449-2e30-419e-8199-1f2d67bc687f&bctempid=&overruleReferrer=&time=2023-03-23T21%3A26%3A31%2B00%3A00&ts=1679606791826
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
359bc3f28b13c875e56cc7ebe5bc1a8b7fdf5128ce11b2449b460a3f5f699d3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
164
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
sWvGUoio4uSUBzQiSS8vobCrUxG8zIZvQC2g1hp0HPpH7jV4x19e4g==
expires
Thu, 01 Jan 1970 00:00:00 GMT
389
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/389?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=12f98449-2e30-419e-8199-1f2d67bc687f&bctempid=&overruleReferrer=&time=2023-03-23T21%3A26%3A31%2B00%3A00&ts=1679606791829
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
c9a6e78adcddb5ebe05def62728b5f7fc8a77ddd504597b9d5da4fb4d673db01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
4047
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
zbYmCkmRtr3xAAXasJEFwlAJIu2bIILC97rS2q72X0wt8iThO2ynLQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ADVANCEDDIGITAL_HEADER1&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&t=1679606790430&de=577031951178&rx=919770832903&m=0&ar=03b6d3f0bdc-clean&iw=21030cf&q=1&cb=0&cu=1679606790430&ll=2&lm=0&ln=0&em=0&en=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=advanceddigitalheader640552616592&fd=1&it=500&ti=0&ih=2&pe=1%3A1815%3A1815%3A0%3A1795&fs=202622&na=155314988&cs=0
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 23 Mar 2023 21:26:32 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023032001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2273560226fe8ce919b37419c826ecd45e4272729450f6d6f7d8577423307074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11243
x-xss-protection
0
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-9.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 22:50:07 GMT
content-encoding
gzip
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 22:36:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
81386
etag
W/"4fd6c99ca40fed5d11cbd9e1b76a92f1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
IXLbAfaxQOP3ZjPjHU-9Aaq1gsgR3so6fDykc4JqTr_Z3b5rol7_sQ==
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-9c21"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Mar 2023 21:26:32 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:3800:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 05:18:44 GMT
Via
1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Jan 2023 04:07:36 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
58069
x-amz-server-side-encryption
AES256
ETag
"aded621b17723f487b3c9d0e43cf2f94"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1859
X-Amz-Cf-Id
hEHf1H4X-kck3dbQzB3lEOYkgfZ-DOCJ_SExaaZ9TRUn5tKd1n8cRQ==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 08:31:33 GMT
content-encoding
gzip
age
737699
x-guploader-uploadid
ADPycdvujfU_oLUmNVqI4f5BZnpSVte8PDLotLNZgvFd0cC54eAGvZm9f8-b4dRZmf4BnqGEW6yytSvFJRHHxFr_uK-ecw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 14 Mar 2024 08:31:33 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b1546ae8f493de03b1ca99f9f955a20785679be18625354b363f2f8311f421b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 13 Feb 2023 11:21:55 GMT
server
cloudflare
x-amz-request-id
6MMRD07QTTVY5WE3
age
2640
etag
W/"b988c8d91b8a22dcd50f129d3a9d67f1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7ac9c0d25cc4904e-FRA
x-amz-id-2
2raq5Jnx6oAX0Ycps1Kzff9dKV6lHrZYj85JjHi2+p+G7SpeSO3d8BOABFEkDiqsZaTPahc5GGY=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
11150
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2FVjFo%2FhFnBK4tGNr%2BWr2z4lN1%2Fv9QljMAo8%2BfYzLIZ7GHxezFmY8vJGClViMsHvOkn79UwUWhnOfty1yiccYrcq59H%2B2BYrpbTwEOSBKB196kn68CD3oj7Pz1zqdhGidK64UNBLQ0W5csFWTyA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7ac9c0d2e8ce9a0f-FRA
container.html
aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FDB4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Mar 2023 21:26:30 GMT
expires
Fri, 22 Mar 2024 21:26:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A226 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Mar 2023 21:26:30 GMT
expires
Fri, 22 Mar 2024 21:26:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BBE5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Mar 2023 21:26:30 GMT
expires
Fri, 22 Mar 2024 21:26:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
up
insight.adsrvr.org/track/ Frame E7B9 		0
182 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=4pdxx2d&ref=https%3A%2F%2Fwww.mlive.com%2F&upid=p5qqvcp&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html
date
Thu, 23 Mar 2023 21:26:32 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fwww.mlive.com%2F-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-eqtQdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-OA2rgEk%2F0rYACQ%3D%3D&sc=1&os=1-Sw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1679606790430&de=577031951178&rx=919770832903&cu=1679606790430&m=1584&ar=03b6d3f0bdc-clean&iw=21030cf&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=12712&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1815%3A1815%3A0%3A1795&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=202622&na=1391004708&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 23 Mar 2023 21:26:32 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.53.40.23 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-53-40-23.us-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
05343af99be70bd38aad68d60a0929d3c6dd852a5bb7816518191b8fd94e764d

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.41.23.69
access-control-allow-credentials
true
content-length
60
expires
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame FF52 		624 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYv-_X4AEwAQ&v=APEucNW1c_hADCoxUMKHbGzrilxtQAOEbKMj-Nc7d-GscU5ersgKFsZXQKf6QLJvBlD7s43utP1hGua0jXKDLIXVwXuuVsIn4_dUwzBB5YhFyXGklAQg92_9ktwGr8AZ-lxmKYzZanVKLAgY9nGrd_vkB2HLwZTauvTtVJzr39hDPTeeaCYXaYD8cVaXJ-BGK5EdnCbobVNB
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Mar 2023 21:26:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame FDB4 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 23 Mar 2023 21:26:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FDB4 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BTMOs6xYgX8zEaI7r5qV-yBUlTLgvq8T8k2qzsSrpHTGzSzn81oJcKKZgeH60mv-NRZh6XdSjp33kO3Evpf550UfNLy1ucM2Qn5hx_iuZAswqK5UM
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FDB4 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2791917347063484715&x=1&ct=76
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame FDB4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
18493
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Apr 2023 16:18:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame FDB4 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:18:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
18490
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8627
x-xss-protection
0
server
cafe
etag
8620137988422272387
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Apr 2023 16:18:22 GMT
l
www.google.com/ads/measurement/ Frame FDB4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTE6ub_3MNavo_4Kg0aUvgEy8WmUOofC4vrZo0ZOZBAEjstWjy_sPYEk91aA34xOieWPVXsyXRRwCMH3tL67XWT8RAulQ
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FDB4 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49540
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1679312138029146"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Mar 2023 21:26:32 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2319 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYv-_X4AEwAQ&v=APEucNXYWwoXYazFL1wMCCRFNsU-oeyFd_bEEM3q53-pcyfEtMRgPgZaDSoHnazo46tjEyHePn9OLtDpsX5-Gjs_qJD3UsTIokgWPd_nkOvqQ-CWq3KTzkV9BkdQLbE8S6P42GgjBnfYOITdaEuQM0Uc993KIiHK2Io5x_QnzgIOY_0EhYwMhKJa5yzWA3wDZaBETZWs92fk
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Mar 2023 21:26:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame A226 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 23 Mar 2023 21:26:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A226 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ai1oTBH8hPrFTF9yOEJzmS-5Ep7D4nRTJuhFKKbcyJ0iK6iTZm04vdct3yNTTq3pr4H8SJbQytwuQruxp8s1DhRPOFR80Ik6UAXl00gDoxNxbAD1g
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A226 		0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2379159191226820285&x=1&ct=76
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame A226 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
18493
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Apr 2023 16:18:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame A226 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:18:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
18490
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8627
x-xss-protection
0
server
cafe
etag
8620137988422272387
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Apr 2023 16:18:22 GMT
l
www.google.com/ads/measurement/ Frame A226 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR8NEqTQlQuTBOICx_n1ZC0zVYs7DF1YKu9Lmmm2aVFgxqimgSFgTWarxHYneAhS9QwnT9EiBv82HkLlxfOTlme0vPQfQ
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A226 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49540
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1679312138029146"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Mar 2023 21:26:32 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 195B 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYv-_X4AEwAQ&v=APEucNX_QyF6sKjkIhY3wCDuLbw5FQsgAitMwSx4hxeb6ugnwvV3pNI7bTtrdxCTVmxSxnPlp4IO9-uhBD01DB01trYuzizooWJXmd6_UpNarEFDyIGhR059x4KhkUiQfj97CD-SJpwxLcmhuHMkg6EFp33WIz5UAW5YV4p-H-52nicCc0vxVazQTO-1aM4fDtsjVXu5GIp3
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Mar 2023 21:26:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame BBE5 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 23 Mar 2023 21:26:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BBE5 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CqxzOBiGB0unS5Vnrq3YgO3qEH_h6r_YMLDuDEU_wYV8xad7aAuViUmXmX01hVOfWLaoVFJH97vPwSOzP2xE_EACgWw__slwzZykKRhndCO3AW_Vw
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BBE5 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7542582017219055215&x=1&ct=76
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame BBE5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:18:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
18493
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Apr 2023 16:18:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame BBE5 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:18:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
18490
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8627
x-xss-protection
0
server
cafe
etag
8620137988422272387
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Apr 2023 16:18:22 GMT
l
www.google.com/ads/measurement/ Frame BBE5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTVQxGharZjlarytl84qRElh8uHCmuQglyOnjr27FTEZ2oEuzY0rjk4zloKl_cKzOiBhue1fBS0gRxqr7EGKqquRNwew
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BBE5 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49540
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1679312138029146"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Mar 2023 21:26:32 GMT
increment
id5-sync.com/api/esp/ 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Thu, 23 Mar 2023 21:26:31 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
389
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/389?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=12f98449-2e30-419e-8199-1f2d67bc687f&bctempid=&overruleReferrer=&time=2023-03-23T21%3A26%3A32%2B00%3A00&ts=1679606792123
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
aafe5b3dd18b11e962029b4f93aeba5fa9c79013a64ae29439244f53f4d37b42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
4050
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
c9jIPhY0gEmJTgwX9EIKugwmnURwENzvUuR-gVrp7NJPEGlVxQLvEw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
0377e3d68123c4d3d393bbab4aac58a8d270fd1f7b973f78dd4782153dbfd0f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-YqbjqdoHqM8jfopWVAXMWFUlh/k"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Thu, 23 Mar 2023 21:26:32 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.mlive.com
location
/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
getuserdbdata
app.matheranalytics.com/u/ 		54 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.matheranalytics.com/u/getuserdbdata
Requested by
Host: js.matheranalytics.com
URL: https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1620
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.255.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.255.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44026785039df91c14b8c331292992e1fd71a23acdd5cb09c40d12d1c8e8aaac

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 23 Mar 2023 21:26:32 GMT
via
1.1 google
content-type
text/plain
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
0-gc-use1-7pfz0113
execute
c2.piano.io/xbuilder/experience/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=8Gu2Z8RCvZ
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15b8bcc80464964eaf9d3149aecd344158c57bf22aac2e637de4e0a698879d40
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
ydu0zxzl1w
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
7ac9c0d3f8ca92ba-FRA
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Mar 2023 21:26:34 GMT
syncframe
gum.criteo.com/ Frame D3A8 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.mlive.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Mar 2023 21:26:31 GMT
server
Kestrel
server-processing-duration-in-ticks
719129
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
rum
dsum-sec.casalemedia.com/ Frame FF52
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1&C=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYv-_X4AEwAQ&v=APEucNW1c_hADCoxUMKHbGzrilxtQAOEbKMj-Nc7d-GscU5ersgKFsZXQKf6QLJvBlD7s43utP1hGua0jXKDLIXVwXuuVsIn4_dUwzBB5YhFyXGklAQg92_9ktwGr8AZ-lxmKYzZanVKLAgY9nGrd_vkB2HLwZTauvTtVJzr39hDPTeeaCYXaYD8cVaXJ-BGK5EdnCbobVNB
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 21:26:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 21:26:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame FF52
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZBzECOjops6SJwUPtNnhjwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYv-_X4AEwAQ&v=APEucNW1c_hADCoxUMKHbGzrilxtQAOEbKMj-Nc7d-GscU5ersgKFsZXQKf6QLJvBlD7s43utP1hGua0jXKDLIXVwXuuVsIn4_dUwzBB5YhFyXGklAQg92_9ktwGr8AZ-lxmKYzZanVKLAgY9nGrd_vkB2HLwZTauvTtVJzr39hDPTeeaCYXaYD8cVaXJ-BGK5EdnCbobVNB
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 21:26:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame FF52
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEptq9vXuYxPXEP7xIjFG5Q&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEEptq9vXuYxPXEP7xIjFG5Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYv-_X4AEwAQ&v=APEucNW1c_hADCoxUMKHbGzrilxtQAOEbKMj-Nc7d-GscU5ersgKFsZXQKf6QLJvBlD7s43utP1hGua0jXKDLIXVwXuuVsIn4_dUwzBB5YhFyXGklAQg92_9ktwGr8AZ-lxmKYzZanVKLAgY9nGrd_vkB2HLwZTauvTtVJzr39hDPTeeaCYXaYD8cVaXJ-BGK5EdnCbobVNB
Protocol
HTTP/1.1
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 21:26:32 GMT
AN-X-Request-Uuid
05c23374-5403-402b-84ae-feef29f72427
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.100; 80.255.7.100; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEEptq9vXuYxPXEP7xIjFG5Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FF52
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIwMzA0MzI5ODE4Mzk2NDI3NQ%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIwMzA0MzI5ODE4Mzk2NDI3NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYv-_X4AEwAQ&v=APEucNW1c_hADCoxUMKHbGzrilxtQAOEbKMj-Nc7d-GscU5ersgKFsZXQKf6QLJvBlD7s43utP1hGua0jXKDLIXVwXuuVsIn4_dUwzBB5YhFyXGklAQg92_9ktwGr8AZ-lxmKYzZanVKLAgY9nGrd_vkB2HLwZTauvTtVJzr39hDPTeeaCYXaYD8cVaXJ-BGK5EdnCbobVNB
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 23 Mar 2023 21:26:32 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.100; 80.255.7.100; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
78838776-5bfb-4186-8bed-ce9cb156488c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIwMzA0MzI5ODE4Mzk2NDI3NQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 195B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1&C=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYv-_X4AEwAQ&v=APEucNX_QyF6sKjkIhY3wCDuLbw5FQsgAitMwSx4hxeb6ugnwvV3pNI7bTtrdxCTVmxSxnPlp4IO9-uhBD01DB01trYuzizooWJXmd6_UpNarEFDyIGhR059x4KhkUiQfj97CD-SJpwxLcmhuHMkg6EFp33WIz5UAW5YV4p-H-52nicCc0vxVazQTO-1aM4fDtsjVXu5GIp3
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 21:26:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 21:26:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 195B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZBzECEH7BZJjAiMied.4YAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYv-_X4AEwAQ&v=APEucNX_QyF6sKjkIhY3wCDuLbw5FQsgAitMwSx4hxeb6ugnwvV3pNI7bTtrdxCTVmxSxnPlp4IO9-uhBD01DB01trYuzizooWJXmd6_UpNarEFDyIGhR059x4KhkUiQfj97CD-SJpwxLcmhuHMkg6EFp33WIz5UAW5YV4p-H-52nicCc0vxVazQTO-1aM4fDtsjVXu5GIp3
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 21:26:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 195B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEptq9vXuYxPXEP7xIjFG5Q&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEEptq9vXuYxPXEP7xIjFG5Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYv-_X4AEwAQ&v=APEucNX_QyF6sKjkIhY3wCDuLbw5FQsgAitMwSx4hxeb6ugnwvV3pNI7bTtrdxCTVmxSxnPlp4IO9-uhBD01DB01trYuzizooWJXmd6_UpNarEFDyIGhR059x4KhkUiQfj97CD-SJpwxLcmhuHMkg6EFp33WIz5UAW5YV4p-H-52nicCc0vxVazQTO-1aM4fDtsjVXu5GIp3
Protocol
HTTP/1.1
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 21:26:32 GMT
AN-X-Request-Uuid
28f69026-2062-4160-8bb5-760e8332071a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.100; 80.255.7.100; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEEptq9vXuYxPXEP7xIjFG5Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 195B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgxMTAzNDQ0OTMzNTYyNDgzMQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgxMTAzNDQ0OTMzNTYyNDgzMQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYv-_X4AEwAQ&v=APEucNX_QyF6sKjkIhY3wCDuLbw5FQsgAitMwSx4hxeb6ugnwvV3pNI7bTtrdxCTVmxSxnPlp4IO9-uhBD01DB01trYuzizooWJXmd6_UpNarEFDyIGhR059x4KhkUiQfj97CD-SJpwxLcmhuHMkg6EFp33WIz5UAW5YV4p-H-52nicCc0vxVazQTO-1aM4fDtsjVXu5GIp3
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 23 Mar 2023 21:26:32 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.100; 80.255.7.100; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8a8f9bc5-0e3d-4de2-b7c7-d7e9246c4e55
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgxMTAzNDQ0OTMzNTYyNDgzMQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2319
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1&C=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYv-_X4AEwAQ&v=APEucNXYWwoXYazFL1wMCCRFNsU-oeyFd_bEEM3q53-pcyfEtMRgPgZaDSoHnazo46tjEyHePn9OLtDpsX5-Gjs_qJD3UsTIokgWPd_nkOvqQ-CWq3KTzkV9BkdQLbE8S6P42GgjBnfYOITdaEuQM0Uc993KIiHK2Io5x_QnzgIOY_0EhYwMhKJa5yzWA3wDZaBETZWs92fk
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 21:26:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 21:26:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 2319
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZBzECEH7BZJjAiMied.4YAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYv-_X4AEwAQ&v=APEucNXYWwoXYazFL1wMCCRFNsU-oeyFd_bEEM3q53-pcyfEtMRgPgZaDSoHnazo46tjEyHePn9OLtDpsX5-Gjs_qJD3UsTIokgWPd_nkOvqQ-CWq3KTzkV9BkdQLbE8S6P42GgjBnfYOITdaEuQM0Uc993KIiHK2Io5x_QnzgIOY_0EhYwMhKJa5yzWA3wDZaBETZWs92fk
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 21:26:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICfKjBnxQ80RkC5OMB1ck0&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 2319
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEptq9vXuYxPXEP7xIjFG5Q&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEEptq9vXuYxPXEP7xIjFG5Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYv-_X4AEwAQ&v=APEucNXYWwoXYazFL1wMCCRFNsU-oeyFd_bEEM3q53-pcyfEtMRgPgZaDSoHnazo46tjEyHePn9OLtDpsX5-Gjs_qJD3UsTIokgWPd_nkOvqQ-CWq3KTzkV9BkdQLbE8S6P42GgjBnfYOITdaEuQM0Uc993KIiHK2Io5x_QnzgIOY_0EhYwMhKJa5yzWA3wDZaBETZWs92fk
Protocol
HTTP/1.1
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 21:26:32 GMT
AN-X-Request-Uuid
00297ec3-5db4-477e-ab2b-06ca693c9231
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.100; 80.255.7.100; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEEptq9vXuYxPXEP7xIjFG5Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2319
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2MzQzODQ2NjU2MTkzMzU3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2MzQzODQ2NjU2MTkzMzU3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYv-_X4AEwAQ&v=APEucNXYWwoXYazFL1wMCCRFNsU-oeyFd_bEEM3q53-pcyfEtMRgPgZaDSoHnazo46tjEyHePn9OLtDpsX5-Gjs_qJD3UsTIokgWPd_nkOvqQ-CWq3KTzkV9BkdQLbE8S6P42GgjBnfYOITdaEuQM0Uc993KIiHK2Io5x_QnzgIOY_0EhYwMhKJa5yzWA3wDZaBETZWs92fk
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 23 Mar 2023 21:26:32 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.100; 80.255.7.100; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
79a7bf84-5cdb-4876-97dc-7cb8c3a30e43
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2MzQzODQ2NjU2MTkzMzU3
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FDB4 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9981400978255&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FDB4 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9981400978255&version=m202301230201&ct=76&x=1&cor=2791917347063485000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame FDB4 		70 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUBrmgamwT59HwHCO8poEbOlv9AQ2yi2fkV287z4QVBPpsDE5KR78Ge69sooVSNcMgN1KQp7UX6SNJz7E7UqTw-QYREw&cry=1&dbm_d=AKAmf-A7FTA_sWgXObdI1n7dAjWZvYg-PRJy3YkXyb1TTaL3SNcVlBsJUCa9LYwWToPwxxV40L_OHBCfTzxNX4TdBoOXJO678xTHXA8PVgqlCGQkZYRnU2usoSFmCgTm5NiFQdtEkNFsjd6WRf7Ji0OReKkDkQrOr-ADLX6Y7T52NaNRGmoNHtoLW900pt2svMtzYcbCv1ZUx-6ZzgJLVaSrtH4RxhKMc8DSI9oeZvpqiDl19K5sEeldrevjZFvk2khhT9pWiEel3CRrkeWvGICsPJFO8EjZjfo8maLIEVpnkU06KnSYm8hx7v4U78TcIi9WSAs3U99YTdlp_JYUEo4wxRXxwz_Ed2UZMc64sLo-k6a4NN8cn1LLbyC4bwQr05djAOmLvl_ya7ciPIvodHg24q61CFqJ42_wXyvUtCAJ-YW9qw6Biii0gDz1DrwhTBDzC62jowFee5AkmKefIf3kMaSBm3FGDqfa9xIUQ1EYQnl6CyzxKKiiNFIsX6IOgab3Xjruh-rdehdNZPyEv0YLxI7oZ-CvzncB1XW4SYkp8VuhaxayAhv5k1aMUf_U4UE81bq3WVDsMQmGQYeYbGDGG-lxpFfYPwCF0gcVHn3IMtzGdDvSSoRGHErbOs2Pr39YgL6co70ljZNhNb23_fAeQ1sqhlhMuM4mFli7UhROs-zRLFnxW-ttF7UAqECYHYAniuZoBfH1d9dDT7jhTcDnW1yli_brh9QGzE03hXLALVWSXoBZr7R9kSeTnG7N0CSEJE_RvNcruyD8UmtnvpFIRSd79M7rrFnhmy0aa-h8sfWtHTFgQrm5p_qStfCqy4jZxaTIDu5PcU6YjaSg5_FNXBG3lZzA8hn63Q5pAgxtYwwLoQCjdQXCZq7x3pErtO4GcEmNcIR9wmHD_GRSg_wvm9I6qD8-ApQa_4GEghN34z6LA7TB9aXx97uv5jXrkxFPHluaSGro8wTYP_njSPAjg6520Ax4mxxVQyP2uG0D8jF9PxpM0O4bgSJV_YTbl_NNpq49EjeOK2ZfjxqddGOKBgWF1Ltx0EPeNtcukL_MMzyxmoo7AFTMyZb3jy16ZC_s6wJ14gopmpg_CEHdfQa45c6D4dXyGN_sFfxTvlwGfZrmd8_sevIuAUZsjGIClbPhLJGYtVDI4Wa6YQ8JOYhV8ZuK4Fr-Skr3gKFJc6ilXqyUAnd3ltq1SwncFsxxqi_IZOhIS5y3YsUk-SFIBo7Ardf8AQrmDigmZ_KGPycFMeAolTYdZSCkkPrQu3lzNJj-R3f29nRrwIDHfnt1PhX7RPKIheFhWfA-coWZ9xGQb5rvFdFDKU2OMyjsVRowShlTocROYyiwrbWOea6ce-PbMFGBq4JA4WNitzSRfFfIcNyMEkIPVfqcAYiIENcSGwdAKh9JS8G0Jve-JBzrlY0bx583_Ab6tRyt76ehN54ySl7jpEvI47OEFeRntJNh0YCYiimOVNWnntrWvOLZZ-elBT3NXJvDgUZRLDJjkGjVc_qq3gof-gfTTtyXBmMvGM_9h44wssT468r1qGFgS3JPd1zN3D86M61vzoRJ0IxPKmgXxEa2oOdR8zc7IrZcnxXB6wGU9pUBF6hxsGqgnMsEzWCM6Zm-zz6nZcI1MDo3OozF3-iL7_UoL7Egnipct3QCXStDHYHfE5PvxbGa_VPEMEXDNWGeeAuP25mW0m2QjGy0xYGsbmKD9aNACe7TsYFnOAmXMIqCP8eMyJg95JZ5Zf7iBSP2JoWkgSV90c0Pk_akIsm9mgkfCqrtoC6XReJW-DiDGDS9cDkGO--6vT7ZnduczKy5PxV27PbQBioOS_2eViqgw9XAFpEQlygxGpBeTL0NTcOZecPN7IoscrRorEPPH8T0ESXfHDTarEZahZWbRNcv0zUVJfUPLu1n5qfZOvblgLneV8JAOI2-gl8vmBPEfQ700_XviIjq4phyFJcF3hqXeGw0-N_rEuqoyOR5_zn3MaXEiQKR8Q0CyTBGdgq25uyyKmnnHTH5tyeRlAlJ94SmnvOGgC8SliMU4g0P-WNA6u2wKOAVXe5XUmMwY8btX1gt1LmtDfnLWJiW1tINkv2SFNffiTNhqBVd0Th3XdyfbAav7gPkqo8XfgMEepuEvlQonhkN1Kq4TbA8raEaNxZOF8P61RIVpPGhweCDnjmyDKhT2RV9jE2r62_PyL9jKjNHVXa4obZ6dAEZUXnsHFjDZut-hy0htgwDPMA07m8DztVWRgDEzo711FKqT7rT9YKPLHZuDFqBWjWkPjKmNyo0ZW4Hn8rwISkN9Iv0VKtC_5wj8UrZcUHXKV7GOvoFBDFZMxJX4bb2tC6XmY_qCnegMIvNi3LC3XG2mSiT0cwzVNOGdYv20_3bXbjM03e60emkwtqdb_z_83N3XPntu6bSUQ5mc87Kf7zrcAz8cS2wrDXCom1f_6XBAEXooNVGdtQrbe7RHh_2N6mUFL5ACL4nhs0JxOsVI7G374h2xH0G8psk8jN1tJWmcSP6_nxf5uet_X7mBj0F1h3LsuSm0NVXMwtysotc-yVuzagTrB_E8uDA8lShb3C4QtA1x__JXImDBzLt-XiNQ15tbIHrkepE0qRzmgfQx5dIeTIWfhn57PEvJuJcHtCoIJd5dsfpbpgbYWAimKKtiQBsO2vVWL2LZd1Y4p6zBbw1IgMydhVPCg_F7Fc-OBNkpb0zObwZVqXt-Va4b_eEqiLJF5UiLAMiJgD-eXzg7ups-3OlFwIqHlaq2CoOu_HdMwCLAH8oZeA8_mo-aP9MZwWZyhuvN74VpArPL8frW4UqAq263M29JjlPZl774X-RNYIcp6dcYVa4zu0vqRVWXohVmunwP226ng5TJLrUZC7b-w7coX4l218gZrETdHhDPi7wqo4rJj14WlAFNZQTObY8vVnhIqq9frYlcA0B2tU-f10L8PJF-M9IHXpfBuRyO3wuTLqYN_9Ig1rbxRTnGL52OcwVb9tUuAOGusSXE58gv3duway9SeVTqvOGzIJD3Xh72i47CeZAhdfMyKAYsmeXF0407-3UovCvHvWTizsX_wV_zDrDy71Tj0NdCcBMyfCTgLwI6evxsLhEfC3GH6XTlgsRr0qiPvFF60IlixLV83-8dDFXqjXCdgDQ1gLSFsiBpJRjZyQGiL9GWlgTCpchUpSDsDszQyoeyuk4kpTLPGBq8l8Urdqnye00DSENGchKSaFVImBFdKsNPtzzZCMLGehtQE5ki7oj8SSr6qTR0_3myJfw6xGDouStWObRM9n_yDx4pRSlg2IupQtRmkPjNBcKMxj1Ifhzmb-gxU9erQSrS1fHtGBrbOqA5f31Z_h40aLHb2waTSPrz0mXJR-5onu1sbVWbISDzSyIN4N_3uCttUMV4TIc&cid=CAQSOwDUE5ymoMMmsEFLWmlqENURtYJgMjRsFluFUfIpuIUplu9sxAJ1LY0pWMXvZvZbt5cNkI2EDlCdx989GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=2791917347063485000&adk=1964084972&idt=213&cac=0&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c4a7324891b1cbcca96082bf15df8207c376432b881b2fd66e55b7dad91dc35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34415
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame D3A8
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=mlive.com&sn=ChromeSyncframe&so=0&topUrl=www.mlive.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=QLv3rnx4T2FrZEgraERSY2F1YVhVQUNOaFNYQUZlNCt1NnAwNTVLQUJ3UHRmblljQVRxdko2QXZtYmNCUzV2U2EwdGVSVXIrNk1makxVNXBXY2hKQjl5WEtscUdlL2szRXl3YzF6TFBpYjZtV2J1MlZuSm9ZWFBEdlZTMD...
438 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=QLv3rnx4T2FrZEgraERSY2F1YVhVQUNOaFNYQUZlNCt1NnAwNTVLQUJ3UHRmblljQVRxdko2QXZtYmNCUzV2U2EwdGVSVXIrNk1makxVNXBXY2hKQjl5WEtscUdlL2szRXl3YzF6TFBpYjZtV2J1MlZuSm9ZWFBEdlZTMDY2M3lYcFVVUVo5ZHQxUFFSNlRzMHM1WDNrQndlTUZWSnV3OENsTGF3V0Q0LzF2QWlYK1FJc25mZmxMSWNaRFljb3BvWjBUMVZhcFpmK2J1cHZwWEZZcmFxaWpUUnZ1aWR1YjFkenk0ZzNZeHRCVTYwOTVrUFBNTy9CTlZrR05ZQzNlWUx6SWt3R3J5SWlGNW43b0dnYk9ybGsrbmtwQT09fA&cppv=2
Protocol
H2
Server
74.119.118.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
5b6487994c5f703f1e3aef750ca1581d894d6274ee828cb175de11784f979522
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3407936
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:31 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=QLv3rnx4T2FrZEgraERSY2F1YVhVQUNOaFNYQUZlNCt1NnAwNTVLQUJ3UHRmblljQVRxdko2QXZtYmNCUzV2U2EwdGVSVXIrNk1makxVNXBXY2hKQjl5WEtscUdlL2szRXl3YzF6TFBpYjZtV2J1MlZuSm9ZWFBEdlZTMDY2M3lYcFVVUVo5ZHQxUFFSNlRzMHM1WDNrQndlTUZWSnV3OENsTGF3V0Q0LzF2QWlYK1FJc25mZmxMSWNaRFljb3BvWjBUMVZhcFpmK2J1cHZwWEZZcmFxaWpUUnZ1aWR1YjFkenk0ZzNZeHRCVTYwOTVrUFBNTy9CTlZrR05ZQzNlWUx6SWt3R3J5SWlGNW43b0dnYk9ybGsrbmtwQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
643185
content-length
0
expires
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230322/r20110914/ Frame FDB4 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230322/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUBrmgamwT59HwHCO8poEbOlv9AQ2yi2fkV287z4QVBPpsDE5KR78Ge69sooVSNcMgN1KQp7UX6SNJz7E7UqTw-QYREw&cry=1&dbm_d=AKAmf-A7FTA_sWgXObdI1n7dAjWZvYg-PRJy3YkXyb1TTaL3SNcVlBsJUCa9LYwWToPwxxV40L_OHBCfTzxNX4TdBoOXJO678xTHXA8PVgqlCGQkZYRnU2usoSFmCgTm5NiFQdtEkNFsjd6WRf7Ji0OReKkDkQrOr-ADLX6Y7T52NaNRGmoNHtoLW900pt2svMtzYcbCv1ZUx-6ZzgJLVaSrtH4RxhKMc8DSI9oeZvpqiDl19K5sEeldrevjZFvk2khhT9pWiEel3CRrkeWvGICsPJFO8EjZjfo8maLIEVpnkU06KnSYm8hx7v4U78TcIi9WSAs3U99YTdlp_JYUEo4wxRXxwz_Ed2UZMc64sLo-k6a4NN8cn1LLbyC4bwQr05djAOmLvl_ya7ciPIvodHg24q61CFqJ42_wXyvUtCAJ-YW9qw6Biii0gDz1DrwhTBDzC62jowFee5AkmKefIf3kMaSBm3FGDqfa9xIUQ1EYQnl6CyzxKKiiNFIsX6IOgab3Xjruh-rdehdNZPyEv0YLxI7oZ-CvzncB1XW4SYkp8VuhaxayAhv5k1aMUf_U4UE81bq3WVDsMQmGQYeYbGDGG-lxpFfYPwCF0gcVHn3IMtzGdDvSSoRGHErbOs2Pr39YgL6co70ljZNhNb23_fAeQ1sqhlhMuM4mFli7UhROs-zRLFnxW-ttF7UAqECYHYAniuZoBfH1d9dDT7jhTcDnW1yli_brh9QGzE03hXLALVWSXoBZr7R9kSeTnG7N0CSEJE_RvNcruyD8UmtnvpFIRSd79M7rrFnhmy0aa-h8sfWtHTFgQrm5p_qStfCqy4jZxaTIDu5PcU6YjaSg5_FNXBG3lZzA8hn63Q5pAgxtYwwLoQCjdQXCZq7x3pErtO4GcEmNcIR9wmHD_GRSg_wvm9I6qD8-ApQa_4GEghN34z6LA7TB9aXx97uv5jXrkxFPHluaSGro8wTYP_njSPAjg6520Ax4mxxVQyP2uG0D8jF9PxpM0O4bgSJV_YTbl_NNpq49EjeOK2ZfjxqddGOKBgWF1Ltx0EPeNtcukL_MMzyxmoo7AFTMyZb3jy16ZC_s6wJ14gopmpg_CEHdfQa45c6D4dXyGN_sFfxTvlwGfZrmd8_sevIuAUZsjGIClbPhLJGYtVDI4Wa6YQ8JOYhV8ZuK4Fr-Skr3gKFJc6ilXqyUAnd3ltq1SwncFsxxqi_IZOhIS5y3YsUk-SFIBo7Ardf8AQrmDigmZ_KGPycFMeAolTYdZSCkkPrQu3lzNJj-R3f29nRrwIDHfnt1PhX7RPKIheFhWfA-coWZ9xGQb5rvFdFDKU2OMyjsVRowShlTocROYyiwrbWOea6ce-PbMFGBq4JA4WNitzSRfFfIcNyMEkIPVfqcAYiIENcSGwdAKh9JS8G0Jve-JBzrlY0bx583_Ab6tRyt76ehN54ySl7jpEvI47OEFeRntJNh0YCYiimOVNWnntrWvOLZZ-elBT3NXJvDgUZRLDJjkGjVc_qq3gof-gfTTtyXBmMvGM_9h44wssT468r1qGFgS3JPd1zN3D86M61vzoRJ0IxPKmgXxEa2oOdR8zc7IrZcnxXB6wGU9pUBF6hxsGqgnMsEzWCM6Zm-zz6nZcI1MDo3OozF3-iL7_UoL7Egnipct3QCXStDHYHfE5PvxbGa_VPEMEXDNWGeeAuP25mW0m2QjGy0xYGsbmKD9aNACe7TsYFnOAmXMIqCP8eMyJg95JZ5Zf7iBSP2JoWkgSV90c0Pk_akIsm9mgkfCqrtoC6XReJW-DiDGDS9cDkGO--6vT7ZnduczKy5PxV27PbQBioOS_2eViqgw9XAFpEQlygxGpBeTL0NTcOZecPN7IoscrRorEPPH8T0ESXfHDTarEZahZWbRNcv0zUVJfUPLu1n5qfZOvblgLneV8JAOI2-gl8vmBPEfQ700_XviIjq4phyFJcF3hqXeGw0-N_rEuqoyOR5_zn3MaXEiQKR8Q0CyTBGdgq25uyyKmnnHTH5tyeRlAlJ94SmnvOGgC8SliMU4g0P-WNA6u2wKOAVXe5XUmMwY8btX1gt1LmtDfnLWJiW1tINkv2SFNffiTNhqBVd0Th3XdyfbAav7gPkqo8XfgMEepuEvlQonhkN1Kq4TbA8raEaNxZOF8P61RIVpPGhweCDnjmyDKhT2RV9jE2r62_PyL9jKjNHVXa4obZ6dAEZUXnsHFjDZut-hy0htgwDPMA07m8DztVWRgDEzo711FKqT7rT9YKPLHZuDFqBWjWkPjKmNyo0ZW4Hn8rwISkN9Iv0VKtC_5wj8UrZcUHXKV7GOvoFBDFZMxJX4bb2tC6XmY_qCnegMIvNi3LC3XG2mSiT0cwzVNOGdYv20_3bXbjM03e60emkwtqdb_z_83N3XPntu6bSUQ5mc87Kf7zrcAz8cS2wrDXCom1f_6XBAEXooNVGdtQrbe7RHh_2N6mUFL5ACL4nhs0JxOsVI7G374h2xH0G8psk8jN1tJWmcSP6_nxf5uet_X7mBj0F1h3LsuSm0NVXMwtysotc-yVuzagTrB_E8uDA8lShb3C4QtA1x__JXImDBzLt-XiNQ15tbIHrkepE0qRzmgfQx5dIeTIWfhn57PEvJuJcHtCoIJd5dsfpbpgbYWAimKKtiQBsO2vVWL2LZd1Y4p6zBbw1IgMydhVPCg_F7Fc-OBNkpb0zObwZVqXt-Va4b_eEqiLJF5UiLAMiJgD-eXzg7ups-3OlFwIqHlaq2CoOu_HdMwCLAH8oZeA8_mo-aP9MZwWZyhuvN74VpArPL8frW4UqAq263M29JjlPZl774X-RNYIcp6dcYVa4zu0vqRVWXohVmunwP226ng5TJLrUZC7b-w7coX4l218gZrETdHhDPi7wqo4rJj14WlAFNZQTObY8vVnhIqq9frYlcA0B2tU-f10L8PJF-M9IHXpfBuRyO3wuTLqYN_9Ig1rbxRTnGL52OcwVb9tUuAOGusSXE58gv3duway9SeVTqvOGzIJD3Xh72i47CeZAhdfMyKAYsmeXF0407-3UovCvHvWTizsX_wV_zDrDy71Tj0NdCcBMyfCTgLwI6evxsLhEfC3GH6XTlgsRr0qiPvFF60IlixLV83-8dDFXqjXCdgDQ1gLSFsiBpJRjZyQGiL9GWlgTCpchUpSDsDszQyoeyuk4kpTLPGBq8l8Urdqnye00DSENGchKSaFVImBFdKsNPtzzZCMLGehtQE5ki7oj8SSr6qTR0_3myJfw6xGDouStWObRM9n_yDx4pRSlg2IupQtRmkPjNBcKMxj1Ifhzmb-gxU9erQSrS1fHtGBrbOqA5f31Z_h40aLHb2waTSPrz0mXJR-5onu1sbVWbISDzSyIN4N_3uCttUMV4TIc&cid=CAQSOwDUE5ymoMMmsEFLWmlqENURtYJgMjRsFluFUfIpuIUplu9sxAJ1LY0pWMXvZvZbt5cNkI2EDlCdx989GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=2791917347063485000&adk=1964084972&idt=213&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11f1414c6342d8a5a5124286921298b09b1e776f0aae7bbc4c83b96685166019
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
17561
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10980
x-xss-protection
0
server
cafe
etag
17255800071175307161
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Apr 2023 16:33:51 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230322/r20110914/elements/html/ Frame FDB4 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230322/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUBrmgamwT59HwHCO8poEbOlv9AQ2yi2fkV287z4QVBPpsDE5KR78Ge69sooVSNcMgN1KQp7UX6SNJz7E7UqTw-QYREw&cry=1&dbm_d=AKAmf-A7FTA_sWgXObdI1n7dAjWZvYg-PRJy3YkXyb1TTaL3SNcVlBsJUCa9LYwWToPwxxV40L_OHBCfTzxNX4TdBoOXJO678xTHXA8PVgqlCGQkZYRnU2usoSFmCgTm5NiFQdtEkNFsjd6WRf7Ji0OReKkDkQrOr-ADLX6Y7T52NaNRGmoNHtoLW900pt2svMtzYcbCv1ZUx-6ZzgJLVaSrtH4RxhKMc8DSI9oeZvpqiDl19K5sEeldrevjZFvk2khhT9pWiEel3CRrkeWvGICsPJFO8EjZjfo8maLIEVpnkU06KnSYm8hx7v4U78TcIi9WSAs3U99YTdlp_JYUEo4wxRXxwz_Ed2UZMc64sLo-k6a4NN8cn1LLbyC4bwQr05djAOmLvl_ya7ciPIvodHg24q61CFqJ42_wXyvUtCAJ-YW9qw6Biii0gDz1DrwhTBDzC62jowFee5AkmKefIf3kMaSBm3FGDqfa9xIUQ1EYQnl6CyzxKKiiNFIsX6IOgab3Xjruh-rdehdNZPyEv0YLxI7oZ-CvzncB1XW4SYkp8VuhaxayAhv5k1aMUf_U4UE81bq3WVDsMQmGQYeYbGDGG-lxpFfYPwCF0gcVHn3IMtzGdDvSSoRGHErbOs2Pr39YgL6co70ljZNhNb23_fAeQ1sqhlhMuM4mFli7UhROs-zRLFnxW-ttF7UAqECYHYAniuZoBfH1d9dDT7jhTcDnW1yli_brh9QGzE03hXLALVWSXoBZr7R9kSeTnG7N0CSEJE_RvNcruyD8UmtnvpFIRSd79M7rrFnhmy0aa-h8sfWtHTFgQrm5p_qStfCqy4jZxaTIDu5PcU6YjaSg5_FNXBG3lZzA8hn63Q5pAgxtYwwLoQCjdQXCZq7x3pErtO4GcEmNcIR9wmHD_GRSg_wvm9I6qD8-ApQa_4GEghN34z6LA7TB9aXx97uv5jXrkxFPHluaSGro8wTYP_njSPAjg6520Ax4mxxVQyP2uG0D8jF9PxpM0O4bgSJV_YTbl_NNpq49EjeOK2ZfjxqddGOKBgWF1Ltx0EPeNtcukL_MMzyxmoo7AFTMyZb3jy16ZC_s6wJ14gopmpg_CEHdfQa45c6D4dXyGN_sFfxTvlwGfZrmd8_sevIuAUZsjGIClbPhLJGYtVDI4Wa6YQ8JOYhV8ZuK4Fr-Skr3gKFJc6ilXqyUAnd3ltq1SwncFsxxqi_IZOhIS5y3YsUk-SFIBo7Ardf8AQrmDigmZ_KGPycFMeAolTYdZSCkkPrQu3lzNJj-R3f29nRrwIDHfnt1PhX7RPKIheFhWfA-coWZ9xGQb5rvFdFDKU2OMyjsVRowShlTocROYyiwrbWOea6ce-PbMFGBq4JA4WNitzSRfFfIcNyMEkIPVfqcAYiIENcSGwdAKh9JS8G0Jve-JBzrlY0bx583_Ab6tRyt76ehN54ySl7jpEvI47OEFeRntJNh0YCYiimOVNWnntrWvOLZZ-elBT3NXJvDgUZRLDJjkGjVc_qq3gof-gfTTtyXBmMvGM_9h44wssT468r1qGFgS3JPd1zN3D86M61vzoRJ0IxPKmgXxEa2oOdR8zc7IrZcnxXB6wGU9pUBF6hxsGqgnMsEzWCM6Zm-zz6nZcI1MDo3OozF3-iL7_UoL7Egnipct3QCXStDHYHfE5PvxbGa_VPEMEXDNWGeeAuP25mW0m2QjGy0xYGsbmKD9aNACe7TsYFnOAmXMIqCP8eMyJg95JZ5Zf7iBSP2JoWkgSV90c0Pk_akIsm9mgkfCqrtoC6XReJW-DiDGDS9cDkGO--6vT7ZnduczKy5PxV27PbQBioOS_2eViqgw9XAFpEQlygxGpBeTL0NTcOZecPN7IoscrRorEPPH8T0ESXfHDTarEZahZWbRNcv0zUVJfUPLu1n5qfZOvblgLneV8JAOI2-gl8vmBPEfQ700_XviIjq4phyFJcF3hqXeGw0-N_rEuqoyOR5_zn3MaXEiQKR8Q0CyTBGdgq25uyyKmnnHTH5tyeRlAlJ94SmnvOGgC8SliMU4g0P-WNA6u2wKOAVXe5XUmMwY8btX1gt1LmtDfnLWJiW1tINkv2SFNffiTNhqBVd0Th3XdyfbAav7gPkqo8XfgMEepuEvlQonhkN1Kq4TbA8raEaNxZOF8P61RIVpPGhweCDnjmyDKhT2RV9jE2r62_PyL9jKjNHVXa4obZ6dAEZUXnsHFjDZut-hy0htgwDPMA07m8DztVWRgDEzo711FKqT7rT9YKPLHZuDFqBWjWkPjKmNyo0ZW4Hn8rwISkN9Iv0VKtC_5wj8UrZcUHXKV7GOvoFBDFZMxJX4bb2tC6XmY_qCnegMIvNi3LC3XG2mSiT0cwzVNOGdYv20_3bXbjM03e60emkwtqdb_z_83N3XPntu6bSUQ5mc87Kf7zrcAz8cS2wrDXCom1f_6XBAEXooNVGdtQrbe7RHh_2N6mUFL5ACL4nhs0JxOsVI7G374h2xH0G8psk8jN1tJWmcSP6_nxf5uet_X7mBj0F1h3LsuSm0NVXMwtysotc-yVuzagTrB_E8uDA8lShb3C4QtA1x__JXImDBzLt-XiNQ15tbIHrkepE0qRzmgfQx5dIeTIWfhn57PEvJuJcHtCoIJd5dsfpbpgbYWAimKKtiQBsO2vVWL2LZd1Y4p6zBbw1IgMydhVPCg_F7Fc-OBNkpb0zObwZVqXt-Va4b_eEqiLJF5UiLAMiJgD-eXzg7ups-3OlFwIqHlaq2CoOu_HdMwCLAH8oZeA8_mo-aP9MZwWZyhuvN74VpArPL8frW4UqAq263M29JjlPZl774X-RNYIcp6dcYVa4zu0vqRVWXohVmunwP226ng5TJLrUZC7b-w7coX4l218gZrETdHhDPi7wqo4rJj14WlAFNZQTObY8vVnhIqq9frYlcA0B2tU-f10L8PJF-M9IHXpfBuRyO3wuTLqYN_9Ig1rbxRTnGL52OcwVb9tUuAOGusSXE58gv3duway9SeVTqvOGzIJD3Xh72i47CeZAhdfMyKAYsmeXF0407-3UovCvHvWTizsX_wV_zDrDy71Tj0NdCcBMyfCTgLwI6evxsLhEfC3GH6XTlgsRr0qiPvFF60IlixLV83-8dDFXqjXCdgDQ1gLSFsiBpJRjZyQGiL9GWlgTCpchUpSDsDszQyoeyuk4kpTLPGBq8l8Urdqnye00DSENGchKSaFVImBFdKsNPtzzZCMLGehtQE5ki7oj8SSr6qTR0_3myJfw6xGDouStWObRM9n_yDx4pRSlg2IupQtRmkPjNBcKMxj1Ifhzmb-gxU9erQSrS1fHtGBrbOqA5f31Z_h40aLHb2waTSPrz0mXJR-5onu1sbVWbISDzSyIN4N_3uCttUMV4TIc&cid=CAQSOwDUE5ymoMMmsEFLWmlqENURtYJgMjRsFluFUfIpuIUplu9sxAJ1LY0pWMXvZvZbt5cNkI2EDlCdx989GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=2791917347063485000&adk=1964084972&idt=213&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3501a3f0a7b6bc47f9f81c7be85b3603816fe2d3026ab4b396127ed9eb8895c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:18:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
18508
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4115
x-xss-protection
0
server
cafe
etag
1914039858798321668
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Apr 2023 16:18:04 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FDB4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstfL6xytDcqIXWIlqGPv1ixLod6mUNd8VRjOTfUT_HbvFdnnUv8B6XwgU5oy6bEAHb614oqb0SiHpY5GOuAZ-w9cXZ8BO-ZFLhUOG1oAh2l7_o_A9e4hF1PE6kOF7Ul60wOrR7aFlyXOsggddAAUBxWy5pY0KusfHrDKnXrELRAZhKh6eHivh1gXFbeaHIgCUB8a9cxVf9CT00IaRIhhW2Z1RgzjXx_GCH2_uIkMNedxQlAVFkOabztMMA2vHrptbcp7USy0I7Qm26qu3A-DH2comu9jkAL6kpzP77z7HokQa6U0zRP3AfqnO9aE8RdZ_jYSBVOHerBT0PnVGeY7bPV-NKC7F5jVdVpDK13_nZZp9fk_C98jOo3mJrwzQvPIzqYtcvk8UCm7VbDJ1-dLt-LGIiIDKIAknBEJZIgyMd8Gsrcs0tLTwo5zrs_n-G08AUl3IArFn_Pv6-QNlFZmM1kIKyqpRLDcAxTgWVfui1l6XoTVgsqG3HNHKcfo-Vv2R3ErA7nkpBtxgjotYrB04rz-a-1sKVWdU4IYyy5OmbjLV16v0UQz5v1P_9Pgt9B2Xp1gQ72wOSjwloKGGIw56isRT5_TTQX2F59zjabNNaKIHJZGEyp1EakTUUFUn-V65A97xZjx1VybTdWs2qY8pH73LAykZnqOgawBBaRvQz9iVEYgm0MCcjcul_K3AlTqDk6DesqAuuQrrxmBhyHQQ4BCfWQ21wcb4x5i7In0OBrAs2uUWIMninIUa7qXJNAvRYx1NMIZEFXdZ0780y_56G1ikqSViFheycRRDCCzJ93XsvJmulCDghIhhib3mYI8Njr0X_SsrlbKCX-3QLlg69k9jjg3HrxCLMD-xHdXcGpB5LI2tNyGuE4OGeqK-ivNi2n3HzWxkejaj0M5hzp3Lgb9kQ30LvPiAQKZ6uXXe41qTcwiVbuoX2675R2OxSw9P6Y0FuLEuGk7az1GTeg74-DIY6falddf6w4oAYJf9hCYJ088rM5xwpzrtj5bmwVKa4xhacDijq3EnfoOkUPKrycVr10e9nFJ5YJF0s2C3ia_7Tsoxf2FTqmo48QM6Lqvnj8uhw8oe1DubfwYriyYTe1K2QQ2IqcLTrQaRVTj3ILjYU-FTEeR7IY93q0TOI5hV4Yw6vxAH0LEXsn0yL5UcHcjYVlImuQ_InmXpv44wRWAStnGOY5TNRUpr0ebiZ5Vsnp9QJIW9P-0yD_ZE6BVJDnnfwdjBvdsU5k_NIxiB0l2RGYMw1ACWs&sai=AMfl-YSLNwvsXssmf6Mm5yNwhd2i3AL1HOjYeOqXo0mOXb9OpZ1AXfHEGNmlVYGg0gI7kVOzGeOFAV0DTPAWsbZu3QJvE_O24oYmdEeo9KhOXd0aeOD8HMR7VT5L5BACGgyMh6kNkPgPetDu3atyHnTr65p9nQbGsIIYmSjYHh211Yrj3FbVb4YK9uAit1LOeS0H_vKugruZhw2yt1N2wRjLAnTvZaq_teNm-T9FOZjXT_BajbNAYgsluyGTLt7DapaQLhtjq8e-R0X5BT6KWSvdW-RxhOXYeck&sig=Cg0ArKJSzC_jJW-QIIXuEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230322.03554&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUBrmgamwT59HwHCO8poEbOlv9AQ2yi2fkV287z4QVBPpsDE5KR78Ge69sooVSNcMgN1KQp7UX6SNJz7E7UqTw-QYREw&cry=1&dbm_d=AKAmf-A7FTA_sWgXObdI1n7dAjWZvYg-PRJy3YkXyb1TTaL3SNcVlBsJUCa9LYwWToPwxxV40L_OHBCfTzxNX4TdBoOXJO678xTHXA8PVgqlCGQkZYRnU2usoSFmCgTm5NiFQdtEkNFsjd6WRf7Ji0OReKkDkQrOr-ADLX6Y7T52NaNRGmoNHtoLW900pt2svMtzYcbCv1ZUx-6ZzgJLVaSrtH4RxhKMc8DSI9oeZvpqiDl19K5sEeldrevjZFvk2khhT9pWiEel3CRrkeWvGICsPJFO8EjZjfo8maLIEVpnkU06KnSYm8hx7v4U78TcIi9WSAs3U99YTdlp_JYUEo4wxRXxwz_Ed2UZMc64sLo-k6a4NN8cn1LLbyC4bwQr05djAOmLvl_ya7ciPIvodHg24q61CFqJ42_wXyvUtCAJ-YW9qw6Biii0gDz1DrwhTBDzC62jowFee5AkmKefIf3kMaSBm3FGDqfa9xIUQ1EYQnl6CyzxKKiiNFIsX6IOgab3Xjruh-rdehdNZPyEv0YLxI7oZ-CvzncB1XW4SYkp8VuhaxayAhv5k1aMUf_U4UE81bq3WVDsMQmGQYeYbGDGG-lxpFfYPwCF0gcVHn3IMtzGdDvSSoRGHErbOs2Pr39YgL6co70ljZNhNb23_fAeQ1sqhlhMuM4mFli7UhROs-zRLFnxW-ttF7UAqECYHYAniuZoBfH1d9dDT7jhTcDnW1yli_brh9QGzE03hXLALVWSXoBZr7R9kSeTnG7N0CSEJE_RvNcruyD8UmtnvpFIRSd79M7rrFnhmy0aa-h8sfWtHTFgQrm5p_qStfCqy4jZxaTIDu5PcU6YjaSg5_FNXBG3lZzA8hn63Q5pAgxtYwwLoQCjdQXCZq7x3pErtO4GcEmNcIR9wmHD_GRSg_wvm9I6qD8-ApQa_4GEghN34z6LA7TB9aXx97uv5jXrkxFPHluaSGro8wTYP_njSPAjg6520Ax4mxxVQyP2uG0D8jF9PxpM0O4bgSJV_YTbl_NNpq49EjeOK2ZfjxqddGOKBgWF1Ltx0EPeNtcukL_MMzyxmoo7AFTMyZb3jy16ZC_s6wJ14gopmpg_CEHdfQa45c6D4dXyGN_sFfxTvlwGfZrmd8_sevIuAUZsjGIClbPhLJGYtVDI4Wa6YQ8JOYhV8ZuK4Fr-Skr3gKFJc6ilXqyUAnd3ltq1SwncFsxxqi_IZOhIS5y3YsUk-SFIBo7Ardf8AQrmDigmZ_KGPycFMeAolTYdZSCkkPrQu3lzNJj-R3f29nRrwIDHfnt1PhX7RPKIheFhWfA-coWZ9xGQb5rvFdFDKU2OMyjsVRowShlTocROYyiwrbWOea6ce-PbMFGBq4JA4WNitzSRfFfIcNyMEkIPVfqcAYiIENcSGwdAKh9JS8G0Jve-JBzrlY0bx583_Ab6tRyt76ehN54ySl7jpEvI47OEFeRntJNh0YCYiimOVNWnntrWvOLZZ-elBT3NXJvDgUZRLDJjkGjVc_qq3gof-gfTTtyXBmMvGM_9h44wssT468r1qGFgS3JPd1zN3D86M61vzoRJ0IxPKmgXxEa2oOdR8zc7IrZcnxXB6wGU9pUBF6hxsGqgnMsEzWCM6Zm-zz6nZcI1MDo3OozF3-iL7_UoL7Egnipct3QCXStDHYHfE5PvxbGa_VPEMEXDNWGeeAuP25mW0m2QjGy0xYGsbmKD9aNACe7TsYFnOAmXMIqCP8eMyJg95JZ5Zf7iBSP2JoWkgSV90c0Pk_akIsm9mgkfCqrtoC6XReJW-DiDGDS9cDkGO--6vT7ZnduczKy5PxV27PbQBioOS_2eViqgw9XAFpEQlygxGpBeTL0NTcOZecPN7IoscrRorEPPH8T0ESXfHDTarEZahZWbRNcv0zUVJfUPLu1n5qfZOvblgLneV8JAOI2-gl8vmBPEfQ700_XviIjq4phyFJcF3hqXeGw0-N_rEuqoyOR5_zn3MaXEiQKR8Q0CyTBGdgq25uyyKmnnHTH5tyeRlAlJ94SmnvOGgC8SliMU4g0P-WNA6u2wKOAVXe5XUmMwY8btX1gt1LmtDfnLWJiW1tINkv2SFNffiTNhqBVd0Th3XdyfbAav7gPkqo8XfgMEepuEvlQonhkN1Kq4TbA8raEaNxZOF8P61RIVpPGhweCDnjmyDKhT2RV9jE2r62_PyL9jKjNHVXa4obZ6dAEZUXnsHFjDZut-hy0htgwDPMA07m8DztVWRgDEzo711FKqT7rT9YKPLHZuDFqBWjWkPjKmNyo0ZW4Hn8rwISkN9Iv0VKtC_5wj8UrZcUHXKV7GOvoFBDFZMxJX4bb2tC6XmY_qCnegMIvNi3LC3XG2mSiT0cwzVNOGdYv20_3bXbjM03e60emkwtqdb_z_83N3XPntu6bSUQ5mc87Kf7zrcAz8cS2wrDXCom1f_6XBAEXooNVGdtQrbe7RHh_2N6mUFL5ACL4nhs0JxOsVI7G374h2xH0G8psk8jN1tJWmcSP6_nxf5uet_X7mBj0F1h3LsuSm0NVXMwtysotc-yVuzagTrB_E8uDA8lShb3C4QtA1x__JXImDBzLt-XiNQ15tbIHrkepE0qRzmgfQx5dIeTIWfhn57PEvJuJcHtCoIJd5dsfpbpgbYWAimKKtiQBsO2vVWL2LZd1Y4p6zBbw1IgMydhVPCg_F7Fc-OBNkpb0zObwZVqXt-Va4b_eEqiLJF5UiLAMiJgD-eXzg7ups-3OlFwIqHlaq2CoOu_HdMwCLAH8oZeA8_mo-aP9MZwWZyhuvN74VpArPL8frW4UqAq263M29JjlPZl774X-RNYIcp6dcYVa4zu0vqRVWXohVmunwP226ng5TJLrUZC7b-w7coX4l218gZrETdHhDPi7wqo4rJj14WlAFNZQTObY8vVnhIqq9frYlcA0B2tU-f10L8PJF-M9IHXpfBuRyO3wuTLqYN_9Ig1rbxRTnGL52OcwVb9tUuAOGusSXE58gv3duway9SeVTqvOGzIJD3Xh72i47CeZAhdfMyKAYsmeXF0407-3UovCvHvWTizsX_wV_zDrDy71Tj0NdCcBMyfCTgLwI6evxsLhEfC3GH6XTlgsRr0qiPvFF60IlixLV83-8dDFXqjXCdgDQ1gLSFsiBpJRjZyQGiL9GWlgTCpchUpSDsDszQyoeyuk4kpTLPGBq8l8Urdqnye00DSENGchKSaFVImBFdKsNPtzzZCMLGehtQE5ki7oj8SSr6qTR0_3myJfw6xGDouStWObRM9n_yDx4pRSlg2IupQtRmkPjNBcKMxj1Ifhzmb-gxU9erQSrS1fHtGBrbOqA5f31Z_h40aLHb2waTSPrz0mXJR-5onu1sbVWbISDzSyIN4N_3uCttUMV4TIc&cid=CAQSOwDUE5ymoMMmsEFLWmlqENURtYJgMjRsFluFUfIpuIUplu9sxAJ1LY0pWMXvZvZbt5cNkI2EDlCdx989GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=2791917347063485000&adk=1964084972&idt=213&cac=0&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 23 Mar 2023 21:26:32 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 23 Mar 2023 21:26:32 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FDB4 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUBrmgamwT59HwHCO8poEbOlv9AQ2yi2fkV287z4QVBPpsDE5KR78Ge69sooVSNcMgN1KQp7UX6SNJz7E7UqTw-QYREw&cry=1&dbm_d=AKAmf-A7FTA_sWgXObdI1n7dAjWZvYg-PRJy3YkXyb1TTaL3SNcVlBsJUCa9LYwWToPwxxV40L_OHBCfTzxNX4TdBoOXJO678xTHXA8PVgqlCGQkZYRnU2usoSFmCgTm5NiFQdtEkNFsjd6WRf7Ji0OReKkDkQrOr-ADLX6Y7T52NaNRGmoNHtoLW900pt2svMtzYcbCv1ZUx-6ZzgJLVaSrtH4RxhKMc8DSI9oeZvpqiDl19K5sEeldrevjZFvk2khhT9pWiEel3CRrkeWvGICsPJFO8EjZjfo8maLIEVpnkU06KnSYm8hx7v4U78TcIi9WSAs3U99YTdlp_JYUEo4wxRXxwz_Ed2UZMc64sLo-k6a4NN8cn1LLbyC4bwQr05djAOmLvl_ya7ciPIvodHg24q61CFqJ42_wXyvUtCAJ-YW9qw6Biii0gDz1DrwhTBDzC62jowFee5AkmKefIf3kMaSBm3FGDqfa9xIUQ1EYQnl6CyzxKKiiNFIsX6IOgab3Xjruh-rdehdNZPyEv0YLxI7oZ-CvzncB1XW4SYkp8VuhaxayAhv5k1aMUf_U4UE81bq3WVDsMQmGQYeYbGDGG-lxpFfYPwCF0gcVHn3IMtzGdDvSSoRGHErbOs2Pr39YgL6co70ljZNhNb23_fAeQ1sqhlhMuM4mFli7UhROs-zRLFnxW-ttF7UAqECYHYAniuZoBfH1d9dDT7jhTcDnW1yli_brh9QGzE03hXLALVWSXoBZr7R9kSeTnG7N0CSEJE_RvNcruyD8UmtnvpFIRSd79M7rrFnhmy0aa-h8sfWtHTFgQrm5p_qStfCqy4jZxaTIDu5PcU6YjaSg5_FNXBG3lZzA8hn63Q5pAgxtYwwLoQCjdQXCZq7x3pErtO4GcEmNcIR9wmHD_GRSg_wvm9I6qD8-ApQa_4GEghN34z6LA7TB9aXx97uv5jXrkxFPHluaSGro8wTYP_njSPAjg6520Ax4mxxVQyP2uG0D8jF9PxpM0O4bgSJV_YTbl_NNpq49EjeOK2ZfjxqddGOKBgWF1Ltx0EPeNtcukL_MMzyxmoo7AFTMyZb3jy16ZC_s6wJ14gopmpg_CEHdfQa45c6D4dXyGN_sFfxTvlwGfZrmd8_sevIuAUZsjGIClbPhLJGYtVDI4Wa6YQ8JOYhV8ZuK4Fr-Skr3gKFJc6ilXqyUAnd3ltq1SwncFsxxqi_IZOhIS5y3YsUk-SFIBo7Ardf8AQrmDigmZ_KGPycFMeAolTYdZSCkkPrQu3lzNJj-R3f29nRrwIDHfnt1PhX7RPKIheFhWfA-coWZ9xGQb5rvFdFDKU2OMyjsVRowShlTocROYyiwrbWOea6ce-PbMFGBq4JA4WNitzSRfFfIcNyMEkIPVfqcAYiIENcSGwdAKh9JS8G0Jve-JBzrlY0bx583_Ab6tRyt76ehN54ySl7jpEvI47OEFeRntJNh0YCYiimOVNWnntrWvOLZZ-elBT3NXJvDgUZRLDJjkGjVc_qq3gof-gfTTtyXBmMvGM_9h44wssT468r1qGFgS3JPd1zN3D86M61vzoRJ0IxPKmgXxEa2oOdR8zc7IrZcnxXB6wGU9pUBF6hxsGqgnMsEzWCM6Zm-zz6nZcI1MDo3OozF3-iL7_UoL7Egnipct3QCXStDHYHfE5PvxbGa_VPEMEXDNWGeeAuP25mW0m2QjGy0xYGsbmKD9aNACe7TsYFnOAmXMIqCP8eMyJg95JZ5Zf7iBSP2JoWkgSV90c0Pk_akIsm9mgkfCqrtoC6XReJW-DiDGDS9cDkGO--6vT7ZnduczKy5PxV27PbQBioOS_2eViqgw9XAFpEQlygxGpBeTL0NTcOZecPN7IoscrRorEPPH8T0ESXfHDTarEZahZWbRNcv0zUVJfUPLu1n5qfZOvblgLneV8JAOI2-gl8vmBPEfQ700_XviIjq4phyFJcF3hqXeGw0-N_rEuqoyOR5_zn3MaXEiQKR8Q0CyTBGdgq25uyyKmnnHTH5tyeRlAlJ94SmnvOGgC8SliMU4g0P-WNA6u2wKOAVXe5XUmMwY8btX1gt1LmtDfnLWJiW1tINkv2SFNffiTNhqBVd0Th3XdyfbAav7gPkqo8XfgMEepuEvlQonhkN1Kq4TbA8raEaNxZOF8P61RIVpPGhweCDnjmyDKhT2RV9jE2r62_PyL9jKjNHVXa4obZ6dAEZUXnsHFjDZut-hy0htgwDPMA07m8DztVWRgDEzo711FKqT7rT9YKPLHZuDFqBWjWkPjKmNyo0ZW4Hn8rwISkN9Iv0VKtC_5wj8UrZcUHXKV7GOvoFBDFZMxJX4bb2tC6XmY_qCnegMIvNi3LC3XG2mSiT0cwzVNOGdYv20_3bXbjM03e60emkwtqdb_z_83N3XPntu6bSUQ5mc87Kf7zrcAz8cS2wrDXCom1f_6XBAEXooNVGdtQrbe7RHh_2N6mUFL5ACL4nhs0JxOsVI7G374h2xH0G8psk8jN1tJWmcSP6_nxf5uet_X7mBj0F1h3LsuSm0NVXMwtysotc-yVuzagTrB_E8uDA8lShb3C4QtA1x__JXImDBzLt-XiNQ15tbIHrkepE0qRzmgfQx5dIeTIWfhn57PEvJuJcHtCoIJd5dsfpbpgbYWAimKKtiQBsO2vVWL2LZd1Y4p6zBbw1IgMydhVPCg_F7Fc-OBNkpb0zObwZVqXt-Va4b_eEqiLJF5UiLAMiJgD-eXzg7ups-3OlFwIqHlaq2CoOu_HdMwCLAH8oZeA8_mo-aP9MZwWZyhuvN74VpArPL8frW4UqAq263M29JjlPZl774X-RNYIcp6dcYVa4zu0vqRVWXohVmunwP226ng5TJLrUZC7b-w7coX4l218gZrETdHhDPi7wqo4rJj14WlAFNZQTObY8vVnhIqq9frYlcA0B2tU-f10L8PJF-M9IHXpfBuRyO3wuTLqYN_9Ig1rbxRTnGL52OcwVb9tUuAOGusSXE58gv3duway9SeVTqvOGzIJD3Xh72i47CeZAhdfMyKAYsmeXF0407-3UovCvHvWTizsX_wV_zDrDy71Tj0NdCcBMyfCTgLwI6evxsLhEfC3GH6XTlgsRr0qiPvFF60IlixLV83-8dDFXqjXCdgDQ1gLSFsiBpJRjZyQGiL9GWlgTCpchUpSDsDszQyoeyuk4kpTLPGBq8l8Urdqnye00DSENGchKSaFVImBFdKsNPtzzZCMLGehtQE5ki7oj8SSr6qTR0_3myJfw6xGDouStWObRM9n_yDx4pRSlg2IupQtRmkPjNBcKMxj1Ifhzmb-gxU9erQSrS1fHtGBrbOqA5f31Z_h40aLHb2waTSPrz0mXJR-5onu1sbVWbISDzSyIN4N_3uCttUMV4TIc&cid=CAQSOwDUE5ymoMMmsEFLWmlqENURtYJgMjRsFluFUfIpuIUplu9sxAJ1LY0pWMXvZvZbt5cNkI2EDlCdx989GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=2791917347063485000&adk=1964084972&idt=213&cac=0&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 10:06:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127232
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Mar 2024 10:06:00 GMT
1550243140861418884
s0.2mdn.net/simgad/ Frame FDB4 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1550243140861418884
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37de8a936ffe92c7f4c5ea8b451e3f8b4f6bb4ff2a0f60afa2e0f90f9f91895d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
age
98481
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76223
x-xss-protection
0
last-modified
Thu, 09 Feb 2023 11:14:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Mar 2024 18:05:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A226 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7868547397760&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A226 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7868547397760&version=m202301230201&ct=76&x=1&cor=2379159191226820000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A226 		70 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDqjSam_HMuw3AcxZkIqokKDok6TCgA9ZcbvTlCWhseh5KmgBQoWSnNG7DhAJBtNHBFKaYqGpMHx_RTsYxOgnk2vD8ZA&cry=1&dbm_d=AKAmf-CiJRPs1MeIqjLr5U2MHuyHWZZD67wKnLunemCx4lHZ00AMUY5lx-1-f6ka2x5ZXvFojgyf8BQskGcB19xoB84xn8YBL9MmTsPAkIoViRRvRG9d2JKmW1bnaJUVxjr1a9GbcUfoAZLD2CGMlxp3wvhCqPPch7gVll702ugxUPdD8WSv0_A95vncOzcgjr5nQd4HqeswVxxHXnBoEUkoqm-IVw6ppQ1RB6sDpJFPyvBnSiIWaAN5XrwdyR-39CbU18K6XXivx_f8Gr5cpI83M0cCFwwqLDmavZF6l7oc0AUVw2OE-7DxSyPCyeT1jM5vXmx8v_tWquppirSp97d3sqe_puzEIXPcS_WGxJBSvzQP_NB-4RA0HuylNwWC4y2OXR9WlvdD3ub2YNr6lG0fBVjbePY-lf1jfQNNZfxiitGAv6_Takm00_fE8PdEhfw2mcwQzgB4cms89aA4ZK3gvUIsr8jc2KUdliIK5FvWgMHk-pIrQfpiT6vPWHvcuQnTfGkecX8jgN6v0521Ks-ICjEM5nWtiiO10QtW9Fi44wipqIEPPKejJjUuVBplVoFzIrbxt8e-OhksxrQWVP9w6tfkA8WZXKQOv1Y_D5ozRHNoa6sHipNU4R76cu9mz73cevYltKzhMmgtFXJbqWEYI8fINL09uZi_jf3XjEHhEzD_S30V64Fv4X7EhQTO9QpOnVThwyc9tfU1-L5JXpcSOGNogRfh2riwcJsMOU9uOZycumGOuS0sQej2Rk54TP-d53xM6pGjgCw5LfQ3ox0iiUYd5GwCUa64-jNiNx1QevZhd9D-jBoeF7E15BSBEW5ICT3Vil5f7p0VMneZC9wIXKZZUiQzqQ-v78BaoG6JE9S-ydAJaQ2nH1WayQ_2Fhide_eHoPgZbvhqXaJbiMJcpKtDGE1yQR-MXU201dOaFfv3CvUH5tZ8zLDv3vTxyPm-WOJeFpeHxtGdkZrg5K7uoBP21Onv3PqtThUdWwalhh-bQ3UgFUGS_sLyzj_QbwewWFeLVcEavP8CBOi0SeVSoucH5Nm0G3_HXnmK3XiepC_zmatUrj5ULhIxmHVik_KELEOFCN45K7pr9yRonxNuo95G59DG6QrZxBK9J-G-3ZqobhlBknv1PxnhPZ4l18KthvOVrd6gDIw1Vkb31e4YfxpKfQYZ5blqHDRoLsmJCj8RNIWfOw7YTloUWnD3bOLG7_SMh0EB0H5nX02wv6NRKwPE_j65xLAB8yLb7FNZ-qr9aJy062fwyM0qzxbApjFz0QS96U8lLfRKbEk08T8vZrBC7H_XL8BewES5iQwswL_CcDVJupDEcm1aRQPCs_R9nAXefPpD98BsnchOAlzgk9Bzlliva59RkQj4QquL2Xbzgg9rw8O6TfizEB6nVwkA2aQV_7rOYm1hJtNga9qhEyVk8Nlm9zB6-ooLHkGJK4hWw8lFZ9pr01mpuKnadncY8ZLLLDV7U0twaVggw_VwjfrGSJZDzbB8jyYpShTHh0qMegP6zOO3LI87W96ngO-UbtyPKWxSMnmoaXuXJUp5AkYvJGOTZOAKOqiaUbm-LvCUzJJrwR-el5VRY3azG35Wrew_v4uumu89MmDWd-_K6hhqgO6DmxvFmvpvA_Mqs7FJZnUCvwctnO2qhvCwWSLiyLR1tLZUs4FKJZMj7sgMO8mKNoLcAKkgVdAkKEQgoaqmoVX8uFaZxmVvwquUgRLfPfhOiSoQlWa3MrDOFHXA8GGTkCoMLIOPNoeVeskOvNHKz9xM_E6n0FXlHTd1w3j3vYcnZcARbBCJ3gJ9wYibFcsp2bjOAx78T4NOztBZICq3lMm-w-Curidh14kORrkRtsmEgcxmZfdB53wcDaYnIAK4hRnXrtFyqVo1NcxgKcZMxB5DVxskvC1t8x6T5beNzXjC-V4YHC6H_D67xGdUxA-u5TB7FaW9_p2bigVasK6Vgzj3auLn29n858S21veW_7R2bTptjmQ5tA9kAQQfDAYvzNcvTXLpvPEMf7cQ8coAzgfQ9pDEp1ao8w2C9WnzOxbBoGS9nqx8odjyWA-ghuOwLvqsB7lC4gZ9vucJ94KIKm521z1X0HINkHow5kO7Wok2LR_537RPgdgT2ALHnvXYhUw5rgrJMdIOCQU5DDg3IRxwx0rhWAxzrQOcCtDlOB-F1Y28tzaI3_GHnX4Z82zT9RvpPjlylmEJ1C29SiC2M00Tif8T93TMuGV-nWkVHbLFdFk-nULHTyNzbUB4mrMbkNrooVn0-uunGcmLjeUHWWuWoaHGhMsCFS-z94rS1H7SL4NoveWlKCHYO9taC4mPi-jB_-BzOLZvwyo07oSh2GCeDcSnHFzIfE0ZVsS2oD84CLgAkyn8-CnYUPfSfuVu1jmejGnT5B4pKG4glghjST9f4ireuJGLMvOBYhYVJUqYW5onkG3pe31f_EEiV5dPzt4VSfK5Chy4uxCWqbBZbw5c5w9jFOo1aSNir3fDadNO85EZfjO-wWwBiYlEPtsEUg_xL72o2_NcEPo9jMGicRGIXOgqwy-Kdc8sImSQh59bem2gzga-4E7fiT5KUsuWCsqaQvlYBbgcuGvQtSpUe_H7r621ELbxKRYKg3fjT0bvlsZPNvNlmsVii4HlVUE81zix6UifDdNf3JcdPnu7sIq-EIGtFq97pFfTO4I2zJUHatAmFCp3E0l54uLJ7ga2mvtuoBH7Jd5Wgg0OdJF-UK-U1vxeC5jAEZS_WHgvedfUJkI4wwlA_IwfhOH5Q82yNZa9GaufKuDzJSpVAHsEwqaDIlij9tK2YXID4RFF450gAGfW3TEbwsHhkh5wgFaJQsyfydQpzqdM-NQowUAOIRtIsMTkbB2zG2O-jSQiTq4eVn88f6EB01Weq0wJ3Mqiq7hY0rQDInVE6qLaMg3-bxmjHE82E2ideVBcw-ikqFiwUmCN1w4Xr8SPbB2j-LGrBRRGby2e-riDCOkpw8OKfeQ-RUAputHuvJan079Vx8Pw9KwVNzwdzafur4Vw-E4NHvNA1pAW9O0P7r4xypKFMXVe5WxWJo8gUbNjpw_QqUAgPMUUI65d41BVMMXzuPEOCfdo0EVO4Dn2uJfpdUR_zK_gJuth0ZTOjUTRNMaXgCBpo0w7X4Dnve5IUCIpr8B6D7PeUSZVKtigQOeURwPrJ-IUCr-MVMBsf83kgFNldYgjr4_l-ShXoK1WFBkpcJnHpVO4-9TifyLSuxJAbc9O9WjL7r56M1sT52HwHKEe2ymN4hrVgUZqG05jbc-LIS7bm-r15fe-GSkL-9KN2JCi9YE240lhjg7OSbj-LT8XxAQ6ukoTUW53lxa-SG3SRhiKW8a3gLqdEQ1_UDjYF5CB5dWlpavIVNyY9a0q7WT55DiE7snP&cid=CAQSOwDUE5ymoMMmsEFLWmlqENURtYJgMjRsFluFUfIpuIUplu9sxAJ1LY0pWMXvZvZbt5cNkI2EDlCdx989GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=2379159191226820000&adk=2228999115&idt=350&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7814fb5d7cbe0fd56403c2590ad5f6a9c97bdd23c2ef490a8d78f097de0a9de7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34445
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		585 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=8Gu2Z8RCvZ
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a145227b0f911fa7c725fe32bcfb8dc359be77a5312cc5dcdd91a0dab1ec823d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
M8wszrrTn5Z
pragma
no-cache
wn
prod-dash-10-0-87-4
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.004
cache-control
no-cache, no-store, must-revalidate
cf-ray
7ac9c0d5bf2e90d4-FRA
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame 6501 		16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dd0a7427cfe28656bc2c217b8056dfd07f4d737c0e1f19325149b43a8252675
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
7ac9c0d52b589273-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Thu, 23 Mar 2023 21:26:32 GMT
expires
Thu, 23 Mar 2023 21:41:32 GMT
last-modified
Thu, 23 Mar 2023 21:26:32 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.001
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-123-205
x-forwarded-https
on
x-request-id
M8wszrrTqcW
x-xss-protection
0
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&metered=1%7C7&metername=Support%20Meter&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=1635609f-a30d-4c4e-ab9f-3e19ffe31441&pid=861f216c-a69c-4849-971f-ddac30606012&dtm=1679606792483&qnm=_matherq&visible=1&tabid=b47e6e5b-cc9d-4515-ad41-a18129a33455&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x12712&tofa=1679606791&vid=1&lvidt=1679606791&duid=9a3cd9a3080047bd&fp=2417809956&cid=ma63527&mrk=484602605&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJkaXNwbGF5IiwiYWN0aW9uIjoidGVtcGxhdGUiLCJkYXRhIjp7IjAiOnsidGVtcGxhdGVJZCI6Ik9UQzE3WDMyQkpDSSIsImRpc3BsYXlNb2RlIjoiaW5saW5lIiwiZXhwZXJpZW5jZUFjdGlvbklkIjoic2hvd1RlbXBsYXRlMU9EU0xBR1pYN1dYNzEiLCJleHBlcmllbmNlSWQiOiJFWEtFVTdZWDNaQUwiLCJvZmZlcklkIjoiZmFrZU9mZmVySWQiLCJzaG93Q2xvc2VCdXR0b24iOiIwIn19LCJ2ZW5kb3IiOiJwaWFubyIsInR5cGUiOiJ1bmtub3duIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMTAzMjgyMDgwMCIsInJlZlRpbWUiOiIxNjc5NjA2NzkyNDgyIn1dfQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.216.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-216-79.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Thu, 23 Mar 2023 21:26:32 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame BBE5 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6420820636643&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BBE5 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6420820636643&version=m202301230201&ct=76&x=1&cor=7542582017219056000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame BBE5 		70 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYthPWlr0Ow3-07gkW01Wo_0nCniWHvRWjT6TinUqqHePZ64Vhz-vBqxAu9e8XCGBx5koCUvqO9gj3S01ae2-LxHK6Eg&cry=1&dbm_d=AKAmf-Duo9Udu66b19ZpXYCriQI4HhnnHL-jVKOaiSYVbu1_LBy9LKE_y3bZbUN0mKsWfEYjkXdVjvSRHkEZ7n9esp3h7TgxvhFBQYWeoONaeGcUcZQfmj9C3ubo5OFUhe-pFLW-LtEXMDYtr5X4qUCP6oOq3-9kDXN1a3-hE_TDcNn1G5u79OqvraQdpamFEdHk3pf4c7MayCWadBaLPVdPp--xnl5faoiiLWtkPBtDe069vaXyllXfrQ1Hd46NB3Kbveq-gEyJieOqIQ9_1DGQzZ1H9sfQ2Ez-xBSRBBCOosQzID996fs4n4y466cuHzkLVtcpngJYaD5ufhtymZNT1UVnouvtlPJh4hJUynZWTGxi8cc0a5MDJdCijjf3FDNGmH5UoY0zGIeM8H77E5msXNEDsHPJmsZ6lGHFryYSVhumPjWTsJBj5Szg3WLZ91lhArdv3vcfZq-tkn06e-suUnmJENvVyqcT1DAUWN4Cq_IBgiqKCjTkk0oYxHAJmB-H6G0LnnTdFD2dF0yYDxjNZb61uF4hH2s71Kp6_jyouWiiL1RDwo8ZhFgcHiq_6QUp-glw7jjQUs9uPDpsNm2FhYxqdW-HmOI8o1RcSe7Yu37LZa7lImuq9prd1KQtpIw836BJEXtz8bQzFHcdudR48kZ1NWAyYBNITKDuAG-021ajm9KZOOL0LxpMB1A0iY2No6rmhFHp3k-40ZOaOBkKRgHf-is81krcQWXwVWBU5q9gA46owFK7ZldzV0Ybt-rwX9GC3Brz_YRz7kOc6vSQ3VHqoe65j2NFLJeD9tWKpjm2uTuocuUif7irccLLYdq6al82e7ZbPz6cWVQxMiJ4Fv0dLX7ki6J31K1pdRxS67-JQ0BInHq4TGThWr8aRlI8WsogYQuxAJXoeWnogHs8BsqXtDMeFm8BcPTC1DRfnZ7ThRnjCymiNww5vBnzdeVaCr0woLWrgH-3Gkp6cET4SKLMsAGoWjEHHbN8SszDB6kAlD6KvN6FXSvX2T599VOiEvfMFOm-tEwgCZ_BhHp05T0UhqmUfTZwzK6wwxE0IH1dUh22qgM0mx7hj0BFcAc4AgsGCgebCHhruk8xLlJQrrOKSluTHo4OReweo5yTh-ssuK0zLR33874NJHcPi-BXKDoroXdKWud2uMlElNiE1hSSNmlW0GWm6UPl4aqR5SY9JckouTadLD3kk2qK8MOFdOGL9TN5-npXZrpqsxMH6ApEr5Lpacsi-18mQDdn3ztJ3gaHLpR3KJF12VenbgyNW27upU27uL2CgNqrRpc4416u2j8TYNoxQ5YcAX483-amFUD0YtCKrGZ4bTCR_VBb9M74T2qw4CZ7IeGgSjLqgJ4Fz8Ky64pLc7CwWeepsTFowQDREzBxFJNI5dfi9-sfuZdkXVG1h458ELe9DclNmadsjvAirihmlBoUWjicoaX-yRR7GPtGnNT36Z6_BvnPZmkXbBGzlgNE_H86x0W1MQElonuIwpFPE8PLHWmedvbNElD_Cp2YKIFHpB6HvbYd1OZVV1CZQztg8fjh0Qk0N1A61Kw_oG88Ihys8Dgca0YKl1aU8o67ebn524nBVvAOxxG5LS3ZhSffK8wjyWGOEvndEv7pUSg3mrz2U6y-1-anBFxuxvr4u_Cyc6tcbsbesw-xBXl-5I49y6pIB_qqQ1PENQdlp8gWNjteZnuiY67gCF-7xIyz5buZJBHcq6OHnjS58g4B3OwLn2uyOlqzRQ7QmyCFYoYVE_RvmyIXscAgDlJMxvI4mNHT5nlm6rrgJI7c91wgfQWrwgwI7_Xio25R389V3dMUEZ5aNKN1896nbZAzX3CGdeSHRuDT1kBmfUaivsWzB7JZaIdTtF7U9vUNC80Jq3td2btr0dfKqgXOi6fJ1-_o3lybHXDf-ry5flBfNpnjrDmpPp9eBRCsY2eHMbTOn4bbP30I5GiOawi_ja9dtrsH18nl9aihjFIuvz-q38H9hDrK8z3Ds_ZuFB_9oOr3idJ_evuvFznQckpHxRkxQgmBuSLUjdylp2NaRityUjn4ifXYhPHNIM0Y92zaVvAJmplv8-ZTWYd3iIxUk_h5LeboSQpnsSbakYIJ8ZGAvt-OMx1tAjF99asyT-2WXaANk4bdj4-W4f5F2Tr9pvB0Qab9IyNBWXZIFuJ--cjBVWr9MaOte57p6qB83RY4rmtnqtn6r9tSxHdCt91qK-TYXRfHwlAuGPnAu6MFA9fcU9JJUdOqUqHqDhWXz8WCIKSNzUmTlmo0pArL2Jw6QA_IFT6g-Z1Xd6FwUx6Qe9_yLRhQTObySwJnjTtEqFow7KF9NbhyE6Uu2oqRMXqZVVWux50ihOP6ZgYckY_VGOBbf4Rmd8pf2oabvhkVmo0WiQgu-Vx_ax4vjDt36TlkChp4qHoCoKVXKriLjyOLc6Dg-YNkzuHlvsaYVGcjQ5fKeHFlRd2fuFyENWkGJBxRC5jwrTzZ9Dljve4WeCQLBYg7Ls0oARJJ8DYn4HxltLfuhPQqXcGDXr9BcWUiMctCdlg6-Hl_XuFDkL6q2-PzBwkSyXB6foBMmG6u3SJzysEjknH1K78iHtOYVuGKWHqWEg1EgNN1TTOM7mTOLUSuT-hcXISfSmwH3jpKYfFJoa5XmBh-F9Xez1BNgDbumFPmzG9ntLfGUzAdhUs5f3QixXPPLOCZkNvJYCDB-S2qLe6iTIePBOfikBinIYC7-6umd8MX9hN0bQCPAsuATwJpmifIEAXB6ajNKLTOKQbMVgaii8shQmMsehjnef40ZPVRqJXnTliKVaXqwjkwBesPf414NhmVAVCHa25V61rvNO5WzEPmB2Abq0Cohw1lsknWfl_ur-MMOz5OBj1wPF9-fY3XEG121Mn-tD0MnIA10pgvcEmgSCe92YlCuBcowmqejxw5rJIjQAC91uNxPyjkCNJIgU2xsjoo_ZgLs_X2D9_Ohh9meYHvGtxCVQ7_Vte_UsfTWaBPwt_yDiRRbqG4ofiCWkhX8jrce1TssRLj_2m01tEzf44GxCycpyg4JVQooX_8go760Dl8y3nblG0k2yMB1shFnGdMrhpPoiAJp0nmkLNuHDhLlTzSw-zQRUp4jizUpvkqOd2LJ93FQgUdHDrQqMRI8Q9psdiZVFj7rM-mH7NhN7vD8I3GaBgf2LDrc3Aim9I3VKp4--Mk94F_hh8encJwYec-VpmTaXpo0P14RYtJWEKU2tkKJ-8wpVIf8goIANJ2b4d8Dk3ybmojEtJa03EaGGU-Jj0rqOSK72tAjkw-WczYelZ3wxTPZdWzr26lusCQg-99Vse18Ayh7_vZ7XXYs_Ui34kwryfVGDTIlL2-t_jjoSpEWyyCw7ZtrwQ6_j6jg9eH_5Wx4Eai7cgm66ko&cid=CAQSOwDUE5ymoMMmsEFLWmlqENURtYJgMjRsFluFUfIpuIUplu9sxAJ1LY0pWMXvZvZbt5cNkI2EDlCdx989GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=7542582017219056000&adk=3047537735&idt=381&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
590091489fd30b6dc9088ff48d57b3f5fd562e3d96bd1e4a7eaaa4593290cec1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34516
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BB9B 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
13195
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Mar 2023 17:46:37 GMT
etag
48472445140208031
expires
Fri, 24 Mar 2023 17:46:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame FDB4 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
460da7d946064695a3b88d4bc6464a8a7b64a8e2f9eb9d4392d2333fa659e1d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DBD8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
478510
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Mar 2023 08:31:22 GMT
expires
Sun, 17 Mar 2024 08:31:22 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
event
prebid-a.rubiconproject.com/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.246.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-246-107.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 23 Mar 2023 21:26:32 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.246.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-246-107.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 23 Mar 2023 21:26:32 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
dpixel
cms.quantserve.com/ Frame BB9B 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMU7nM6anjg9T5dZD85dk4k&google_cver=1&google_push=Aa02lx-CYakvtSQ9Pf6EYbzBULZ2QmjCK1T8KqOetxugl9afDnEUmIzhYm_7_ICU781Cjo4pA0gzZrSIpxGr1pmKxH2pT-togzVN9Q
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f1c:a99:832c:cd3f:57:d0bc:dbb2 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:33 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BB9B
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEIdyw2KNARyuNElzlHStJlw&google_cver=1&google_push=Aa02lx_6bkr3i_u9K5Q4Xu4j2vfTAm1f1Ta7WMt2SGTQlohwUPT6wfH2Uq65SjUDEjGe6AlMlu-yFb9UzOAd0FIQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Cg1qgGJ2R9yaOrVnoqu_dg2&google_push=Aa02lx_6bkr3i_u9K5Q4Xu4j2vfTAm1f1Ta7WMt2SGTQlohwUPT6wfH2Uq65SjUDEjGe6AlMlu-yFb9UzOAd0FIQvSlzUTfSWfhSng
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Cg1qgGJ2R9yaOrVnoqu_dg2&google_push=Aa02lx_6bkr3i_u9K5Q4Xu4j2vfTAm1f1Ta7WMt2SGTQlohwUPT6wfH2Uq65SjUDEjGe6AlMlu-yFb9UzOAd0FIQvSlzUTfSWfhSng
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 23 Mar 2023 21:26:32 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Cg1qgGJ2R9yaOrVnoqu_dg2&google_push=Aa02lx_6bkr3i_u9K5Q4Xu4j2vfTAm1f1Ta7WMt2SGTQlohwUPT6wfH2Uq65SjUDEjGe6AlMlu-yFb9UzOAd0FIQvSlzUTfSWfhSng
x-host
tde-deliveryengine-production-86c874c4d8-9v4vm
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame BB9B
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESECKJpHLi2upyTno22_38gj0&google_cver=1&google_push=Aa02lx_VW92L6kvnUZgnTfue3DU6DeSbIyvWfkgZl4mliwc2gu1flo_ocfOsgPaeJCKM5-oPCeWxsL_Jf_6pKcROxDizW1W...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESECKJpHLi2upyTno22_38gj0&google_cver=1&google_push=Aa02lx_VW92L6kvnUZgnTfue3DU6DeSbIyvWfkgZl4mliwc2gu1flo_ocfOsgPaeJCKM5-oPCeWxsL_Jf_6pKcROxDizW...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_VW92L6kvnUZgnTfue3DU6DeSbIyvWfkgZl4mliwc2gu1flo_ocfOsgPaeJCKM5-oPCeWxsL_Jf_6pKcROxDizW1W_Rq9Gkg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_VW92L6kvnUZgnTfue3DU6DeSbIyvWfkgZl4mliwc2gu1flo_ocfOsgPaeJCKM5-oPCeWxsL_Jf_6pKcROxDizW1W_Rq9Gkg
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_VW92L6kvnUZgnTfue3DU6DeSbIyvWfkgZl4mliwc2gu1flo_ocfOsgPaeJCKM5-oPCeWxsL_Jf_6pKcROxDizW1W_Rq9Gkg
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
us
sync.go.sonobi.com/ Frame BB9B 		0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAa02lx8orAdHLEsnGIf9-Q5ZYrtfA6XomsTjzuXI3YfHkCG_XhZUdwNqgHcHMFNgi4yOkbS4jfq8r0m6V7gYi0qtiMaFzZjr_FOfWA%26google_hm%3D%5BUID%5D&google_gid=CAESEOj1TGVyW8qJZFmT7gmEHkM&google_cver=1
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 21:26:32 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-58
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BB9B
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELezTa-YrpP8v8KQA-L1cXc&google_cver=1&google_push=Aa02lx_jr3mv3Pa0bRWOTnNbjV9AxLYcsYAbzQpfNuNMV9xlerVN7aI9CmzBZNOVn9npn3BlVGH_ZljxgcZXNx5dGeD6YYen8W...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx_jr3mv3Pa0bRWOTnNbjV9AxLYcsYAbzQpfNuNMV9xlerVN7aI9CmzBZNOVn9npn3BlVGH_ZljxgcZXNx5dGeD6YYen8Wr...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzg4OTI4MDE0MDQxNTk5OTA5NDk1OA%3D%3D&google_push=Aa02lx_jr3mv3Pa0bRWOTnNbjV9AxLYcsYAbzQpfNuNMV9xlerVN7aI9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzg4OTI4MDE0MDQxNTk5OTA5NDk1OA%3D%3D&google_push=Aa02lx_jr3mv3Pa0bRWOTnNbjV9AxLYcsYAbzQpfNuNMV9xlerVN7aI9CmzBZNOVn9npn3BlVGH_ZljxgcZXNx5dGeD6YYen8WrpQg
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzg4OTI4MDE0MDQxNTk5OTA5NDk1OA%3D%3D&google_push=Aa02lx_jr3mv3Pa0bRWOTnNbjV9AxLYcsYAbzQpfNuNMV9xlerVN7aI9CmzBZNOVn9npn3BlVGH_ZljxgcZXNx5dGeD6YYen8WrpQg
date
Thu, 23 Mar 2023 21:26:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame BB9B
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESENuLT0x7OMCtl0pb_u-jSM0&google_cver=1&google_push=Aa02lx_FSljrsQ-JMEme5MFL77EKLAdTeDpLQftXbz2YHAAPhIo9vmZbRYMiyPZwEZgk8f3CjU5vc...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx_FSljrsQ-JMEme5MFL77EKLAdTeDpLQftXbz2YHAAPhIo9vmZbRYMiyPZwEZgk8f3CjU5vconb8Hjg_qNdfS7wguA8lsi5zw&google_hm=WkJ6RUNjQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx_FSljrsQ-JMEme5MFL77EKLAdTeDpLQftXbz2YHAAPhIo9vmZbRYMiyPZwEZgk8f3CjU5vconb8Hjg_qNdfS7wguA8lsi5zw&google_hm=WkJ6RUNjQ284WGdBQUhVdUNSb0FBQUFB
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Thu, 23 Mar 2023 21:26:33 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESENuLT0x7OMCtl0pb_u-jSM0&google_push=Aa02lx_FSljrsQ-JMEme5MFL77EKLAdTeDpLQftXbz2YHAAPhIo9vmZbRYMiyPZwEZgk8f3CjU5vconb8Hjg_qNdfS7wguA8lsi5zw&proto=google_ebda","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZBzECcCo8XgAAHUuCRoAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40192"}
X-SO-Key
ZBzECcCo8XgAAHUuCRoAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40192
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx_FSljrsQ-JMEme5MFL77EKLAdTeDpLQftXbz2YHAAPhIo9vmZbRYMiyPZwEZgk8f3CjU5vconb8Hjg_qNdfS7wguA8lsi5zw&google_hm=WkJ6RUNjQ284WGdBQUhVdUNSb0FBQUFB
Cache-Control
private
X-SO-HostName
a-ad40192.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
3
Content-Length
0
X-SO-LB-Hostname
m-tgng20.dc4p.scaleout.jp
X-SO-IP
80.255.7.100
/
onetag-sys.com/match/ Frame BB9B
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEO6QEd4WFb3jz_HlzV1ejEo&google_cver=1&google_push=Aa02lx_Pg0uStGP8_Eh9IHb9ml5Zr2sHhgXqn8yo45zWNuIIFBYzMXcU5wbPZL7tM9Ayu1HNi46vGSj6_RL...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_Pg0uStGP8_Eh9IHb9ml5Zr2sHhgXqn8yo45zWNuIIFBYzMXcU5wbPZL7tM9Ayu1HNi46vGSj6_RLOEjcPP50te_9L1elOy6U
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame BB9B 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LbC1p4UkXTo-vx4y15wNdJe_MG5yq_uLiSffzAc-guYsNwIZ-9OnHJl72d6Z9NwXCaPC8_dw
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
1550243140861418884
s0.2mdn.net/simgad/ Frame A226 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1550243140861418884
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDqjSam_HMuw3AcxZkIqokKDok6TCgA9ZcbvTlCWhseh5KmgBQoWSnNG7DhAJBtNHBFKaYqGpMHx_RTsYxOgnk2vD8ZA&cry=1&dbm_d=AKAmf-CiJRPs1MeIqjLr5U2MHuyHWZZD67wKnLunemCx4lHZ00AMUY5lx-1-f6ka2x5ZXvFojgyf8BQskGcB19xoB84xn8YBL9MmTsPAkIoViRRvRG9d2JKmW1bnaJUVxjr1a9GbcUfoAZLD2CGMlxp3wvhCqPPch7gVll702ugxUPdD8WSv0_A95vncOzcgjr5nQd4HqeswVxxHXnBoEUkoqm-IVw6ppQ1RB6sDpJFPyvBnSiIWaAN5XrwdyR-39CbU18K6XXivx_f8Gr5cpI83M0cCFwwqLDmavZF6l7oc0AUVw2OE-7DxSyPCyeT1jM5vXmx8v_tWquppirSp97d3sqe_puzEIXPcS_WGxJBSvzQP_NB-4RA0HuylNwWC4y2OXR9WlvdD3ub2YNr6lG0fBVjbePY-lf1jfQNNZfxiitGAv6_Takm00_fE8PdEhfw2mcwQzgB4cms89aA4ZK3gvUIsr8jc2KUdliIK5FvWgMHk-pIrQfpiT6vPWHvcuQnTfGkecX8jgN6v0521Ks-ICjEM5nWtiiO10QtW9Fi44wipqIEPPKejJjUuVBplVoFzIrbxt8e-OhksxrQWVP9w6tfkA8WZXKQOv1Y_D5ozRHNoa6sHipNU4R76cu9mz73cevYltKzhMmgtFXJbqWEYI8fINL09uZi_jf3XjEHhEzD_S30V64Fv4X7EhQTO9QpOnVThwyc9tfU1-L5JXpcSOGNogRfh2riwcJsMOU9uOZycumGOuS0sQej2Rk54TP-d53xM6pGjgCw5LfQ3ox0iiUYd5GwCUa64-jNiNx1QevZhd9D-jBoeF7E15BSBEW5ICT3Vil5f7p0VMneZC9wIXKZZUiQzqQ-v78BaoG6JE9S-ydAJaQ2nH1WayQ_2Fhide_eHoPgZbvhqXaJbiMJcpKtDGE1yQR-MXU201dOaFfv3CvUH5tZ8zLDv3vTxyPm-WOJeFpeHxtGdkZrg5K7uoBP21Onv3PqtThUdWwalhh-bQ3UgFUGS_sLyzj_QbwewWFeLVcEavP8CBOi0SeVSoucH5Nm0G3_HXnmK3XiepC_zmatUrj5ULhIxmHVik_KELEOFCN45K7pr9yRonxNuo95G59DG6QrZxBK9J-G-3ZqobhlBknv1PxnhPZ4l18KthvOVrd6gDIw1Vkb31e4YfxpKfQYZ5blqHDRoLsmJCj8RNIWfOw7YTloUWnD3bOLG7_SMh0EB0H5nX02wv6NRKwPE_j65xLAB8yLb7FNZ-qr9aJy062fwyM0qzxbApjFz0QS96U8lLfRKbEk08T8vZrBC7H_XL8BewES5iQwswL_CcDVJupDEcm1aRQPCs_R9nAXefPpD98BsnchOAlzgk9Bzlliva59RkQj4QquL2Xbzgg9rw8O6TfizEB6nVwkA2aQV_7rOYm1hJtNga9qhEyVk8Nlm9zB6-ooLHkGJK4hWw8lFZ9pr01mpuKnadncY8ZLLLDV7U0twaVggw_VwjfrGSJZDzbB8jyYpShTHh0qMegP6zOO3LI87W96ngO-UbtyPKWxSMnmoaXuXJUp5AkYvJGOTZOAKOqiaUbm-LvCUzJJrwR-el5VRY3azG35Wrew_v4uumu89MmDWd-_K6hhqgO6DmxvFmvpvA_Mqs7FJZnUCvwctnO2qhvCwWSLiyLR1tLZUs4FKJZMj7sgMO8mKNoLcAKkgVdAkKEQgoaqmoVX8uFaZxmVvwquUgRLfPfhOiSoQlWa3MrDOFHXA8GGTkCoMLIOPNoeVeskOvNHKz9xM_E6n0FXlHTd1w3j3vYcnZcARbBCJ3gJ9wYibFcsp2bjOAx78T4NOztBZICq3lMm-w-Curidh14kORrkRtsmEgcxmZfdB53wcDaYnIAK4hRnXrtFyqVo1NcxgKcZMxB5DVxskvC1t8x6T5beNzXjC-V4YHC6H_D67xGdUxA-u5TB7FaW9_p2bigVasK6Vgzj3auLn29n858S21veW_7R2bTptjmQ5tA9kAQQfDAYvzNcvTXLpvPEMf7cQ8coAzgfQ9pDEp1ao8w2C9WnzOxbBoGS9nqx8odjyWA-ghuOwLvqsB7lC4gZ9vucJ94KIKm521z1X0HINkHow5kO7Wok2LR_537RPgdgT2ALHnvXYhUw5rgrJMdIOCQU5DDg3IRxwx0rhWAxzrQOcCtDlOB-F1Y28tzaI3_GHnX4Z82zT9RvpPjlylmEJ1C29SiC2M00Tif8T93TMuGV-nWkVHbLFdFk-nULHTyNzbUB4mrMbkNrooVn0-uunGcmLjeUHWWuWoaHGhMsCFS-z94rS1H7SL4NoveWlKCHYO9taC4mPi-jB_-BzOLZvwyo07oSh2GCeDcSnHFzIfE0ZVsS2oD84CLgAkyn8-CnYUPfSfuVu1jmejGnT5B4pKG4glghjST9f4ireuJGLMvOBYhYVJUqYW5onkG3pe31f_EEiV5dPzt4VSfK5Chy4uxCWqbBZbw5c5w9jFOo1aSNir3fDadNO85EZfjO-wWwBiYlEPtsEUg_xL72o2_NcEPo9jMGicRGIXOgqwy-Kdc8sImSQh59bem2gzga-4E7fiT5KUsuWCsqaQvlYBbgcuGvQtSpUe_H7r621ELbxKRYKg3fjT0bvlsZPNvNlmsVii4HlVUE81zix6UifDdNf3JcdPnu7sIq-EIGtFq97pFfTO4I2zJUHatAmFCp3E0l54uLJ7ga2mvtuoBH7Jd5Wgg0OdJF-UK-U1vxeC5jAEZS_WHgvedfUJkI4wwlA_IwfhOH5Q82yNZa9GaufKuDzJSpVAHsEwqaDIlij9tK2YXID4RFF450gAGfW3TEbwsHhkh5wgFaJQsyfydQpzqdM-NQowUAOIRtIsMTkbB2zG2O-jSQiTq4eVn88f6EB01Weq0wJ3Mqiq7hY0rQDInVE6qLaMg3-bxmjHE82E2ideVBcw-ikqFiwUmCN1w4Xr8SPbB2j-LGrBRRGby2e-riDCOkpw8OKfeQ-RUAputHuvJan079Vx8Pw9KwVNzwdzafur4Vw-E4NHvNA1pAW9O0P7r4xypKFMXVe5WxWJo8gUbNjpw_QqUAgPMUUI65d41BVMMXzuPEOCfdo0EVO4Dn2uJfpdUR_zK_gJuth0ZTOjUTRNMaXgCBpo0w7X4Dnve5IUCIpr8B6D7PeUSZVKtigQOeURwPrJ-IUCr-MVMBsf83kgFNldYgjr4_l-ShXoK1WFBkpcJnHpVO4-9TifyLSuxJAbc9O9WjL7r56M1sT52HwHKEe2ymN4hrVgUZqG05jbc-LIS7bm-r15fe-GSkL-9KN2JCi9YE240lhjg7OSbj-LT8XxAQ6ukoTUW53lxa-SG3SRhiKW8a3gLqdEQ1_UDjYF5CB5dWlpavIVNyY9a0q7WT55DiE7snP&cid=CAQSOwDUE5ymoMMmsEFLWmlqENURtYJgMjRsFluFUfIpuIUplu9sxAJ1LY0pWMXvZvZbt5cNkI2EDlCdx989GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=2379159191226820000&adk=2228999115&idt=350&cac=0&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37de8a936ffe92c7f4c5ea8b451e3f8b4f6bb4ff2a0f60afa2e0f90f9f91895d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
age
98481
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76223
x-xss-protection
0
last-modified
Thu, 09 Feb 2023 11:14:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Mar 2024 18:05:11 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230322/r20110914/ Frame A226 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230322/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDqjSam_HMuw3AcxZkIqokKDok6TCgA9ZcbvTlCWhseh5KmgBQoWSnNG7DhAJBtNHBFKaYqGpMHx_RTsYxOgnk2vD8ZA&cry=1&dbm_d=AKAmf-CiJRPs1MeIqjLr5U2MHuyHWZZD67wKnLunemCx4lHZ00AMUY5lx-1-f6ka2x5ZXvFojgyf8BQskGcB19xoB84xn8YBL9MmTsPAkIoViRRvRG9d2JKmW1bnaJUVxjr1a9GbcUfoAZLD2CGMlxp3wvhCqPPch7gVll702ugxUPdD8WSv0_A95vncOzcgjr5nQd4HqeswVxxHXnBoEUkoqm-IVw6ppQ1RB6sDpJFPyvBnSiIWaAN5XrwdyR-39CbU18K6XXivx_f8Gr5cpI83M0cCFwwqLDmavZF6l7oc0AUVw2OE-7DxSyPCyeT1jM5vXmx8v_tWquppirSp97d3sqe_puzEIXPcS_WGxJBSvzQP_NB-4RA0HuylNwWC4y2OXR9WlvdD3ub2YNr6lG0fBVjbePY-lf1jfQNNZfxiitGAv6_Takm00_fE8PdEhfw2mcwQzgB4cms89aA4ZK3gvUIsr8jc2KUdliIK5FvWgMHk-pIrQfpiT6vPWHvcuQnTfGkecX8jgN6v0521Ks-ICjEM5nWtiiO10QtW9Fi44wipqIEPPKejJjUuVBplVoFzIrbxt8e-OhksxrQWVP9w6tfkA8WZXKQOv1Y_D5ozRHNoa6sHipNU4R76cu9mz73cevYltKzhMmgtFXJbqWEYI8fINL09uZi_jf3XjEHhEzD_S30V64Fv4X7EhQTO9QpOnVThwyc9tfU1-L5JXpcSOGNogRfh2riwcJsMOU9uOZycumGOuS0sQej2Rk54TP-d53xM6pGjgCw5LfQ3ox0iiUYd5GwCUa64-jNiNx1QevZhd9D-jBoeF7E15BSBEW5ICT3Vil5f7p0VMneZC9wIXKZZUiQzqQ-v78BaoG6JE9S-ydAJaQ2nH1WayQ_2Fhide_eHoPgZbvhqXaJbiMJcpKtDGE1yQR-MXU201dOaFfv3CvUH5tZ8zLDv3vTxyPm-WOJeFpeHxtGdkZrg5K7uoBP21Onv3PqtThUdWwalhh-bQ3UgFUGS_sLyzj_QbwewWFeLVcEavP8CBOi0SeVSoucH5Nm0G3_HXnmK3XiepC_zmatUrj5ULhIxmHVik_KELEOFCN45K7pr9yRonxNuo95G59DG6QrZxBK9J-G-3ZqobhlBknv1PxnhPZ4l18KthvOVrd6gDIw1Vkb31e4YfxpKfQYZ5blqHDRoLsmJCj8RNIWfOw7YTloUWnD3bOLG7_SMh0EB0H5nX02wv6NRKwPE_j65xLAB8yLb7FNZ-qr9aJy062fwyM0qzxbApjFz0QS96U8lLfRKbEk08T8vZrBC7H_XL8BewES5iQwswL_CcDVJupDEcm1aRQPCs_R9nAXefPpD98BsnchOAlzgk9Bzlliva59RkQj4QquL2Xbzgg9rw8O6TfizEB6nVwkA2aQV_7rOYm1hJtNga9qhEyVk8Nlm9zB6-ooLHkGJK4hWw8lFZ9pr01mpuKnadncY8ZLLLDV7U0twaVggw_VwjfrGSJZDzbB8jyYpShTHh0qMegP6zOO3LI87W96ngO-UbtyPKWxSMnmoaXuXJUp5AkYvJGOTZOAKOqiaUbm-LvCUzJJrwR-el5VRY3azG35Wrew_v4uumu89MmDWd-_K6hhqgO6DmxvFmvpvA_Mqs7FJZnUCvwctnO2qhvCwWSLiyLR1tLZUs4FKJZMj7sgMO8mKNoLcAKkgVdAkKEQgoaqmoVX8uFaZxmVvwquUgRLfPfhOiSoQlWa3MrDOFHXA8GGTkCoMLIOPNoeVeskOvNHKz9xM_E6n0FXlHTd1w3j3vYcnZcARbBCJ3gJ9wYibFcsp2bjOAx78T4NOztBZICq3lMm-w-Curidh14kORrkRtsmEgcxmZfdB53wcDaYnIAK4hRnXrtFyqVo1NcxgKcZMxB5DVxskvC1t8x6T5beNzXjC-V4YHC6H_D67xGdUxA-u5TB7FaW9_p2bigVasK6Vgzj3auLn29n858S21veW_7R2bTptjmQ5tA9kAQQfDAYvzNcvTXLpvPEMf7cQ8coAzgfQ9pDEp1ao8w2C9WnzOxbBoGS9nqx8odjyWA-ghuOwLvqsB7lC4gZ9vucJ94KIKm521z1X0HINkHow5kO7Wok2LR_537RPgdgT2ALHnvXYhUw5rgrJMdIOCQU5DDg3IRxwx0rhWAxzrQOcCtDlOB-F1Y28tzaI3_GHnX4Z82zT9RvpPjlylmEJ1C29SiC2M00Tif8T93TMuGV-nWkVHbLFdFk-nULHTyNzbUB4mrMbkNrooVn0-uunGcmLjeUHWWuWoaHGhMsCFS-z94rS1H7SL4NoveWlKCHYO9taC4mPi-jB_-BzOLZvwyo07oSh2GCeDcSnHFzIfE0ZVsS2oD84CLgAkyn8-CnYUPfSfuVu1jmejGnT5B4pKG4glghjST9f4ireuJGLMvOBYhYVJUqYW5onkG3pe31f_EEiV5dPzt4VSfK5Chy4uxCWqbBZbw5c5w9jFOo1aSNir3fDadNO85EZfjO-wWwBiYlEPtsEUg_xL72o2_NcEPo9jMGicRGIXOgqwy-Kdc8sImSQh59bem2gzga-4E7fiT5KUsuWCsqaQvlYBbgcuGvQtSpUe_H7r621ELbxKRYKg3fjT0bvlsZPNvNlmsVii4HlVUE81zix6UifDdNf3JcdPnu7sIq-EIGtFq97pFfTO4I2zJUHatAmFCp3E0l54uLJ7ga2mvtuoBH7Jd5Wgg0OdJF-UK-U1vxeC5jAEZS_WHgvedfUJkI4wwlA_IwfhOH5Q82yNZa9GaufKuDzJSpVAHsEwqaDIlij9tK2YXID4RFF450gAGfW3TEbwsHhkh5wgFaJQsyfydQpzqdM-NQowUAOIRtIsMTkbB2zG2O-jSQiTq4eVn88f6EB01Weq0wJ3Mqiq7hY0rQDInVE6qLaMg3-bxmjHE82E2ideVBcw-ikqFiwUmCN1w4Xr8SPbB2j-LGrBRRGby2e-riDCOkpw8OKfeQ-RUAputHuvJan079Vx8Pw9KwVNzwdzafur4Vw-E4NHvNA1pAW9O0P7r4xypKFMXVe5WxWJo8gUbNjpw_QqUAgPMUUI65d41BVMMXzuPEOCfdo0EVO4Dn2uJfpdUR_zK_gJuth0ZTOjUTRNMaXgCBpo0w7X4Dnve5IUCIpr8B6D7PeUSZVKtigQOeURwPrJ-IUCr-MVMBsf83kgFNldYgjr4_l-ShXoK1WFBkpcJnHpVO4-9TifyLSuxJAbc9O9WjL7r56M1sT52HwHKEe2ymN4hrVgUZqG05jbc-LIS7bm-r15fe-GSkL-9KN2JCi9YE240lhjg7OSbj-LT8XxAQ6ukoTUW53lxa-SG3SRhiKW8a3gLqdEQ1_UDjYF5CB5dWlpavIVNyY9a0q7WT55DiE7snP&cid=CAQSOwDUE5ymoMMmsEFLWmlqENURtYJgMjRsFluFUfIpuIUplu9sxAJ1LY0pWMXvZvZbt5cNkI2EDlCdx989GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=2379159191226820000&adk=2228999115&idt=350&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11f1414c6342d8a5a5124286921298b09b1e776f0aae7bbc4c83b96685166019
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
17561
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10980
x-xss-protection
0
server
cafe
etag
17255800071175307161
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Apr 2023 16:33:51 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230322/r20110914/elements/html/ Frame A226 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230322/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDqjSam_HMuw3AcxZkIqokKDok6TCgA9ZcbvTlCWhseh5KmgBQoWSnNG7DhAJBtNHBFKaYqGpMHx_RTsYxOgnk2vD8ZA&cry=1&dbm_d=AKAmf-CiJRPs1MeIqjLr5U2MHuyHWZZD67wKnLunemCx4lHZ00AMUY5lx-1-f6ka2x5ZXvFojgyf8BQskGcB19xoB84xn8YBL9MmTsPAkIoViRRvRG9d2JKmW1bnaJUVxjr1a9GbcUfoAZLD2CGMlxp3wvhCqPPch7gVll702ugxUPdD8WSv0_A95vncOzcgjr5nQd4HqeswVxxHXnBoEUkoqm-IVw6ppQ1RB6sDpJFPyvBnSiIWaAN5XrwdyR-39CbU18K6XXivx_f8Gr5cpI83M0cCFwwqLDmavZF6l7oc0AUVw2OE-7DxSyPCyeT1jM5vXmx8v_tWquppirSp97d3sqe_puzEIXPcS_WGxJBSvzQP_NB-4RA0HuylNwWC4y2OXR9WlvdD3ub2YNr6lG0fBVjbePY-lf1jfQNNZfxiitGAv6_Takm00_fE8PdEhfw2mcwQzgB4cms89aA4ZK3gvUIsr8jc2KUdliIK5FvWgMHk-pIrQfpiT6vPWHvcuQnTfGkecX8jgN6v0521Ks-ICjEM5nWtiiO10QtW9Fi44wipqIEPPKejJjUuVBplVoFzIrbxt8e-OhksxrQWVP9w6tfkA8WZXKQOv1Y_D5ozRHNoa6sHipNU4R76cu9mz73cevYltKzhMmgtFXJbqWEYI8fINL09uZi_jf3XjEHhEzD_S30V64Fv4X7EhQTO9QpOnVThwyc9tfU1-L5JXpcSOGNogRfh2riwcJsMOU9uOZycumGOuS0sQej2Rk54TP-d53xM6pGjgCw5LfQ3ox0iiUYd5GwCUa64-jNiNx1QevZhd9D-jBoeF7E15BSBEW5ICT3Vil5f7p0VMneZC9wIXKZZUiQzqQ-v78BaoG6JE9S-ydAJaQ2nH1WayQ_2Fhide_eHoPgZbvhqXaJbiMJcpKtDGE1yQR-MXU201dOaFfv3CvUH5tZ8zLDv3vTxyPm-WOJeFpeHxtGdkZrg5K7uoBP21Onv3PqtThUdWwalhh-bQ3UgFUGS_sLyzj_QbwewWFeLVcEavP8CBOi0SeVSoucH5Nm0G3_HXnmK3XiepC_zmatUrj5ULhIxmHVik_KELEOFCN45K7pr9yRonxNuo95G59DG6QrZxBK9J-G-3ZqobhlBknv1PxnhPZ4l18KthvOVrd6gDIw1Vkb31e4YfxpKfQYZ5blqHDRoLsmJCj8RNIWfOw7YTloUWnD3bOLG7_SMh0EB0H5nX02wv6NRKwPE_j65xLAB8yLb7FNZ-qr9aJy062fwyM0qzxbApjFz0QS96U8lLfRKbEk08T8vZrBC7H_XL8BewES5iQwswL_CcDVJupDEcm1aRQPCs_R9nAXefPpD98BsnchOAlzgk9Bzlliva59RkQj4QquL2Xbzgg9rw8O6TfizEB6nVwkA2aQV_7rOYm1hJtNga9qhEyVk8Nlm9zB6-ooLHkGJK4hWw8lFZ9pr01mpuKnadncY8ZLLLDV7U0twaVggw_VwjfrGSJZDzbB8jyYpShTHh0qMegP6zOO3LI87W96ngO-UbtyPKWxSMnmoaXuXJUp5AkYvJGOTZOAKOqiaUbm-LvCUzJJrwR-el5VRY3azG35Wrew_v4uumu89MmDWd-_K6hhqgO6DmxvFmvpvA_Mqs7FJZnUCvwctnO2qhvCwWSLiyLR1tLZUs4FKJZMj7sgMO8mKNoLcAKkgVdAkKEQgoaqmoVX8uFaZxmVvwquUgRLfPfhOiSoQlWa3MrDOFHXA8GGTkCoMLIOPNoeVeskOvNHKz9xM_E6n0FXlHTd1w3j3vYcnZcARbBCJ3gJ9wYibFcsp2bjOAx78T4NOztBZICq3lMm-w-Curidh14kORrkRtsmEgcxmZfdB53wcDaYnIAK4hRnXrtFyqVo1NcxgKcZMxB5DVxskvC1t8x6T5beNzXjC-V4YHC6H_D67xGdUxA-u5TB7FaW9_p2bigVasK6Vgzj3auLn29n858S21veW_7R2bTptjmQ5tA9kAQQfDAYvzNcvTXLpvPEMf7cQ8coAzgfQ9pDEp1ao8w2C9WnzOxbBoGS9nqx8odjyWA-ghuOwLvqsB7lC4gZ9vucJ94KIKm521z1X0HINkHow5kO7Wok2LR_537RPgdgT2ALHnvXYhUw5rgrJMdIOCQU5DDg3IRxwx0rhWAxzrQOcCtDlOB-F1Y28tzaI3_GHnX4Z82zT9RvpPjlylmEJ1C29SiC2M00Tif8T93TMuGV-nWkVHbLFdFk-nULHTyNzbUB4mrMbkNrooVn0-uunGcmLjeUHWWuWoaHGhMsCFS-z94rS1H7SL4NoveWlKCHYO9taC4mPi-jB_-BzOLZvwyo07oSh2GCeDcSnHFzIfE0ZVsS2oD84CLgAkyn8-CnYUPfSfuVu1jmejGnT5B4pKG4glghjST9f4ireuJGLMvOBYhYVJUqYW5onkG3pe31f_EEiV5dPzt4VSfK5Chy4uxCWqbBZbw5c5w9jFOo1aSNir3fDadNO85EZfjO-wWwBiYlEPtsEUg_xL72o2_NcEPo9jMGicRGIXOgqwy-Kdc8sImSQh59bem2gzga-4E7fiT5KUsuWCsqaQvlYBbgcuGvQtSpUe_H7r621ELbxKRYKg3fjT0bvlsZPNvNlmsVii4HlVUE81zix6UifDdNf3JcdPnu7sIq-EIGtFq97pFfTO4I2zJUHatAmFCp3E0l54uLJ7ga2mvtuoBH7Jd5Wgg0OdJF-UK-U1vxeC5jAEZS_WHgvedfUJkI4wwlA_IwfhOH5Q82yNZa9GaufKuDzJSpVAHsEwqaDIlij9tK2YXID4RFF450gAGfW3TEbwsHhkh5wgFaJQsyfydQpzqdM-NQowUAOIRtIsMTkbB2zG2O-jSQiTq4eVn88f6EB01Weq0wJ3Mqiq7hY0rQDInVE6qLaMg3-bxmjHE82E2ideVBcw-ikqFiwUmCN1w4Xr8SPbB2j-LGrBRRGby2e-riDCOkpw8OKfeQ-RUAputHuvJan079Vx8Pw9KwVNzwdzafur4Vw-E4NHvNA1pAW9O0P7r4xypKFMXVe5WxWJo8gUbNjpw_QqUAgPMUUI65d41BVMMXzuPEOCfdo0EVO4Dn2uJfpdUR_zK_gJuth0ZTOjUTRNMaXgCBpo0w7X4Dnve5IUCIpr8B6D7PeUSZVKtigQOeURwPrJ-IUCr-MVMBsf83kgFNldYgjr4_l-ShXoK1WFBkpcJnHpVO4-9TifyLSuxJAbc9O9WjL7r56M1sT52HwHKEe2ymN4hrVgUZqG05jbc-LIS7bm-r15fe-GSkL-9KN2JCi9YE240lhjg7OSbj-LT8XxAQ6ukoTUW53lxa-SG3SRhiKW8a3gLqdEQ1_UDjYF5CB5dWlpavIVNyY9a0q7WT55DiE7snP&cid=CAQSOwDUE5ymoMMmsEFLWmlqENURtYJgMjRsFluFUfIpuIUplu9sxAJ1LY0pWMXvZvZbt5cNkI2EDlCdx989GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=2379159191226820000&adk=2228999115&idt=350&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3501a3f0a7b6bc47f9f81c7be85b3603816fe2d3026ab4b396127ed9eb8895c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:18:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
18508
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4115
x-xss-protection
0
server
cafe
etag
1914039858798321668
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Apr 2023 16:18:04 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A226 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvlb9nkDOP3MzjS5s30UTv7SPsJZ92ncCVCa9Qdo4AMUvaetCOCJpAEM5EJzID4Z3tTKBofjT0DbcZ2PkERVbxR8Hs07FYHXe4jECp6pBgR9D727HS5P4QEj488-n778U8YB8c-0RgZ0POo_Ulxv5esH9cAcma8afMHkutmOPEoFjzJSF2EhxjuTr-lckG-rVpGSIkgfIZLidPna1EZZK1e58-ptPV6MmlcaAv-D9pYDzsRwU-iZEME1XQBHE_BqIrt1Em74QyNQdXAiTQtwt8WoUYz2R1Vfk_UB5UOFCWedxnWIcfMnqnBvuL-Bx7ZepN-gExpMgQfo8O-PbNE0hawEgebuNzCOHMvlIrdowBRoI20a6Juh2uLWKGnfAmbkemtzgAE_tfQ9TH8Xj2O5djUghSlzK3kQDL7nFO8y5B_KQ76MPKLCcxhNVyM0k2aUgXWyz7JQoY_kiIuEWvC4YiAZS7qfQI2_S4HSXUj7svWNM-6oTTsQb6KDzJPIjPvRNK2RFB4tOKPVOh81jzm8HQnBBGBETixQmmQuiUckWMm5wOUfdV2i5esDhEWV9N2LfsjCVK20TUh3g1WT0CRZ5NS8VoCENFWaA0n8H6iEXcP65tWZZMe7cCbJp8cYMhgz6IiM5DmWdYeIPzdD1Ht3zmx7jWgy5a6Nr7rXjE97inWyZJqELlult6MzKUylGfWzMrJU7S5qkJtgNp7mnVkPfJ5SM6diM5304Fh3rEaJNs90IITtNAsVRpChjlmkuGtu9beJKBnDGjswoh1ShQdMESa1TnYfsacaxFrVibLk4H949bIaiDa2iriiiETj5dhtCg_d5yp4WtAUjXuCmsmi5c4HZhMGiHoobwtNjVkaHyCvao23afdI7BAsD8XRoEZrdGFdzdoTr8ng84rKC57X2prR61jiAtu-AfuKjnsj5a7GCy-cy8wRH5RYFRvsgkacY-i_TlAC49NGjRH2X2SasP4Vn3VXyH-vaQpCGkqai648W5MeS2T5gxDEjjVRuWi5ErDEpQE-wPqJTdpetpT6tmJBLnVBLNcNCc2JnJakYsxKd0yvo7E_VBC20lLzlINTItMRF6g3hS1F86MyUIC00K2v63fI8NEvTo3jQ1lERswd4lkz_sCAdd6PbTI8-TAKpRheheqvOjGvWC2YduPRtrRI7Mc_DVqMcS746CvNHIv9utDQu8edvOV6Bn17pKnyGLE0Kd21R8mcYlq98YD48mfSyXU7sOK2FiC9vzWjRWk0A7Apy-4LeIYOSdT&sai=AMfl-YSbO2-jIVI7lu0t8BNLlU_lwqxtsmguTtkwwBMLRbNQcCVIOCQWcMrC7SFcQbB37rIMMlAnrnhfzK8geTRxhaEKWvEniiJItZ1MfY9Dqmx2D9W97PgcMR5W_3mZz02Q8_EF4AqsX3EAx0qxpHHHL1XCSVT8mRGcFE_eo2hg6tkKI-DBK51jfr9rx8D-qruWMAIceS-f-jmWKrTwQeUaQyqESgS3yw7GQvGy142t_NUjZj3aus24rvnIWO1EN_eEnmzSI8kcDIdKIKpbF_qekjsL08cSKig&sig=Cg0ArKJSzM4zKrQq2229EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230322.92396&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDqjSam_HMuw3AcxZkIqokKDok6TCgA9ZcbvTlCWhseh5KmgBQoWSnNG7DhAJBtNHBFKaYqGpMHx_RTsYxOgnk2vD8ZA&cry=1&dbm_d=AKAmf-CiJRPs1MeIqjLr5U2MHuyHWZZD67wKnLunemCx4lHZ00AMUY5lx-1-f6ka2x5ZXvFojgyf8BQskGcB19xoB84xn8YBL9MmTsPAkIoViRRvRG9d2JKmW1bnaJUVxjr1a9GbcUfoAZLD2CGMlxp3wvhCqPPch7gVll702ugxUPdD8WSv0_A95vncOzcgjr5nQd4HqeswVxxHXnBoEUkoqm-IVw6ppQ1RB6sDpJFPyvBnSiIWaAN5XrwdyR-39CbU18K6XXivx_f8Gr5cpI83M0cCFwwqLDmavZF6l7oc0AUVw2OE-7DxSyPCyeT1jM5vXmx8v_tWquppirSp97d3sqe_puzEIXPcS_WGxJBSvzQP_NB-4RA0HuylNwWC4y2OXR9WlvdD3ub2YNr6lG0fBVjbePY-lf1jfQNNZfxiitGAv6_Takm00_fE8PdEhfw2mcwQzgB4cms89aA4ZK3gvUIsr8jc2KUdliIK5FvWgMHk-pIrQfpiT6vPWHvcuQnTfGkecX8jgN6v0521Ks-ICjEM5nWtiiO10QtW9Fi44wipqIEPPKejJjUuVBplVoFzIrbxt8e-OhksxrQWVP9w6tfkA8WZXKQOv1Y_D5ozRHNoa6sHipNU4R76cu9mz73cevYltKzhMmgtFXJbqWEYI8fINL09uZi_jf3XjEHhEzD_S30V64Fv4X7EhQTO9QpOnVThwyc9tfU1-L5JXpcSOGNogRfh2riwcJsMOU9uOZycumGOuS0sQej2Rk54TP-d53xM6pGjgCw5LfQ3ox0iiUYd5GwCUa64-jNiNx1QevZhd9D-jBoeF7E15BSBEW5ICT3Vil5f7p0VMneZC9wIXKZZUiQzqQ-v78BaoG6JE9S-ydAJaQ2nH1WayQ_2Fhide_eHoPgZbvhqXaJbiMJcpKtDGE1yQR-MXU201dOaFfv3CvUH5tZ8zLDv3vTxyPm-WOJeFpeHxtGdkZrg5K7uoBP21Onv3PqtThUdWwalhh-bQ3UgFUGS_sLyzj_QbwewWFeLVcEavP8CBOi0SeVSoucH5Nm0G3_HXnmK3XiepC_zmatUrj5ULhIxmHVik_KELEOFCN45K7pr9yRonxNuo95G59DG6QrZxBK9J-G-3ZqobhlBknv1PxnhPZ4l18KthvOVrd6gDIw1Vkb31e4YfxpKfQYZ5blqHDRoLsmJCj8RNIWfOw7YTloUWnD3bOLG7_SMh0EB0H5nX02wv6NRKwPE_j65xLAB8yLb7FNZ-qr9aJy062fwyM0qzxbApjFz0QS96U8lLfRKbEk08T8vZrBC7H_XL8BewES5iQwswL_CcDVJupDEcm1aRQPCs_R9nAXefPpD98BsnchOAlzgk9Bzlliva59RkQj4QquL2Xbzgg9rw8O6TfizEB6nVwkA2aQV_7rOYm1hJtNga9qhEyVk8Nlm9zB6-ooLHkGJK4hWw8lFZ9pr01mpuKnadncY8ZLLLDV7U0twaVggw_VwjfrGSJZDzbB8jyYpShTHh0qMegP6zOO3LI87W96ngO-UbtyPKWxSMnmoaXuXJUp5AkYvJGOTZOAKOqiaUbm-LvCUzJJrwR-el5VRY3azG35Wrew_v4uumu89MmDWd-_K6hhqgO6DmxvFmvpvA_Mqs7FJZnUCvwctnO2qhvCwWSLiyLR1tLZUs4FKJZMj7sgMO8mKNoLcAKkgVdAkKEQgoaqmoVX8uFaZxmVvwquUgRLfPfhOiSoQlWa3MrDOFHXA8GGTkCoMLIOPNoeVeskOvNHKz9xM_E6n0FXlHTd1w3j3vYcnZcARbBCJ3gJ9wYibFcsp2bjOAx78T4NOztBZICq3lMm-w-Curidh14kORrkRtsmEgcxmZfdB53wcDaYnIAK4hRnXrtFyqVo1NcxgKcZMxB5DVxskvC1t8x6T5beNzXjC-V4YHC6H_D67xGdUxA-u5TB7FaW9_p2bigVasK6Vgzj3auLn29n858S21veW_7R2bTptjmQ5tA9kAQQfDAYvzNcvTXLpvPEMf7cQ8coAzgfQ9pDEp1ao8w2C9WnzOxbBoGS9nqx8odjyWA-ghuOwLvqsB7lC4gZ9vucJ94KIKm521z1X0HINkHow5kO7Wok2LR_537RPgdgT2ALHnvXYhUw5rgrJMdIOCQU5DDg3IRxwx0rhWAxzrQOcCtDlOB-F1Y28tzaI3_GHnX4Z82zT9RvpPjlylmEJ1C29SiC2M00Tif8T93TMuGV-nWkVHbLFdFk-nULHTyNzbUB4mrMbkNrooVn0-uunGcmLjeUHWWuWoaHGhMsCFS-z94rS1H7SL4NoveWlKCHYO9taC4mPi-jB_-BzOLZvwyo07oSh2GCeDcSnHFzIfE0ZVsS2oD84CLgAkyn8-CnYUPfSfuVu1jmejGnT5B4pKG4glghjST9f4ireuJGLMvOBYhYVJUqYW5onkG3pe31f_EEiV5dPzt4VSfK5Chy4uxCWqbBZbw5c5w9jFOo1aSNir3fDadNO85EZfjO-wWwBiYlEPtsEUg_xL72o2_NcEPo9jMGicRGIXOgqwy-Kdc8sImSQh59bem2gzga-4E7fiT5KUsuWCsqaQvlYBbgcuGvQtSpUe_H7r621ELbxKRYKg3fjT0bvlsZPNvNlmsVii4HlVUE81zix6UifDdNf3JcdPnu7sIq-EIGtFq97pFfTO4I2zJUHatAmFCp3E0l54uLJ7ga2mvtuoBH7Jd5Wgg0OdJF-UK-U1vxeC5jAEZS_WHgvedfUJkI4wwlA_IwfhOH5Q82yNZa9GaufKuDzJSpVAHsEwqaDIlij9tK2YXID4RFF450gAGfW3TEbwsHhkh5wgFaJQsyfydQpzqdM-NQowUAOIRtIsMTkbB2zG2O-jSQiTq4eVn88f6EB01Weq0wJ3Mqiq7hY0rQDInVE6qLaMg3-bxmjHE82E2ideVBcw-ikqFiwUmCN1w4Xr8SPbB2j-LGrBRRGby2e-riDCOkpw8OKfeQ-RUAputHuvJan079Vx8Pw9KwVNzwdzafur4Vw-E4NHvNA1pAW9O0P7r4xypKFMXVe5WxWJo8gUbNjpw_QqUAgPMUUI65d41BVMMXzuPEOCfdo0EVO4Dn2uJfpdUR_zK_gJuth0ZTOjUTRNMaXgCBpo0w7X4Dnve5IUCIpr8B6D7PeUSZVKtigQOeURwPrJ-IUCr-MVMBsf83kgFNldYgjr4_l-ShXoK1WFBkpcJnHpVO4-9TifyLSuxJAbc9O9WjL7r56M1sT52HwHKEe2ymN4hrVgUZqG05jbc-LIS7bm-r15fe-GSkL-9KN2JCi9YE240lhjg7OSbj-LT8XxAQ6ukoTUW53lxa-SG3SRhiKW8a3gLqdEQ1_UDjYF5CB5dWlpavIVNyY9a0q7WT55DiE7snP&cid=CAQSOwDUE5ymoMMmsEFLWmlqENURtYJgMjRsFluFUfIpuIUplu9sxAJ1LY0pWMXvZvZbt5cNkI2EDlCdx989GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=2379159191226820000&adk=2228999115&idt=350&cac=0&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 23 Mar 2023 21:26:32 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 23 Mar 2023 21:26:32 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A226 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDqjSam_HMuw3AcxZkIqokKDok6TCgA9ZcbvTlCWhseh5KmgBQoWSnNG7DhAJBtNHBFKaYqGpMHx_RTsYxOgnk2vD8ZA&cry=1&dbm_d=AKAmf-CiJRPs1MeIqjLr5U2MHuyHWZZD67wKnLunemCx4lHZ00AMUY5lx-1-f6ka2x5ZXvFojgyf8BQskGcB19xoB84xn8YBL9MmTsPAkIoViRRvRG9d2JKmW1bnaJUVxjr1a9GbcUfoAZLD2CGMlxp3wvhCqPPch7gVll702ugxUPdD8WSv0_A95vncOzcgjr5nQd4HqeswVxxHXnBoEUkoqm-IVw6ppQ1RB6sDpJFPyvBnSiIWaAN5XrwdyR-39CbU18K6XXivx_f8Gr5cpI83M0cCFwwqLDmavZF6l7oc0AUVw2OE-7DxSyPCyeT1jM5vXmx8v_tWquppirSp97d3sqe_puzEIXPcS_WGxJBSvzQP_NB-4RA0HuylNwWC4y2OXR9WlvdD3ub2YNr6lG0fBVjbePY-lf1jfQNNZfxiitGAv6_Takm00_fE8PdEhfw2mcwQzgB4cms89aA4ZK3gvUIsr8jc2KUdliIK5FvWgMHk-pIrQfpiT6vPWHvcuQnTfGkecX8jgN6v0521Ks-ICjEM5nWtiiO10QtW9Fi44wipqIEPPKejJjUuVBplVoFzIrbxt8e-OhksxrQWVP9w6tfkA8WZXKQOv1Y_D5ozRHNoa6sHipNU4R76cu9mz73cevYltKzhMmgtFXJbqWEYI8fINL09uZi_jf3XjEHhEzD_S30V64Fv4X7EhQTO9QpOnVThwyc9tfU1-L5JXpcSOGNogRfh2riwcJsMOU9uOZycumGOuS0sQej2Rk54TP-d53xM6pGjgCw5LfQ3ox0iiUYd5GwCUa64-jNiNx1QevZhd9D-jBoeF7E15BSBEW5ICT3Vil5f7p0VMneZC9wIXKZZUiQzqQ-v78BaoG6JE9S-ydAJaQ2nH1WayQ_2Fhide_eHoPgZbvhqXaJbiMJcpKtDGE1yQR-MXU201dOaFfv3CvUH5tZ8zLDv3vTxyPm-WOJeFpeHxtGdkZrg5K7uoBP21Onv3PqtThUdWwalhh-bQ3UgFUGS_sLyzj_QbwewWFeLVcEavP8CBOi0SeVSoucH5Nm0G3_HXnmK3XiepC_zmatUrj5ULhIxmHVik_KELEOFCN45K7pr9yRonxNuo95G59DG6QrZxBK9J-G-3ZqobhlBknv1PxnhPZ4l18KthvOVrd6gDIw1Vkb31e4YfxpKfQYZ5blqHDRoLsmJCj8RNIWfOw7YTloUWnD3bOLG7_SMh0EB0H5nX02wv6NRKwPE_j65xLAB8yLb7FNZ-qr9aJy062fwyM0qzxbApjFz0QS96U8lLfRKbEk08T8vZrBC7H_XL8BewES5iQwswL_CcDVJupDEcm1aRQPCs_R9nAXefPpD98BsnchOAlzgk9Bzlliva59RkQj4QquL2Xbzgg9rw8O6TfizEB6nVwkA2aQV_7rOYm1hJtNga9qhEyVk8Nlm9zB6-ooLHkGJK4hWw8lFZ9pr01mpuKnadncY8ZLLLDV7U0twaVggw_VwjfrGSJZDzbB8jyYpShTHh0qMegP6zOO3LI87W96ngO-UbtyPKWxSMnmoaXuXJUp5AkYvJGOTZOAKOqiaUbm-LvCUzJJrwR-el5VRY3azG35Wrew_v4uumu89MmDWd-_K6hhqgO6DmxvFmvpvA_Mqs7FJZnUCvwctnO2qhvCwWSLiyLR1tLZUs4FKJZMj7sgMO8mKNoLcAKkgVdAkKEQgoaqmoVX8uFaZxmVvwquUgRLfPfhOiSoQlWa3MrDOFHXA8GGTkCoMLIOPNoeVeskOvNHKz9xM_E6n0FXlHTd1w3j3vYcnZcARbBCJ3gJ9wYibFcsp2bjOAx78T4NOztBZICq3lMm-w-Curidh14kORrkRtsmEgcxmZfdB53wcDaYnIAK4hRnXrtFyqVo1NcxgKcZMxB5DVxskvC1t8x6T5beNzXjC-V4YHC6H_D67xGdUxA-u5TB7FaW9_p2bigVasK6Vgzj3auLn29n858S21veW_7R2bTptjmQ5tA9kAQQfDAYvzNcvTXLpvPEMf7cQ8coAzgfQ9pDEp1ao8w2C9WnzOxbBoGS9nqx8odjyWA-ghuOwLvqsB7lC4gZ9vucJ94KIKm521z1X0HINkHow5kO7Wok2LR_537RPgdgT2ALHnvXYhUw5rgrJMdIOCQU5DDg3IRxwx0rhWAxzrQOcCtDlOB-F1Y28tzaI3_GHnX4Z82zT9RvpPjlylmEJ1C29SiC2M00Tif8T93TMuGV-nWkVHbLFdFk-nULHTyNzbUB4mrMbkNrooVn0-uunGcmLjeUHWWuWoaHGhMsCFS-z94rS1H7SL4NoveWlKCHYO9taC4mPi-jB_-BzOLZvwyo07oSh2GCeDcSnHFzIfE0ZVsS2oD84CLgAkyn8-CnYUPfSfuVu1jmejGnT5B4pKG4glghjST9f4ireuJGLMvOBYhYVJUqYW5onkG3pe31f_EEiV5dPzt4VSfK5Chy4uxCWqbBZbw5c5w9jFOo1aSNir3fDadNO85EZfjO-wWwBiYlEPtsEUg_xL72o2_NcEPo9jMGicRGIXOgqwy-Kdc8sImSQh59bem2gzga-4E7fiT5KUsuWCsqaQvlYBbgcuGvQtSpUe_H7r621ELbxKRYKg3fjT0bvlsZPNvNlmsVii4HlVUE81zix6UifDdNf3JcdPnu7sIq-EIGtFq97pFfTO4I2zJUHatAmFCp3E0l54uLJ7ga2mvtuoBH7Jd5Wgg0OdJF-UK-U1vxeC5jAEZS_WHgvedfUJkI4wwlA_IwfhOH5Q82yNZa9GaufKuDzJSpVAHsEwqaDIlij9tK2YXID4RFF450gAGfW3TEbwsHhkh5wgFaJQsyfydQpzqdM-NQowUAOIRtIsMTkbB2zG2O-jSQiTq4eVn88f6EB01Weq0wJ3Mqiq7hY0rQDInVE6qLaMg3-bxmjHE82E2ideVBcw-ikqFiwUmCN1w4Xr8SPbB2j-LGrBRRGby2e-riDCOkpw8OKfeQ-RUAputHuvJan079Vx8Pw9KwVNzwdzafur4Vw-E4NHvNA1pAW9O0P7r4xypKFMXVe5WxWJo8gUbNjpw_QqUAgPMUUI65d41BVMMXzuPEOCfdo0EVO4Dn2uJfpdUR_zK_gJuth0ZTOjUTRNMaXgCBpo0w7X4Dnve5IUCIpr8B6D7PeUSZVKtigQOeURwPrJ-IUCr-MVMBsf83kgFNldYgjr4_l-ShXoK1WFBkpcJnHpVO4-9TifyLSuxJAbc9O9WjL7r56M1sT52HwHKEe2ymN4hrVgUZqG05jbc-LIS7bm-r15fe-GSkL-9KN2JCi9YE240lhjg7OSbj-LT8XxAQ6ukoTUW53lxa-SG3SRhiKW8a3gLqdEQ1_UDjYF5CB5dWlpavIVNyY9a0q7WT55DiE7snP&cid=CAQSOwDUE5ymoMMmsEFLWmlqENURtYJgMjRsFluFUfIpuIUplu9sxAJ1LY0pWMXvZvZbt5cNkI2EDlCdx989GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=2379159191226820000&adk=2228999115&idt=350&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 10:06:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127232
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Mar 2024 10:06:00 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 38ED 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 23 Mar 2023 21:26:32 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
TU2PSynrXT7p2KnzXte8fEgQWf4_RAVzpVc0SCm-B08.js
pagead2.googlesyndication.com/bg/ Frame DBD8 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TU2PSynrXT7p2KnzXte8fEgQWf4_RAVzpVc0SCm-B08.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d4d8f4b29eb5d3ee9d8a9f35ed7bc7c481059fe3f440573a557344829be074f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 15:30:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
194162
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14279
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Mar 2024 15:30:30 GMT
1550243140861418884
s0.2mdn.net/simgad/ Frame BBE5 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1550243140861418884
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYthPWlr0Ow3-07gkW01Wo_0nCniWHvRWjT6TinUqqHePZ64Vhz-vBqxAu9e8XCGBx5koCUvqO9gj3S01ae2-LxHK6Eg&cry=1&dbm_d=AKAmf-Duo9Udu66b19ZpXYCriQI4HhnnHL-jVKOaiSYVbu1_LBy9LKE_y3bZbUN0mKsWfEYjkXdVjvSRHkEZ7n9esp3h7TgxvhFBQYWeoONaeGcUcZQfmj9C3ubo5OFUhe-pFLW-LtEXMDYtr5X4qUCP6oOq3-9kDXN1a3-hE_TDcNn1G5u79OqvraQdpamFEdHk3pf4c7MayCWadBaLPVdPp--xnl5faoiiLWtkPBtDe069vaXyllXfrQ1Hd46NB3Kbveq-gEyJieOqIQ9_1DGQzZ1H9sfQ2Ez-xBSRBBCOosQzID996fs4n4y466cuHzkLVtcpngJYaD5ufhtymZNT1UVnouvtlPJh4hJUynZWTGxi8cc0a5MDJdCijjf3FDNGmH5UoY0zGIeM8H77E5msXNEDsHPJmsZ6lGHFryYSVhumPjWTsJBj5Szg3WLZ91lhArdv3vcfZq-tkn06e-suUnmJENvVyqcT1DAUWN4Cq_IBgiqKCjTkk0oYxHAJmB-H6G0LnnTdFD2dF0yYDxjNZb61uF4hH2s71Kp6_jyouWiiL1RDwo8ZhFgcHiq_6QUp-glw7jjQUs9uPDpsNm2FhYxqdW-HmOI8o1RcSe7Yu37LZa7lImuq9prd1KQtpIw836BJEXtz8bQzFHcdudR48kZ1NWAyYBNITKDuAG-021ajm9KZOOL0LxpMB1A0iY2No6rmhFHp3k-40ZOaOBkKRgHf-is81krcQWXwVWBU5q9gA46owFK7ZldzV0Ybt-rwX9GC3Brz_YRz7kOc6vSQ3VHqoe65j2NFLJeD9tWKpjm2uTuocuUif7irccLLYdq6al82e7ZbPz6cWVQxMiJ4Fv0dLX7ki6J31K1pdRxS67-JQ0BInHq4TGThWr8aRlI8WsogYQuxAJXoeWnogHs8BsqXtDMeFm8BcPTC1DRfnZ7ThRnjCymiNww5vBnzdeVaCr0woLWrgH-3Gkp6cET4SKLMsAGoWjEHHbN8SszDB6kAlD6KvN6FXSvX2T599VOiEvfMFOm-tEwgCZ_BhHp05T0UhqmUfTZwzK6wwxE0IH1dUh22qgM0mx7hj0BFcAc4AgsGCgebCHhruk8xLlJQrrOKSluTHo4OReweo5yTh-ssuK0zLR33874NJHcPi-BXKDoroXdKWud2uMlElNiE1hSSNmlW0GWm6UPl4aqR5SY9JckouTadLD3kk2qK8MOFdOGL9TN5-npXZrpqsxMH6ApEr5Lpacsi-18mQDdn3ztJ3gaHLpR3KJF12VenbgyNW27upU27uL2CgNqrRpc4416u2j8TYNoxQ5YcAX483-amFUD0YtCKrGZ4bTCR_VBb9M74T2qw4CZ7IeGgSjLqgJ4Fz8Ky64pLc7CwWeepsTFowQDREzBxFJNI5dfi9-sfuZdkXVG1h458ELe9DclNmadsjvAirihmlBoUWjicoaX-yRR7GPtGnNT36Z6_BvnPZmkXbBGzlgNE_H86x0W1MQElonuIwpFPE8PLHWmedvbNElD_Cp2YKIFHpB6HvbYd1OZVV1CZQztg8fjh0Qk0N1A61Kw_oG88Ihys8Dgca0YKl1aU8o67ebn524nBVvAOxxG5LS3ZhSffK8wjyWGOEvndEv7pUSg3mrz2U6y-1-anBFxuxvr4u_Cyc6tcbsbesw-xBXl-5I49y6pIB_qqQ1PENQdlp8gWNjteZnuiY67gCF-7xIyz5buZJBHcq6OHnjS58g4B3OwLn2uyOlqzRQ7QmyCFYoYVE_RvmyIXscAgDlJMxvI4mNHT5nlm6rrgJI7c91wgfQWrwgwI7_Xio25R389V3dMUEZ5aNKN1896nbZAzX3CGdeSHRuDT1kBmfUaivsWzB7JZaIdTtF7U9vUNC80Jq3td2btr0dfKqgXOi6fJ1-_o3lybHXDf-ry5flBfNpnjrDmpPp9eBRCsY2eHMbTOn4bbP30I5GiOawi_ja9dtrsH18nl9aihjFIuvz-q38H9hDrK8z3Ds_ZuFB_9oOr3idJ_evuvFznQckpHxRkxQgmBuSLUjdylp2NaRityUjn4ifXYhPHNIM0Y92zaVvAJmplv8-ZTWYd3iIxUk_h5LeboSQpnsSbakYIJ8ZGAvt-OMx1tAjF99asyT-2WXaANk4bdj4-W4f5F2Tr9pvB0Qab9IyNBWXZIFuJ--cjBVWr9MaOte57p6qB83RY4rmtnqtn6r9tSxHdCt91qK-TYXRfHwlAuGPnAu6MFA9fcU9JJUdOqUqHqDhWXz8WCIKSNzUmTlmo0pArL2Jw6QA_IFT6g-Z1Xd6FwUx6Qe9_yLRhQTObySwJnjTtEqFow7KF9NbhyE6Uu2oqRMXqZVVWux50ihOP6ZgYckY_VGOBbf4Rmd8pf2oabvhkVmo0WiQgu-Vx_ax4vjDt36TlkChp4qHoCoKVXKriLjyOLc6Dg-YNkzuHlvsaYVGcjQ5fKeHFlRd2fuFyENWkGJBxRC5jwrTzZ9Dljve4WeCQLBYg7Ls0oARJJ8DYn4HxltLfuhPQqXcGDXr9BcWUiMctCdlg6-Hl_XuFDkL6q2-PzBwkSyXB6foBMmG6u3SJzysEjknH1K78iHtOYVuGKWHqWEg1EgNN1TTOM7mTOLUSuT-hcXISfSmwH3jpKYfFJoa5XmBh-F9Xez1BNgDbumFPmzG9ntLfGUzAdhUs5f3QixXPPLOCZkNvJYCDB-S2qLe6iTIePBOfikBinIYC7-6umd8MX9hN0bQCPAsuATwJpmifIEAXB6ajNKLTOKQbMVgaii8shQmMsehjnef40ZPVRqJXnTliKVaXqwjkwBesPf414NhmVAVCHa25V61rvNO5WzEPmB2Abq0Cohw1lsknWfl_ur-MMOz5OBj1wPF9-fY3XEG121Mn-tD0MnIA10pgvcEmgSCe92YlCuBcowmqejxw5rJIjQAC91uNxPyjkCNJIgU2xsjoo_ZgLs_X2D9_Ohh9meYHvGtxCVQ7_Vte_UsfTWaBPwt_yDiRRbqG4ofiCWkhX8jrce1TssRLj_2m01tEzf44GxCycpyg4JVQooX_8go760Dl8y3nblG0k2yMB1shFnGdMrhpPoiAJp0nmkLNuHDhLlTzSw-zQRUp4jizUpvkqOd2LJ93FQgUdHDrQqMRI8Q9psdiZVFj7rM-mH7NhN7vD8I3GaBgf2LDrc3Aim9I3VKp4--Mk94F_hh8encJwYec-VpmTaXpo0P14RYtJWEKU2tkKJ-8wpVIf8goIANJ2b4d8Dk3ybmojEtJa03EaGGU-Jj0rqOSK72tAjkw-WczYelZ3wxTPZdWzr26lusCQg-99Vse18Ayh7_vZ7XXYs_Ui34kwryfVGDTIlL2-t_jjoSpEWyyCw7ZtrwQ6_j6jg9eH_5Wx4Eai7cgm66ko&cid=CAQSOwDUE5ymoMMmsEFLWmlqENURtYJgMjRsFluFUfIpuIUplu9sxAJ1LY0pWMXvZvZbt5cNkI2EDlCdx989GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=7542582017219056000&adk=3047537735&idt=381&cac=0&dtd=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37de8a936ffe92c7f4c5ea8b451e3f8b4f6bb4ff2a0f60afa2e0f90f9f91895d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
age
98481
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76223
x-xss-protection
0
last-modified
Thu, 09 Feb 2023 11:14:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Mar 2024 18:05:11 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230322/r20110914/ Frame BBE5 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230322/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYthPWlr0Ow3-07gkW01Wo_0nCniWHvRWjT6TinUqqHePZ64Vhz-vBqxAu9e8XCGBx5koCUvqO9gj3S01ae2-LxHK6Eg&cry=1&dbm_d=AKAmf-Duo9Udu66b19ZpXYCriQI4HhnnHL-jVKOaiSYVbu1_LBy9LKE_y3bZbUN0mKsWfEYjkXdVjvSRHkEZ7n9esp3h7TgxvhFBQYWeoONaeGcUcZQfmj9C3ubo5OFUhe-pFLW-LtEXMDYtr5X4qUCP6oOq3-9kDXN1a3-hE_TDcNn1G5u79OqvraQdpamFEdHk3pf4c7MayCWadBaLPVdPp--xnl5faoiiLWtkPBtDe069vaXyllXfrQ1Hd46NB3Kbveq-gEyJieOqIQ9_1DGQzZ1H9sfQ2Ez-xBSRBBCOosQzID996fs4n4y466cuHzkLVtcpngJYaD5ufhtymZNT1UVnouvtlPJh4hJUynZWTGxi8cc0a5MDJdCijjf3FDNGmH5UoY0zGIeM8H77E5msXNEDsHPJmsZ6lGHFryYSVhumPjWTsJBj5Szg3WLZ91lhArdv3vcfZq-tkn06e-suUnmJENvVyqcT1DAUWN4Cq_IBgiqKCjTkk0oYxHAJmB-H6G0LnnTdFD2dF0yYDxjNZb61uF4hH2s71Kp6_jyouWiiL1RDwo8ZhFgcHiq_6QUp-glw7jjQUs9uPDpsNm2FhYxqdW-HmOI8o1RcSe7Yu37LZa7lImuq9prd1KQtpIw836BJEXtz8bQzFHcdudR48kZ1NWAyYBNITKDuAG-021ajm9KZOOL0LxpMB1A0iY2No6rmhFHp3k-40ZOaOBkKRgHf-is81krcQWXwVWBU5q9gA46owFK7ZldzV0Ybt-rwX9GC3Brz_YRz7kOc6vSQ3VHqoe65j2NFLJeD9tWKpjm2uTuocuUif7irccLLYdq6al82e7ZbPz6cWVQxMiJ4Fv0dLX7ki6J31K1pdRxS67-JQ0BInHq4TGThWr8aRlI8WsogYQuxAJXoeWnogHs8BsqXtDMeFm8BcPTC1DRfnZ7ThRnjCymiNww5vBnzdeVaCr0woLWrgH-3Gkp6cET4SKLMsAGoWjEHHbN8SszDB6kAlD6KvN6FXSvX2T599VOiEvfMFOm-tEwgCZ_BhHp05T0UhqmUfTZwzK6wwxE0IH1dUh22qgM0mx7hj0BFcAc4AgsGCgebCHhruk8xLlJQrrOKSluTHo4OReweo5yTh-ssuK0zLR33874NJHcPi-BXKDoroXdKWud2uMlElNiE1hSSNmlW0GWm6UPl4aqR5SY9JckouTadLD3kk2qK8MOFdOGL9TN5-npXZrpqsxMH6ApEr5Lpacsi-18mQDdn3ztJ3gaHLpR3KJF12VenbgyNW27upU27uL2CgNqrRpc4416u2j8TYNoxQ5YcAX483-amFUD0YtCKrGZ4bTCR_VBb9M74T2qw4CZ7IeGgSjLqgJ4Fz8Ky64pLc7CwWeepsTFowQDREzBxFJNI5dfi9-sfuZdkXVG1h458ELe9DclNmadsjvAirihmlBoUWjicoaX-yRR7GPtGnNT36Z6_BvnPZmkXbBGzlgNE_H86x0W1MQElonuIwpFPE8PLHWmedvbNElD_Cp2YKIFHpB6HvbYd1OZVV1CZQztg8fjh0Qk0N1A61Kw_oG88Ihys8Dgca0YKl1aU8o67ebn524nBVvAOxxG5LS3ZhSffK8wjyWGOEvndEv7pUSg3mrz2U6y-1-anBFxuxvr4u_Cyc6tcbsbesw-xBXl-5I49y6pIB_qqQ1PENQdlp8gWNjteZnuiY67gCF-7xIyz5buZJBHcq6OHnjS58g4B3OwLn2uyOlqzRQ7QmyCFYoYVE_RvmyIXscAgDlJMxvI4mNHT5nlm6rrgJI7c91wgfQWrwgwI7_Xio25R389V3dMUEZ5aNKN1896nbZAzX3CGdeSHRuDT1kBmfUaivsWzB7JZaIdTtF7U9vUNC80Jq3td2btr0dfKqgXOi6fJ1-_o3lybHXDf-ry5flBfNpnjrDmpPp9eBRCsY2eHMbTOn4bbP30I5GiOawi_ja9dtrsH18nl9aihjFIuvz-q38H9hDrK8z3Ds_ZuFB_9oOr3idJ_evuvFznQckpHxRkxQgmBuSLUjdylp2NaRityUjn4ifXYhPHNIM0Y92zaVvAJmplv8-ZTWYd3iIxUk_h5LeboSQpnsSbakYIJ8ZGAvt-OMx1tAjF99asyT-2WXaANk4bdj4-W4f5F2Tr9pvB0Qab9IyNBWXZIFuJ--cjBVWr9MaOte57p6qB83RY4rmtnqtn6r9tSxHdCt91qK-TYXRfHwlAuGPnAu6MFA9fcU9JJUdOqUqHqDhWXz8WCIKSNzUmTlmo0pArL2Jw6QA_IFT6g-Z1Xd6FwUx6Qe9_yLRhQTObySwJnjTtEqFow7KF9NbhyE6Uu2oqRMXqZVVWux50ihOP6ZgYckY_VGOBbf4Rmd8pf2oabvhkVmo0WiQgu-Vx_ax4vjDt36TlkChp4qHoCoKVXKriLjyOLc6Dg-YNkzuHlvsaYVGcjQ5fKeHFlRd2fuFyENWkGJBxRC5jwrTzZ9Dljve4WeCQLBYg7Ls0oARJJ8DYn4HxltLfuhPQqXcGDXr9BcWUiMctCdlg6-Hl_XuFDkL6q2-PzBwkSyXB6foBMmG6u3SJzysEjknH1K78iHtOYVuGKWHqWEg1EgNN1TTOM7mTOLUSuT-hcXISfSmwH3jpKYfFJoa5XmBh-F9Xez1BNgDbumFPmzG9ntLfGUzAdhUs5f3QixXPPLOCZkNvJYCDB-S2qLe6iTIePBOfikBinIYC7-6umd8MX9hN0bQCPAsuATwJpmifIEAXB6ajNKLTOKQbMVgaii8shQmMsehjnef40ZPVRqJXnTliKVaXqwjkwBesPf414NhmVAVCHa25V61rvNO5WzEPmB2Abq0Cohw1lsknWfl_ur-MMOz5OBj1wPF9-fY3XEG121Mn-tD0MnIA10pgvcEmgSCe92YlCuBcowmqejxw5rJIjQAC91uNxPyjkCNJIgU2xsjoo_ZgLs_X2D9_Ohh9meYHvGtxCVQ7_Vte_UsfTWaBPwt_yDiRRbqG4ofiCWkhX8jrce1TssRLj_2m01tEzf44GxCycpyg4JVQooX_8go760Dl8y3nblG0k2yMB1shFnGdMrhpPoiAJp0nmkLNuHDhLlTzSw-zQRUp4jizUpvkqOd2LJ93FQgUdHDrQqMRI8Q9psdiZVFj7rM-mH7NhN7vD8I3GaBgf2LDrc3Aim9I3VKp4--Mk94F_hh8encJwYec-VpmTaXpo0P14RYtJWEKU2tkKJ-8wpVIf8goIANJ2b4d8Dk3ybmojEtJa03EaGGU-Jj0rqOSK72tAjkw-WczYelZ3wxTPZdWzr26lusCQg-99Vse18Ayh7_vZ7XXYs_Ui34kwryfVGDTIlL2-t_jjoSpEWyyCw7ZtrwQ6_j6jg9eH_5Wx4Eai7cgm66ko&cid=CAQSOwDUE5ymoMMmsEFLWmlqENURtYJgMjRsFluFUfIpuIUplu9sxAJ1LY0pWMXvZvZbt5cNkI2EDlCdx989GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=7542582017219056000&adk=3047537735&idt=381&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11f1414c6342d8a5a5124286921298b09b1e776f0aae7bbc4c83b96685166019
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
17561
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10980
x-xss-protection
0
server
cafe
etag
17255800071175307161
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Apr 2023 16:33:51 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230322/r20110914/elements/html/ Frame BBE5 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230322/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYthPWlr0Ow3-07gkW01Wo_0nCniWHvRWjT6TinUqqHePZ64Vhz-vBqxAu9e8XCGBx5koCUvqO9gj3S01ae2-LxHK6Eg&cry=1&dbm_d=AKAmf-Duo9Udu66b19ZpXYCriQI4HhnnHL-jVKOaiSYVbu1_LBy9LKE_y3bZbUN0mKsWfEYjkXdVjvSRHkEZ7n9esp3h7TgxvhFBQYWeoONaeGcUcZQfmj9C3ubo5OFUhe-pFLW-LtEXMDYtr5X4qUCP6oOq3-9kDXN1a3-hE_TDcNn1G5u79OqvraQdpamFEdHk3pf4c7MayCWadBaLPVdPp--xnl5faoiiLWtkPBtDe069vaXyllXfrQ1Hd46NB3Kbveq-gEyJieOqIQ9_1DGQzZ1H9sfQ2Ez-xBSRBBCOosQzID996fs4n4y466cuHzkLVtcpngJYaD5ufhtymZNT1UVnouvtlPJh4hJUynZWTGxi8cc0a5MDJdCijjf3FDNGmH5UoY0zGIeM8H77E5msXNEDsHPJmsZ6lGHFryYSVhumPjWTsJBj5Szg3WLZ91lhArdv3vcfZq-tkn06e-suUnmJENvVyqcT1DAUWN4Cq_IBgiqKCjTkk0oYxHAJmB-H6G0LnnTdFD2dF0yYDxjNZb61uF4hH2s71Kp6_jyouWiiL1RDwo8ZhFgcHiq_6QUp-glw7jjQUs9uPDpsNm2FhYxqdW-HmOI8o1RcSe7Yu37LZa7lImuq9prd1KQtpIw836BJEXtz8bQzFHcdudR48kZ1NWAyYBNITKDuAG-021ajm9KZOOL0LxpMB1A0iY2No6rmhFHp3k-40ZOaOBkKRgHf-is81krcQWXwVWBU5q9gA46owFK7ZldzV0Ybt-rwX9GC3Brz_YRz7kOc6vSQ3VHqoe65j2NFLJeD9tWKpjm2uTuocuUif7irccLLYdq6al82e7ZbPz6cWVQxMiJ4Fv0dLX7ki6J31K1pdRxS67-JQ0BInHq4TGThWr8aRlI8WsogYQuxAJXoeWnogHs8BsqXtDMeFm8BcPTC1DRfnZ7ThRnjCymiNww5vBnzdeVaCr0woLWrgH-3Gkp6cET4SKLMsAGoWjEHHbN8SszDB6kAlD6KvN6FXSvX2T599VOiEvfMFOm-tEwgCZ_BhHp05T0UhqmUfTZwzK6wwxE0IH1dUh22qgM0mx7hj0BFcAc4AgsGCgebCHhruk8xLlJQrrOKSluTHo4OReweo5yTh-ssuK0zLR33874NJHcPi-BXKDoroXdKWud2uMlElNiE1hSSNmlW0GWm6UPl4aqR5SY9JckouTadLD3kk2qK8MOFdOGL9TN5-npXZrpqsxMH6ApEr5Lpacsi-18mQDdn3ztJ3gaHLpR3KJF12VenbgyNW27upU27uL2CgNqrRpc4416u2j8TYNoxQ5YcAX483-amFUD0YtCKrGZ4bTCR_VBb9M74T2qw4CZ7IeGgSjLqgJ4Fz8Ky64pLc7CwWeepsTFowQDREzBxFJNI5dfi9-sfuZdkXVG1h458ELe9DclNmadsjvAirihmlBoUWjicoaX-yRR7GPtGnNT36Z6_BvnPZmkXbBGzlgNE_H86x0W1MQElonuIwpFPE8PLHWmedvbNElD_Cp2YKIFHpB6HvbYd1OZVV1CZQztg8fjh0Qk0N1A61Kw_oG88Ihys8Dgca0YKl1aU8o67ebn524nBVvAOxxG5LS3ZhSffK8wjyWGOEvndEv7pUSg3mrz2U6y-1-anBFxuxvr4u_Cyc6tcbsbesw-xBXl-5I49y6pIB_qqQ1PENQdlp8gWNjteZnuiY67gCF-7xIyz5buZJBHcq6OHnjS58g4B3OwLn2uyOlqzRQ7QmyCFYoYVE_RvmyIXscAgDlJMxvI4mNHT5nlm6rrgJI7c91wgfQWrwgwI7_Xio25R389V3dMUEZ5aNKN1896nbZAzX3CGdeSHRuDT1kBmfUaivsWzB7JZaIdTtF7U9vUNC80Jq3td2btr0dfKqgXOi6fJ1-_o3lybHXDf-ry5flBfNpnjrDmpPp9eBRCsY2eHMbTOn4bbP30I5GiOawi_ja9dtrsH18nl9aihjFIuvz-q38H9hDrK8z3Ds_ZuFB_9oOr3idJ_evuvFznQckpHxRkxQgmBuSLUjdylp2NaRityUjn4ifXYhPHNIM0Y92zaVvAJmplv8-ZTWYd3iIxUk_h5LeboSQpnsSbakYIJ8ZGAvt-OMx1tAjF99asyT-2WXaANk4bdj4-W4f5F2Tr9pvB0Qab9IyNBWXZIFuJ--cjBVWr9MaOte57p6qB83RY4rmtnqtn6r9tSxHdCt91qK-TYXRfHwlAuGPnAu6MFA9fcU9JJUdOqUqHqDhWXz8WCIKSNzUmTlmo0pArL2Jw6QA_IFT6g-Z1Xd6FwUx6Qe9_yLRhQTObySwJnjTtEqFow7KF9NbhyE6Uu2oqRMXqZVVWux50ihOP6ZgYckY_VGOBbf4Rmd8pf2oabvhkVmo0WiQgu-Vx_ax4vjDt36TlkChp4qHoCoKVXKriLjyOLc6Dg-YNkzuHlvsaYVGcjQ5fKeHFlRd2fuFyENWkGJBxRC5jwrTzZ9Dljve4WeCQLBYg7Ls0oARJJ8DYn4HxltLfuhPQqXcGDXr9BcWUiMctCdlg6-Hl_XuFDkL6q2-PzBwkSyXB6foBMmG6u3SJzysEjknH1K78iHtOYVuGKWHqWEg1EgNN1TTOM7mTOLUSuT-hcXISfSmwH3jpKYfFJoa5XmBh-F9Xez1BNgDbumFPmzG9ntLfGUzAdhUs5f3QixXPPLOCZkNvJYCDB-S2qLe6iTIePBOfikBinIYC7-6umd8MX9hN0bQCPAsuATwJpmifIEAXB6ajNKLTOKQbMVgaii8shQmMsehjnef40ZPVRqJXnTliKVaXqwjkwBesPf414NhmVAVCHa25V61rvNO5WzEPmB2Abq0Cohw1lsknWfl_ur-MMOz5OBj1wPF9-fY3XEG121Mn-tD0MnIA10pgvcEmgSCe92YlCuBcowmqejxw5rJIjQAC91uNxPyjkCNJIgU2xsjoo_ZgLs_X2D9_Ohh9meYHvGtxCVQ7_Vte_UsfTWaBPwt_yDiRRbqG4ofiCWkhX8jrce1TssRLj_2m01tEzf44GxCycpyg4JVQooX_8go760Dl8y3nblG0k2yMB1shFnGdMrhpPoiAJp0nmkLNuHDhLlTzSw-zQRUp4jizUpvkqOd2LJ93FQgUdHDrQqMRI8Q9psdiZVFj7rM-mH7NhN7vD8I3GaBgf2LDrc3Aim9I3VKp4--Mk94F_hh8encJwYec-VpmTaXpo0P14RYtJWEKU2tkKJ-8wpVIf8goIANJ2b4d8Dk3ybmojEtJa03EaGGU-Jj0rqOSK72tAjkw-WczYelZ3wxTPZdWzr26lusCQg-99Vse18Ayh7_vZ7XXYs_Ui34kwryfVGDTIlL2-t_jjoSpEWyyCw7ZtrwQ6_j6jg9eH_5Wx4Eai7cgm66ko&cid=CAQSOwDUE5ymoMMmsEFLWmlqENURtYJgMjRsFluFUfIpuIUplu9sxAJ1LY0pWMXvZvZbt5cNkI2EDlCdx989GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=7542582017219056000&adk=3047537735&idt=381&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3501a3f0a7b6bc47f9f81c7be85b3603816fe2d3026ab4b396127ed9eb8895c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:18:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
18508
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4115
x-xss-protection
0
server
cafe
etag
1914039858798321668
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Apr 2023 16:18:04 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame BBE5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvNqsfsHVT8-kxgjMNNyAM75uiNQnd68dZT9d6sX9pwZ-u9m5nP_O9zVKTLCKIjdEUru6m98FDunwHsevMs-dtvNuwvXe6duF7e2sDJmddR8FLl2SdxlJo_GCgjh56E2SVZJZLn8W3HVetx0XAmw0GhmB-AyxIwzyRY-UpaltiWLkr3unFUk1KwMgg1LfYQbDNsMPP15TYdRsr_oiiSYTRgl7g-HngzUg0ggcSfUiPsM4H3ZK3mmmdSoW5nUPgrVcmUxV4mLTI4Z8ArFc3ALwaSnzqisGSCAdSZrDkqodr1BxZPkBMk6rSwmY1uGavzSjezYt0ISy7uKg8XEDvoGlzDh6nsWABOTo80RwepgDzZXwLDuM4Pzr-jIqwJSkCB9VDCF-tYYKH_yKJjpt8PhEP4tOORLdM3LB3XWIX1iW0IsPe8qD37PiIA0e1rmQ5Sw2-msJIw_K7-DKjnwpQbMO4xlxfP-SrI8vqQ2KXXaAoP69hi1SAQwwKWPNie3nUkK9v4IJN7lt0vy90vujGuisNTnKzZOWvUxpVuvu1_nf2RUztu2rs8I7t9rCOlxzm3D6zKrvMnyGPNWh50H_m_9z0B7svi_OHfl3bEHzch1hZVTocOHJ5dGmrRfjKOP9JAKHQ1ZBrjFkLH0O8B4E9CVqOgPyEy0OcSVHH8Xx7d4lOfg09S5-6NrBvZXeoGLdanU6UTfRhSgW-G7KsBiTI2aDeWjyHxm0ojTWHH4JxYhEha7YgwUttD22Ju7-SSQ4xJy9XBp-ysZOHCMO_faiQnB4kmDKcNcHGfHG_1ghIqTxGxjse4LWhP9lbNCRpFKTnbD1aYzAd5Z8IANpJthdKPQYyUsSxz1FbPhDlC8GqjQ3qEXyCdrhVkTy-IUIvgdDjAO5bAi9QMxNuPBiYr2W8ORDSakIAAHn3fg02CRTca7gMP5JUd6kw5R3FHYb2g5URJFKyAbhqGxwFYA6zc0eHZDYBwzbF8s_v4E0phwHmbwVah6Y5FvD-iQfzKMZICqSHVrnx807TgZoiVYoziLpUZw9tPiykeGg_cYtUG6pKGsqIfoW-E6of5mInvlGGpRRA5hctFh7LPEEEaBZ_bbnKyMLwmo00SQbNI_lXWQfr5YiSE-KDeOk9tArcFJySVGLsRtc6Mf-DNb8qcrzNRTUPIydTloPcwDLnFcwlGmKnefwhYdhl2G5linJ0-Y2BwE9QI3TDh2VIKAu9j1-MIeWS-51wCNGqgaisSDtNN_7THuHQSl-Z3IPabtnk3qYym&sai=AMfl-YR2jjEVtAnWkJ-hHcJgXEvyDfTtaYH_hdYA977G4CPw8JPV9OPaMpfYDA0yYDS2lgvrYrfz1TfHJw5lgwP8HGK6-fNWbf7EWgcHeEc80GTVJNgvmmiyZnZokQALJ2GR7WbWIa3SbYtPmAglInaerLNkYceGurss1D_wIcL6KFT9UYqVen-eFe8HdiV0Q2IGjA_OfCteiJFezOBxEycAHZLZEJpAzpUf6d91_rIWnQF8V1JD8EnxlrGTapAgsE_kEsK0ptW7oXGPRipQJYx4yGExTyTWUmQ&sig=Cg0ArKJSzBvwth_-napBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230322.89008&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYthPWlr0Ow3-07gkW01Wo_0nCniWHvRWjT6TinUqqHePZ64Vhz-vBqxAu9e8XCGBx5koCUvqO9gj3S01ae2-LxHK6Eg&cry=1&dbm_d=AKAmf-Duo9Udu66b19ZpXYCriQI4HhnnHL-jVKOaiSYVbu1_LBy9LKE_y3bZbUN0mKsWfEYjkXdVjvSRHkEZ7n9esp3h7TgxvhFBQYWeoONaeGcUcZQfmj9C3ubo5OFUhe-pFLW-LtEXMDYtr5X4qUCP6oOq3-9kDXN1a3-hE_TDcNn1G5u79OqvraQdpamFEdHk3pf4c7MayCWadBaLPVdPp--xnl5faoiiLWtkPBtDe069vaXyllXfrQ1Hd46NB3Kbveq-gEyJieOqIQ9_1DGQzZ1H9sfQ2Ez-xBSRBBCOosQzID996fs4n4y466cuHzkLVtcpngJYaD5ufhtymZNT1UVnouvtlPJh4hJUynZWTGxi8cc0a5MDJdCijjf3FDNGmH5UoY0zGIeM8H77E5msXNEDsHPJmsZ6lGHFryYSVhumPjWTsJBj5Szg3WLZ91lhArdv3vcfZq-tkn06e-suUnmJENvVyqcT1DAUWN4Cq_IBgiqKCjTkk0oYxHAJmB-H6G0LnnTdFD2dF0yYDxjNZb61uF4hH2s71Kp6_jyouWiiL1RDwo8ZhFgcHiq_6QUp-glw7jjQUs9uPDpsNm2FhYxqdW-HmOI8o1RcSe7Yu37LZa7lImuq9prd1KQtpIw836BJEXtz8bQzFHcdudR48kZ1NWAyYBNITKDuAG-021ajm9KZOOL0LxpMB1A0iY2No6rmhFHp3k-40ZOaOBkKRgHf-is81krcQWXwVWBU5q9gA46owFK7ZldzV0Ybt-rwX9GC3Brz_YRz7kOc6vSQ3VHqoe65j2NFLJeD9tWKpjm2uTuocuUif7irccLLYdq6al82e7ZbPz6cWVQxMiJ4Fv0dLX7ki6J31K1pdRxS67-JQ0BInHq4TGThWr8aRlI8WsogYQuxAJXoeWnogHs8BsqXtDMeFm8BcPTC1DRfnZ7ThRnjCymiNww5vBnzdeVaCr0woLWrgH-3Gkp6cET4SKLMsAGoWjEHHbN8SszDB6kAlD6KvN6FXSvX2T599VOiEvfMFOm-tEwgCZ_BhHp05T0UhqmUfTZwzK6wwxE0IH1dUh22qgM0mx7hj0BFcAc4AgsGCgebCHhruk8xLlJQrrOKSluTHo4OReweo5yTh-ssuK0zLR33874NJHcPi-BXKDoroXdKWud2uMlElNiE1hSSNmlW0GWm6UPl4aqR5SY9JckouTadLD3kk2qK8MOFdOGL9TN5-npXZrpqsxMH6ApEr5Lpacsi-18mQDdn3ztJ3gaHLpR3KJF12VenbgyNW27upU27uL2CgNqrRpc4416u2j8TYNoxQ5YcAX483-amFUD0YtCKrGZ4bTCR_VBb9M74T2qw4CZ7IeGgSjLqgJ4Fz8Ky64pLc7CwWeepsTFowQDREzBxFJNI5dfi9-sfuZdkXVG1h458ELe9DclNmadsjvAirihmlBoUWjicoaX-yRR7GPtGnNT36Z6_BvnPZmkXbBGzlgNE_H86x0W1MQElonuIwpFPE8PLHWmedvbNElD_Cp2YKIFHpB6HvbYd1OZVV1CZQztg8fjh0Qk0N1A61Kw_oG88Ihys8Dgca0YKl1aU8o67ebn524nBVvAOxxG5LS3ZhSffK8wjyWGOEvndEv7pUSg3mrz2U6y-1-anBFxuxvr4u_Cyc6tcbsbesw-xBXl-5I49y6pIB_qqQ1PENQdlp8gWNjteZnuiY67gCF-7xIyz5buZJBHcq6OHnjS58g4B3OwLn2uyOlqzRQ7QmyCFYoYVE_RvmyIXscAgDlJMxvI4mNHT5nlm6rrgJI7c91wgfQWrwgwI7_Xio25R389V3dMUEZ5aNKN1896nbZAzX3CGdeSHRuDT1kBmfUaivsWzB7JZaIdTtF7U9vUNC80Jq3td2btr0dfKqgXOi6fJ1-_o3lybHXDf-ry5flBfNpnjrDmpPp9eBRCsY2eHMbTOn4bbP30I5GiOawi_ja9dtrsH18nl9aihjFIuvz-q38H9hDrK8z3Ds_ZuFB_9oOr3idJ_evuvFznQckpHxRkxQgmBuSLUjdylp2NaRityUjn4ifXYhPHNIM0Y92zaVvAJmplv8-ZTWYd3iIxUk_h5LeboSQpnsSbakYIJ8ZGAvt-OMx1tAjF99asyT-2WXaANk4bdj4-W4f5F2Tr9pvB0Qab9IyNBWXZIFuJ--cjBVWr9MaOte57p6qB83RY4rmtnqtn6r9tSxHdCt91qK-TYXRfHwlAuGPnAu6MFA9fcU9JJUdOqUqHqDhWXz8WCIKSNzUmTlmo0pArL2Jw6QA_IFT6g-Z1Xd6FwUx6Qe9_yLRhQTObySwJnjTtEqFow7KF9NbhyE6Uu2oqRMXqZVVWux50ihOP6ZgYckY_VGOBbf4Rmd8pf2oabvhkVmo0WiQgu-Vx_ax4vjDt36TlkChp4qHoCoKVXKriLjyOLc6Dg-YNkzuHlvsaYVGcjQ5fKeHFlRd2fuFyENWkGJBxRC5jwrTzZ9Dljve4WeCQLBYg7Ls0oARJJ8DYn4HxltLfuhPQqXcGDXr9BcWUiMctCdlg6-Hl_XuFDkL6q2-PzBwkSyXB6foBMmG6u3SJzysEjknH1K78iHtOYVuGKWHqWEg1EgNN1TTOM7mTOLUSuT-hcXISfSmwH3jpKYfFJoa5XmBh-F9Xez1BNgDbumFPmzG9ntLfGUzAdhUs5f3QixXPPLOCZkNvJYCDB-S2qLe6iTIePBOfikBinIYC7-6umd8MX9hN0bQCPAsuATwJpmifIEAXB6ajNKLTOKQbMVgaii8shQmMsehjnef40ZPVRqJXnTliKVaXqwjkwBesPf414NhmVAVCHa25V61rvNO5WzEPmB2Abq0Cohw1lsknWfl_ur-MMOz5OBj1wPF9-fY3XEG121Mn-tD0MnIA10pgvcEmgSCe92YlCuBcowmqejxw5rJIjQAC91uNxPyjkCNJIgU2xsjoo_ZgLs_X2D9_Ohh9meYHvGtxCVQ7_Vte_UsfTWaBPwt_yDiRRbqG4ofiCWkhX8jrce1TssRLj_2m01tEzf44GxCycpyg4JVQooX_8go760Dl8y3nblG0k2yMB1shFnGdMrhpPoiAJp0nmkLNuHDhLlTzSw-zQRUp4jizUpvkqOd2LJ93FQgUdHDrQqMRI8Q9psdiZVFj7rM-mH7NhN7vD8I3GaBgf2LDrc3Aim9I3VKp4--Mk94F_hh8encJwYec-VpmTaXpo0P14RYtJWEKU2tkKJ-8wpVIf8goIANJ2b4d8Dk3ybmojEtJa03EaGGU-Jj0rqOSK72tAjkw-WczYelZ3wxTPZdWzr26lusCQg-99Vse18Ayh7_vZ7XXYs_Ui34kwryfVGDTIlL2-t_jjoSpEWyyCw7ZtrwQ6_j6jg9eH_5Wx4Eai7cgm66ko&cid=CAQSOwDUE5ymoMMmsEFLWmlqENURtYJgMjRsFluFUfIpuIUplu9sxAJ1LY0pWMXvZvZbt5cNkI2EDlCdx989GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=7542582017219056000&adk=3047537735&idt=381&cac=0&dtd=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 23 Mar 2023 21:26:32 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 23 Mar 2023 21:26:32 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BBE5 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYthPWlr0Ow3-07gkW01Wo_0nCniWHvRWjT6TinUqqHePZ64Vhz-vBqxAu9e8XCGBx5koCUvqO9gj3S01ae2-LxHK6Eg&cry=1&dbm_d=AKAmf-Duo9Udu66b19ZpXYCriQI4HhnnHL-jVKOaiSYVbu1_LBy9LKE_y3bZbUN0mKsWfEYjkXdVjvSRHkEZ7n9esp3h7TgxvhFBQYWeoONaeGcUcZQfmj9C3ubo5OFUhe-pFLW-LtEXMDYtr5X4qUCP6oOq3-9kDXN1a3-hE_TDcNn1G5u79OqvraQdpamFEdHk3pf4c7MayCWadBaLPVdPp--xnl5faoiiLWtkPBtDe069vaXyllXfrQ1Hd46NB3Kbveq-gEyJieOqIQ9_1DGQzZ1H9sfQ2Ez-xBSRBBCOosQzID996fs4n4y466cuHzkLVtcpngJYaD5ufhtymZNT1UVnouvtlPJh4hJUynZWTGxi8cc0a5MDJdCijjf3FDNGmH5UoY0zGIeM8H77E5msXNEDsHPJmsZ6lGHFryYSVhumPjWTsJBj5Szg3WLZ91lhArdv3vcfZq-tkn06e-suUnmJENvVyqcT1DAUWN4Cq_IBgiqKCjTkk0oYxHAJmB-H6G0LnnTdFD2dF0yYDxjNZb61uF4hH2s71Kp6_jyouWiiL1RDwo8ZhFgcHiq_6QUp-glw7jjQUs9uPDpsNm2FhYxqdW-HmOI8o1RcSe7Yu37LZa7lImuq9prd1KQtpIw836BJEXtz8bQzFHcdudR48kZ1NWAyYBNITKDuAG-021ajm9KZOOL0LxpMB1A0iY2No6rmhFHp3k-40ZOaOBkKRgHf-is81krcQWXwVWBU5q9gA46owFK7ZldzV0Ybt-rwX9GC3Brz_YRz7kOc6vSQ3VHqoe65j2NFLJeD9tWKpjm2uTuocuUif7irccLLYdq6al82e7ZbPz6cWVQxMiJ4Fv0dLX7ki6J31K1pdRxS67-JQ0BInHq4TGThWr8aRlI8WsogYQuxAJXoeWnogHs8BsqXtDMeFm8BcPTC1DRfnZ7ThRnjCymiNww5vBnzdeVaCr0woLWrgH-3Gkp6cET4SKLMsAGoWjEHHbN8SszDB6kAlD6KvN6FXSvX2T599VOiEvfMFOm-tEwgCZ_BhHp05T0UhqmUfTZwzK6wwxE0IH1dUh22qgM0mx7hj0BFcAc4AgsGCgebCHhruk8xLlJQrrOKSluTHo4OReweo5yTh-ssuK0zLR33874NJHcPi-BXKDoroXdKWud2uMlElNiE1hSSNmlW0GWm6UPl4aqR5SY9JckouTadLD3kk2qK8MOFdOGL9TN5-npXZrpqsxMH6ApEr5Lpacsi-18mQDdn3ztJ3gaHLpR3KJF12VenbgyNW27upU27uL2CgNqrRpc4416u2j8TYNoxQ5YcAX483-amFUD0YtCKrGZ4bTCR_VBb9M74T2qw4CZ7IeGgSjLqgJ4Fz8Ky64pLc7CwWeepsTFowQDREzBxFJNI5dfi9-sfuZdkXVG1h458ELe9DclNmadsjvAirihmlBoUWjicoaX-yRR7GPtGnNT36Z6_BvnPZmkXbBGzlgNE_H86x0W1MQElonuIwpFPE8PLHWmedvbNElD_Cp2YKIFHpB6HvbYd1OZVV1CZQztg8fjh0Qk0N1A61Kw_oG88Ihys8Dgca0YKl1aU8o67ebn524nBVvAOxxG5LS3ZhSffK8wjyWGOEvndEv7pUSg3mrz2U6y-1-anBFxuxvr4u_Cyc6tcbsbesw-xBXl-5I49y6pIB_qqQ1PENQdlp8gWNjteZnuiY67gCF-7xIyz5buZJBHcq6OHnjS58g4B3OwLn2uyOlqzRQ7QmyCFYoYVE_RvmyIXscAgDlJMxvI4mNHT5nlm6rrgJI7c91wgfQWrwgwI7_Xio25R389V3dMUEZ5aNKN1896nbZAzX3CGdeSHRuDT1kBmfUaivsWzB7JZaIdTtF7U9vUNC80Jq3td2btr0dfKqgXOi6fJ1-_o3lybHXDf-ry5flBfNpnjrDmpPp9eBRCsY2eHMbTOn4bbP30I5GiOawi_ja9dtrsH18nl9aihjFIuvz-q38H9hDrK8z3Ds_ZuFB_9oOr3idJ_evuvFznQckpHxRkxQgmBuSLUjdylp2NaRityUjn4ifXYhPHNIM0Y92zaVvAJmplv8-ZTWYd3iIxUk_h5LeboSQpnsSbakYIJ8ZGAvt-OMx1tAjF99asyT-2WXaANk4bdj4-W4f5F2Tr9pvB0Qab9IyNBWXZIFuJ--cjBVWr9MaOte57p6qB83RY4rmtnqtn6r9tSxHdCt91qK-TYXRfHwlAuGPnAu6MFA9fcU9JJUdOqUqHqDhWXz8WCIKSNzUmTlmo0pArL2Jw6QA_IFT6g-Z1Xd6FwUx6Qe9_yLRhQTObySwJnjTtEqFow7KF9NbhyE6Uu2oqRMXqZVVWux50ihOP6ZgYckY_VGOBbf4Rmd8pf2oabvhkVmo0WiQgu-Vx_ax4vjDt36TlkChp4qHoCoKVXKriLjyOLc6Dg-YNkzuHlvsaYVGcjQ5fKeHFlRd2fuFyENWkGJBxRC5jwrTzZ9Dljve4WeCQLBYg7Ls0oARJJ8DYn4HxltLfuhPQqXcGDXr9BcWUiMctCdlg6-Hl_XuFDkL6q2-PzBwkSyXB6foBMmG6u3SJzysEjknH1K78iHtOYVuGKWHqWEg1EgNN1TTOM7mTOLUSuT-hcXISfSmwH3jpKYfFJoa5XmBh-F9Xez1BNgDbumFPmzG9ntLfGUzAdhUs5f3QixXPPLOCZkNvJYCDB-S2qLe6iTIePBOfikBinIYC7-6umd8MX9hN0bQCPAsuATwJpmifIEAXB6ajNKLTOKQbMVgaii8shQmMsehjnef40ZPVRqJXnTliKVaXqwjkwBesPf414NhmVAVCHa25V61rvNO5WzEPmB2Abq0Cohw1lsknWfl_ur-MMOz5OBj1wPF9-fY3XEG121Mn-tD0MnIA10pgvcEmgSCe92YlCuBcowmqejxw5rJIjQAC91uNxPyjkCNJIgU2xsjoo_ZgLs_X2D9_Ohh9meYHvGtxCVQ7_Vte_UsfTWaBPwt_yDiRRbqG4ofiCWkhX8jrce1TssRLj_2m01tEzf44GxCycpyg4JVQooX_8go760Dl8y3nblG0k2yMB1shFnGdMrhpPoiAJp0nmkLNuHDhLlTzSw-zQRUp4jizUpvkqOd2LJ93FQgUdHDrQqMRI8Q9psdiZVFj7rM-mH7NhN7vD8I3GaBgf2LDrc3Aim9I3VKp4--Mk94F_hh8encJwYec-VpmTaXpo0P14RYtJWEKU2tkKJ-8wpVIf8goIANJ2b4d8Dk3ybmojEtJa03EaGGU-Jj0rqOSK72tAjkw-WczYelZ3wxTPZdWzr26lusCQg-99Vse18Ayh7_vZ7XXYs_Ui34kwryfVGDTIlL2-t_jjoSpEWyyCw7ZtrwQ6_j6jg9eH_5Wx4Eai7cgm66ko&cid=CAQSOwDUE5ymoMMmsEFLWmlqENURtYJgMjRsFluFUfIpuIUplu9sxAJ1LY0pWMXvZvZbt5cNkI2EDlCdx989GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=7542582017219056000&adk=3047537735&idt=381&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 10:06:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127232
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Mar 2024 10:06:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&metered=1%7C7&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=34c42bbe-5913-4db0-81cf-0c80393abf2a&pid=861f216c-a69c-4849-971f-ddac30606012&dtm=1679606792485&qnm=_matherq&visible=1&tabid=b47e6e5b-cc9d-4515-ad41-a18129a33455&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x12712&tofa=1679606791&vid=1&lvidt=1679606791&duid=9a3cd9a3080047bd&fp=2417809956&cid=ma63527&mrk=484602605&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJkaXNwbGF5IiwiYWN0aW9uIjoidGVtcGxhdGUiLCJkYXRhIjp7IjAiOnsidGVtcGxhdGVJZCI6Ik9UQzE3WDMyQkpDSSIsImRpc3BsYXlNb2RlIjoiaW5saW5lIiwiZXhwZXJpZW5jZUFjdGlvbklkIjoic2hvd1RlbXBsYXRlMU9EU0xBR1pYN1dYNzEiLCJleHBlcmllbmNlSWQiOiJFWEtFVTdZWDNaQUwiLCJvZmZlcklkIjoiZmFrZU9mZmVySWQiLCJzaG93Q2xvc2VCdXR0b24iOiIwIn19LCJ2ZW5kb3IiOiJwaWFubyIsInR5cGUiOiJ1bmtub3duIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMTAzMjgyMDgwMCIsInJlZlRpbWUiOiIxNjc5NjA2NzkyNDg0In1dfQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.216.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-216-79.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Thu, 23 Mar 2023 21:26:32 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 24D8 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
13195
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Mar 2023 17:46:37 GMT
etag
48472445140208031
expires
Fri, 24 Mar 2023 17:46:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A226 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d653908e2636965d056bccfa29d08dc82e5386cc171f24e85ee08a4b40a9a1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3789 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
478510
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Mar 2023 08:31:22 GMT
expires
Sun, 17 Mar 2024 08:31:22 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 6501 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
3431
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 20 Mar 2023 01:56:12 GMT
wn
prod-dash-10-0-123-205
server
cloudflare
etag
W/"26850-1679277372000"
vary
accept-encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
7ac9c0d65c819273-FRA
expires
Thu, 23 Mar 2023 23:26:32 GMT
piano-frame.css
static.advance.net/static/common/css/ Frame 6501 		126 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.advance.net/static/common/css/piano-frame.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
882c64ded0560646995a2c171454780af7733711edd5fced468f41287b017e06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Thu, 23 Mar 2023 21:26:32 GMT
x-shield-cache-expires
10
x-amz-request-id
H6AE0ZYQ87WG329N
age
486
x-cache
HIT, HIT
content-length
20437
x-served-by
cache-iad-kcgs7200076-IAD, cache-hhn-etou8220022-HHN
last-modified
Mon, 23 Jan 2023 17:12:15 GMT
x-timer
S1679606793.797034,VS0,VE1
etag
"ad286ba0567cb231e1f239c88ab050cd"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 6501 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
932281
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bOlak2K2FH51IqjL14BGPmKPmrQ6dYsCUACRhCmEy7u%2FBfEzrBZdDetQ5dLo9C1WdYi6Rbk%2FWJubkyiHK4L8Ai0DnEUWSaFZImP%2BwK%2Fw39JQOjwIr1Z32lFk%2Bd4HLh0MJy7hqEWuKculV8rKsboOtvSo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ac9c0d6dd17914a-FRA
expires
Tue, 12 Mar 2024 21:26:32 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 6501 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4915095
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJ4iKFcCzOIxnM83bQUjcIjKagUZnBa7ptbQKkxRYnftP65qu0P%2BDhGbVMzo%2FpAE%2FVtfd%2FIebMYWNkD2nh0bQo3SsqR4p06JMw9qoizq9MhBSDQC%2BluIkBIKyJRImmcG2%2BlLhPXYGQSLeSflD5p7akXu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ac9c0d6dd18914a-FRA
expires
Tue, 12 Mar 2024 21:26:32 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 6501 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
294308
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8lvTj1ptPduT39UNupnsZ1hu1K4g3YlKNxJ3H1IVGWFqWC8%2BLjO1KukyS3M4gMkBetWpKO2lFfksnPMJUqzE3xN03lJBV0zg2aJ5CqMUBe1rIRDO6Yfmh0O8VSEZfamAOlrIZtLyDLnWdeS5V6%2F160KX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ac9c0d6dd19914a-FRA
expires
Tue, 12 Mar 2024 21:26:32 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 6501 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
294306
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3978
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-2bd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EM8yIm9CxapGXH34gNCkZseuPkY7A4T0IYwowuDNSDhfr21TL588%2FYTSqHkl6ZhzbxzzZfpjTvyYMYfUJ3zK5bJZ7tbA4DadqMVsalznrSXpv32T6onWFL7Au6ehNQQ6pthQ7gVdPnNSg7UljG962RaQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ac9c0d6dd1a914a-FRA
expires
Tue, 12 Mar 2024 21:26:32 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 6501 		825 B
748 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
83817
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hncDzg3%2Be1G4h6BJC9LMMTDLAnVcEkQbmCe35D8hlcWcYtmN%2FJllQ%2FeYHsDZ2oPJGFCIp01GruPAgOAJM4HeGvfsnwb61JoDpY8E9y6nfAcwqg54v5orBj%2BO9p82oLcr8KBTY7RcZE1RcF4wYzLkK3id"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ac9c0d6dd1c914a-FRA
expires
Tue, 12 Mar 2024 21:26:32 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 6501 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
11506644
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fA05%2Bjzksk8txooAG67SeDtgtT215YIh%2FHULCS%2F38cHuTgkOj54ymzK5iOErvVmX8G2bISocGqo6ULvifV1QjmR1k9YqwQG1%2BBsAxL6wuTKaAzs8AzuoiGmNll0tHmOAC9Rqjqp1YtFXcKCxexLNB5Dm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ac9c0d6dd1d914a-FRA
expires
Tue, 12 Mar 2024 21:26:32 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 6501 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1206973
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0rwhkM8%2FNlq1zI2QIxPpyi%2FCKuL4OE%2FI8gZy%2FDLnSJie1VhS3bugSuNAr0iR3Vzn5JyXJp2qDktwBuHdQKwoiPVp0P7bQyNg%2FfdQLRmN9uvUPU1y0uu4wBVodt%2FERid4Z%2FrsUIEqIESh%2FcGvnMIjB6u"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ac9c0d6dd1f914a-FRA
expires
Tue, 12 Mar 2024 21:26:32 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 6501 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
299854
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=71VNgE4sFe4xvhbWihEenRT92nteL7SNXECYI2qybCzyvb5sEZQrPjJJgMm3RtYDLE8daona7uqzVq%2BoQIAwnqn3v4MrcLk0%2BYrP7Sgk162Z5fUUH1q3KXe0aiqOwESF7WKHjv%2BtutxNVdH9sqfMjY7l"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ac9c0d6dd20914a-FRA
expires
Tue, 12 Mar 2024 21:26:32 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 6501 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
9646523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ijp9h1ncvD%2BosmXA0EGwYVyBT8P2GH4z%2FNEHu2D%2B3JbbGqikMk5%2BOJ5Jj2%2FYcA18O0ExkyQczCwWfa7SsfiBLBTiUNqGpfvS6HQGXgaX17XXNkg3uzA0irIXa6PUTPXCirhL8nQvEYO6JxB%2FvjnYyvy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ac9c0d71d60914a-FRA
expires
Tue, 12 Mar 2024 21:26:32 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 6501 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
299854
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6nRxjQ5itrFbQeVbcRY%2Boly8OLHc5flVVAsUEyhsFpdNVWBH%2Fc9eaYSCO%2BvCX1XiVkvHorMBsny17uohBMPI1VQgVBxTvjo1gW3h4A7p%2BAsNWpUKW8aJCPEn44szwfotFwhdyc1iM6SmJV7WBmI099s"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ac9c0d71d63914a-FRA
expires
Tue, 12 Mar 2024 21:26:32 GMT
H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame 6501 		115 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=15.135.1
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e78d23ae6e5e0f82394424866f999a7247b301cb7ccca0fe39ad303121be8061
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
2014
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 22 Mar 2023 12:40:50 GMT
wn
prod-dash-10-0-129-8
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
server-time
0.000
cache-control
public, max-age=602786
x-optimized-by
_sam
cf-ray
7ac9c0d65c849273-FRA
expires
Thu, 30 Mar 2023 20:52:58 GMT
logo-mlive-inverse.svg
static.advance.net/static/common/img/paywall/lmg/ Frame 6501 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/paywall/lmg/logo-mlive-inverse.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0b034efa03c6fb4de3e3952eaf0958b18847e6c1e2e8fd647759c97105004f19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Thu, 23 Mar 2023 21:26:32 GMT
x-shield-cache-expires
10
x-amz-request-id
PGKG7V8X0SDVBYQP
age
1169
x-cache
HIT, HIT
content-length
879
x-served-by
cache-iad-kcgs7200032-IAD, cache-hhn-etou8220022-HHN
last-modified
Mon, 27 Jan 2020 14:39:52 GMT
x-timer
S1679606793.907716,VS0,VE92
etag
"eddae84ef46240dace31d24e6e3f4dae"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
logo-mlive.svg
static.advance.net/static/common/img/paywall/lmg/ Frame 6501 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/paywall/lmg/logo-mlive.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0b034efa03c6fb4de3e3952eaf0958b18847e6c1e2e8fd647759c97105004f19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Thu, 23 Mar 2023 21:26:33 GMT
x-shield-cache-expires
10
x-amz-request-id
T1N3FEFTM71DHRQN
age
287
x-cache
HIT, HIT
content-length
879
x-served-by
cache-iad-kcgs7200092-IAD, cache-hhn-etou8220022-HHN
last-modified
Mon, 27 Jan 2020 14:39:52 GMT
x-timer
S1679606793.918419,VS0,VE89
etag
"eddae84ef46240dace31d24e6e3f4dae"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cannabisinsider-nj.svg
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 6501 		19 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/cannabisinsider-nj.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6066054d8669e8ca3c9a1ca53af6b3e80dba9361b59f023c82d7b55542b36fb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Thu, 23 Mar 2023 21:26:32 GMT
x-shield-cache-expires
10
x-amz-request-id
C4C7KQGBT53DCRHT
age
35461
x-cache
HIT, HIT
content-length
14248
x-served-by
cache-iad-kiad7000030-IAD, cache-hhn-etou8220022-HHN
last-modified
Thu, 03 Mar 2022 17:31:43 GMT
x-timer
S1679606793.923557,VS0,VE0
etag
"aefa848511ed2323f5f7292cad413d91"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cannabisinsider-newyorkupstate.svg
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 6501 		16 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/cannabisinsider-newyorkupstate.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3b2ce9e63a7f14001e6af32ad0d3b19b045b916cf8073180d25688e4b3f49e40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Thu, 23 Mar 2023 21:26:32 GMT
x-shield-cache-expires
10
x-amz-request-id
HVVZ3YTN1X3VZX4Q
age
19082
x-cache
HIT, HIT
content-length
3492
x-served-by
cache-iad-kcgs7200121-IAD, cache-hhn-etou8220022-HHN
last-modified
Mon, 07 Mar 2022 18:18:54 GMT
x-timer
S1679606793.923554,VS0,VE1
etag
"67c5456929bc3d85c2333fc91a450c71"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
syracuse-cny.svg
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 6501 		64 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/syracuse-cny.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
924e4b297681729162fa238a756db89acf5a1dc0cd23c1204c9a4e4407493822

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Thu, 23 Mar 2023 21:26:32 GMT
x-shield-cache-expires
10
x-amz-request-id
29MRJBY57GB08FSE
age
19776
x-cache
HIT, HIT
content-length
48413
x-served-by
cache-iad-kiad7000094-IAD, cache-hhn-etou8220022-HHN
last-modified
Tue, 04 Jan 2022 20:10:53 GMT
x-timer
S1679606793.923338,VS0,VE1
etag
"30947d9aefcf59c3095181bf0123a29f"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
al-thelede.svg
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 6501 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/al-thelede.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
30e382a9546c4b436b0568f463e7c3274696c3c59f7aa871af91a33a967f05c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Thu, 23 Mar 2023 21:26:32 GMT
x-shield-cache-expires
10
x-amz-request-id
GQP2D6Z7EYS6D0JH
age
10832
x-cache
HIT, HIT
content-length
2079
x-served-by
cache-iad-kjyo7100029-IAD, cache-hhn-etou8220022-HHN
last-modified
Tue, 24 May 2022 18:14:31 GMT
x-timer
S1679606793.923331,VS0,VE1
etag
"1527b5427a70175541ef142224302fa8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
logo-lede_bhm-al.png
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 6501 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/logo-lede_bhm-al.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
70c0b487552a9a2ea102ed22ae505177c567320390f5136bcef5dd56d48d4f02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 23 Mar 2023 21:26:32 GMT
x-shield-cache-expires
10
x-amz-request-id
J4QES8MYJHP5ESDF
age
35080
x-cache
HIT, HIT
content-length
44631
x-served-by
cache-iad-kiad7000053-IAD, cache-hhn-etou8220022-HHN
last-modified
Fri, 20 May 2022 13:44:08 GMT
x-timer
S1679606793.923298,VS0,VE2
etag
"a683a2407cd20aa2076aed1087f11b61"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
logo-lede_hsv-al.png
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 6501 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/logo-lede_hsv-al.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9c1a3cf6c5fae33a0a2b627a9785b585148970346adbbcc204a4519d05f9a089

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 23 Mar 2023 21:26:32 GMT
x-shield-cache-expires
10
x-amz-request-id
BQ87HVF8QAF2D6GJ
age
33855
x-cache
HIT, HIT
content-length
42755
x-served-by
cache-iad-kjyo7100080-IAD, cache-hhn-etou8220022-HHN
last-modified
Fri, 20 May 2022 13:44:08 GMT
x-timer
S1679606793.923279,VS0,VE1
etag
"1dc34579a74c449327a76697d00bb180"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
logo-lede_mob-al.png
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 6501 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/logo-lede_mob-al.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d2b28582d25b3aa38daf12c501c7abc9297ae74d035ee343941f0938adec0524

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 23 Mar 2023 21:26:32 GMT
x-shield-cache-expires
10
x-amz-request-id
A70ZMJQXB4QCYRDR
age
31528
x-cache
HIT, HIT
content-length
42953
x-served-by
cache-iad-kiad7000082-IAD, cache-hhn-etou8220022-HHN
last-modified
Fri, 20 May 2022 13:44:08 GMT
x-timer
S1679606793.923274,VS0,VE1
etag
"563af4d5a587fe270e3c6e43be6f32ec"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
penn-truecrime.png
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 6501 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/penn-truecrime.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d86ce55edee7f570d7fc315f84814e3b1171edef20e3778e10066727092638b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 23 Mar 2023 21:26:32 GMT
x-shield-cache-expires
10
x-amz-request-id
T2S6DFE6JPGE1A2R
age
8235
x-cache
HIT, HIT
content-length
7289
x-served-by
cache-iad-kcgs7200048-IAD, cache-hhn-etou8220022-HHN
last-modified
Tue, 05 Jul 2022 18:14:11 GMT
x-timer
S1679606793.923245,VS0,VE2
etag
"b3623ac64851022e99375a518b7bb87c"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
close-icon-black.svg
static.advance.net/static/common/img/piano/ Frame 6501 		1 KB
785 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/close-icon-black.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eef57151e6646e4f59ca6a1d749631ee2f89bf4d1b736fb4620b784cedbe0de6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Thu, 23 Mar 2023 21:26:32 GMT
x-shield-cache-expires
10
x-amz-request-id
H6ADVRZHWH0S89DP
age
3499
x-cache
HIT, HIT
content-length
610
x-served-by
cache-iad-kjyo7100168-IAD, cache-hhn-etou8220022-HHN
last-modified
Mon, 27 Jan 2020 14:39:52 GMT
x-timer
S1679606793.945894,VS0,VE1
etag
"35ec888ec074218ee36fea53d51653a8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
view
googleads4.g.doubleclick.net/pcs/ Frame FDB4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstfL6xytDcqIXWIlqGPv1ixLod6mUNd8VRjOTfUT_HbvFdnnUv8B6XwgU5oy6bEAHb614oqb0SiHpY5GOuAZ-w9cXZ8BO-ZFLhUOG1oAh2l7_o_A9e4hF1PE6kOF7Ul60wOrR7aFlyXOsggddAAUBxWy5pY0KusfHrDKnXrELRAZhKh6eHivh1gXFbeaHIgCUB8a9cxVf9CT00IaRIhhW2Z1RgzjXx_GCH2_uIkMNedxQlAVFkOabztMMA2vHrptbcp7USy0I7Qm26qu3A-DH2comu9jkAL6kpzP77z7HokQa6U0zRP3AfqnO9aE8RdZ_jYSBVOHerBT0PnVGeY7bPV-NKC7F5jVdVpDK13_nZZp9fk_C98jOo3mJrwzQvPIzqYtcvk8UCm7VbDJ1-dLt-LGIiIDKIAknBEJZIgyMd8Gsrcs0tLTwo5zrs_n-G08AUl3IArFn_Pv6-QNlFZmM1kIKyqpRLDcAxTgWVfui1l6XoTVgsqG3HNHKcfo-Vv2R3ErA7nkpBtxgjotYrB04rz-a-1sKVWdU4IYyy5OmbjLV16v0UQz5v1P_9Pgt9B2Xp1gQ72wOSjwloKGGIw56isRT5_TTQX2F59zjabNNaKIHJZGEyp1EakTUUFUn-V65A97xZjx1VybTdWs2qY8pH73LAykZnqOgawBBaRvQz9iVEYgm0MCcjcul_K3AlTqDk6DesqAuuQrrxmBhyHQQ4BCfWQ21wcb4x5i7In0OBrAs2uUWIMninIUa7qXJNAvRYx1NMIZEFXdZ0780y_56G1ikqSViFheycRRDCCzJ93XsvJmulCDghIhhib3mYI8Njr0X_SsrlbKCX-3QLlg69k9jjg3HrxCLMD-xHdXcGpB5LI2tNyGuE4OGeqK-ivNi2n3HzWxkejaj0M5hzp3Lgb9kQ30LvPiAQKZ6uXXe41qTcwiVbuoX2675R2OxSw9P6Y0FuLEuGk7az1GTeg74-DIY6falddf6w4oAYJf9hCYJ088rM5xwpzrtj5bmwVKa4xhacDijq3EnfoOkUPKrycVr10e9nFJ5YJF0s2C3ia_7Tsoxf2FTqmo48QM6Lqvnj8uhw8oe1DubfwYriyYTe1K2QQ2IqcLTrQaRVTj3ILjYU-FTEeR7IY93q0TOI5hV4Yw6vxAH0LEXsn0yL5UcHcjYVlImuQ_InmXpv44wRWAStnGOY5TNRUpr0ebiZ5Vsnp9QJIW9P-0yD_ZE6BVJDnnfwdjBvdsU5k_NIxiB0l2RGYMw1ACWs&sai=AMfl-YSLNwvsXssmf6Mm5yNwhd2i3AL1HOjYeOqXo0mOXb9OpZ1AXfHEGNmlVYGg0gI7kVOzGeOFAV0DTPAWsbZu3QJvE_O24oYmdEeo9KhOXd0aeOD8HMR7VT5L5BACGgyMh6kNkPgPetDu3atyHnTr65p9nQbGsIIYmSjYHh211Yrj3FbVb4YK9uAit1LOeS0H_vKugruZhw2yt1N2wRjLAnTvZaq_teNm-T9FOZjXT_BajbNAYgsluyGTLt7DapaQLhtjq8e-R0X5BT6KWSvdW-RxhOXYeck&sig=Cg0ArKJSzC_jJW-QIIXuEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=254&vt=11&dtpt=252&dett=2&cstd=0&cisv=r20230322.03554&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUBrmgamwT59HwHCO8poEbOlv9AQ2yi2fkV287z4QVBPpsDE5KR78Ge69sooVSNcMgN1KQp7UX6SNJz7E7UqTw-QYREw&cry=1&dbm_d=AKAmf-A7FTA_sWgXObdI1n7dAjWZvYg-PRJy3YkXyb1TTaL3SNcVlBsJUCa9LYwWToPwxxV40L_OHBCfTzxNX4TdBoOXJO678xTHXA8PVgqlCGQkZYRnU2usoSFmCgTm5NiFQdtEkNFsjd6WRf7Ji0OReKkDkQrOr-ADLX6Y7T52NaNRGmoNHtoLW900pt2svMtzYcbCv1ZUx-6ZzgJLVaSrtH4RxhKMc8DSI9oeZvpqiDl19K5sEeldrevjZFvk2khhT9pWiEel3CRrkeWvGICsPJFO8EjZjfo8maLIEVpnkU06KnSYm8hx7v4U78TcIi9WSAs3U99YTdlp_JYUEo4wxRXxwz_Ed2UZMc64sLo-k6a4NN8cn1LLbyC4bwQr05djAOmLvl_ya7ciPIvodHg24q61CFqJ42_wXyvUtCAJ-YW9qw6Biii0gDz1DrwhTBDzC62jowFee5AkmKefIf3kMaSBm3FGDqfa9xIUQ1EYQnl6CyzxKKiiNFIsX6IOgab3Xjruh-rdehdNZPyEv0YLxI7oZ-CvzncB1XW4SYkp8VuhaxayAhv5k1aMUf_U4UE81bq3WVDsMQmGQYeYbGDGG-lxpFfYPwCF0gcVHn3IMtzGdDvSSoRGHErbOs2Pr39YgL6co70ljZNhNb23_fAeQ1sqhlhMuM4mFli7UhROs-zRLFnxW-ttF7UAqECYHYAniuZoBfH1d9dDT7jhTcDnW1yli_brh9QGzE03hXLALVWSXoBZr7R9kSeTnG7N0CSEJE_RvNcruyD8UmtnvpFIRSd79M7rrFnhmy0aa-h8sfWtHTFgQrm5p_qStfCqy4jZxaTIDu5PcU6YjaSg5_FNXBG3lZzA8hn63Q5pAgxtYwwLoQCjdQXCZq7x3pErtO4GcEmNcIR9wmHD_GRSg_wvm9I6qD8-ApQa_4GEghN34z6LA7TB9aXx97uv5jXrkxFPHluaSGro8wTYP_njSPAjg6520Ax4mxxVQyP2uG0D8jF9PxpM0O4bgSJV_YTbl_NNpq49EjeOK2ZfjxqddGOKBgWF1Ltx0EPeNtcukL_MMzyxmoo7AFTMyZb3jy16ZC_s6wJ14gopmpg_CEHdfQa45c6D4dXyGN_sFfxTvlwGfZrmd8_sevIuAUZsjGIClbPhLJGYtVDI4Wa6YQ8JOYhV8ZuK4Fr-Skr3gKFJc6ilXqyUAnd3ltq1SwncFsxxqi_IZOhIS5y3YsUk-SFIBo7Ardf8AQrmDigmZ_KGPycFMeAolTYdZSCkkPrQu3lzNJj-R3f29nRrwIDHfnt1PhX7RPKIheFhWfA-coWZ9xGQb5rvFdFDKU2OMyjsVRowShlTocROYyiwrbWOea6ce-PbMFGBq4JA4WNitzSRfFfIcNyMEkIPVfqcAYiIENcSGwdAKh9JS8G0Jve-JBzrlY0bx583_Ab6tRyt76ehN54ySl7jpEvI47OEFeRntJNh0YCYiimOVNWnntrWvOLZZ-elBT3NXJvDgUZRLDJjkGjVc_qq3gof-gfTTtyXBmMvGM_9h44wssT468r1qGFgS3JPd1zN3D86M61vzoRJ0IxPKmgXxEa2oOdR8zc7IrZcnxXB6wGU9pUBF6hxsGqgnMsEzWCM6Zm-zz6nZcI1MDo3OozF3-iL7_UoL7Egnipct3QCXStDHYHfE5PvxbGa_VPEMEXDNWGeeAuP25mW0m2QjGy0xYGsbmKD9aNACe7TsYFnOAmXMIqCP8eMyJg95JZ5Zf7iBSP2JoWkgSV90c0Pk_akIsm9mgkfCqrtoC6XReJW-DiDGDS9cDkGO--6vT7ZnduczKy5PxV27PbQBioOS_2eViqgw9XAFpEQlygxGpBeTL0NTcOZecPN7IoscrRorEPPH8T0ESXfHDTarEZahZWbRNcv0zUVJfUPLu1n5qfZOvblgLneV8JAOI2-gl8vmBPEfQ700_XviIjq4phyFJcF3hqXeGw0-N_rEuqoyOR5_zn3MaXEiQKR8Q0CyTBGdgq25uyyKmnnHTH5tyeRlAlJ94SmnvOGgC8SliMU4g0P-WNA6u2wKOAVXe5XUmMwY8btX1gt1LmtDfnLWJiW1tINkv2SFNffiTNhqBVd0Th3XdyfbAav7gPkqo8XfgMEepuEvlQonhkN1Kq4TbA8raEaNxZOF8P61RIVpPGhweCDnjmyDKhT2RV9jE2r62_PyL9jKjNHVXa4obZ6dAEZUXnsHFjDZut-hy0htgwDPMA07m8DztVWRgDEzo711FKqT7rT9YKPLHZuDFqBWjWkPjKmNyo0ZW4Hn8rwISkN9Iv0VKtC_5wj8UrZcUHXKV7GOvoFBDFZMxJX4bb2tC6XmY_qCnegMIvNi3LC3XG2mSiT0cwzVNOGdYv20_3bXbjM03e60emkwtqdb_z_83N3XPntu6bSUQ5mc87Kf7zrcAz8cS2wrDXCom1f_6XBAEXooNVGdtQrbe7RHh_2N6mUFL5ACL4nhs0JxOsVI7G374h2xH0G8psk8jN1tJWmcSP6_nxf5uet_X7mBj0F1h3LsuSm0NVXMwtysotc-yVuzagTrB_E8uDA8lShb3C4QtA1x__JXImDBzLt-XiNQ15tbIHrkepE0qRzmgfQx5dIeTIWfhn57PEvJuJcHtCoIJd5dsfpbpgbYWAimKKtiQBsO2vVWL2LZd1Y4p6zBbw1IgMydhVPCg_F7Fc-OBNkpb0zObwZVqXt-Va4b_eEqiLJF5UiLAMiJgD-eXzg7ups-3OlFwIqHlaq2CoOu_HdMwCLAH8oZeA8_mo-aP9MZwWZyhuvN74VpArPL8frW4UqAq263M29JjlPZl774X-RNYIcp6dcYVa4zu0vqRVWXohVmunwP226ng5TJLrUZC7b-w7coX4l218gZrETdHhDPi7wqo4rJj14WlAFNZQTObY8vVnhIqq9frYlcA0B2tU-f10L8PJF-M9IHXpfBuRyO3wuTLqYN_9Ig1rbxRTnGL52OcwVb9tUuAOGusSXE58gv3duway9SeVTqvOGzIJD3Xh72i47CeZAhdfMyKAYsmeXF0407-3UovCvHvWTizsX_wV_zDrDy71Tj0NdCcBMyfCTgLwI6evxsLhEfC3GH6XTlgsRr0qiPvFF60IlixLV83-8dDFXqjXCdgDQ1gLSFsiBpJRjZyQGiL9GWlgTCpchUpSDsDszQyoeyuk4kpTLPGBq8l8Urdqnye00DSENGchKSaFVImBFdKsNPtzzZCMLGehtQE5ki7oj8SSr6qTR0_3myJfw6xGDouStWObRM9n_yDx4pRSlg2IupQtRmkPjNBcKMxj1Ifhzmb-gxU9erQSrS1fHtGBrbOqA5f31Z_h40aLHb2waTSPrz0mXJR-5onu1sbVWbISDzSyIN4N_3uCttUMV4TIc&cid=CAQSOwDUE5ymoMMmsEFLWmlqENURtYJgMjRsFluFUfIpuIUplu9sxAJ1LY0pWMXvZvZbt5cNkI2EDlCdx989GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=2791917347063485000&adk=1964084972&idt=213&cac=0&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 23 Mar 2023 21:26:32 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DB5F 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
13195
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Mar 2023 17:46:37 GMT
etag
48472445140208031
expires
Fri, 24 Mar 2023 17:46:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4D03 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
478510
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Mar 2023 08:31:22 GMT
expires
Sun, 17 Mar 2024 08:31:22 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 24D8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECmwjxjyEtmylkXLwgCY5Mw&google_cver=1&google_push=Aer7DvL8S4aqS0Asq5AMej99z6gL2TeKOO711WAZj6VCSpKuy2lPTucXCyNszsZXYg8ItAdfQ1-XQEFig2ecMKEB...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvL8S4aqS0Asq5AMej99z6gL2TeKOO711WAZj6VCSpKuy2lPTucXCyNszsZXYg8ItAdfQ1-XQEFig2ecMKEB4jvacHKMYhk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvL8S4aqS0Asq5AMej99z6gL2TeKOO711WAZj6VCSpKuy2lPTucXCyNszsZXYg8ItAdfQ1-XQEFig2ecMKEB4jvacHKMYhk
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 23 Mar 2023 21:26:32 GMT
Server
MT3 668 4401257 master cdg-pixel-x29 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvL8S4aqS0Asq5AMej99z6gL2TeKOO711WAZj6VCSpKuy2lPTucXCyNszsZXYg8ItAdfQ1-XQEFig2ecMKEB4jvacHKMYhk
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 23 Mar 2023 21:26:31 GMT
i.match
s.tribalfusion.com/z/ Frame 24D8
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEAX4tsyUQYMpwQSK9qnKrZo&google_cver=1&google_push=Aer7DvJo15QKh3kZYzfEb3qOxMp0fzjKQeBH3m5CuOjIspVmTPPb438DQCwfU8jX01QpY0vmIo8YoysNzEj7ICRA8-N7oMEU7L_Ox...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAX4tsyUQYMpwQSK9qnKrZo&google_cver=1&google_push=Aer7DvJo15QKh3kZYzfEb3qOxMp0fzjKQeBH3m5CuOjIspVmTPPb438DQCwfU8jX01QpY0vmIo8YoysNzEj7ICRA8-N7oMEU7L_...
43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAX4tsyUQYMpwQSK9qnKrZo&google_cver=1&google_push=Aer7DvJo15QKh3kZYzfEb3qOxMp0fzjKQeBH3m5CuOjIspVmTPPb438DQCwfU8jX01QpY0vmIo8YoysNzEj7ICRA8-N7oMEU7L_Oxg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJo15QKh3kZYzfEb3qOxMp0fzjKQeBH3m5CuOjIspVmTPPb438DQCwfU8jX01QpY0vmIo8YoysNzEj7ICRA8-N7oMEU7L_Oxg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:33 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7ac9c0d8ca44bbda-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:33 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
364
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAX4tsyUQYMpwQSK9qnKrZo&google_cver=1&google_push=Aer7DvJo15QKh3kZYzfEb3qOxMp0fzjKQeBH3m5CuOjIspVmTPPb438DQCwfU8jX01QpY0vmIo8YoysNzEj7ICRA8-N7oMEU7L_Oxg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJo15QKh3kZYzfEb3qOxMp0fzjKQeBH3m5CuOjIspVmTPPb438DQCwfU8jX01QpY0vmIo8YoysNzEj7ICRA8-N7oMEU7L_Oxg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7ac9c0d74f9dbbda-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 24D8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEC158ttJ04duZ8lmDgmn2oA&google_push=Aer7DvI7THN_9AI4XM5kAUPJrbpjv2eko_u5hkyjyVJS-dgElecwJPRBPY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEC158ttJ04duZ8lmDgmn2oA&google_push=Aer7DvI7THN_9AI4XM5kAUPJrbpjv2eko_u5hkyjyVJS-dgElecwJPRBPYatpJwkOVUwGjW2Gyo2_alBjXJdDBex6rikePy0LYZR2w
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-hhn-etou8220032-HHN
pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1679606793.844127,VS0,VE90
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEC158ttJ04duZ8lmDgmn2oA&google_push=Aer7DvI7THN_9AI4XM5kAUPJrbpjv2eko_u5hkyjyVJS-dgElecwJPRBPYatpJwkOVUwGjW2Gyo2_alBjXJdDBex6rikePy0LYZR2w
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 24D8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGyyUpbBRcDwtTYnKLDLNPs&google_cver=1&google_push=Aer7DvLyIYx_U7j0un_wGjp04yxq8MeGQomlHHWZUzjFPOs1J-6G1APsAKPeTwS6qBy7Soth6-P...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZMTUlNQlktMVUtTEtNTg==&google_push=Aer7DvLyIYx_U7j0un_wGjp04yxq8MeGQomlHHWZUzjFPOs1J-6G1APsAKPeTwS6qBy7Soth6-Pfb-tDpmgSAEUU1NhsfA9fR8WONQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZMTUlNQlktMVUtTEtNTg==&google_push=Aer7DvLyIYx_U7j0un_wGjp04yxq8MeGQomlHHWZUzjFPOs1J-6G1APsAKPeTwS6qBy7Soth6-Pfb-tDpmgSAEUU1NhsfA9fR8WONQ
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZMTUlNQlktMVUtTEtNTg==&google_push=Aer7DvLyIYx_U7j0un_wGjp04yxq8MeGQomlHHWZUzjFPOs1J-6G1APsAKPeTwS6qBy7Soth6-Pfb-tDpmgSAEUU1NhsfA9fR8WONQ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
pixel
cm.g.doubleclick.net/ Frame 24D8
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIigY7czLWlN_uaLub0FQIQ&google_cver=1&google_push=Aer7DvI7X9OKXowsnvlFnatmG5z_dQ3d52oPGIBKKcvvMpYOi7-X0DN0DFYAkL1mwv70ry9CtTIdG6zl92Ayc3em...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aer7DvI7X9OKXowsnvlFnatmG5z_dQ3d52oPGIBKKcvvMpYOi7-X0DN0DFYAkL1mwv70ry9CtTIdG6zl92Ayc3embuLDOhMx3OepXQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aer7DvI7X9OKXowsnvlFnatmG5z_dQ3d52oPGIBKKcvvMpYOi7-X0DN0DFYAkL1mwv70ry9CtTIdG6zl92Ayc3embuLDOhMx3OepXQ
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 23 Mar 2023 21:26:32 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aer7DvI7X9OKXowsnvlFnatmG5z_dQ3d52oPGIBKKcvvMpYOi7-X0DN0DFYAkL1mwv70ry9CtTIdG6zl92Ayc3embuLDOhMx3OepXQ
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
yQ8w4jxlBznU-F6-wCwisUTRZgapfQ-q2AyYsoXWGu5ectHmCObCtg==
report
sync.teads.tv/um/ Frame 24D8
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFli_eyz8yC2PQlI7E27tHA&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvIqKWxJ4-bGVY1fzM4orQsF8vz95hTOMhlooMCZxn9SsL9ZUCtpeA_spX8mTgtQ1Q8NkfHdvMFVdlyjVQTPPqBnmVGRam9kW7I
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol
H2
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires
Thu, 23 Mar 2023 21:26:33 GMT
pragma
no-cache
date
Thu, 23 Mar 2023 21:26:33 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 24D8
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESED6EHIXim...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESED6...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=8851d4e7-f5fe-40b9-ac68-88558d2a6ced&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=8851d4e7-f5fe-40b9-ac68-88558d2a6ced&%%GOOGLE_PUSH_PAIR%%
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=8851d4e7-f5fe-40b9-ac68-88558d2a6ced&%%GOOGLE_PUSH_PAIR%%
Date
Thu, 23 Mar 2023 21:26:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 24D8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LMKHKqdRoal4nfFR5ZzEgV3CXZGKO8H2fpzdnbRO5w1S7E8X_mq_ZCsyqghsexsoRDyCfU178
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame BBE5 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8fd59a9e4d5a0cb79e5b5eba71fad73eda11c981dcca9847ab028cf5f13b648f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame A226 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvlb9nkDOP3MzjS5s30UTv7SPsJZ92ncCVCa9Qdo4AMUvaetCOCJpAEM5EJzID4Z3tTKBofjT0DbcZ2PkERVbxR8Hs07FYHXe4jECp6pBgR9D727HS5P4QEj488-n778U8YB8c-0RgZ0POo_Ulxv5esH9cAcma8afMHkutmOPEoFjzJSF2EhxjuTr-lckG-rVpGSIkgfIZLidPna1EZZK1e58-ptPV6MmlcaAv-D9pYDzsRwU-iZEME1XQBHE_BqIrt1Em74QyNQdXAiTQtwt8WoUYz2R1Vfk_UB5UOFCWedxnWIcfMnqnBvuL-Bx7ZepN-gExpMgQfo8O-PbNE0hawEgebuNzCOHMvlIrdowBRoI20a6Juh2uLWKGnfAmbkemtzgAE_tfQ9TH8Xj2O5djUghSlzK3kQDL7nFO8y5B_KQ76MPKLCcxhNVyM0k2aUgXWyz7JQoY_kiIuEWvC4YiAZS7qfQI2_S4HSXUj7svWNM-6oTTsQb6KDzJPIjPvRNK2RFB4tOKPVOh81jzm8HQnBBGBETixQmmQuiUckWMm5wOUfdV2i5esDhEWV9N2LfsjCVK20TUh3g1WT0CRZ5NS8VoCENFWaA0n8H6iEXcP65tWZZMe7cCbJp8cYMhgz6IiM5DmWdYeIPzdD1Ht3zmx7jWgy5a6Nr7rXjE97inWyZJqELlult6MzKUylGfWzMrJU7S5qkJtgNp7mnVkPfJ5SM6diM5304Fh3rEaJNs90IITtNAsVRpChjlmkuGtu9beJKBnDGjswoh1ShQdMESa1TnYfsacaxFrVibLk4H949bIaiDa2iriiiETj5dhtCg_d5yp4WtAUjXuCmsmi5c4HZhMGiHoobwtNjVkaHyCvao23afdI7BAsD8XRoEZrdGFdzdoTr8ng84rKC57X2prR61jiAtu-AfuKjnsj5a7GCy-cy8wRH5RYFRvsgkacY-i_TlAC49NGjRH2X2SasP4Vn3VXyH-vaQpCGkqai648W5MeS2T5gxDEjjVRuWi5ErDEpQE-wPqJTdpetpT6tmJBLnVBLNcNCc2JnJakYsxKd0yvo7E_VBC20lLzlINTItMRF6g3hS1F86MyUIC00K2v63fI8NEvTo3jQ1lERswd4lkz_sCAdd6PbTI8-TAKpRheheqvOjGvWC2YduPRtrRI7Mc_DVqMcS746CvNHIv9utDQu8edvOV6Bn17pKnyGLE0Kd21R8mcYlq98YD48mfSyXU7sOK2FiC9vzWjRWk0A7Apy-4LeIYOSdT&sai=AMfl-YSbO2-jIVI7lu0t8BNLlU_lwqxtsmguTtkwwBMLRbNQcCVIOCQWcMrC7SFcQbB37rIMMlAnrnhfzK8geTRxhaEKWvEniiJItZ1MfY9Dqmx2D9W97PgcMR5W_3mZz02Q8_EF4AqsX3EAx0qxpHHHL1XCSVT8mRGcFE_eo2hg6tkKI-DBK51jfr9rx8D-qruWMAIceS-f-jmWKrTwQeUaQyqESgS3yw7GQvGy142t_NUjZj3aus24rvnIWO1EN_eEnmzSI8kcDIdKIKpbF_qekjsL08cSKig&sig=Cg0ArKJSzM4zKrQq2229EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=176&vt=11&dtpt=175&dett=2&cstd=0&cisv=r20230322.92396&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDqjSam_HMuw3AcxZkIqokKDok6TCgA9ZcbvTlCWhseh5KmgBQoWSnNG7DhAJBtNHBFKaYqGpMHx_RTsYxOgnk2vD8ZA&cry=1&dbm_d=AKAmf-CiJRPs1MeIqjLr5U2MHuyHWZZD67wKnLunemCx4lHZ00AMUY5lx-1-f6ka2x5ZXvFojgyf8BQskGcB19xoB84xn8YBL9MmTsPAkIoViRRvRG9d2JKmW1bnaJUVxjr1a9GbcUfoAZLD2CGMlxp3wvhCqPPch7gVll702ugxUPdD8WSv0_A95vncOzcgjr5nQd4HqeswVxxHXnBoEUkoqm-IVw6ppQ1RB6sDpJFPyvBnSiIWaAN5XrwdyR-39CbU18K6XXivx_f8Gr5cpI83M0cCFwwqLDmavZF6l7oc0AUVw2OE-7DxSyPCyeT1jM5vXmx8v_tWquppirSp97d3sqe_puzEIXPcS_WGxJBSvzQP_NB-4RA0HuylNwWC4y2OXR9WlvdD3ub2YNr6lG0fBVjbePY-lf1jfQNNZfxiitGAv6_Takm00_fE8PdEhfw2mcwQzgB4cms89aA4ZK3gvUIsr8jc2KUdliIK5FvWgMHk-pIrQfpiT6vPWHvcuQnTfGkecX8jgN6v0521Ks-ICjEM5nWtiiO10QtW9Fi44wipqIEPPKejJjUuVBplVoFzIrbxt8e-OhksxrQWVP9w6tfkA8WZXKQOv1Y_D5ozRHNoa6sHipNU4R76cu9mz73cevYltKzhMmgtFXJbqWEYI8fINL09uZi_jf3XjEHhEzD_S30V64Fv4X7EhQTO9QpOnVThwyc9tfU1-L5JXpcSOGNogRfh2riwcJsMOU9uOZycumGOuS0sQej2Rk54TP-d53xM6pGjgCw5LfQ3ox0iiUYd5GwCUa64-jNiNx1QevZhd9D-jBoeF7E15BSBEW5ICT3Vil5f7p0VMneZC9wIXKZZUiQzqQ-v78BaoG6JE9S-ydAJaQ2nH1WayQ_2Fhide_eHoPgZbvhqXaJbiMJcpKtDGE1yQR-MXU201dOaFfv3CvUH5tZ8zLDv3vTxyPm-WOJeFpeHxtGdkZrg5K7uoBP21Onv3PqtThUdWwalhh-bQ3UgFUGS_sLyzj_QbwewWFeLVcEavP8CBOi0SeVSoucH5Nm0G3_HXnmK3XiepC_zmatUrj5ULhIxmHVik_KELEOFCN45K7pr9yRonxNuo95G59DG6QrZxBK9J-G-3ZqobhlBknv1PxnhPZ4l18KthvOVrd6gDIw1Vkb31e4YfxpKfQYZ5blqHDRoLsmJCj8RNIWfOw7YTloUWnD3bOLG7_SMh0EB0H5nX02wv6NRKwPE_j65xLAB8yLb7FNZ-qr9aJy062fwyM0qzxbApjFz0QS96U8lLfRKbEk08T8vZrBC7H_XL8BewES5iQwswL_CcDVJupDEcm1aRQPCs_R9nAXefPpD98BsnchOAlzgk9Bzlliva59RkQj4QquL2Xbzgg9rw8O6TfizEB6nVwkA2aQV_7rOYm1hJtNga9qhEyVk8Nlm9zB6-ooLHkGJK4hWw8lFZ9pr01mpuKnadncY8ZLLLDV7U0twaVggw_VwjfrGSJZDzbB8jyYpShTHh0qMegP6zOO3LI87W96ngO-UbtyPKWxSMnmoaXuXJUp5AkYvJGOTZOAKOqiaUbm-LvCUzJJrwR-el5VRY3azG35Wrew_v4uumu89MmDWd-_K6hhqgO6DmxvFmvpvA_Mqs7FJZnUCvwctnO2qhvCwWSLiyLR1tLZUs4FKJZMj7sgMO8mKNoLcAKkgVdAkKEQgoaqmoVX8uFaZxmVvwquUgRLfPfhOiSoQlWa3MrDOFHXA8GGTkCoMLIOPNoeVeskOvNHKz9xM_E6n0FXlHTd1w3j3vYcnZcARbBCJ3gJ9wYibFcsp2bjOAx78T4NOztBZICq3lMm-w-Curidh14kORrkRtsmEgcxmZfdB53wcDaYnIAK4hRnXrtFyqVo1NcxgKcZMxB5DVxskvC1t8x6T5beNzXjC-V4YHC6H_D67xGdUxA-u5TB7FaW9_p2bigVasK6Vgzj3auLn29n858S21veW_7R2bTptjmQ5tA9kAQQfDAYvzNcvTXLpvPEMf7cQ8coAzgfQ9pDEp1ao8w2C9WnzOxbBoGS9nqx8odjyWA-ghuOwLvqsB7lC4gZ9vucJ94KIKm521z1X0HINkHow5kO7Wok2LR_537RPgdgT2ALHnvXYhUw5rgrJMdIOCQU5DDg3IRxwx0rhWAxzrQOcCtDlOB-F1Y28tzaI3_GHnX4Z82zT9RvpPjlylmEJ1C29SiC2M00Tif8T93TMuGV-nWkVHbLFdFk-nULHTyNzbUB4mrMbkNrooVn0-uunGcmLjeUHWWuWoaHGhMsCFS-z94rS1H7SL4NoveWlKCHYO9taC4mPi-jB_-BzOLZvwyo07oSh2GCeDcSnHFzIfE0ZVsS2oD84CLgAkyn8-CnYUPfSfuVu1jmejGnT5B4pKG4glghjST9f4ireuJGLMvOBYhYVJUqYW5onkG3pe31f_EEiV5dPzt4VSfK5Chy4uxCWqbBZbw5c5w9jFOo1aSNir3fDadNO85EZfjO-wWwBiYlEPtsEUg_xL72o2_NcEPo9jMGicRGIXOgqwy-Kdc8sImSQh59bem2gzga-4E7fiT5KUsuWCsqaQvlYBbgcuGvQtSpUe_H7r621ELbxKRYKg3fjT0bvlsZPNvNlmsVii4HlVUE81zix6UifDdNf3JcdPnu7sIq-EIGtFq97pFfTO4I2zJUHatAmFCp3E0l54uLJ7ga2mvtuoBH7Jd5Wgg0OdJF-UK-U1vxeC5jAEZS_WHgvedfUJkI4wwlA_IwfhOH5Q82yNZa9GaufKuDzJSpVAHsEwqaDIlij9tK2YXID4RFF450gAGfW3TEbwsHhkh5wgFaJQsyfydQpzqdM-NQowUAOIRtIsMTkbB2zG2O-jSQiTq4eVn88f6EB01Weq0wJ3Mqiq7hY0rQDInVE6qLaMg3-bxmjHE82E2ideVBcw-ikqFiwUmCN1w4Xr8SPbB2j-LGrBRRGby2e-riDCOkpw8OKfeQ-RUAputHuvJan079Vx8Pw9KwVNzwdzafur4Vw-E4NHvNA1pAW9O0P7r4xypKFMXVe5WxWJo8gUbNjpw_QqUAgPMUUI65d41BVMMXzuPEOCfdo0EVO4Dn2uJfpdUR_zK_gJuth0ZTOjUTRNMaXgCBpo0w7X4Dnve5IUCIpr8B6D7PeUSZVKtigQOeURwPrJ-IUCr-MVMBsf83kgFNldYgjr4_l-ShXoK1WFBkpcJnHpVO4-9TifyLSuxJAbc9O9WjL7r56M1sT52HwHKEe2ymN4hrVgUZqG05jbc-LIS7bm-r15fe-GSkL-9KN2JCi9YE240lhjg7OSbj-LT8XxAQ6ukoTUW53lxa-SG3SRhiKW8a3gLqdEQ1_UDjYF5CB5dWlpavIVNyY9a0q7WT55DiE7snP&cid=CAQSOwDUE5ymoMMmsEFLWmlqENURtYJgMjRsFluFUfIpuIUplu9sxAJ1LY0pWMXvZvZbt5cNkI2EDlCdx989GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=2379159191226820000&adk=2228999115&idt=350&cac=0&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 23 Mar 2023 21:26:32 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame BBE5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvNqsfsHVT8-kxgjMNNyAM75uiNQnd68dZT9d6sX9pwZ-u9m5nP_O9zVKTLCKIjdEUru6m98FDunwHsevMs-dtvNuwvXe6duF7e2sDJmddR8FLl2SdxlJo_GCgjh56E2SVZJZLn8W3HVetx0XAmw0GhmB-AyxIwzyRY-UpaltiWLkr3unFUk1KwMgg1LfYQbDNsMPP15TYdRsr_oiiSYTRgl7g-HngzUg0ggcSfUiPsM4H3ZK3mmmdSoW5nUPgrVcmUxV4mLTI4Z8ArFc3ALwaSnzqisGSCAdSZrDkqodr1BxZPkBMk6rSwmY1uGavzSjezYt0ISy7uKg8XEDvoGlzDh6nsWABOTo80RwepgDzZXwLDuM4Pzr-jIqwJSkCB9VDCF-tYYKH_yKJjpt8PhEP4tOORLdM3LB3XWIX1iW0IsPe8qD37PiIA0e1rmQ5Sw2-msJIw_K7-DKjnwpQbMO4xlxfP-SrI8vqQ2KXXaAoP69hi1SAQwwKWPNie3nUkK9v4IJN7lt0vy90vujGuisNTnKzZOWvUxpVuvu1_nf2RUztu2rs8I7t9rCOlxzm3D6zKrvMnyGPNWh50H_m_9z0B7svi_OHfl3bEHzch1hZVTocOHJ5dGmrRfjKOP9JAKHQ1ZBrjFkLH0O8B4E9CVqOgPyEy0OcSVHH8Xx7d4lOfg09S5-6NrBvZXeoGLdanU6UTfRhSgW-G7KsBiTI2aDeWjyHxm0ojTWHH4JxYhEha7YgwUttD22Ju7-SSQ4xJy9XBp-ysZOHCMO_faiQnB4kmDKcNcHGfHG_1ghIqTxGxjse4LWhP9lbNCRpFKTnbD1aYzAd5Z8IANpJthdKPQYyUsSxz1FbPhDlC8GqjQ3qEXyCdrhVkTy-IUIvgdDjAO5bAi9QMxNuPBiYr2W8ORDSakIAAHn3fg02CRTca7gMP5JUd6kw5R3FHYb2g5URJFKyAbhqGxwFYA6zc0eHZDYBwzbF8s_v4E0phwHmbwVah6Y5FvD-iQfzKMZICqSHVrnx807TgZoiVYoziLpUZw9tPiykeGg_cYtUG6pKGsqIfoW-E6of5mInvlGGpRRA5hctFh7LPEEEaBZ_bbnKyMLwmo00SQbNI_lXWQfr5YiSE-KDeOk9tArcFJySVGLsRtc6Mf-DNb8qcrzNRTUPIydTloPcwDLnFcwlGmKnefwhYdhl2G5linJ0-Y2BwE9QI3TDh2VIKAu9j1-MIeWS-51wCNGqgaisSDtNN_7THuHQSl-Z3IPabtnk3qYym&sai=AMfl-YR2jjEVtAnWkJ-hHcJgXEvyDfTtaYH_hdYA977G4CPw8JPV9OPaMpfYDA0yYDS2lgvrYrfz1TfHJw5lgwP8HGK6-fNWbf7EWgcHeEc80GTVJNgvmmiyZnZokQALJ2GR7WbWIa3SbYtPmAglInaerLNkYceGurss1D_wIcL6KFT9UYqVen-eFe8HdiV0Q2IGjA_OfCteiJFezOBxEycAHZLZEJpAzpUf6d91_rIWnQF8V1JD8EnxlrGTapAgsE_kEsK0ptW7oXGPRipQJYx4yGExTyTWUmQ&sig=Cg0ArKJSzBvwth_-napBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=144&vt=11&dtpt=143&dett=2&cstd=0&cisv=r20230322.89008&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYthPWlr0Ow3-07gkW01Wo_0nCniWHvRWjT6TinUqqHePZ64Vhz-vBqxAu9e8XCGBx5koCUvqO9gj3S01ae2-LxHK6Eg&cry=1&dbm_d=AKAmf-Duo9Udu66b19ZpXYCriQI4HhnnHL-jVKOaiSYVbu1_LBy9LKE_y3bZbUN0mKsWfEYjkXdVjvSRHkEZ7n9esp3h7TgxvhFBQYWeoONaeGcUcZQfmj9C3ubo5OFUhe-pFLW-LtEXMDYtr5X4qUCP6oOq3-9kDXN1a3-hE_TDcNn1G5u79OqvraQdpamFEdHk3pf4c7MayCWadBaLPVdPp--xnl5faoiiLWtkPBtDe069vaXyllXfrQ1Hd46NB3Kbveq-gEyJieOqIQ9_1DGQzZ1H9sfQ2Ez-xBSRBBCOosQzID996fs4n4y466cuHzkLVtcpngJYaD5ufhtymZNT1UVnouvtlPJh4hJUynZWTGxi8cc0a5MDJdCijjf3FDNGmH5UoY0zGIeM8H77E5msXNEDsHPJmsZ6lGHFryYSVhumPjWTsJBj5Szg3WLZ91lhArdv3vcfZq-tkn06e-suUnmJENvVyqcT1DAUWN4Cq_IBgiqKCjTkk0oYxHAJmB-H6G0LnnTdFD2dF0yYDxjNZb61uF4hH2s71Kp6_jyouWiiL1RDwo8ZhFgcHiq_6QUp-glw7jjQUs9uPDpsNm2FhYxqdW-HmOI8o1RcSe7Yu37LZa7lImuq9prd1KQtpIw836BJEXtz8bQzFHcdudR48kZ1NWAyYBNITKDuAG-021ajm9KZOOL0LxpMB1A0iY2No6rmhFHp3k-40ZOaOBkKRgHf-is81krcQWXwVWBU5q9gA46owFK7ZldzV0Ybt-rwX9GC3Brz_YRz7kOc6vSQ3VHqoe65j2NFLJeD9tWKpjm2uTuocuUif7irccLLYdq6al82e7ZbPz6cWVQxMiJ4Fv0dLX7ki6J31K1pdRxS67-JQ0BInHq4TGThWr8aRlI8WsogYQuxAJXoeWnogHs8BsqXtDMeFm8BcPTC1DRfnZ7ThRnjCymiNww5vBnzdeVaCr0woLWrgH-3Gkp6cET4SKLMsAGoWjEHHbN8SszDB6kAlD6KvN6FXSvX2T599VOiEvfMFOm-tEwgCZ_BhHp05T0UhqmUfTZwzK6wwxE0IH1dUh22qgM0mx7hj0BFcAc4AgsGCgebCHhruk8xLlJQrrOKSluTHo4OReweo5yTh-ssuK0zLR33874NJHcPi-BXKDoroXdKWud2uMlElNiE1hSSNmlW0GWm6UPl4aqR5SY9JckouTadLD3kk2qK8MOFdOGL9TN5-npXZrpqsxMH6ApEr5Lpacsi-18mQDdn3ztJ3gaHLpR3KJF12VenbgyNW27upU27uL2CgNqrRpc4416u2j8TYNoxQ5YcAX483-amFUD0YtCKrGZ4bTCR_VBb9M74T2qw4CZ7IeGgSjLqgJ4Fz8Ky64pLc7CwWeepsTFowQDREzBxFJNI5dfi9-sfuZdkXVG1h458ELe9DclNmadsjvAirihmlBoUWjicoaX-yRR7GPtGnNT36Z6_BvnPZmkXbBGzlgNE_H86x0W1MQElonuIwpFPE8PLHWmedvbNElD_Cp2YKIFHpB6HvbYd1OZVV1CZQztg8fjh0Qk0N1A61Kw_oG88Ihys8Dgca0YKl1aU8o67ebn524nBVvAOxxG5LS3ZhSffK8wjyWGOEvndEv7pUSg3mrz2U6y-1-anBFxuxvr4u_Cyc6tcbsbesw-xBXl-5I49y6pIB_qqQ1PENQdlp8gWNjteZnuiY67gCF-7xIyz5buZJBHcq6OHnjS58g4B3OwLn2uyOlqzRQ7QmyCFYoYVE_RvmyIXscAgDlJMxvI4mNHT5nlm6rrgJI7c91wgfQWrwgwI7_Xio25R389V3dMUEZ5aNKN1896nbZAzX3CGdeSHRuDT1kBmfUaivsWzB7JZaIdTtF7U9vUNC80Jq3td2btr0dfKqgXOi6fJ1-_o3lybHXDf-ry5flBfNpnjrDmpPp9eBRCsY2eHMbTOn4bbP30I5GiOawi_ja9dtrsH18nl9aihjFIuvz-q38H9hDrK8z3Ds_ZuFB_9oOr3idJ_evuvFznQckpHxRkxQgmBuSLUjdylp2NaRityUjn4ifXYhPHNIM0Y92zaVvAJmplv8-ZTWYd3iIxUk_h5LeboSQpnsSbakYIJ8ZGAvt-OMx1tAjF99asyT-2WXaANk4bdj4-W4f5F2Tr9pvB0Qab9IyNBWXZIFuJ--cjBVWr9MaOte57p6qB83RY4rmtnqtn6r9tSxHdCt91qK-TYXRfHwlAuGPnAu6MFA9fcU9JJUdOqUqHqDhWXz8WCIKSNzUmTlmo0pArL2Jw6QA_IFT6g-Z1Xd6FwUx6Qe9_yLRhQTObySwJnjTtEqFow7KF9NbhyE6Uu2oqRMXqZVVWux50ihOP6ZgYckY_VGOBbf4Rmd8pf2oabvhkVmo0WiQgu-Vx_ax4vjDt36TlkChp4qHoCoKVXKriLjyOLc6Dg-YNkzuHlvsaYVGcjQ5fKeHFlRd2fuFyENWkGJBxRC5jwrTzZ9Dljve4WeCQLBYg7Ls0oARJJ8DYn4HxltLfuhPQqXcGDXr9BcWUiMctCdlg6-Hl_XuFDkL6q2-PzBwkSyXB6foBMmG6u3SJzysEjknH1K78iHtOYVuGKWHqWEg1EgNN1TTOM7mTOLUSuT-hcXISfSmwH3jpKYfFJoa5XmBh-F9Xez1BNgDbumFPmzG9ntLfGUzAdhUs5f3QixXPPLOCZkNvJYCDB-S2qLe6iTIePBOfikBinIYC7-6umd8MX9hN0bQCPAsuATwJpmifIEAXB6ajNKLTOKQbMVgaii8shQmMsehjnef40ZPVRqJXnTliKVaXqwjkwBesPf414NhmVAVCHa25V61rvNO5WzEPmB2Abq0Cohw1lsknWfl_ur-MMOz5OBj1wPF9-fY3XEG121Mn-tD0MnIA10pgvcEmgSCe92YlCuBcowmqejxw5rJIjQAC91uNxPyjkCNJIgU2xsjoo_ZgLs_X2D9_Ohh9meYHvGtxCVQ7_Vte_UsfTWaBPwt_yDiRRbqG4ofiCWkhX8jrce1TssRLj_2m01tEzf44GxCycpyg4JVQooX_8go760Dl8y3nblG0k2yMB1shFnGdMrhpPoiAJp0nmkLNuHDhLlTzSw-zQRUp4jizUpvkqOd2LJ93FQgUdHDrQqMRI8Q9psdiZVFj7rM-mH7NhN7vD8I3GaBgf2LDrc3Aim9I3VKp4--Mk94F_hh8encJwYec-VpmTaXpo0P14RYtJWEKU2tkKJ-8wpVIf8goIANJ2b4d8Dk3ybmojEtJa03EaGGU-Jj0rqOSK72tAjkw-WczYelZ3wxTPZdWzr26lusCQg-99Vse18Ayh7_vZ7XXYs_Ui34kwryfVGDTIlL2-t_jjoSpEWyyCw7ZtrwQ6_j6jg9eH_5Wx4Eai7cgm66ko&cid=CAQSOwDUE5ymoMMmsEFLWmlqENURtYJgMjRsFluFUfIpuIUplu9sxAJ1LY0pWMXvZvZbt5cNkI2EDlCdx989GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=7542582017219056000&adk=3047537735&idt=381&cac=0&dtd=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 23 Mar 2023 21:26:32 GMT
TU2PSynrXT7p2KnzXte8fEgQWf4_RAVzpVc0SCm-B08.js
pagead2.googlesyndication.com/bg/ Frame 3789 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TU2PSynrXT7p2KnzXte8fEgQWf4_RAVzpVc0SCm-B08.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d4d8f4b29eb5d3ee9d8a9f35ed7bc7c481059fe3f440573a557344829be074f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 15:30:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
194162
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14279
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Mar 2024 15:30:30 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ud&error=uid%2Fmuid%2Fduid%20not%20found&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=953a6127-e6c3-4a3e-9151-bbe3dbb0fc4e&pid=861f216c-a69c-4849-971f-ddac30606012&dtm=1679606792533&qnm=_matherq&visible=1&tabid=b47e6e5b-cc9d-4515-ad41-a18129a33455&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x12712&tofa=1679606791&vid=1&lvidt=1679606791&duid=9a3cd9a3080047bd&fp=2417809956&cid=ma63527&mrk=484602605&cx=eyJ1c2VyREIiOnsic2VnbWVudHMiOltdLCJtZXRlckRhdGEiOnsibWV0ZXJUaHJlc2hvbGQiOiIwIiwicmVzZXRNZXRlciI6IjAifSwicGFnZVZpZXdzIjoiMiIsInVzZXJEQkZldGNoIjoiMSIsImVyciI6InVpZC9tdWlkL2R1aWQgbm90IGZvdW5kIiwibmV4dFVwZGF0ZSI6IjE4MDAwMDAiLCJuZXh0VXBkYXRlVFMiOiIxNjc5NjA4NTkyMTk3In19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.216.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-216-79.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Thu, 23 Mar 2023 21:26:32 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
dpixel
cms.quantserve.com/ Frame DB5F 		35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMU7nM6anjg9T5dZD85dk4k&google_cver=1&google_push=Aer7DvLgjiayUnDBiAAcT8acp1ZI540tPuHam6PKBJLd5dSWzWHpmPFEe1rMLSCuFmUdL6w8Xdw8HLpKDBr__lGcfnMhgh9nHw
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f1c:a99:832c:cd3f:57:d0bc:dbb2 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:33 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DB5F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEC158ttJ04duZ8lmDgmn2oA&google_push=Aer7DvLrNNHcKTpkFaFAoNMIGzWIdqkyaY5ZoExNAVwU337Q9YWUGrN-Zv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEC158ttJ04duZ8lmDgmn2oA&google_push=Aer7DvLrNNHcKTpkFaFAoNMIGzWIdqkyaY5ZoExNAVwU337Q9YWUGrN-ZvIeCvXpcJ396QbSvRb0fnMWvV7CaWSsgZWXYSiJyqU
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-hhn-etou8220032-HHN
pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1679606793.844069,VS0,VE93
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEC158ttJ04duZ8lmDgmn2oA&google_push=Aer7DvLrNNHcKTpkFaFAoNMIGzWIdqkyaY5ZoExNAVwU337Q9YWUGrN-ZvIeCvXpcJ396QbSvRb0fnMWvV7CaWSsgZWXYSiJyqU
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame DB5F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHUmMo8MOAnlQ_pcinU4o9A&google_cver=1&google_push=Aer7DvL1EXwTlKshXOEJqe9Cjp_teprn0h_JzO-xncZeS5-xH8QYnWCkctMUXFTGRpCdjQnBAvereIREpalZohQGLaTi0hs...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvL1EXwTlKshXOEJqe9Cjp_teprn0h_JzO-xncZeS5-xH8QYnWCkctMUXFTGRpCdjQnBAvereIREpalZohQGLaTi0hsRpVs&google_hm=eS1qWjdsbVNkRTJwR1pwanN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvL1EXwTlKshXOEJqe9Cjp_teprn0h_JzO-xncZeS5-xH8QYnWCkctMUXFTGRpCdjQnBAvereIREpalZohQGLaTi0hsRpVs&google_hm=eS1qWjdsbVNkRTJwR1pwanNpMFA3dngudnhkRWZYR3lsan5B
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 23 Mar 2023 21:26:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvL1EXwTlKshXOEJqe9Cjp_teprn0h_JzO-xncZeS5-xH8QYnWCkctMUXFTGRpCdjQnBAvereIREpalZohQGLaTi0hsRpVs&google_hm=eS1qWjdsbVNkRTJwR1pwanNpMFA3dngudnhkRWZYR3lsan5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame DB5F
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESECKJpHLi2upyTno22_38gj0&google_cver=1&google_push=Aer7DvLoQmrBuVnb8JrwuEpxmawIgwtzWw4oVeNoWnL3y0S67Amwmlyr9RpOHFavebVEcTd8Jj8kMdpAJ61zOmtnbHnFP1jiSA
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvLoQmrBuVnb8JrwuEpxmawIgwtzWw4oVeNoWnL3y0S67Amwmlyr9RpOHFavebVEcTd8Jj8kMdpAJ61zOmtnbHnFP1jiSA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvLoQmrBuVnb8JrwuEpxmawIgwtzWw4oVeNoWnL3y0S67Amwmlyr9RpOHFavebVEcTd8Jj8kMdpAJ61zOmtnbHnFP1jiSA
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvLoQmrBuVnb8JrwuEpxmawIgwtzWw4oVeNoWnL3y0S67Amwmlyr9RpOHFavebVEcTd8Jj8kMdpAJ61zOmtnbHnFP1jiSA
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame DB5F
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tXYLkuaySK-zy4fuSixWFA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tXYLkuaySK-zy4fuSixWFA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvKH1lBfPLPCKnFm8IMeszhOe6Tk0NZqNAOIqoEcNlnRK8LAH-jpyLfJtHRNVGiB0VTOWmUWoRQn0aDn3IsvBbZOsdxvRog
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tXYLkuaySK-zy4fuSixWFA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvKH1lBfPLPCKnFm8IMeszhOe6Tk0NZqNAOIqoEcNlnRK8LAH-jpyLfJtHRNVGiB0VTOWmUWoRQn0aDn3IsvBbZOsdxvRog
date
Thu, 23 Mar 2023 21:26:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame DB5F
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIigY7czLWlN_uaLub0FQIQ&google_cver=1&google_push=Aer7DvKe4EP8RXp2IVEHCyCxxIP1xs_VCBN-MOOfEU4fui7omQGwfpvt_WlVnwzqP6vEXmWim3wc97Vcn8pHy-xW...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aer7DvKe4EP8RXp2IVEHCyCxxIP1xs_VCBN-MOOfEU4fui7omQGwfpvt_WlVnwzqP6vEXmWim3wc97Vcn8pHy-xWsuVYe7Reu2I
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aer7DvKe4EP8RXp2IVEHCyCxxIP1xs_VCBN-MOOfEU4fui7omQGwfpvt_WlVnwzqP6vEXmWim3wc97Vcn8pHy-xWsuVYe7Reu2I
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 23 Mar 2023 21:26:32 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aer7DvKe4EP8RXp2IVEHCyCxxIP1xs_VCBN-MOOfEU4fui7omQGwfpvt_WlVnwzqP6vEXmWim3wc97Vcn8pHy-xWsuVYe7Reu2I
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
QBH8fMzI5N4Y5bewIjoG-E-YSti5BuVP3M5RLMoW_GEqSGocu8zX7w==
pixel
cm.g.doubleclick.net/ Frame DB5F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDm_BLMRjZ0OtbOWpgJ7tzs&google_cver=1&google_push=Aer7DvJhE5waaeSla7iO8qZx2rS4FZ3gDWGF8ZU82oN8E5PxfPaj6Wm6jClOxVlmwJ7Gmy8Bgi...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDm_BLMRjZ0OtbOWpgJ7tzs&google_cver=1&google_push=Aer7DvJhE5waaeSla7iO8qZx2rS4FZ3gDWGF8ZU82oN8E5PxfPaj6Wm6jClOxVlmwJ7Gmy8Bgi...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1NeXV2NXpaRTJ1RUdOLlZDT0dOVlNjVWxJSXFVbUtOZ35B&google_push=Aer7DvJhE5waaeSla7iO8qZx2rS4FZ3gDWGF8ZU82oN8E5PxfPaj6Wm6j...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1NeXV2NXpaRTJ1RUdOLlZDT0dOVlNjVWxJSXFVbUtOZ35B&google_push=Aer7DvJhE5waaeSla7iO8qZx2rS4FZ3gDWGF8ZU82oN8E5PxfPaj6Wm6jClOxVlmwJ7Gmy8BgiKy6K4_x305overJ6w5rGejdA1d
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1NeXV2NXpaRTJ1RUdOLlZDT0dOVlNjVWxJSXFVbUtOZ35B&google_push=Aer7DvJhE5waaeSla7iO8qZx2rS4FZ3gDWGF8ZU82oN8E5PxfPaj6Wm6jClOxVlmwJ7Gmy8BgiKy6K4_x305overJ6w5rGejdA1d
date
Thu, 23 Mar 2023 21:26:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame DB5F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J_acgUTk4JQQRm80-N0xCl-OLJM2mlpoNxsADWvKvYhP9d7U1u0QgV18mSzauNqzl83YAdiw
Requested by
Host: aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
URL: https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
TU2PSynrXT7p2KnzXte8fEgQWf4_RAVzpVc0SCm-B08.js
pagead2.googlesyndication.com/bg/ Frame 4D03 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TU2PSynrXT7p2KnzXte8fEgQWf4_RAVzpVc0SCm-B08.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d4d8f4b29eb5d3ee9d8a9f35ed7bc7c481059fe3f440573a557344829be074f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 15:30:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
194162
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14279
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Mar 2024 15:30:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DBD8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BffdLCMQcZL_xFZXegAep3K24BAAAAAA4AeAEAg&bg=!HB-lH0vNAAbO2UOH7tk7ADkAdvg8WgfhF8OuY51C-218vrwzO01bEJ1UzF6eEiCZo_l6WTSi6h-bPVbz0Xp3palduVjWYDDT4hkCAAAAolIAAAAFaAEHmQL50gOL5nOlAMQ1XkVdAZi09-bAly71gEarwhriKkS0gY959qqTULCYw4Vprvx-r6RIyrkZ-BJVQ_DIfrzVt907_c5S9_wWmFi20A6PXpsLSwUpjRnueDUKKhEvDkXLB6tUvmeCiFsx1teg8G6IS7ZvDJ1g3mpt6dP-lVl_Q_ZoJx11nS-tqxL1cNug_CwCukXq1aY-YZ_XG0ojH7cstKjMKw_xUf-rW4_hfzCyxDyugKYkYt34CeerLiBtlP4aNJWxXlbMuRvHPNByKeLs6row1ertH69gA7LB4SRrAnMMtJZbhABKVLgZmHnYWjIfGssM5NjZD2i6RNUStgK7hyaJhV-SvLsLK_EbqbjC9MEp6RjC4c2IcWVT3vUxJOO6Xo33cbdr63g8RbmoTRF1dGXUkOd-4hKKHZ0zetNzk9JcVKwqM1u9jBXCF_j8nSyXXmn6UlOZixPaz8VQk778X4PICvfYIMTjtGuy1LFFp37Z0_wdGiFXd6U5_h6m9DoS5-JatNs7CGX5E41P7nM_JzSSQ5vpdiL63pL_NX1YA_rxAyIT082KQWqqEP-HsZOSwdpRm-7zRrikDTHEEgzFYMOnB7KckbPukjQvi0Ftr-lQeJ09k06UX1LrbZ4LsZgXWmKDg5P9WNglpoUxIlRR1d17tbu9z1Dj2CwuFDtD1bn3ztWfDBby9QH7k2FXw1HunP57VKSonH9vOyz8V3FnEIEZiqPmyaGo3Zj5CgEXPltvel1Kl8lIzy8WADce1Iurr1f6mQ-7XN56vKm4sc3pGaetu9ah8uBA-nN9EbjNLaU-3_8AARMA7GdCuBBTKtTw3Ua5ZQHODOA7JJhq6SGHlfVXK0zQIXoMjL_KeXapFk-SdQOY1pZeeu_ARq8V867xSQzlAWdnLQxNd5judqF300SjNgzEaNGIxISPHqv5TLT-YEkQg31lLig1RrMygqrjuggJ2_oaJbmvszF2L_pgKQ_J4tPBW2TrtKwTK8YePK7i5uLkWt44yj4mke8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
piano-frame.js
static.advance.net/static/common/js/ Frame 6501 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.advance.net/static/common/js/piano-frame.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2b968d910bbef836f267a12299e32649d9f2ed87f59ecefceb3d9a4900ec590f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Thu, 23 Mar 2023 21:26:32 GMT
x-shield-cache-expires
10
x-amz-request-id
5M79TYXDT3PHCBXE
age
453
x-cache
HIT, HIT
content-length
10969
x-served-by
cache-iad-kcgs7200148-IAD, cache-hhn-etou8220022-HHN
last-modified
Mon, 11 Jul 2022 14:51:02 GMT
x-timer
S1679606793.968848,VS0,VE0
etag
"6b72a322454afa161f35111151436495"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3789 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMDj4CMQcZJegHo7Ex_APnuGZsAsAAAAAOAHgBAI&bg=!6uml6b3NAAbO2UOH7tk7ADkAdvg8WrTZGrrGHlAhmyMZLzVDDt6zrRtge7gppTavNdy5Iw84F3CigIOIjMsjz8H1rU1Wp_fsAoMCAAAAwVIAAAABaAEHmQLtmEOTbn0FYaaX-zSo1MrAxbdmJBoRPErz2of1gLIWwa5Wa5dONZYzIkhyUsNYyoQT29CeuQmCF05qo-jfcpeb4MerMvkQkNAcjAd3Gz5xrJLHHUPD-w35ktBtoqj_A1RJu0Eiz73KGxsEdkqS8sS6sg5VdiZ1tfqY-vJCq0j9aErGkvDdXtpM90-p50Iyc8nJ6DMp4pdt0pE5iyqcLDR_iUZi6Q1FTiiBXT29sJM97yTD5H7uN-BSAn0DDbTC3pjHwHYGj_bbFRG3jwFILDwTreD7H5qGCEr0oNKDb7zQ7zsf5ZuPAfvxPcTyeA2GQSN4uDsGDfbpkyL09dHxVog_R6slMwDfpzxktSC2Uzb2d3dwyzWeKslavdfs4m1KtSlD9pFRF-AG11--ioH9ShgsNBxC6uLvoNmnvXk_neotz_RYc6P1hzKNf3OPBcEDxJpK55HnKmFZATYjCncdZlm7SsIDLzV4b2StSw8AERmpSV7oAnBcFUMj9n1Z36rkaoEsDCSMFh9exHB6eXMmAklszD2T7fxmSocFFSHhHHFm8OeIa9Mw350OSeSpTEdVKliI03AgRtQw8h2T8clF4H7B6KAaFGO1ju1XiTe6moi3EzBatieKS5S5nyX2BT2hOjVfDx2_iSBLf2Tr4BVFUNCOofYVoCUAAVp4f16ruHrTg0iDyFnvv5JUtbw2ZxZXiZa0woI0CLMpIA-tYpNF7wGxqfU1OMj3jfSunS5Tu9hcN9R2QbsxN6AXMHaiNp0cqexrjw7GV6Ehfq52fRvD4mcx_r4CEPJrRqK-X08acyc8mgB6bCtQXfniW-E2IHSCQjdi-C9FFkGvEgnzYCX2DXFzSADCHYQ9MxesZB3xfiXnwtAc5IKk9ug3FrQIxkzLwtUcXz4Uw6ewXlOHCB1ad7_KoFk2lQ04nNXdLVeCrtb2jm_2SEayip5Fa6SAjEB0vLx9NlbT0xW_VX-PHZ7IfZHioSpUubh4CQl2aNX4HXM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logAutoMicroConversion
api-v3.tinypass.com/api/v3/conversion/ 		49 B
507 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-v3.tinypass.com/api/v3/conversion/logAutoMicroConversion?tracking_id=%7Bkpdx%7DAAABAGd4XwXw8QoKOEd1Mlo4UkN2WhIQbGZsbWlseHhwZW5wNzgzNhoMRVhLRVU3WVgzWkFMIiUxODA4Njg4MGMwLTAwMDAzMW9nYm4wYzhhYWJkZGtwdHZ2a2g4KhpzaG93VGVtcGxhdGUxT0RTTEFHWlg3V1g3MTABOgxPVEMxN1gzMkJKQ0lCDU9UVllRRUxKTExWUU9SS3YtMjAyMy0wMy0yMy0yMS0yNi0zMC01NjAtbFNNcEpHTFd3Zk1oT2UzaC01YWE2ZThlNWVmNzYxMjQ1MzJmNjU4OTQ2NGRmMjIyOFoUMmEwMTo0YTA6MTMzODo5Mjo6MTJiA2R3Y2iIq_igBnAOeAQ&browser_id=lflmilxxjet4r0eq&event_type=EXTERNAL_EVENT&event_group_id=config&custom_params=%7B%22config%22%3A%22%7B%5C%22type%5C%22%3A%5C%22bottomfixed%5C%22%2C%5C%22version%5C%22%3A%5C%22cta%5C%22%2C%5C%22placement%5C%22%3A%5C%22bottom-fixed%5C%22%2C%5C%22newsletterId%5C%22%3A%5C%22%5C%22%2C%5C%22closable%5C%22%3A%5C%22true%5C%22%7D%22%7D&callback=jsonp8366
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86e36e0a3fed4a6005d8793616a8ec10513b1b14b36e8f5f3a11bcc4d171b5ed
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:33 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
7ac9c0d8cef09273-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
5b1a8b9ca2886576361c247e8e7013a6
expires
0
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.130.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.mlive.com
access-control-max-age
600
content-length
0
date
Thu, 23 Mar 2023 21:26:33 GMT
server
nginx
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/advancelocal/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.130.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.mlive.com
date
Thu, 23 Mar 2023 21:26:33 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1571381025&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=nonblocking&ea=bottomfixed_shown&el=var%3A%22OTVYQELJLLVQO%22%7Cexp%3A%22EXKEU7YX3ZAL%22%7Cver%3A%22cta%22%7Cmet%3A%22Support%20Meter%22%7Ctot%3A%221%22%7Cmax%3A%227%22%7Cterm%3A%22%22&ev=0&_u=aDDAAEABAAQCACgFK~&jid=&gjid=&cid=1032820800.1679606790&tid=UA-16643585-16&_gid=923251378.1679606791&gtm=45He33m0n81TLXFLCR&cd1=undefined&cd2=1---&cd3=undefined&cd6=undefined&cd11=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd46=homepage-beta&cd47=desktop&cd50=GA%20-%20event%20call&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=undefined&cd62=undefined&cd63=undefined&cd64=undefined&cd66=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-b&cd61=1032820800.1679606790&cd98=meterName%3A%20%22Support%20Meter%22%7C%7CtotalViews%3A%201%7C%7CmaxViews%3A%207&z=514571862
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
12082
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&metered=1%7C7&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=2b20b701-38c9-4e9f-a21d-b67178975415&pid=861f216c-a69c-4849-971f-ddac30606012&dtm=1679606793081&qnm=_matherq&visible=1&tabid=b47e6e5b-cc9d-4515-ad41-a18129a33455&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x1200&tofa=1679606791&vid=1&lvidt=1679606791&duid=9a3cd9a3080047bd&fp=2417809956&cid=ma63527&mrk=484602605&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJjdXN0b21fZXZlbnQiLCJhY3Rpb24iOiJjb25maWciLCJkYXRhIjp7ImV2ZW50TmFtZSI6ImNvbmZpZyIsInBhcmFtcyI6eyJjb25maWciOiJ7XCJ0eXBlXCI6XCJib3R0b21maXhlZFwiLFwidmVyc2lvblwiOlwiY3RhXCIsXCJwbGFjZW1lbnRcIjpcImJvdHRvbS1maXhlZFwiLFwibmV3c2xldHRlcklkXCI6XCJcIixcImNsb3NhYmxlXCI6XCJ0cnVlXCJ9In19LCJ2ZW5kb3IiOiJwaWFubyIsInR5cGUiOiJ1bmtub3duIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMTAzMjgyMDgwMCIsInJlZlRpbWUiOiIxNjc5NjA2NzkzMDgxIn1dfQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.216.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-216-79.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Thu, 23 Mar 2023 21:26:33 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
farnhamheadline-semi-bold.woff
fonts.advance.net/fonts/v1/farnham-headline-semi-bold/ Frame 6501 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.advance.net/fonts/v1/farnham-headline-semi-bold/farnhamheadline-semi-bold.woff
Requested by
Host: static.advance.net
URL: https://static.advance.net/static/common/css/piano-frame.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142

Request headers

Referer
https://static.advance.net/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 23 Mar 2023 21:26:33 GMT
x-shield-cache-expires
10
x-amz-request-id
SKMBNRXVSX8W3JPG
age
39055
x-cache
HIT, HIT
content-length
37160
x-served-by
cache-iad-kiad7000038-IAD, cache-hhn-etou8220077-HHN
last-modified
Wed, 19 Sep 2018 19:27:30 GMT
x-timer
S1679606793.202840,VS0,VE1
etag
"c9a8222fbabe6b700baacd21dd7a1f61"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
s-maxage-ignore=86400, no-store
166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff
fonts.advance.net/fonts/v1/benton-sans-regular/ Frame 6501 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.advance.net/fonts/v1/benton-sans-regular/166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff
Requested by
Host: static.advance.net
URL: https://static.advance.net/static/common/css/piano-frame.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6fa8b9c20d5c4f5711f76f4f4adafafc90e8f89bac2c7b3dfc2c7e63abb55d21

Request headers

Referer
https://static.advance.net/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 23 Mar 2023 21:26:33 GMT
x-shield-cache-expires
10
x-amz-request-id
CVWYC11J2CRKCPZ6
age
0
x-cache
HIT, HIT
content-length
55125
x-served-by
cache-iad-kjyo7100118-IAD, cache-hhn-etou8220077-HHN
last-modified
Tue, 16 Jul 2019 16:35:54 GMT
x-timer
S1679606793.203273,VS0,VE93
etag
"63c3700153fd19bac6ac63c816251c03"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
maxage=600
448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff
fonts.advance.net/fonts/v1/benton-sans-medium/ Frame 6501 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.advance.net/fonts/v1/benton-sans-medium/448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff
Requested by
Host: static.advance.net
URL: https://static.advance.net/static/common/css/piano-frame.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c942cb01ca7d8956086518f0315ac0be0374cb0f0a38ffe67a52bc4ae7ff5f6f

Request headers

Referer
https://static.advance.net/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 23 Mar 2023 21:26:33 GMT
x-shield-cache-expires
10
x-amz-request-id
76V1R7FY1E0APWN1
age
836423
x-cache
HIT, HIT
content-length
54040
x-served-by
cache-iad-kcgs7200033-IAD, cache-hhn-etou8220077-HHN
last-modified
Mon, 10 Jun 2019 14:09:26 GMT
x-timer
S1679606793.203220,VS0,VE1
etag
"00b8650c0e6992c5c9ced8f621e43ffd"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
s-maxage-ignore=2629800, no-store
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D03 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bz3xHCMQcZNa6IPLbx_APzdOcsAEAAAAAOAHgBAI&bg=!LyylLHjNAAbO2UOH7tk7ADkAdvg8Wtb28fhj4fFX68AYhv0OIJqFm2eHpi5R7-Zc5fpGrbHMU12oLz8tTUc0Etd02EfOplWGG3oCAAAArlIAAAACaAEHmQLnawPrYb88zmtKIstjXJgL-VPQ-gzc3I6mxMo-a10nVVMq4aindALFR-Nn998T_w84a6EXIbEDG2hQWdNZL3hpmd8LaYCaK5oDEtUgNgm3eWg5RDJt4CT-8PVTDJL6Y-aB3odDok3hvnseZxvvwf8RAM32n-cmJpGvo6KJ5sPHMGmZNlYkRd1WYefUAo6xMly814E2ME6DWYzwx4nAik2jwGNNs7KXDt4bOTJTkHI2I8-RL-lPxqFXo2Q63n_rlxD-WZPLDiFPQkZOz-lU9YiWGVn1_D-rB1lSUk8qg7wch18Yu-s7x2xs5ueIT5NtJuFLmJV6E_Kq8Hue-9oKEPEEsRO4MWkE-qWCi2pXAXPz5KLubAaOgDmvVWZALxXQ8LOo2_hKipWxMROBzqSTbVWmRrACclQDKfV_sxtmgwL8tU_VBvXUQgeR5yWBSAbJ1R-ILmwL2mBaT58fndGpXmb0RegVtFQNZgKtroqKJFpgTDcsqLH3n0wiRbzBgp8jFMVCrUYOjMNlM1FVRJwqCSWsDicIg_5fcbGGcdtdyyNsp3qFacCb4ARDE-TDm1iJfXKu2LXlKQky0BC6W7dJHf3CS4_wP7wgQ9U3TDHVA2WesK-c3hC5Rr1hTDfFu-E_NQrYMfvN11s2bQas5eSuoA4nXaqHSKCQpXgAu1znxFWftViSx8mXX98k1yhvSP9ML91zpfcydIU3gSVos5qSKkqonzKTGPnMmFEwIvhX_E-XnExOAsTQXnEmhQqRnAvXL5Vwnmk94Tm5EepeQgzbim3Wjahk9hfSG89aDfzd5C9hewLmj2hgkqLvmnE8FiaJo2Y2j1M3HdwoHJi-ONrGOmfTTKGq9QxBxU9CfQhHzaiqec1Wy9HFqfZX480LawXDMMbwRORX0ZyIfqPUq8LybsKbNREexdX1CgL_48a5uJBWGKWHNej_AHQksDhWmKtdA8B6ctQ4sYAW3rwu-POWEPaOQrpHRjQtrTc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&metered=1%7C7&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=65a55857-b5eb-4989-986d-2682580d844b&pid=861f216c-a69c-4849-971f-ddac30606012&dtm=1679606793083&qnm=_matherq&visible=1&tabid=b47e6e5b-cc9d-4515-ad41-a18129a33455&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x1200&tofa=1679606791&vid=1&lvidt=1679606791&duid=9a3cd9a3080047bd&fp=2417809956&cid=ma63527&mrk=484602605&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJjdXN0b21fZXZlbnQiLCJhY3Rpb24iOiJjb25maWciLCJkYXRhIjp7ImV2ZW50TmFtZSI6ImNvbmZpZyIsInBhcmFtcyI6eyJjb25maWciOiJ7XCJ0eXBlXCI6XCJib3R0b21maXhlZFwiLFwidmVyc2lvblwiOlwiY3RhXCIsXCJwbGFjZW1lbnRcIjpcImJvdHRvbS1maXhlZFwiLFwibmV3c2xldHRlcklkXCI6XCJcIixcImNsb3NhYmxlXCI6XCJ0cnVlXCJ9In19LCJ2ZW5kb3IiOiJwaWFubyIsInR5cGUiOiJ1bmtub3duIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMTAzMjgyMDgwMCIsInJlZlRpbWUiOiIxNjc5NjA2NzkzMDgzIn1dfQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.216.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-216-79.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Thu, 23 Mar 2023 21:26:33 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
115
check.analytics.rlcdn.com/check/ 		25 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/115
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-57.fra50.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Mar 2023 21:26:33 GMT
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amzn-trace-id
Root=1-641cc409-492aee57565b371322bce1cf
x-amzn-requestid
1b2880a7-5521-4c96-9ce0-514ca9ff01e4
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
CQORkFSADoEFSVQ=
content-length
25
x-amz-cf-id
rk9Yq-EF4yU-XIqgJAeb_U4Xd0ayjVKN_wMNSqZ80ZClmiPTx8alvg==
gen_204
pagead2.googlesyndication.com/pagead/ Frame FDB4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9981400978255&version=m202301230201&ct=76&x=1&cor=2791917347063485000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FDB4 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCVI7MXRzDYKCJ9ZnHRoDWi8gKsbf2sc3EJp2o6_VCf6qrtAW8oz4_mk-c2Hvg--9urVtOU-ZQLAnNmI2SN-Iv_9L72QH-q8388hVECImuQBnZ6vBaHwtnLCzqtB2J5mxzJ72mvQ&sai=AMfl-YSPQw7tML1MXmEyOVo7ALMKgVdfASEYPTPrh-80SSPTKUdlcZiVCXrDInltPHT2ujByefyQ065ZK7L7tUlb7MGDWF2VWaeQw6K-x1_yQH37At44c9iR1WoA3as&sig=Cg0ArKJSzOEoR82KXD3lEAE&cid=CAQSOwDUE5ymoMMmsEFLWmlqENURtYJgMjRsFluFUfIpuIUplu9sxAJ1LY0pWMXvZvZbt5cNkI2EDlCdx989GAE&id=lidar2&mcvt=1013&p=155,1135,405,1435&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20230320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1117919376&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679606792038&rpt=650&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A226 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7868547397760&version=m202301230201&ct=76&x=1&cor=2379159191226820000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BBE5 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufqtaUosYBAnckx16MxGvqKAyflLFOnyPkHCnmLGBl58EYrRTbXuKa136i4CyTaXxV5NeWCJSHOCiJWXHOYI-dllQIuAIkm1eW51tO20nX_dkbYqQgDEXS-wyswtVWgb4xSkM3dw&sai=AMfl-YRyZ_cOz5_xRw6Yef2J6nrWwoxHKeo_2dtXXJxAOapYbuvcgQyt142RGiDHiGYpO3qcONxTrGy3sZZLkQo4QIpBXtH3H1JoKac1zsBFMpgP89X3KWA0pIybQxs&sig=Cg0ArKJSzKtnxX62pLZREAE&cid=CAQSOwDUE5ymoMMmsEFLWmlqENURtYJgMjRsFluFUfIpuIUplu9sxAJ1LY0pWMXvZvZbt5cNkI2EDlCdx989GAE&id=lidar2&mcvt=1008&p=975,1135,1225,1435&mtos=0,1008,1008,1008,1008&tos=0,1008,0,0,0&v=20230320&bin=7&avms=nio&bs=0,0&mc=0.9&if=1&vu=1&app=0&itpl=20&adk=3501067380&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679606792044&rpt=710&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A226 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstR7nw4ZSpaRy7Ap-nQUuPehBOPXEf4AIhJQiB9i7mdsuTS2L2goCm3rz4MJTNfktGOKg0hbz8fygjpioYNE_WTfnN1qi9uCTKtKYLyBDceLskCOX-Mr0QT35Q3SKwvTCl49sTi4w&sai=AMfl-YQLEIOksgZ12Q-NKht1exIfIp0LEmvAyzyoSfIIEF3Xma2iLob_D1F8lTSjL-D3QDifhxtlR_InPB0ow4jJ-KviuqdJUi6ZJo6P8_NM2Nc6Af1r_dQ_XoE2SgA&sig=Cg0ArKJSzM-LKlfZa59EEAE&cid=CAQSOwDUE5ymoMMmsEFLWmlqENURtYJgMjRsFluFUfIpuIUplu9sxAJ1LY0pWMXvZvZbt5cNkI2EDlCdx989GAE&id=lidar2&mcvt=1010&p=867,165,1117,465&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20230320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1117919391&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679606792042&rpt=703&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BBE5 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6420820636643&version=m202301230201&ct=76&x=1&cor=7542582017219056000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 46EB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
21046
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Mar 2023 15:35:48 GMT
expires
Fri, 22 Mar 2024 15:35:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CDA1 		783 B
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
da76d904856af5616be5f1f73f3d006a7a45411eb6d31d1102b74401d20de4fa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GnpVdSK-bEcKU9gW4S96Kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-GnpVdSK-bEcKU9gW4S96Kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Mar 2023 21:26:34 GMT
expires
Thu, 23 Mar 2023 21:26:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
TU2PSynrXT7p2KnzXte8fEgQWf4_RAVzpVc0SCm-B08.js
pagead2.googlesyndication.com/bg/ Frame 46EB 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TU2PSynrXT7p2KnzXte8fEgQWf4_RAVzpVc0SCm-B08.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d4d8f4b29eb5d3ee9d8a9f35ed7bc7c481059fe3f440573a557344829be074f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 15:30:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
194165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14279
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Mar 2024 15:30:30 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CDA1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023032001&jk=441607153687539&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 46EB 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?fnKcrA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gaAccount
buy.tinypass.com/api/v3/anon/assets/ 		78 B
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=8Gu2Z8RCvZ&tbc=%7Bkpex%7DiofJRGKHV_eg-X1cjc-bPWp9-jjHb1W6dUuxKe3DQZ-eHqX2PJilglda91ubTy3t&user_provider=piano_id_lite&user_token=&callApiJsonp=true&callback=jsonp8367
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e83cccad9e78c00c2393b3d9651ecbae18d2534524150173682c73a24a4127d9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:35 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
wn
prod-dash-10-0-123-205
server
cloudflare
content-type
application/javascript
server-time
0.001
p3p
CP="NON DSP COR OUR IND"
cache-control
public, max-age=86400, s-maxage=86400
x-forwarded-https
on
cf-ray
7ac9c0e7dba1925c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Mbwszrr2kWz
gaAccount
buy.tinypass.com/api/v3/anon/assets/ 		78 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=8Gu2Z8RCvZ&tbc=%7Bkpex%7DiofJRGKHV_eg-X1cjc-bPWp9-jjHb1W6dUuxKe3DQZ-eHqX2PJilglda91ubTy3t&user_provider=piano_id_lite&user_token=&callApiJsonp=true&callback=jsonp8368
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99bc84613ed64a1d5dcda661571628d22353952e8671b2c7703490b7c249c4b1
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:35 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
wn
prod-dash-10-0-87-4
server
cloudflare
content-type
application/javascript
server-time
0.004
p3p
CP="NON DSP COR OUR IND"
cache-control
public, max-age=86400, s-maxage=86400
x-forwarded-https
on
cf-ray
7ac9c0e7fbcc925c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Mbwszrrexf7
gaAccount
buy.tinypass.com/api/v3/anon/assets/ 		78 B
458 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=8Gu2Z8RCvZ&tbc=%7Bkpex%7DiofJRGKHV_eg-X1cjc-bPWp9-jjHb1W6dUuxKe3DQZ-eHqX2PJilglda91ubTy3t&user_provider=piano_id_lite&user_token=&callApiJsonp=true&callback=jsonp8369
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cccb882f6e25c62463d6239dadd09b8d56e9d6426cf98e72dcdcd1add747a975
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:35 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
wn
prod-dash-10-0-118-145
server
cloudflare
content-type
application/javascript
server-time
0.001
p3p
CP="NON DSP COR OUR IND"
cache-control
public, max-age=86400, s-maxage=86400
x-forwarded-https
on
cf-ray
7ac9c0e7fbd1925c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Mbwszrrh41r
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023032001&jk=441607153687539&bg=!8_Cl8KTNAAbO2UOH7tk7ADkAdvg8WtA61PIJssQgvNozfCE2TWQMqMCJ2P_3OqiNt-Dj6ed6G_YPgysLB5uILUMjV28VIG6TMqMCAAAAR1IAAAAEaAEHCgCJ8QOTD-_ZYkI6QtyCFy6w8ViI2eBjFSqG7SVVmnbaepuGVZtzryWrvrMtMGiutXUfRnXj3GSvzVraQ8l7nryeR3QBTo1BWoL25gk-3GNZAfLxuDjj6eHQOVaPHdcMe2cPEdkMDTpVSB1zelu95hUcM9NE2FtTWSpVaLEveU-zXT_401md5FBQtNuZAqMZb7izuqXPZccpY7_YnTDZbwhJrMwlykhzovh2DvaRjLv-RQJP_M7dZh-q-wzhIWUQemBFaAyqSuO4jhnW2NkY-9ASdsdfqRP1LfLKL1BRFPu5z2FDXA3I5lTpDl1Hx29LwoYm4jRNFSYrqrtRdz5fAd91nphT7xS3MD2bheoHtRmRP7Nubf-p-swyeoAVA8jAY_2pgpan8gvcaqQ5OH9VysZxHe17YOSjNaO0PBX_V3xKKzXhAGoiIrAyzY9rjXyhVKO4VUpIVOVwGdZs5ydczrBNxfKDYVziY79pdy_ErQJGnzdsYOOweEjKXv24Vkz43YejZOKV29eoAH96Dymd787qFg8-CDLr6vLZiAXxERjFZSJlcfZ9mFEaC-eYUtUjMy6-Br0nj28V2firWaBmvtOKBFOgNpijXsGnlxhojiXBPg2dE0W0A7b1cfPZ29OnPc-vhU_XA4jTtZtXxsL2F6zu7sT8Wd4sbRR_vL5rPwNxEQJDDaD4psDTfYQWo249pzt8EKFqjHGr7CwoCG4NidQJa_YBuIO3u5A0R1uuOGLAYOhPwiE9PT3-aF0RNHwS6MK88oJuYVWB_ZIZjsTJ9ThLpk6l0obsUGRvo6_5x5k4skTAZJTXvkcy9pHQyOJELlFM5lfpiakfnDmDvEFtciqTu47JPNYwZpGrpALVY1MLriVbQKsVi4iJ0cDmIbdStGxtUX0i-QoZkymECxWq8qCEF9PIJVL7Bz0f3KCekaIVTddM80Xsbtd8dcwFF9saBh8PJG7lWUzWxnVBBew5g9AugP1u40LJz5PhZZHeAeisKxq93IP5wQegXQtJOD5KJHQTOd2NiWBeBbgO64q68cwdXTqqZwgLc4sT7hBEy8UjCcB8IBWpo5yY3LP39kUcW-U
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Mar 2023 20:05:11 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4884
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 23 Mar 2023 22:05:11 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1571381025&t=event&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=checkoutCustomEvent&el=Checkout%20custom%20event&_u=6DDAAEABAAQCACgFK~&jid=1851403182&gjid=712081910&cid=1032820800.1679606790&tid=UA-16643585-16&_gid=923251378.1679606791&_r=1&z=2001638965
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1571381025&t=event&_s=2&dl=https%3A%2F%2Fwww.mlive.com%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=experienceExecute&el=Experience%20execute&_u=6DDAAEABAAQCACgFK~&jid=&gjid=&cid=1032820800.1679606790&tid=UA-16643585-16&_gid=923251378.1679606791&z=450977526
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
12084
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1571381025&t=event&_s=3&dl=https%3A%2F%2Fwww.mlive.com%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=showTemplate&el=Show%20template&_u=6DDAAEABAAQCACgFK~&jid=&gjid=&cid=1032820800.1679606790&tid=UA-16643585-16&_gid=923251378.1679606791&z=2067053671
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
12084
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1571381025&t=event&_s=4&dl=https%3A%2F%2Fwww.mlive.com%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=meterActive&el=Meter%20active&_u=6DDAAEABAAQCACgFK~&jid=&gjid=&cid=1032820800.1679606790&tid=UA-16643585-16&_gid=923251378.1679606791&z=2001429852
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
12084
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-16643585-16&cid=1032820800.1679606790&jid=1851403182&gjid=712081910&_gid=923251378.1679606791&_u=6DDAAEABAAQCACgFK~&z=1401058095
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 23 Mar 2023 21:26:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
envelope
lexicon.33across.com/v1/ 		49 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0014000001PAW0LAAX&gdpr=0&src=pbjs&ver=7.40.0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Mar 2023 21:26:36 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
prebid
id5-sync.com/api/config/ 		135 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
989e7134f8b722c049f5553bf85347c9052fe40f7c35915f7d18a348ed4de84b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Thu, 23 Mar 2023 21:26:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		43 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.70.182 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-70-182.us-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:36 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.41.23.69
access-control-allow-credentials
true
content-length
43
expires
0
envelope
api.rlcdn.com/api/identity/ 		0
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=115
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Mar 2023 21:26:36 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
usync.html
eus.rubiconproject.com/ Frame 24D4 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.125.209 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-125-209.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Thu, 23 Mar 2023 21:26:36 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D1C2 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=47458
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 23 Mar 2023 21:26:36 GMT
expires
Fri, 24 Mar 2023 10:37:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 541D 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a6c6498d03879dad677e9e550748902d81cc6110ea055649f829fbb6f21a375d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7831
content-type
text/html; charset=UTF-8
date
Thu, 23 Mar 2023 21:26:36 GMT
expires
Sat, 25 Mar 2023 21:26:36 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame 4525 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
826
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7ac9c0efaf6d9076-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 23 Mar 2023 21:26:36 GMT
expires
Fri, 24 Mar 2023 01:26:36 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
e2a664215c370cd0772602ff4598e55533684b825ef877fac321ac788bb9ebd3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Thu, 23 Mar 2023 21:26:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame 24D4 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.125.209 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-125-209.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7ca8151d74dab3a06a32673b5f4075656c91246ba7d6ac376707ef6cfa77c004

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:36 GMT
content-encoding
gzip
last-modified
Thu, 23 Mar 2023 07:35:53 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=36537
content-length
9996
expires
Fri, 24 Mar 2023 07:35:33 GMT
392.json
id5-sync.com/g/v2/ 		216 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/392.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
0ee86a9a195093be9044789a89d45cc002fd674803da3adc43453482f424e7ec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Thu, 23 Mar 2023 21:26:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
rubicon
match.adsrvr.org/track/cmf/ Frame 24D4 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 23 Mar 2023 21:26:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 24D4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/tY1mVoXD3PooOYgIlZHSIsn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xDuw2jdE2oKeMm3Gka1trHeS0bn_K0ir6giq7Q--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xDuw2jdE2oKeMm3Gka1trHeS0bn_K0ir6giq7Q--~A
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 23 Mar 2023 21:26:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xDuw2jdE2oKeMm3Gka1trHeS0bn_K0ir6giq7Q--~A
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 24D4
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=t1mNNubOQrOQYv9hfIZrNQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=t1mNNubOQrOQYv9hfIZrNQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=t1mNNubOQrOQYv9hfIZrNQ
Protocol
HTTP/1.1
Server
52.94.223.167 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 21:26:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QC1TN9FJ8H7KF1P7A8ZC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=t1mNNubOQrOQYv9hfIZrNQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 24D4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZMTUlNQlktMVUtTEtNTg==&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZMTUlNQlktMVUtTEtNTg==&us_privacy=1---
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZMTUlNQlktMVUtTEtNTg==&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 24D4
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xBOEhgr0TaSM5d0gtu60bQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xBOEhgr0TaSM5d0gtu60bQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xBOEhgr0TaSM5d0gtu60bQ
Protocol
HTTP/1.1
Server
52.46.155.104 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 21:26:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NS1QWZV191H6K5S75TYT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xBOEhgr0TaSM5d0gtu60bQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 24D4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LFLMIMBY-1U-LKMN&us_privacy=1---
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LFLMIMBY-1U-LKMN&us_privacy=1---
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:36 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 68AF4A87E99248599256D2791DD8502D Ref B: FRAEDGE1219 Ref C: 2023-03-23T21:26:36Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX3l+5/KahZUDsKs35Mtg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LFLMIMBY-1U-LKMN&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 24D4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELX5cg7ySN1Xfc5bfEWbsIg&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELX5cg7ySN1Xfc5bfEWbsIg&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELX5cg7ySN1Xfc5bfEWbsIg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 24D4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2NhMzc0YTk5N2IzZDFjNDg0MjhhZTMyZDU0Y2QxOGI1ZThlMzA5Yw&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2NhMzc0YTk5N2IzZDFjNDg0MjhhZTMyZDU0Y2QxOGI1ZThlMzA5Yw&us_privacy=1---
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2NhMzc0YTk5N2IzZDFjNDg0MjhhZTMyZDU0Y2QxOGI1ZThlMzA5Yw&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
PugMaster
image6.pubmatic.com/AdServer/ Frame D1C2 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=78004163&p=159879&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.112 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
00913ff90a19f149865478bf29cf3c10200f1ffaccd211b2ff72c96e7e4ee9a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 23 Mar 2023 21:26:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatch
ssum-sec.casalemedia.com/ Frame D28A 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
624271afe8ff824140c000951f9777484dd6c7f8250a477fdddb37c312544587

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1751
Content-Type
text/html
Date
Thu, 23 Mar 2023 21:26:36 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GG8B674XK4&gtm=45je33m0&_p=1571381025&cid=1032820800.1679606790&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&dl=https%3A%2F%2Fwww.mlive.com%2F&sid=1679606790&sct=1&seg=0&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GG8B674XK4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame D28A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 23 Mar 2023 21:26:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame D28A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZBzECOjops6SJwUPtNnhkAAABGwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEF26cOdXt5-OPofZxc7Yktk&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEF26cOdXt5-OPofZxc7Yktk&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 21:26:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEF26cOdXt5-OPofZxc7Yktk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame D28A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBzECOjops6SJwUPtNnhkAAABGwAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBzECOjops6SJwUPtNnhkAAABGwAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBzECOjops6SJwUPtNnhkAAABGwAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.155.104 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 21:26:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7CEGE2BH1J4N07E7R6ZG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 21:26:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FCT8PKYASKNJ48H4P0C7
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBzECOjops6SJwUPtNnhkAAABGwAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D28A
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=466343846656193357
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=466343846656193357
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 21:26:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 23 Mar 2023 21:26:37 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.100; 80.255.7.100; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8af5fbf4-f644-49bd-9f70-d3f7f73badbc
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=466343846656193357
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D28A
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f3d841e7-a84b-4032-86f5-f244376716e6&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f3d841e7-a84b-4032-86f5-f244376716e6&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 21:26:37 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f3d841e7-a84b-4032-86f5-f244376716e6&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Thu, 23 Mar 2023 21:26:37 GMT
server
_
content-length
0
crum
dsum-sec.casalemedia.com/ Frame D28A
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433827013077559
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433827013077559
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 21:26:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433827013077559
Date
Thu, 23 Mar 2023 21:26:37 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rum
dsum.casalemedia.com/ Frame D28A
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1679693197
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1679693197
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 21:26:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1679693197
pragma
no-cache
date
Thu, 23 Mar 2023 21:26:37 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame D28A
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1695504397&external_user_id=909f6f5b-ec05-4bd0-ac89-1f01ee4cf18c
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1695504397&external_user_id=909f6f5b-ec05-4bd0-ac89-1f01ee4cf18c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 21:26:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Thu, 23 Mar 2023 21:26:37 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1695504397&external_user_id=909f6f5b-ec05-4bd0-ac89-1f01ee4cf18c
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
htw-pixel.gif
cdn.indexww.com/ht/ Frame D28A 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZBzECOjops6SJwUPtNnhkAAA%261132
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:37 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
82257
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ac9c0f2ddf3bbb9-FRA
content-length
43
expires
Fri, 24 Mar 2023 21:26:37 GMT
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 46EB 		85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 23 Mar 2023 21:26:37 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn-etou8220032-HHN
x-timer
S1679606797.009954,VS0,VE89
dcm
s.amazon-adsystem.com/ Frame D9E7 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=B5760B92-E6B2-48AF-B3CB-87EE4A2C5614&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Mar 2023 21:26:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
3M4JCM1CKQB0M5ZT8CRS
services
sync.technoratimedia.com/ Frame 2DD5
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEZ0pVN0lPWWdBQUNEQk96akFuZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADgJU7IOYgAACDBOzjAng&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_cur...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADgJU7IOYgAACDBOzjAng&pid=558502&do=add&gd...
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADgJU7IOYgAACDBOzjAng&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5070361841442596527&gdpr=0&gdpr_consent=
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AADgJU7IOYgAACDBOzjAng&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D5070361841442596527%26gdpr%3D0%...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AADgJU7IOYgAACDBOzjAng&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D5070361841442596527%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:bf17:cd18:9a23:846c -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://ads.pubmatic.com/
age
0
date
Thu, 23 Mar 2023 21:26:39 GMT
server
nginx
via
1.1 varnish
x-varnish
838575650

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 23 Mar 2023 21:26:39 GMT
Server
gunicorn
location
https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AADgJU7IOYgAACDBOzjAng&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D5070361841442596527%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0
strict-transport-security
max-age=2592000; includeSubDomains
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D1C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tXYLkuaySK-zy4fuSixWFA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:37 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=47457
accept-ranges
bytes
content-length
5554
expires
Fri, 24 Mar 2023 10:37:34 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame D1C2 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B5760B92-E6B2-48AF-B3CB-87EE4A2C5614&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.70.182 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-70-182.us-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:37 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.41.30.81
content-length
49
expires
0
xuid
eb2.3lift.com/ Frame D1C2 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=B5760B92-E6B2-48AF-B3CB-87EE4A2C5614&dongle=u6nf&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 23 Mar 2023 21:26:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
insync
thrtle.com/ Frame D1C2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=B5760B92-E6B2-48AF-B3CB-87EE4A2C5614&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.159.80 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers
Pug
image2.pubmatic.com/AdServer/ Frame D1C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjU3NjBCOTItRTZCMi00OEFGLUIzQ0ItODdFRTRBMkM1NjE0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
204.237.133.120 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 23 Mar 2023 21:26:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D1C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDcBr_ay7MA1slmT_G_JfIk&google_cver=1
42 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDcBr_ay7MA1slmT_G_JfIk&google_cver=1
Protocol
H2
Server
204.237.133.120 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 23 Mar 2023 21:26:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 21:26:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDcBr_ay7MA1slmT_G_JfIk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame D1C2 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:37 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 22 Mar 2023 21:26:37 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D1C2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4542866167504511299&gdpr=0&gdpr_consent=&us_privacy=
1 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4542866167504511299&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
104.36.113.107 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 23 Mar 2023 21:26:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4542866167504511299&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 23 Mar 2023 21:26:36 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
generic
match.adsrvr.org/track/cmf/ Frame D1C2 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 23 Mar 2023 21:26:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
B5760B92-E6B2-48AF-B3CB-87EE4A2C5614
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D1C2 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/B5760B92-E6B2-48AF-B3CB-87EE4A2C5614?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:63ca:667c:7caf:5a80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame D1C2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B5760B92-E6B2-48AF-B3CB-87EE4A2C5614&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-P74ZsR1E2uXvjBtH009RMsz0SWXaI20-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-P74ZsR1E2uXvjBtH009RMsz0SWXaI20-~A&gdpr=0
Protocol
H2
Server
204.237.133.121 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-P74ZsR1E2uXvjBtH009RMsz0SWXaI20-~A&gdpr=0
date
Thu, 23 Mar 2023 21:26:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-eqtQdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-OA2rgEk%2F0rYACQ%3D%3D&sc=1&os=1-Sw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&fl=1&j=&xc=0&xb=0&xa=0&md=0&mc=0&lb=12712&ld=0&lc=0&la=0&cw=1600&cx=1200&sh=12712&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1679606790430&de=577031951178&rx=919770832903&cu=1679606790430&m=6760&ar=03b6d3f0bdc-clean&iw=21030cf&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1815%3A1815%3A4070%3A1795&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5120&cd=0&ah=5120&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=202622&na=1726254328&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 23 Mar 2023 21:26:37 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 23 Mar 2023 21:26:37 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame D1C2 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159879&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.121 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 21:26:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&f_privb=0&tid=a05742bd-3278-473b-b672-b1d7bfbbd95b&pid=861f216c-a69c-4849-971f-ddac30606012&dtm=1679606800663&qnm=_matherq&visible=1&tabid=b47e6e5b-cc9d-4515-ad41-a18129a33455&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x1200&tofa=1679606791&vid=1&lvidt=1679606791&duid=9a3cd9a3080047bd&fp=2417809956&cid=ma63527&mrk=484602605&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY3OTYwNjc4Nzk1MSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIyNC41bWIiLCJoZWFwVCI6IjI3LjZtYiIsImZzdFBhaW50IjoiMTgxNSIsImZldGNoUyI6IjU5NCIsImRvbWFpblMiOiI1OTUiLCJkb21haW5FIjoiNjM0IiwiY29ublMiOiI2MzQiLCJjb25uRSI6Ijc2NCIsInNzbFMiOiI2NzMiLCJyZXF1UyI6Ijc2NSIsInJlc3BTIjoiMTU1MiIsInJlc3BFIjoiMTcxOCIsImRvbUxvYWQiOiIxNTU2IiwiZG9tSW50ZXIiOiIxNzk1IiwiZG9tTG9hZFMiOiIxOTU3IiwiZG9tTG9hZEUiOiIyMDgxIiwiZG9tQ21wbHQiOiI0MDU2IiwibG9hZFMiOiI0MDY2IiwibG9hZEUiOiI0MDcwIn19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.216.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-216-79.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Thu, 23 Mar 2023 21:26:40 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-eqtQdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-OA2rgEk%2F0rYACQ%3D%3D&sc=1&os=1-Sw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&fl=1&j=&xc=0&xb=0&xa=0&md=0&mc=0&lb=12712&ld=0&lc=0&la=0&cw=1600&cx=1200&sh=12712&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1679606790430&de=577031951178&rx=919770832903&cu=1679606790430&m=11769&ar=03b6d3f0bdc-clean&iw=21030cf&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1815%3A1815%3A4070%3A1795&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10129&cd=5120&ah=10129&am=5120&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=202622&na=630364145&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 23 Mar 2023 21:26:42 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 23 Mar 2023 21:26:42 GMT

Verdicts & Comments Add Verdict or Comment

656 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 boolean| credentialless function| admiral object| googletag object| sophi number| a object| sophiSegments object| BOOMR_mq string| BOOMR_API_key object| BOOMR string| environment object| adiData object| dataLayer object| Fusion object| react object| React object| ReactDOM object| PropTypes object| StyledComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| adiTrackPromise object| adiTrack function| addUspapiFrame function| optOutMsgHandler function| __uspapi object| usPrivacyCookie object| otCcpaOptOut function| dnsfeed object| CDP object| apstag object| pbjs boolean| bcDFPCallbackCalled function| bcDFPCallback object| lotame_963 object| burtApi object| AdManager function| adhesionInit object| Advance object| tp object| SWG object| OneTrustStub object| $OPHI_GN function| sophiTag object| Snowplow function| 4dm1r11545242527 object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| idl object| teads_analytics string| bcHostname object| pArray function| adiGetLotameValue object| lotameSegments object| pianoScript boolean| isOriginalIDL undefined| revgenDebug string| bcAffiliateProp string| logStyle function| handleProfileProperties function| debouncedHandleProfileProperties function| loadValuesFromBlueConic function| debounce function| storeIDLInfo function| setOriginalIDL function| retry function| retryGetProfileProps function| emitIDLInfo function| retryEmitIDLInfo function| setLiveRampsIDL function| waitForBcPageView function| waitForATS function| waitForAuth0 function| waitForWall function| waitForBC function| pathValue object| IDLExists object| isIDLReportingPending object| isProfileUpdatePending object| atsPromise object| profilePromise object| loginAuth0Promise object| emailWallPromise object| atsScript string| GoogleAnalyticsObject function| ga object| PARSELY object| _comscore function| fbq function| _fbq string| meterContentType object| _linkedin_data_partner_ids boolean| _already_called_lintrk function| twq object| __otccpaooLocation function| lotameIsCompatible function| lt963_ba function| lt963_b undefined| lt963_c undefined| lt963_ca undefined| lt963_da function| lt963_ea object| lt963_e function| lt963_fa function| lt963_g function| lt963_ha object| lt963_ object| lt963_na object| lt963_oa object| lt963_Na object| lt963_Xa object| lt963_Ya object| lt963_7 function| lt963_aa function| lt963_a function| lt963_d function| lt963_f function| lt963_h function| lt963_ga function| lt963_ia function| lt963_i function| lt963_ja function| lt963_j function| lt963_k function| lt963_l function| lt963_m function| lt963_n function| lt963_la function| lt963_ka function| lt963_o function| lt963_p function| lt963_ma function| lt963_q function| lt963_r function| lt963_s function| lt963_t function| lt963_u function| lt963_sa function| lt963_pa function| lt963_qa function| lt963_w function| lt963_ra function| lt963_x function| lt963_y function| lt963_z function| lt963_A function| lt963_v function| lt963_B function| lt963_C function| lt963_ta function| lt963_D function| lt963_E function| lt963_ua function| lt963_F function| lt963_G function| lt963_va function| lt963_H function| lt963_I function| lt963_J function| lt963_L function| lt963_M function| lt963_N function| lt963_K function| lt963_wa function| lt963_xa function| lt963_O function| lt963_ya function| lt963_za function| lt963_Aa function| lt963_Ba function| lt963_Ca function| lt963_Da function| lt963_Ea function| lt963_Ia function| lt963_Fa function| lt963_Ga function| lt963_Ha function| lt963_Ja function| lt963_La function| lt963_Ka function| lt963_Ma function| lt963_P function| lt963_Oa function| lt963_Pa function| lt963_Qa function| lt963_Ra function| lt963_Sa function| lt963_Ta function| lt963_Ua function| lt963_Va function| lt963_Wa function| lt963_Q function| lt963_Za function| lt963__a function| lt963_0a function| lt963_R function| lt963_S function| lt963_1a function| lt963_T function| lt963_U function| lt963_2a function| lt963_3a function| lt963_V function| lt963_W function| lt963_X function| lt963_Y function| lt963_4a function| lt963_6a function| lt963_5a function| lt963_Z function| lt963__ function| lt963_0 function| lt963_1 function| lt963_4 function| lt963_8a function| lt963_$a function| lt963_9a function| lt963_bb function| lt963_ab function| lt963_2 function| lt963_cb function| lt963_db function| lt963_3 function| lt963_7a function| lt963_eb function| lt963_fb function| lt963_gb function| lt963_hb function| lt963_5 function| lt963_6 function| lt963_ib function| lt963_jb function| lt963_kb function| lt963_lb function| lt963_mb function| lt963_nb function| lt963_ob function| lt963_pb function| lt963_qb function| lt963_rb function| lt963_8 function| lt963_ub function| lt963_vb function| lt963_tb function| lt963_sb function| lt963_xb function| lt963_wb function| lt963_zb function| lt963_yb function| lt963_Ab function| lt963_Bb function| lt963_Cb function| lt963_Db function| lt963_Eb function| lt963_Fb function| lt963_Hb function| lt963_Kb function| lt963_Jb function| lt963_Gb function| lt963_Nb function| lt963_Ib function| lt963_Lb function| lt963_Pb function| lt963_Ob function| lt963_Qb function| lt963_Mb function| lt963_Rb function| lt963_Sb function| lt963_Tb function| lt963_9 function| lt963_Ub function| lt963_Vb function| lt963_Wb function| lt963_Xb function| lt963_Yb function| lt963_$ function| lt963_Zb function| lt963__b function| lt963_0b function| lt963_1b function| lt963_2b function| lt963_3b function| lt963_4b function| lt963_5b function| lt963_7b function| lt963_8b function| lt963_9b function| lt963_6b object| ggeac object| google_js_reporting_queue boolean| apstagLOADED object| apscustom object| _aps object| lotame_sync_16576 function| onYouTubeIframeAPIReady object| gaGlobal object| pbjsChunk object| _pbjsGlobals object| mnet object| __li__evt_bus object| liQ object| liQ_instances object| blueConicPreListeners function| BCClass object| blueConicClient undefined| google_measure_js_timing function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_Q object| sync16576_ua object| sync16576_va function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_K function| sync16576_L function| sync16576_M function| sync16576_J function| sync16576_la function| sync16576_N function| sync16576_O function| sync16576_P function| sync16576_ma function| sync16576_R function| sync16576_na function| sync16576_oa function| sync16576_pa function| sync16576_S function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_ta function| sync16576_T function| sync16576_U function| sync16576_wa function| sync16576_V function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_xa function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_1 function| sync16576_Aa function| sync16576_ya function| sync16576_2 function| sync16576_za function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_6 function| sync16576_Ca function| sync16576_Da function| sync16576_Ba function| sync16576_8 function| sync16576_Fa function| sync16576_Ga function| sync16576_Ea function| sync16576_9 function| sync16576_7 function| sync16576_Ha function| sync16576_Ia function| sync16576_Ja function| sync16576_Ka function| sync16576_$ function| sync16576_La function| sync16576_Ma function| sync16576_Na function| sync16576_Oa object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| gaplugins object| atsenvelopemodule object| fbcapimodule object| ats object| default_gsi object| google object| closure_lm_715806 object| __G_ID_CLIENT__ number| BOOMR_configt undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 function| __defProp function| __defNormalProp function| __publicField object| SUBSCRIPTIONS object| Moat#PML#26#1.2 boolean| Moat#EVA function| __moatSlotTagLoadedadvanceddigitalheader640552616592 object| COMSCORE object| ns_p function| ttd_dom_ready function| TTDUniversalPixelApi object| twttr function| lintrk function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion function| ___tp object| ID5 undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| PublisherCommonId object| _mather number| _zid object| _matherq object| tid string| url string| ptitle object| Optanon object| OneTrust object| gaData object| filteredSegments object| filteredAudGov object| filteredAudIndividual object| filteredAudVoter object| filteredAudMidterm2022 object| bc_json390 object| bc_json391 function| $ function| RuleService object| _bcp function| BlueConicEngagement object| justDetectAdblock object| bcConnectionUtil function| md5 function| BlueConicDataLayerUtil object| JSONPath string| _contentURL string| _title object| bcSegmentsArray number| bcchunkSize number| num string| chunkString object| bcGASegment string| bcGASegmentName undefined| dcrSegmentsMI number| BOOMR_onload function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_Q object| sync16589_ua object| sync16589_va function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_N function| sync16589_O function| sync16589_P function| sync16589_ma function| sync16589_R function| sync16589_na function| sync16589_oa function| sync16589_pa function| sync16589_S function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_ta function| sync16589_T function| sync16589_U function| sync16589_wa function| sync16589_V function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_xa function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_1 function| sync16589_Aa function| sync16589_ya function| sync16589_2 function| sync16589_za function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_6 function| sync16589_Ca function| sync16589_Da function| sync16589_Ba function| sync16589_8 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ea function| sync16589_9 function| sync16589_7 function| sync16589_Ha function| sync16589_Ia function| sync16589_Ja function| sync16589_Ka function| sync16589_$ function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa object| lotame_sync_16589 object| ox_esp object| __uid2SecureSignalProvider object| __uid2 object| GoogleGcLKhOms object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_135 object| Criteo object| Criteo_identitytag_135 object| PianoESPConfig object| google_image_requests

101 Cookies

Domain/Path Name / Value
h312.mlive.com/DG/DEFAULT Name: BCSessionID
Value: 12f98449-2e30-419e-8199-1f2d67bc687f
advancelocal.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: 12f98449-2e30-419e-8199-1f2d67bc687f
account-coinbase.org/ Name: PHPSESSID
Value: a42ef9613e31069877164877fe6923f4
.mlive.com/ Name: sophiTagses.073a
Value: *
.mlive.com/ Name: _sp_duid
Value: bec80f19-1a54-4835-8345-babc5027588a
.mlive.com/ Name: _gcl_au
Value: 1.1.1411473457.1679606790
.mlive.com/ Name: utag_vnum
Value: 1682198790103&vn=1
.mlive.com/ Name: utag_invisit
Value: true
.mlive.com/ Name: utag_dslv_s
Value: Less than 1 day
.mlive.com/ Name: lotame_domain_check
Value: mlive.com
www.mlive.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.mlive.com/ Name: _li_dcdm_c
Value: .mlive.com
.mlive.com/ Name: _lc2_fpi
Value: 94c49eadf2ac--01gw85ve42v4y2ezdf61fttkgz
.mlive.com/ Name: pbjs_pubcommonID
Value: 50f982dc-f2a4-4426-b89f-26969c379071
www.mlive.com/ Name: last_visit_bc
Value: 1679606790301
www.mlive.com/ Name: authsource_origin
Value: false
.mlive.com/ Name: __gads
Value: ID=4bf440775cab0399:T=1679606790:S=ALNI_MaNXfNjyx-5_qcy23MsaV-w4KXzrQ
.mlive.com/ Name: __gpi
Value: UID=00000bcb205f7c03:T=1679606790:RT=1679606790:S=ALNI_MYHsXa3Vb99zhx8oBQPorR1BD_Kcg
www.mlive.com/ Name: _lr_geo_location_state
Value: BE
www.mlive.com/ Name: _lr_geo_location
Value: DE
.liadm.com/ Name: lidid
Value: 46fe6c9f-fc93-4a63-bce0-87151740a745
.mlive.com/ Name: _ml_ses
Value: *
.mlive.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.mlive.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1679606790680%2C%22slts%22:0}
.mlive.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=bf956692093fd8d7360e13f3b6f0e0ca%22%2C%22session_count%22:1%2C%22last_session_ts%22:1679606790680}
.mlive.com/ Name: _awl
Value: 2.1679606790.5-e34d7e29dd95d88a93410e0a6647649a-6763652d6575726f70652d7765737431-0
.mlive.com/ Name: _cc_id
Value: b31e1e2fecc400a55f3a476067ceeceb
.mlive.com/ Name: _fbp
Value: fb.1.1679606791042.1249001893
www.mlive.com/ Name: usprivacy
Value: 1---
www.mlive.com/ Name: ln_or
Value: eyIzMjUyMzc4IjoiZCJ9
.mlive.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.mlive.com/ Name: _ga
Value: GA1.2.1032820800.1679606790
.mlive.com/ Name: _gid
Value: GA1.2.923251378.1679606791
.mlive.com/ Name: _gat_UA-16643585-16
Value: 1
.postrelease.com/ Name: opt_out
Value: 1
.mlive.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Thu+Mar+23+2023+21%3A26%3A31+GMT%2B0000+(GMT)&version=202302.1.0&isIABGlobal=false&hosts=&consentId=757a8ba9-217a-40ab-9fdc-d254423b6565&interactionCount=0&landingPath=https%3A%2F%2Fwww.mlive.com%2F&groups=1912%3A1%2CC0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1
www.mlive.com/ Name: ntvSession
Value: {"id":8789008,"placementID":773533,"lastInteraction":1679606791131,"sessionStart":1679606791131,"sessionEndDate":1679616000000,"experiment":""}
.t.co/ Name: muc_ads
Value: 68e7814b-26e7-40d3-837a-2884a026b540
.twitter.com/ Name: guest_id_marketing
Value: v1%3A167960679110872151
.twitter.com/ Name: guest_id_ads
Value: v1%3A167960679110872151
.twitter.com/ Name: personalization_id
Value: "v1_oXHDrEGRavVzePv6MPrdFg=="
.twitter.com/ Name: guest_id
Value: v1%3A167960679110872151
.linkedin.com/ Name: UserMatchHistory
Value: AQJgsSqa_5cqQwAAAYcQXbvxiqpiibmxdkMirLAaOBVPbLzl1FN5oVNsgpI6YiVFnnv0f7ZjFdjt0Q
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLJ8Z08AqZTagAAAYcQXbvxCl7V-aWpcIA19MMZ3DJ-pncUxTnmBnPg0q0GEEl2bPH7ioLg8l-Vp7FGqO8Miw
.linkedin.com/ Name: bcookie
Value: "v=2&4e0606c2-6f98-437d-8b37-0620e18f3d05"
.linkedin.com/ Name: lidc
Value: "b=OGST03:s=O:r=O:a=O:p=O:g=2879:u=1:x=1:i=1679606791:t=1679693191:v=2:sig=AQEiitYQpcAcefKVgS5M1W7_qfW75qIS"
.mlive.com/ Name: __li_idex_cache_e30
Value: %7B%22nonId%22%3A%22J-hfOz829fsILlq54CkUZbDQ2tlROeteSkFNrQ%22%7D
.doubleclick.net/ Name: IDE
Value: AHWqTUmYwu4WSYv_THaDguS6RH03ZbhWluWLbc9paG82IgxCUWcmCW0g-sP1rji4q0g
.www.linkedin.com/ Name: bscookie
Value: "v=1&2023032321263136a94fd6-50dd-4627-8ab3-d96452178aa1AQGElCfDI8N0oM8MiN7qU2qVVMpAzffE"
.linkedin.com/ Name: li_gc
Value: MTswOzE2Nzk2MDY3OTE7MjswMjHatXF6TRjw4oBdi/cEKzkZQ+Odi0dEjauCHgA9SBK4EA==
.rubiconproject.com/ Name: khaos
Value: LFLMIMBY-1U-LKMN
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoxeD2HDdsWEANb0fGVcfL/XWaA1sYWTLGb55ZO9yeicw33mXJoKTYwdMjVyH5gNUsiPnBiMlBpvz/8MtLNt/YeX33aSv+dBZc=
www.mlive.com/ Name: BCSessionID
Value: 12f98449-2e30-419e-8199-1f2d67bc687f
advancelocal.blueconic.net/ Name: AWSALBCORS
Value: L4++LbyvzmmauvdAA+p3eQwaI4Or2buO2muJD/zSfKVJkSundjjxi/ocPG5IiY5xas0LmW72a2b8gTe3PjY6HwKEY3v1eXHV1W6lx8Zug0C9S+p6UmWpReiPaSqw
.www.mlive.com/ Name: RT
Value: "z=1&dm=www.mlive.com&si=3611c467-61c1-4794-8c93-d26a228facb2&ss=lflmijxr&sl=1&tt=352&rl=1&ld=354"
.mlive.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22lflmilxxjet4r0eq%22%7D
.criteo.com/ Name: uid
Value: cb3bd6f2-08cb-412b-a93f-ac38d0d2330c
.openx.net/ Name: i
Value: 42a4d191-b04d-4c02-8bc1-dddce233c4d1|1679606792
.piano.io/ Name: __cf_bm
Value: Ne56rLgcv7TouL0I2PmCi0Rrfh5UbgfAXfbY_6D8Z98-1679606792-0-AQLoK48/y5NOLEI1NGPkH9nqhRFQGft3HpvRy5stuNvQyThJjRATv9cPJF4fvFOokdQSbTXTelDvFaxeeJsdiV8=
.mlive.com/ Name: __tbc
Value: %7Bkpex%7DiofJRGKHV_eg-X1cjc-bPWp9-jjHb1W6dUuxKe3DQZ-eHqX2PJilglda91ubTy3t
.mlive.com/ Name: __pat
Value: -14400000
.mlive.com/ Name: __pvi
Value: eyJpZCI6InYtMjAyMy0wMy0yMy0yMS0yNi0zMC01NjAtbFNNcEpHTFd3Zk1oT2UzaC01YWE2ZThlNWVmNzYxMjQ1MzJmNjU4OTQ2NGRmMjIyOCIsImRvbWFpbiI6Ii5tbGl2ZS5jb20iLCJ0aW1lIjoxNjc5NjA2NzkyNDY4fQ%3D%3D
.mlive.com/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAE0RXQF8g
.mlive.com/ Name: xbc
Value: %7Bkpex%7Dyzybhy0u91siXCSaNPucA8ezgJzTv0Ur5egnXmgKlOsDFhMo_HIu1PK2ixp554jAvwqykpvDdn85TN5Sc2bZ8DxpeH0zthYOXLLahE3kGndVsbFJ64czWLLzeQ9np5JnsGfSqxSezjGecnTwc55K38bcH2IUcNbenIvR9h1KydI_yWElcpE9L0bSmxG5XPjizI6D7K7IjFF-8qsdk1HYspa_wEAreVbbKZM6Uno14gpDFHMmxofFmGMmJK_bFKHUcwCHgyZP5C1I8m3C8GKIVePkrbbnf4x9QyELAFMawQVRX_Q2hjUT51ix0aBF2bLpqWi_1zAwRc8Wwu6qjuhvLX1uUKly-TzfDwfMdaI1CiND52H6VzEGEMJX28TpXbfmODgnql8srOkhqjcp7wQJwEOiyse_PLCDtXgm3b5W_a2sBN4KHTLQqP7HsBQVEJ2Jm2F-uFX4nbVz_9AfkFoEM3xF-jnnI-5T-m2FVZ2AFubBBcOUdqU4EKWWBFb0o6r4gAjxmvMINR4k_DzVBr1iFRJSs5aTHWWJD_-d2XauhAg5uH_OMMQ-kz7XqHqnrCDC1ro_nQlZyDUGsWwlXEYBTkvnfGsQnVVadtdzewqHaO_0BbK7JnLx81Q8jZIGxDmjN998rHPDGTK_970XirqlhCiH16zkb1eR-v-ZibrDnxJjJMH0ggsnoJFZjyknBRYS9BmAO6myNBZkNCc85PYYV2LLw319WVPb5S6Tz3aiMA90YTH9AfJd3Q_xVOTyv5s1__AMkDSkJZz4LK447ounsYG6OZt3s-UAgfxLsXdoFnmSCUrpSF7m0rotLvndsooe_2mHW0J9PWnzXQCKvhblbEhRwsWSsXA1cTNH1yFjK6OSLVmNFfUlwoCp2uH0ZCK--9IuTQUpXXagqr7cARrIPnX3eHfUQh6j2L-doryHYJRpRklHg0LwhG3O-jsIneYTx478II7yLGplgfHTCo-Tf0QnJIHW0t9lS3JRj38gTCs4IYog2LfMfgpfXHBWvGK0hcWhthBprThiP_tmuuUdGOYIKioXSNoKyjE7jIsuZeLMTT4OfNWhkK1OBA98nwWLCE4QuAD195q1QEMA3qD5CQ
.www.mlive.com/ Name: _pc_sup_support_acq-sup2
Value: 10
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C$GdV#p[!]tbPl1M>e)ZlrFUfJ+tGXxoX8yVgbA`_y::9qREN=hnbUGKP$XOq$kp98_:%nugO%v4VB%nn(=*%KZy
h312.mlive.com/ Name: AWSALB
Value: K13MuHS86fn/8s5GvGPbcEcKdMKaFUBEWHOqHzEBZr87XMsXQ/1RxVn6ExrRjHm3tCf21b6PK0f+y1YLVeqYAfNqcAkuQQjHbXYpp/b4UTb4TJSNQ9qHPOfhLmUI
h312.mlive.com/ Name: AWSALBCORS
Value: K13MuHS86fn/8s5GvGPbcEcKdMKaFUBEWHOqHzEBZr87XMsXQ/1RxVn6ExrRjHm3tCf21b6PK0f+y1YLVeqYAfNqcAkuQQjHbXYpp/b4UTb4TJSNQ9qHPOfhLmUI
.mlive.com/ Name: _ml_id
Value: 9a3cd9a3080047bd.1679606791.1.1679606793.1679606791
.adnxs.com/ Name: uuid2
Value: 466343846656193357
.casalemedia.com/ Name: CMPS
Value: 1132
.casalemedia.com/ Name: CMPRO
Value: 1132
.casalemedia.com/ Name: CMID
Value: ZBzECOjops6SJwUPtNnhkAAA
.3lift.com/ Name: tluid
Value: 3889280140415999094958
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%220A0D6A80-6276-47DC-9A3A-B567A2ABBF76%22%7D
.de17a.com/ Name: guid
Value: 1.3306351592432583479
.mathtag.com/ Name: uuid
Value: 91c9641c-c408-4000-8c59-f83016d76736
.mathtag.com/ Name: mt_mop
Value: 4:1679606792
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZBzECAACorH0ngAo
.mlive.com/ Name: cto_bundle
Value: oymajl9LSXFkNkd2VENSSGllVm1RaiUyRlA2SVNoejBBJTJCM1J3aUhTT1JscTVuYmNRJTJCSHZXZzFhWEFrVHYlMkI5NU51MFdvU2hIZXF6ZVMlMkJPRzVQWHM4QkZCMDdGQnYxN2VLQWtpTlZQQmg0SG80ZWdqQmNsNDZvcjZsdW1VMWdSeE1kNW5HbFdHUVpFMkUlMkY3SnN2ZEpwWkJGbVZwWmclM0QlM0Q
.go.sonobi.com/ Name: HAPLB8S
Value: s8558|ZBzED
.mlive.com/ Name: utag_vs
Value: 5
.mlive.com/ Name: utag_dslv
Value: 1679606793072
.mlive.com/ Name: sophiTagid.073a
Value: bec80f19-1a54-4835-8345-babc5027588a.1742766990045.1.1679606793.1742766990045.01b0a04c-0ffe-4bd2-a759-e94f48cd5843
www.mlive.com/ Name: offer_config
Value: %257B%2522type%2522%253A%2522bottomfixed%2522%252C%2522version%2522%253A%2522cta%2522%252C%2522placement%2522%253A%2522bottom-fixed%2522%252C%2522newsletterId%2522%253A%2522%2522%252C%2522closable%2522%253A%2522true%2522%257D
.mlive.com/ Name: _ga_GG8B674XK4
Value: GS1.1.1679606790.1.0.1679606793.0.0.0
.quantserve.com/ Name: d
Value: EHoBCQHKKIEA
.quantserve.com/ Name: mc
Value: 641cc409-0bfca-8ed3e-e771c
.tribalfusion.com/ Name: ANON_ID
Value: agnsIHSkTseAutomjtphFyPbjcOYSiPk5WET76VSovWofeUCv64tRDuiFZcXk2VpOKZdCZaxlNE6JyZbUgibnQRxfMvc
.yahoo.com/ Name: A3
Value: d=AQABBAnEHGQCENZsiozrG8R8MRF-YF8ZIDkFEgEBAQEVHmQmZAAAAAAA_eMAAA&S=AQAAAoDwTXiBLjZpXJPSbpvSHDo
.bidswitch.net/ Name: tuuid
Value: 8851d4e7-f5fe-40b9-ac68-88558d2a6ced
.bidswitch.net/ Name: c
Value: 1679606793
.bidswitch.net/ Name: tuuid_lu
Value: 1679606793
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B5760B92-E6B2-48AF-B3CB-87EE4A2C5614
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~2aol
www.mlive.com/ Name: _lr_sampling_rate
Value: 100
.mlive.com/ Name: _gat_pianoTracker
Value: 1
www.mlive.com/ Name: pbjs_li_nonid
Value: %7B%22nonId%22%3A%22J-hfOz829fsILlq54CkUZbDQ2tlROeteSkFNrQ%22%7D
www.mlive.com/ Name: _lr_retry_request
Value: true
www.mlive.com/ Name: _lr_env_src_ats
Value: false
.ads.pubmatic.com/ Name: KCCH
Value: YES
.amazon-adsystem.com/ Name: ad-id
Value: AyOZcMD1bk6Lvhmb0YQdq0A|t

3 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=115
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B5760B92-E6B2-48AF-B3CB-87EE4A2C5614&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=B5760B92-E6B2-48AF-B3CB-87EE4A2C5614&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
a.tribalfusion.com
aa70635a3fa75a55401c5ff4bfe0f5cd.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
account-coinbase.org
accounts.google.com
ad.turn.com
ads.pubmatic.com
ads.rubiconproject.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
advancelocal.blueconic.net
ampcid.google.com
ampcid.google.de
analytics.twitter.com
api-v3.tinypass.com
api.rlcdn.com
app.matheranalytics.com
apps.sophi.io
at.teads.tv
ats-wrapper.privacymanager.io
bcp.crwdcntrl.net
bh.contextweb.com
buy.tinypass.com
c.amazon-adsystem.com
c.go-mpulse.net
c2.piano.io
casale-match.dotomi.com
cdn.cookielaw.org
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdn.parsely.com
cdn.prod.uidapi.com
cdn.sophi.io
cdn.tinypass.com
cdnjs.cloudflare.com
check.analytics.rlcdn.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
contextual.media.net
csync.loopme.me
d1z2jf7jlzjs58.cloudfront.net
d5p.de17a.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
ead.mlive.com
eb2.3lift.com
ecollector-us-east.sophi.io
eus.rubiconproject.com
exchange.postrelease.com
experience.tinypass.com
fastlane.rubiconproject.com
fonts.advance.net
geo.privacymanager.io
geolocation.onetrust.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
h312.mlive.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idx.liadm.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
jadserve.postrelease.com
js-sec.indexww.com
js.adsrvr.org
js.matheranalytics.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
match.prod.bidr.io
micro.rubiconproject.com
mlive.com
mug.criteo.com
news.google.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.media.net
privacy.crwdcntrl.net
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.go-mpulse.net
s.ntv.io
s.tribalfusion.com
s0.2mdn.net
satisfycork.com
sb.scorecardresearch.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
ssum-sec.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.advance.net
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.teads.tv
sync.technoratimedia.com
t.co
tags.crwdcntrl.net
tg.socdm.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.linkedin.com
www.mlive.com
x.bidswitch.net
z.moatads.com
104.111.217.42
104.126.125.209
104.18.11.47
104.18.25.185
104.244.42.67
104.244.42.69
104.36.113.107
104.36.113.112
104.80.245.107
107.178.250.234
107.23.34.105
108.138.1.25
108.138.15.119
124.146.215.52
13.107.42.14
13.248.245.213
13.32.106.197
13.32.121.95
13.32.99.21
13.32.99.35
13.32.99.37
141.95.98.65
142.250.184.226
142.250.186.34
143.204.89.57
146.75.116.157
15.197.193.217
151.101.130.133
151.101.130.49
151.101.194.133
162.19.138.120
18.66.100.58
18.66.122.48
18.66.97.9
184.72.23.213
185.29.134.248
185.80.39.216
185.86.138.152
185.89.210.46
185.89.210.82
193.0.160.130
2.18.232.7
2.18.235.93
2001:4860:4802:34::36
204.237.133.116
204.237.133.120
204.237.133.121
213.155.156.166
23.35.236.201
23.35.237.151
23.35.237.64
23.46.116.133
2600:1901:0:328a::1
2600:1901:0:8344::
2600:1f18:730:b150:ed48:47a2:4aed:c72c
2600:1f1c:a99:832c:cd3f:57:d0bc:dbb2
2600:9000:20eb:e800:2:53b2:240:93a1
2600:9000:211e:3c00:1b:5138:8a40:93a1
2600:9000:223f:3c00:8:48e:53c0:93a1
2600:9000:2250:3800:a:e047:752:b361
2602:803:c003:200::51
2603:c020:400d:3000:bf17:cd18:9a23:846c
2606:4700:10::ac43:266a
2606:4700:4400::6812:2b9e
2606:4700::6810:5514
2606:4700::6810:f015
2606:4700::6811:190e
2606:4700::6811:b8b1
2606:4700::6812:18ad
2606:4700::6813:bc61
2620:1ec:21::14
2a00:1450:4001:800::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::200e
2a00:1450:4001:810::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2006
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200e
2a00:1450:4001:830::200d
2a00:1450:4001:830::200e
2a00:1450:4001:831::2004
2a00:1450:400c:c0d::9a
2a02:2638:3::3
2a02:2638::1c
2a02:26f0:280:19f::11a6
2a02:26f0:280:29b::11a6
2a02:26f0:3500:16::215:1490
2a02:26f0:64::210:6ae3
2a02:fa8:8806:16::1370
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3602:63ca:667c:7caf:5a80
34.102.146.192
34.107.148.139
34.120.135.53
34.120.155.137
34.205.216.79
34.232.54.150
34.91.62.186
34.96.71.22
35.186.255.72
35.190.0.66
35.212.133.238
35.214.153.92
35.244.159.8
35.71.130.31
44.210.156.48
46.228.164.11
50.16.113.20
51.75.86.98
52.19.1.205
52.213.132.73
52.222.236.26
52.222.250.8
52.27.163.48
52.46.155.104
52.53.40.23
52.57.246.107
52.9.70.182
52.94.223.167
54.148.91.225
54.204.159.80
64.226.93.157
69.166.1.10
69.173.144.165
74.119.118.149
74.214.196.131
99.83.138.34
00913ff90a19f149865478bf29cf3c10200f1ffaccd211b2ff72c96e7e4ee9a9
031bdcca56a4af695f0aadaeb97d3587348ccb5cb352e016b58417da197a48d0
0377e3d68123c4d3d393bbab4aac58a8d270fd1f7b973f78dd4782153dbfd0f5
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
05343af99be70bd38aad68d60a0929d3c6dd852a5bb7816518191b8fd94e764d
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0709e11f34bb1e47193a170bc8baf94732a32a867443b29be840c550cc03981d
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
0807a758f43830290ac9f1dbd9c76c0880c5cbe5b62f3ee64a47d7530f184bf3
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec
0af719f3a3c9eed767bcf7e1b8b179655c9b0c1fd6157618d704f11a1cdcdfc9
0b034efa03c6fb4de3e3952eaf0958b18847e6c1e2e8fd647759c97105004f19
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ee86a9a195093be9044789a89d45cc002fd674803da3adc43453482f424e7ec
115821cf1798bdfd189a89b3d6e7b6758170b76b513dc491af97fee3bada6f2f
11f1414c6342d8a5a5124286921298b09b1e776f0aae7bbc4c83b96685166019
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15b8bcc80464964eaf9d3149aecd344158c57bf22aac2e637de4e0a698879d40
168e309ef094c69a2b5ba06b46574668bc7469c340303daccc1ee5772011ef9f
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c4a7324891b1cbcca96082bf15df8207c376432b881b2fd66e55b7dad91dc35
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1cc0cb16bb2de07e18f414cadc480e5d9552b809ddf0c4d56cf84c9e5f385c98
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
2273560226fe8ce919b37419c826ecd45e4272729450f6d6f7d8577423307074
2416146ee0b133dc44e1e05ed64fbfa69c3b63d4feae65deb7f3aec7edb6c6c5
264b1a65f1c30de9e496ed9f2bea3f3cb3461b26c78284c1ab04a741044ae9ea
26840d8e6a3847df23553537b405e9badca0dff237b0854f15d04656dd57e40e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
276ca8da7dd05a55c760ead2eec9d5c74629897d0b5b3e5190d4fc9bd38ea7fc
27c73614e9064e8026ed1f3761bf58abbe252efc21e5de4eb91a1178778c09c1
28332462eb796fe950a7a2ba6296fedcbf7feb3159bb94609e3c6f1de618ad08
28445ab5a58bac3609ddba4d1200c1797a766b538fd6b0bdb0926fbe386f327c
287d71946cf81db282fd4a1baa9981420a38eddedbd6d533b469e7a391e433e0
2b968d910bbef836f267a12299e32649d9f2ed87f59ecefceb3d9a4900ec590f
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2d5525eadfae3dd40c52331434aab0b4e809fe3b9ea8d1f3bd24a15d4191555f
2e70339b7bba71423618af4fd76e2801b70afc7bb30ad616acecec4b5d58d68a
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30e382a9546c4b436b0568f463e7c3274696c3c59f7aa871af91a33a967f05c4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
359bc3f28b13c875e56cc7ebe5bc1a8b7fdf5128ce11b2449b460a3f5f699d3d
36ea8d266ccb57796d82e6eb05f11c634302a0bc3623c5e7fa7261a1a69e0d90
37de8a936ffe92c7f4c5ea8b451e3f8b4f6bb4ff2a0f60afa2e0f90f9f91895d
3b2ce9e63a7f14001e6af32ad0d3b19b045b916cf8073180d25688e4b3f49e40
3d653908e2636965d056bccfa29d08dc82e5386cc171f24e85ee08a4b40a9a1a
3dd0a7427cfe28656bc2c217b8056dfd07f4d737c0e1f19325149b43a8252675
3dd674c3a6f39c394437d74f3d99aa81618bad67991a2344fa62797571a8c297
3f5684bf5aa4a6eb5c9015394c8739dff39377a73adf72c30ba511d0ab5b50f3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
43716a7ca69ad125cbe2ef6f1068e22ecb6acd089cf48d86debac53e214ecf46
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44026785039df91c14b8c331292992e1fd71a23acdd5cb09c40d12d1c8e8aaac
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
446028abfb101cb4495d1330285608754ee8dcdc5a798832da48d2f3b2d5812b
45b23afa6982e54cb7528f39f1f9b511ef0190bc63ffcc2584bafe72342c0931
45e9d0c522efc100da6a426d97fabf39aa2f26a465ffb71252ce85ebdfdb575b
460da7d946064695a3b88d4bc6464a8a7b64a8e2f9eb9d4392d2333fa659e1d8
464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49418e46007d8e183329e53717b17e2db899ea108ed356acbaa8da230f537348
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d4d8f4b29eb5d3ee9d8a9f35ed7bc7c481059fe3f440573a557344829be074f
4e493b45e090df2042742be7bcc013b285766279434c2f9b50116a902b4da1fb
4eb67b42d6abea96d75df507d23f0421da85d5658322720fded36c94cce45d7b
4f588e766e32d6bc7a1ddc91e00a9a56cf8e4d48b0902fbbcf733c9b507ebc41
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51612bfdf5ad0758f3526d87fdf15b4562ab85a15f6c1728f92559feeffa3890
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55033882e1bc61cac58471a0ce5372606abd57a9663921dbd6f9a4a926c601b0
551b59c1d6b77f6a3557ffd18e6a3ae079cb21d21edcae2e4114044557cef638
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
590091489fd30b6dc9088ff48d57b3f5fd562e3d96bd1e4a7eaaa4593290cec1
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b1546ae8f493de03b1ca99f9f955a20785679be18625354b363f2f8311f421b
5b6487994c5f703f1e3aef750ca1581d894d6274ee828cb175de11784f979522
5b77178200c4362d6f60afa77c066f5042c88986068531154e7c8bb8a465a46e
5c5d60d67a21f90e5a8c7d6cade2332d13283442a89f0c2b771386a7245f6e4d
5cb4ccc7f2156ab43bfbc359e85b2c5854db0a5fc5375d83f1835df739933bd4
5ce8647c88445649306948bab16764727ad0866a64fc66202b97b88176272628
5f91a3e4dc93998a6bc7b47acd940aee4c6c5761d190130806ae8f2ac9396970
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6066054d8669e8ca3c9a1ca53af6b3e80dba9361b59f023c82d7b55542b36fb0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624271afe8ff824140c000951f9777484dd6c7f8250a477fdddb37c312544587
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
68b5df8a16ee7bbfd4789f8533b7f9882f9095625a8be1f56e352bc10710484d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ea05156b4f23e5f75165721227c870e6981157d9420ba99965935795af95c7c
6fa8b9c20d5c4f5711f76f4f4adafafc90e8f89bac2c7b3dfc2c7e63abb55d21
6ff75a6aff02372d9bb7b274357cd9786444781204d3c52a46a2049b6fb3957b
702c805fec65a8cc8c6c40aed34123b021e5ed6107cc6dfdebc4b0fc2e229887
70c0b487552a9a2ea102ed22ae505177c567320390f5136bcef5dd56d48d4f02
70f7544cc5e6b23a89b942155932f508d938f5368d3ff866125a1f5492c87eac
710cfa82b549bcce7c2e4e4abe60daae45dbff28276c0d21f97a8db24f35cf09
714ae045ee63393cd0d777be10cfcaa462a5759d509d278122564545dbb875cc
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
73a147ae450a66402be107fd6f6d46d12f5df31fb22ea4dddc9bcc42c06de09e
749df86c9232367e11728d01236bd168d0edc903fa1fd1708e0ee276a9a95f1b
76a0d48c521910e2a2c3802ca96f5407a8fddda388ed10eae76682a93b533457
7814fb5d7cbe0fd56403c2590ad5f6a9c97bdd23c2ef490a8d78f097de0a9de7
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7ca8151d74dab3a06a32673b5f4075656c91246ba7d6ac376707ef6cfa77c004
7e72d8281c6f47d755df0fa72bdefc93d98a2c17375fb9e446b14dba8717bac0
7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff
83dd5e2ec7f010521cf38d41dcbb088e058b981d7bb6d561ef8bf3ef858d677b
86e36e0a3fed4a6005d8793616a8ec10513b1b14b36e8f5f3a11bcc4d171b5ed
882c64ded0560646995a2c171454780af7733711edd5fced468f41287b017e06
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fd59a9e4d5a0cb79e5b5eba71fad73eda11c981dcca9847ab028cf5f13b648f
91d2e76fdb4c9c5e73d02953252128726f4f544e8f2b89a06ab141b333106c4e
924e4b297681729162fa238a756db89acf5a1dc0cd23c1204c9a4e4407493822
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
962808d38f02dc6af6a7a9646f3cb038656e582ff6d21e71973a00672debc3a8
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
989e7134f8b722c049f5553bf85347c9052fe40f7c35915f7d18a348ed4de84b
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99bc84613ed64a1d5dcda661571628d22353952e8671b2c7703490b7c249c4b1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c1a3cf6c5fae33a0a2b627a9785b585148970346adbbcc204a4519d05f9a089
9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053
9ead871d27f3a0d803f4d6139feb2f2694d3a26c54fd6734f789a06aad0f5303
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a059e4d308c414840b11c5b327a73c1a6c815f31726a4a2876a79678b6d1b2dd
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a145227b0f911fa7c725fe32bcfb8dc359be77a5312cc5dcdd91a0dab1ec823d
a1dda5c077ade9fbff07f4bfd2b7eaa7bf9c85828c33e5a46656ffcf2a3cd45c
a3501a3f0a7b6bc47f9f81c7be85b3603816fe2d3026ab4b396127ed9eb8895c
a39cd6a9413784646378ab9490f6a80ea1c2eaf4870c1022f44e4e64380c7cda
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6c6498d03879dad677e9e550748902d81cc6110ea055649f829fbb6f21a375d
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aafe5b3dd18b11e962029b4f93aeba5fa9c79013a64ae29439244f53f4d37b42
abb22177c1f36f82f451ba3b46fd96e4bc0f5b5ad510b15b4d5ec37fc1e9b7f8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acb2ad96340e34e4bf02099959ab5b22446c1c6c60da33d2c6d42ebe25bdec7e
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b396ae4c9dc4cec9c79931da5c8993ffb15d5d6ed98a14fc00bb4d159c7dd739
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b5368918706a26d1fe5acb19bb4d139fd4dba0d5f330e16eb039d1986f3bf29a
b9afeb90db17ffa772a8bbc38f8ae37524ac4c0660dfc228f528cfe36a38d53d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bba5cf4bf97f335423ef8083a04d8810370b013c18a623e2aec413075ef82ddc
beb2636884ca091d56f6de9efe61829ed57cf27c3ae87cb1870179c2adecbf4c
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25ce818c3c2ab4992bc0b61a60d1822f239a638af59ad63ed2fe2028e3037f8
c40598cf630b6555f010b88e055dd2bb9602a2cfb1629f1a22b91a1e5d0dac82
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c8b29923a00eb3b3d75fd7f2bf1788bfb0ab6bc8b8512d3faffa9a17ff00d13f
c942cb01ca7d8956086518f0315ac0be0374cb0f0a38ffe67a52bc4ae7ff5f6f
c9a6e78adcddb5ebe05def62728b5f7fc8a77ddd504597b9d5da4fb4d673db01
c9b8c6511c46e0b1b7e69ccbb49a84ff701c058a4c5717809fcf84e115c2ae72
c9be997ecd98b947e767bf7206596af2ced83ef71a897abcb1ed92c7a28d6a9e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbedc76bbc0f835c5231af76f1693d61b7fa63eef006571f78a50112fa1377f5
cccb882f6e25c62463d6239dadd09b8d56e9d6426cf98e72dcdcd1add747a975
cdc09616482b23651a59600f7be19ae57c62086f99faadb86e7da494a585c05a
cef181b89850405f733232c050e35b633a648eacee98005f2663b481ac3b0db4
cf2086397a5d0d6d9c67e72d0dce0c0e734c9867e3cf6c1dd529b1fd22713393
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0f885f308112744715869ebba25cbaef30b8196d652a761a3ca02862b7869da
d2b28582d25b3aa38daf12c501c7abc9297ae74d035ee343941f0938adec0524
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d491994075b0726b776ad474b7d6a68b6e854b38efd8a554dbcc62a5df1a6a9d
d5a42867b2e0e170a68f5f522e404e5dc68555951c89be838c1d1baa02167885
d6bf10282d8c63c69646c465e64fc74dd3679a548e7bb7a80eaf7e6bce63e937
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d86ce55edee7f570d7fc315f84814e3b1171edef20e3778e10066727092638b9
da76d904856af5616be5f1f73f3d006a7a45411eb6d31d1102b74401d20de4fa
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d
e2a664215c370cd0772602ff4598e55533684b825ef877fac321ac788bb9ebd3
e37d5d48bbe9f2dc54b2cd523e781dfb9e1772c858b759ace0132b4b5a35e1ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248
e70be2849f7e7f7f27dc4eb168538ef25474e4799e1a4a4d9aee01f57f4c5a3f
e78d23ae6e5e0f82394424866f999a7247b301cb7ccca0fe39ad303121be8061
e83cccad9e78c00c2393b3d9651ecbae18d2534524150173682c73a24a4127d9
e85a649094d881201f7a886c94cd19e72196c761da5017c9269b03b35ca9c5c4
e957602c8de5c0ca4e9995f40a3be256073198e8b128e071be4bde07dd29b14e
e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1
ea96e511888d57391156f6ab36eb958918829fc36d8c42dcd0c0d04f2d900f3b
eaf72a16915b22085727866ce28a4b306711fd041a33ead2c759302c650ef9dc
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
eee6038e23a5c7f74f21c296a12b973b78f8031937762b3ab88100f0876e8c1e
eef57151e6646e4f59ca6a1d749631ee2f89bf4d1b736fb4620b784cedbe0de6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbd824834036a6f449bd5b5888cd9b1a9e320a4f2eade558ae5ed9f3e1c8fa0
f2348dedf8d16f84fda26dd4153491d47327a259ea67c80612ac563649de92f5
f43cb128e145441d0808dc63537b007b6689277088e89dd56a6f25e566587ea1
f4ece8f2f5242967e98c6718f283e961576d68b4b7be96124eca22f554dcb275
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
fa3e05a276a366bf4c0e6cb89cb380300c161a5aef6cee533f4eb2f0d20de912
fc9cccf45889051164d8e23c559c6da87d314ef6b030e9ef8e72589ce88b8678
fdf95627c0ed19d0d47d3c57e441ffb87831c7f471abce0a255d53e721fc5532
fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2
fe97df13771d77f604147fa44522de825dca7ad457c852e26992313adf009743